Hi Daniel,
Thanks, I see tcpops lets us set the lifetime … although it’s not really the length of the lifetime that concerns me.
I guess I’m thinking more a SIP TCP Firewall type of system. If someone is scanning/ddos/etc I don’t think we should be sending a response at all, unless there’s something I’ve missed? We could just use fail2ban but that would mean spawning an executable or writing each attempt to logs.
Maybe I’m doing things the wrong way round but I can’t help feeling that letting kamailio see the attempts and log stats, sources, etc is more useful than an iptables drop?
Cheers, Mark
On 9 Oct 2017, at 10:51, Daniel-Constantin Mierla miconda@gmail.com wrote:
Hello,
tcpops module offers a function to set the lifetime of a tcp connection, so you can set it to 1 second:
-https://www.kamailio.org/docs/modules/stable/modules/tcpops.html
Core offers a function to instruct closing the connection once a reply has been sent, but it seems you don't want to send anything back.
Cheers, Daniel
On 08.10.17 22:11, Mark Boyce wrote:
Hi all
Just working on some connections security filters on a Kamailio install. The security goes something like this;
In REQINT … if source_ip is not in customers IP white-list then just exit
This works fine for UDP where packets are just ignored if they don’t come from a trusted IP.
However on TCP this leads to the connection staying open until it either times out or the source disconnects. Which feels untidy.
Is there a way to say close the TCP connection from within the config script?
Thanks
Mark
-- Daniel-Constantin Mierla www.twitter.com/miconda -- www.linkedin.com/in/miconda Kamailio Advanced Training - www.asipto.com Kamailio World Conference - www.kamailioworld.com