Hi all,

I need to bother about crazy client by considering "Flood" detection technique. I can do it by using OpenSER Pike http://kamailio.org/docs/modules/1.2.x/pike.html module which helps to keep trace of all (or selected ones) incoming request's IP source and blocks the ones that exceeded some limit.

In my case: If the number of SIP messages from a single IP address to my SIP Proxy exceeds 200 per minute. Recommended action: Block IP for 2 hours.

I tried with the pike module but I'm little bit confused with sampling, density, and timeout value.

Please help me with example configuration by considering my point.

Thanks, ARIF