Hi all,

I need to bother about crazy client by considering “Flood” detection technique. I can do it by using OpenSER Pike module which helps to keep trace of all (or selected ones) incoming request's IP source and blocks the ones that exceeded some limit.

In my case: If the number of SIP messages from a single IP address to my SIP Proxy exceeds 200 per minute. Recommended action: Block IP for 2 hours.

I tried with the pike module but I’m little bit confused with sampling, density, and timeout value.

Please help me with example configuration by considering my point.

Thanks,
ARIF