[SR-Users] how to see banned address after rule it

PICCORO McKAY Lenz mckaygerhard at gmail.com
Mon Feb 18 20:39:15 CET 2019


El lun., 18 de feb. de 2019 a la(s) 15:36, Daniel-Constantin Mierla
(miconda at gmail.com) escribió:
>
> It is not very clear what you look for .. you don't know where the log messages are written? Or you want to see the list of ip addresses from pike module?


Fred  said: "You could always grep the log" that actually i do, but i
do not how to made the other methods/ways:
> "use RPC to check the HTABLE parameter, or
cron something that runs kamcmd htable.dump ipban (or whatever)... You
could also use rtimer and output the htable as well."

How can i made those ways?

>
> Cheers,
> Daniel
>
> On 18.02.19 20:01, PICCORO McKAY Lenz wrote:
>
> i configure rules for routing banned ip and i want to see where i can autdit this issues.. i mean where i can automatically define a cron setup that grep those logs definitios.. where are loggin those all?
>
> my rules are:
>
> define at begining of kamailio.cfg "#!WITH_ANTIFLOOD", later add:
>
> #!ifdef WITH_ANTIFLOOD
> loadmodule "htable.so"
> loadmodule "pike.so"
>
> modparam("pike", "sampling_time_unit", 2)
> modparam("pike", "reqs_density_per_unit", 16)
> modparam("pike", "remove_latency", 4)
> modparam("htable", "htable", "ipban=>size=8;autoexpire=300;")
> #!endif
>
> later routing definitions:
>
> route[REQINIT] {
>    if(src_ip!=myself) {
>         if($sht(ipban=>$si)!=$null) {
>             xdbg("request from blocked IP - $rm from $fu (IP:$si:$sp)\n");
>             exit;
>         }
>         if (!pike_check_req()) {
>             xlog("L_ALERT","ALERT: pike blocking $rm from $fu (IP:$si:$sp)\n");
>             $sht(ipban=>$si) = 1;
>             exit;
>         }
>     }
>     if($ua =~ "friendly-scanner|sipcli|VaxSIPUserAgent") {
>             xlog("L_ALERT","ALERT: friendly canings from $fu (IP:$si:$sp)\n");
>         exit;
>     }
>     if (!mf_process_maxfwd_header("10")) {
>         sl_send_reply("483","Too Many Hops");
>         exit;
>     }
>     if(is_method("OPTIONS") && uri==myself && $rU==$null) {
>         sl_send_reply("200","Keepalive");
>         exit;
>     }
>     if(!sanity_check("1511", "7")) {
>         xlog("Malformed SIP message from $si:$sp\n");
>         exit;
>     }
> }
>
> Lenz McKAY Gerardo (PICCORO)
> http://qgqlochekone.blogspot.com
>
> _______________________________________________
> Kamailio (SER) - Users Mailing List
> sr-users at lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
> --
> Daniel-Constantin Mierla -- www.asipto.com
> www.twitter.com/miconda -- www.linkedin.com/in/miconda
> Kamailio World Conference - May 6-8, 2019 -- www.kamailioworld.com
> Kamailio Advanced Training - Mar 4-6, 2019 in Berlin; Mar 25-27, 2019, in Washington, DC, USA -- www.asipto.com



More information about the sr-users mailing list