9 Oct
2017
9 Oct
'17
6:17 a.m.
Hi Daniel,
Thanks, I see tcpops lets us set the lifetime … although it’s not really the length of the
lifetime that concerns me.
I guess I’m thinking more a SIP TCP Firewall type of system. If someone is
scanning/ddos/etc I don’t think we should be sending a response at all, unless there’s
something I’ve missed? We could just use fail2ban but that would mean spawning an
executable or writing each attempt to logs.
Maybe I’m doing things the wrong way round but I can’t help feeling that letting kamailio
see the attempts and log stats, sources, etc is more useful than an iptables drop?
Cheers,
Mark
On 9 Oct 2017, at 10:51, Daniel-Constantin Mierla
<miconda(a)gmail.com> wrote:
Hello,
tcpops module offers a function to set the lifetime of a tcp connection,
so you can set it to 1 second:
-https://www.kamailio.org/docs/modules/stable/modules/tcpops.html
Core offers a function to instruct closing the connection once a reply
has been sent, but it seems you don't want to send anything back.
Cheers,
Daniel
On 08.10.17 22:11, Mark Boyce wrote:
Hi all
Just working on some connections security filters on a Kamailio install. The security
goes something like this;
In REQINT … if source_ip is not in customers IP white-list then just exit
This works fine for UDP where packets are just ignored if they don’t come from a trusted
IP.
However on TCP this leads to the connection staying open until it either times out or the
source disconnects. Which feels untidy.
Is there a way to say close the TCP connection from within the config script?
Thanks
Mark
--
Daniel-Constantin Mierla
www.twitter.com/miconda -- www.linkedin.com/in/miconda
Kamailio Advanced Training - www.asipto.com
Kamailio World Conference - www.kamailioworld.com