It is not very clear what you look for .. you don't know where the log
messages are written? Or you want to see the list of ip addresses from
pike module?
Cheers,
Daniel
On 18.02.19 20:01, PICCORO McKAY Lenz wrote:
i configure rules for routing banned ip and i want to
see where i can
autdit this issues.. i mean where i can automatically define a cron
setup that grep those logs definitios.. where are loggin those all?
my rules are:
define at begining of kamailio.cfg "#!WITH_ANTIFLOOD", later add:
#!ifdef WITH_ANTIFLOOD
loadmodule "htable.so"
loadmodule "pike.so"
modparam("pike", "sampling_time_unit", 2)
modparam("pike", "reqs_density_per_unit", 16)
modparam("pike", "remove_latency", 4)
modparam("htable", "htable",
"ipban=>size=8;autoexpire=300;")
#!endif
later routing definitions:
route[REQINIT] {
if(src_ip!=myself) {
if($sht(ipban=>$si)!=$null) {
xdbg("request from blocked IP - $rm from $fu (IP:$si:$sp)\n");
exit;
}
if (!pike_check_req()) {
xlog("L_ALERT","ALERT: pike blocking $rm from $fu
(IP:$si:$sp)\n");
$sht(ipban=>$si) = 1;
exit;
}
}
if($ua =~ "friendly-scanner|sipcli|VaxSIPUserAgent") {
xlog("L_ALERT","ALERT: friendly canings from $fu
(IP:$si:$sp)\n");
exit;
}
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483","Too Many Hops");
exit;
}
if(is_method("OPTIONS") && uri==myself && $rU==$null) {
sl_send_reply("200","Keepalive");
exit;
}
if(!sanity_check("1511", "7")) {
xlog("Malformed SIP message from $si:$sp\n");
exit;
}
}
Lenz McKAY Gerardo (PICCORO)
http://qgqlochekone.blogspot.com
_______________________________________________
Kamailio (SER) - Users Mailing List
sr-users(a)lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
--
Daniel-Constantin Mierla --
www.asipto.com
www.twitter.com/miconda --
www.linkedin.com/in/miconda
Kamailio World Conference - May 6-8, 2019 --
www.kamailioworld.com
Kamailio Advanced Training - Mar 4-6, 2019 in Berlin; Mar 25-27, 2019, in Washington, DC,
USA --
www.asipto.com