Project

General

Profile

Feature #2422

Validate source IP address as sent by MS/SGSN

Added by laforge 3 months ago. Updated 2 months ago.

Status:
New
Priority:
Normal
Assignee:
Category:
-
Target version:
-
Start date:
08/02/2017
Due date:
% Done:

0%

Spec Reference:

Description

Right now, OpenGGSN simply decapsulates the GTP packet and injects it into the tun device, whether or not the IP source address matches the address it has provided to the MS during PDP context creation.

While this kind of verification is not required anywhre by the spec, it is of course good security practice to verify the IP source address and reject any packets that are spoofed, i.e. that have a source address that is not equal the PDP EUA (end user address) of that PDP context.

History

#1 Updated by laforge 2 months ago

  • Subject changed from Validate source address as sent by MS/SGSN to Validate source IP address as sent by MS/SGSN

#2 Updated by laforge 2 months ago

  • Assignee set to laforge

Also available in: Atom PDF