When we were on chan_sip we someone was forcing chan_sip to call international numbers without registering. I noticed this error in our logs since switching to PJSIP and I think it is one of the hack attempts. The odd number being dialed looks like some previous attempts. I seen a 011 before too.
[2018-08-28 16:01:42] ERROR[15749]: pjproject:0 <?>: sip_transport.c Error processing 1334 bytes packet from UDP 37.49.231.122:8617 : PJSIP syntax error exception when parsing ‘Request Line’ header on line 1 col 76:
INVITE sip:800848221634223@49.197.19.1:5060;transport=udp;user=100’or’3=3-- SIP/2.0
Via: SIP/2.0/UDP 37.49.231.122:8617;branch=z9hG4bK-650228-1—czdyyrt4189t1umb;rport
Max-Forwards: 70
Contact: sip:100’or’3=3--@37.49.231.122:8617;transport=udp
To: sip:800848221634223@49.197.19.1:5060;transport=udp
From: sip:100’or’3=3--@37.49.231.122:8617;transport=udp;user=100’or’3=3--;tag=ssbnils1v85b
Call-ID: KcvMSQb9BKZ08NICP5ON5S…
CSeq: 1 INVITE
Allow: INVITE, ACK, CANCEL, BYE, NOTIFY, REFER, MESSAGE, OPTIONS, INFO, SUBSCRIBE
Content-Type: application/sdp
User-Agent: Skipper IPhone
Allow-Events: presence, kpml, talk
Content-Length: 671
v=0
o=100’or’3=3-- 0 0 IN IP4 37.49.231.122
s=100’or’3=3–
c=IN IP4 37.49.231.122
t=0 0
m=audio 8000 RTP/AVP 106 9 18 3 111 0 8 97 110 112 98 101 100 99 102
a=rtpmap:106 opus/48000/2
a=fmtp:106 minptime=20; cbr=1; maxaveragebitrate=40000; useinbandfec=1
a=rtpmap:18 G729/8000
a=fmtp:18 annexb=no
a=rtpmap:111 speex/16000
a=rtpmap:97 iLBC/8000
a=fmtp:97 mode=20
a=rtpmap:110 speex/8000
a=rtpmap:112 speex/32000
a=rtpmap:98 telephone-event/48000
a=fmtp:98 0-16
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-16
a=rtpmap:100 telephone-event/16000
a=fmtp:100 0-16
a=rtpmap:99 telephone-event/32000
a=fmtp:99 0-16
a=rtpmap:102 G726-32/8000
a=sendrecv
– end of packet.