[Kamailio-Users] How to handle DoS attack and OpenSER Pike module!
Daniel-Constantin Mierla
miconda at gmail.com
Tue Oct 14 11:04:41 CEST 2008
Hello,
On 10/14/08 09:32, Arif-Uz-Zaman wrote:
> Hi all,
> I need to bother about crazy client by considering “Flood” detection
> technique. I can do it by using OpenSER Pike
> <http://kamailio.org/docs/modules/1.2.x/pike.html> module which helps
> to keep trace of all (or selected ones) incoming request's IP source
> and blocks the ones that exceeded some limit.
>
> In my case: If the number of SIP messages from a single IP address to
> my SIP Proxy exceeds *200* per minute. Recommended action: Block IP
> for 2 hours.
>
> I tried with the pike module but I’m little bit confused with
> sampling, density, and timeout value.
>
> Please help me with example configuration by considering my point.
>
have you tried:
modparam("pike", "sampling_time_unit", 60)
modparam("pike", "reqs_density_per_unit", 200)
modparam("pike", "remove_latency", 7200)
Cheers,
Daniel
--
Daniel-Constantin Mierla
http://www.asipto.com
More information about the sr-users
mailing list