62 lines
1.6 KiB
Markdown
62 lines
1.6 KiB
Markdown
|
# 福建项目:功能端开始sip和fw_voip插件后,安全策略命中日志中无SIP相关信息
|
|||
|
|
|
|||
|
|
| ID | Creation Date | Assignee | Status |
|
|||
|
|
|----|----------------|----------|--------|
|
|||
|
|
| OMPUB-724 | 2022-12-03T13:16:17.000+0800 | 刘学利 | 处理中 |
|
|||
|
|
|
|||
|
|
|
|||
|
|
---
|
|||
|
|
|
|||
|
|
泉州电信固网192.168.35.1-2,192.168.36.1-2(*目前该功能端未升级,仍为TSG 22.01版本*)前几日开启了sip和fw_voip插件,用户界面下发了sip协议Monitor、Deny策略。但策略命中日志中的SIP下相关字段均为空值。
|
|||
|
|
!image-2022-12-03-13-16-00-167.png|thumbnail!
|
|||
|
|
!image-2022-12-03-13-16-05-798.png|thumbnail!
|
|||
|
|
!image-2022-12-03-13-15-50-059.png|thumbnail!
|
|||
|
|
|
|||
|
|
附件中pcap包为用户在TSG界面【Packet Capture】功能中捕获的相关数据包
|
|||
|
|
!image-2022-12-03-13-15-41-853.png|thumbnail!
|
|||
|
|
**yangwei** commented on *2022-12-06T11:34:32.453+0800*:
|
|||
|
|
|
|||
|
|
* 目前SIP业务记录日志的目标,主要针对VoIP通话场景,即仅对出现Method为INVITE和BYE(语音通话拨号和挂断)的消息,记录主叫、被叫和UA等信息。
|
|||
|
|
* 所附的pcap包中,大量的Method为MESSAGE和REGISTER,因此这些会话对应的SIP日志中,不会记录主叫被叫等字段
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
---
|
|||
|
|
|
|||
|
|
**zhengchao** commented on *2022-12-12T10:25:34.266+0800*:
|
|||
|
|
|
|||
|
|
既然流量中有这些信息,还是要想办法把信息记录下来。
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
---
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
## Attachments
|
|||
|
|
|
|||
|
|
**33351/274_149.pcapng**
|
|||
|
|
|
|||
|
|
---
|
|||
|
|
|
|||
|
|
**33350/274_151.pcapng**
|
|||
|
|
|
|||
|
|
---
|
|||
|
|
|
|||
|
|
**33349/image-2022-12-03-13-15-41-853.png**
|
|||
|
|
|
|||
|
|
---
|
|||
|
|
|
|||
|
|
**33348/image-2022-12-03-13-15-50-059.png**
|
|||
|
|
|
|||
|
|
---
|
|||
|
|
|
|||
|
|
**33347/image-2022-12-03-13-16-00-167.png**
|
|||
|
|
|
|||
|
|
---
|
|||
|
|
|
|||
|
|
**33346/image-2022-12-03-13-16-05-798.png**
|
|||
|
|
|
|||
|
|
---
|
|||
|
|
|