[SR-Users] Limiting calls based on CLI and dst number
Cibin Paul
paul_cibin at me.com
Fri Dec 16 15:10:35 CET 2016
Hi,
Thanks David,
I was trying an alternate way as Mr. Daniel presented in ClueCon. Pasting below the snippet from my configuration. Somehow the code is not working. kacmd htable.dump acalls returning empty results. What might be wrong?
modparam("htable", "htable", "acalls=>size=8;autoexpire=7200;")
modparam("cfgutils", "lock_set_size", 8)
request_route {
# per request initial checks
route(REQINIT);
# NAT detection
route(NATDETECT);
# CANCEL processing
if (is_method("CANCEL"))
{
if (t_check_trans())
t_relay();
exit;
}
# handle requests within SIP dialogs
route(WITHINDLG);
### only initial requests (no To tag)
t_check_trans();
# authentication
route(AUTH);
# record routing for dialog forming requests (in case they are routed)
# - remove preloaded route headers
remove_hf("Route");
if (is_method("INVITE|SUBSCRIBE"))
record_route();
# account only INVITEs
if (is_method("INVITE"))
{
setflag(FLT_ACC); # do accounting
}
if(is_method("BYE"))
{
$sht(acalls=>$ci) = $null;
}
# dispatch requests to foreign domains
route(SIPOUT);
### requests for my local domains
# handle presence related requests
route(PRESENCE);
# handle registrations
route(REGISTRAR);
if ($rU==$null)
{
# request with no Username in RURI
sl_send_reply("484","Address Incomplete");
exit;
}
route(ACLIMIT);
# dispatch destinations to LOADBALANCE
#!ifdef WITH_LOADBALANCE
if($rU=~"^([0-9]{10}|1[0-9]{10}|37051[0-9]{10}|3706[0-9]{10})$") {
route(LOADBALANCE);
}
route(ACLIMIT);
route(RELAY);
#!endif
reply_route {
if(is_method("INVITE") && $rs>=300) {
$sht(acalls=>$ci) = $null;
}
route[ACLIMIT] {
if(is_method("INVITE") && !has_totag()) {
lock("$fU");
$var(ac) = $shtcv(acalls=>eq$fU);
if($var(ac) >= 4) {
unlock("$fU");
send_reply("403", "Too many active calls");
exit;
}
$sht(acalls=>$ci) = $fU;
unlock("$fU");
}
}
#!ifdef WITH_LOADBALANCE
route[LOADBALANCE] {
if(!ds_select_dst("0", "4"))
{
xlog("L_NOTICE", "No destination available!");
send_reply("404", "No destination");
exit;
}
xlog("L_DBG", "--- SCRIPT: going to <$ru> via <$du>\n");
t_set_fr(0,2000);
t_on_failure("RTF_DISPATCH");
route(RELAY);
return;
}
#!endif
##Failure route
failure_route[RTF_DISPATCH] {
if (t_is_canceled()) {
exit;
}
# next DST - only for 500 or local timeout
if (t_check_status("500")
or (t_branch_timeout() and !t_branch_replied()))
{
if(ds_next_dst())
{
t_on_failure("RTF_DISPATCH");
route(RELAY);
exit;
}
}
}
> On 16-Dec-2016, at 6:34 PM, David Villasmil <david.villasmil.work at gmail.com> wrote:
>
> you can achieve that with the dialog module.
> http://www.kamailio.org/docs/modules/4.4.x/modules/dialog_ng.html <http://www.kamailio.org/docs/modules/4.4.x/modules/dialog_ng.html>
>
> Regards,
>
> David Villasmil
> email: david.villasmil.work at gmail.com <mailto:david.villasmil.work at gmail.com>
> phone: +34669448337
>
> On Fri, Dec 16, 2016 at 10:33 AM, Cibin Paul <paul_cibin at me.com <mailto:paul_cibin at me.com>> wrote:
> Hi,
>
> Is there a way to limit the number of active calls per cli or dst number basis? Yesterday my system had a ddos attack in which 123456 (CLI) was hitting 2345 (DID) at a rate of 100-200 calls per minute. I would like to restrict to 2-4 simultaneous calls per CLI/DST.
>
> Any help would be appreciated.
>
> Thanks,
> Cibin
>
>
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org <mailto:sr-users at lists.sip-router.org>
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users <http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users>
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20161216/ab3964fc/attachment.html>
More information about the sr-users
mailing list