It is not very clear what you look for .. you don't know where the log messages are written? Or you want to see the list of ip addresses from pike module?
Cheers,
Daniel
i configure rules for routing banned ip and i want to see where i can autdit this issues.. i mean where i can automatically define a cron setup that grep those logs definitios.. where are loggin those all?define at begining of kamailio.cfg "#!WITH_ANTIFLOOD", later add:
my rules are:
#!ifdef WITH_ANTIFLOOD
loadmodule "htable.so"
loadmodule "pike.so"
modparam("pike", "sampling_time_unit", 2)
modparam("pike", "reqs_density_per_unit", 16)
modparam("pike", "remove_latency", 4)
modparam("htable", "htable", "ipban=>size=8;autoexpire=300;")
#!endif
later routing definitions:
route[REQINIT] {
if(src_ip!=myself) {
if($sht(ipban=>$si)!=$null) {
xdbg("request from blocked IP - $rm from $fu (IP:$si:$sp)\n");
exit;
}
if (!pike_check_req()) {
xlog("L_ALERT","ALERT: pike blocking $rm from $fu (IP:$si:$sp)\n");
$sht(ipban=>$si) = 1;
exit;
}
}
if($ua =~ "friendly-scanner|sipcli|VaxSIPUserAgent") {
xlog("L_ALERT","ALERT: friendly canings from $fu (IP:$si:$sp)\n");
exit;
}
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483","Too Many Hops");
exit;
}
if(is_method("OPTIONS") && uri==myself && $rU==$null) {
sl_send_reply("200","Keepalive");
exit;
}
if(!sanity_check("1511", "7")) {
xlog("Malformed SIP message from $si:$sp\n");
exit;
}
}
Lenz McKAY Gerardo (PICCORO)
_______________________________________________ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
-- Daniel-Constantin Mierla -- www.asipto.com www.twitter.com/miconda -- www.linkedin.com/in/miconda Kamailio World Conference - May 6-8, 2019 -- www.kamailioworld.com Kamailio Advanced Training - Mar 4-6, 2019 in Berlin; Mar 25-27, 2019, in Washington, DC, USA -- www.asipto.com