14 Oct
2008
14 Oct
'08
12:04 p.m.
Hello,
On 10/14/08 09:32, Arif-Uz-Zaman wrote:
Hi all,
I need to bother about crazy client by considering “Flood” detection
technique. I can do it by using OpenSER Pike
<http://kamailio.org/docs/modules/1.2.x/pike.html> module which helps
to keep trace of all (or selected ones) incoming request's IP source
and blocks the ones that exceeded some limit.
In my case: If the number of SIP messages from a single IP address to
my SIP Proxy exceeds *200* per minute. Recommended action: Block IP
for 2 hours.
I tried with the pike module but I’m little bit confused with
sampling, density, and timeout value.
Please help me with example configuration by considering my point.
have you tried:
modparam("pike", "sampling_time_unit", 60)
modparam("pike", "reqs_density_per_unit", 200)
modparam("pike", "remove_latency", 7200)
Cheers,
Daniel
--
Daniel-Constantin Mierla
http://www.asipto.com
14 Oct
14 Oct
3:38 p.m.
New subject: [Kamailio-Users] How to handle DoS attack and OpenSER Pikemodule!
Hello Daniel,
I've tested according to your suggessions but No Luck. I've configured to
block for 10 minutes and its working but not works for 2 hours. Please help
me with your comments.
Thanks,
ARIF
-----Original Message-----
From: users-bounces(a)lists.kamailio.org
[mailto:users-bounces@lists.kamailio.org] On Behalf Of Daniel-Constantin
Mierla
Sent: Tuesday, October 14, 2008 3:05 PM
To: Arif-Uz-Zaman
Cc: users(a)lists.kamailio.org
Subject: Re: [Kamailio-Users] How to handle DoS attack and OpenSER
Pikemodule!
Hello,
On 10/14/08 09:32, Arif-Uz-Zaman wrote:
Hi all,
I need to bother about crazy client by considering "Flood" detection
technique. I can do it by using OpenSER Pike
<http://kamailio.org/docs/modules/1.2.x/pike.html> module which helps
to keep trace of all (or selected ones) incoming request's IP source
and blocks the ones that exceeded some limit.
In my case: If the number of SIP messages from a single IP address to
my SIP Proxy exceeds *200* per minute. Recommended action: Block IP
for 2 hours.
I tried with the pike module but I'm little bit confused with
sampling, density, and timeout value.
Please help me with example configuration by considering my point.
have you tried:
modparam("pike", "sampling_time_unit", 60) modparam("pike",
"reqs_density_per_unit", 200) modparam("pike",
"remove_latency", 7200)
Cheers,
Daniel
--
Daniel-Constantin Mierla
http://www.asipto.com
_______________________________________________
Users mailing list
Users(a)lists.kamailio.org
http://lists.kamailio.org/cgi-bin/mailman/listinfo/users
5883
days inactive
5883
days old
1 comments
2 participants
participants (2)
-
Arif-Uz-Zaman -
Daniel-Constantin Mierla