[Spce-user] Fwd: autoban or fail2ban
Jon Bonilla (Manwe)
jbonilla at sipwise.com
Fri Aug 10 08:45:33 EDT 2012
El Fri, 10 Aug 2012 14:13:31 +0200
Matthew Ogden <matthew at tenacit.net> escribió:
> I'm back on this thread from a different perspective.
>
> Is there a way to set a whitelist of IPs that Pike wont ban?
>
> Sometimes a client link goes down or there is congestion (I'm not 100% sure
> of the cause), then you see some ICMP desitnation unreachable coming back
> to the server, then all of a sudden you see tons of registereing from the
> client device (trying to reconnect I guess), and the S:CE just bans them
> for 5 minutes.
>
> Any suggestions (obviously deriving the cause of the problem must happen),
> for avoiding this.
>
> Where do I change the settings for pike? And or fine a whitelist?
>
> Kind Regards
>
Both from config.yml
kamailio.lb.security has all the options you need:
dos_ban_time: 300
dos_reqs_density_per_unit: 20
dos_sampling_time_unit: 2
dos_whitelisted_ips:
If you get more than "dos_reqs_density_per_unit" in "dos_sampling_time_unit"
seconds, the IP is banned "dos_ban_time" unless it's listed in
"dos_whitelisted_ips"
More information about the Spce-user
mailing list