[Spce-user] doubts about Banned Users and dos_whitelisted_ips

Antonio David Martin admartin at nixus.es
Wed Jun 12 04:42:35 EDT 2013 

It is working now with this settings

lb:
    extra_sockets: ~
    max_forwards: 10
    nattest_exception_ips: ~
    pkg_mem: 16
    port: 5060
    security:
      dos_ban_enable: 'no'    <--- default was yes
      dos_ban_time: 300
      dos_reqs_density_per_unit: 50
      dos_sampling_time_unit: 5
      dos_whitelisted_ips: ~
      failed_auth_attempts: 3
      failed_auth_ban_enable: 'no'  <--- default was yes
      failed_auth_ban_time: 3600


Maybe only with the option  "failed_auth_ban_enable: 'no'" should be enought for what I want to do.

My kamailio-lb is listening in two interfaces, one has a public ip, and I would like to have the pike module working in this domain, and disable it in the private domain. Is it possible without change some the code in the /etc/kamailio/lb/kamailio.cfg

thanks

David Martín
________________________________________
De: spce-user-bounces at lists.sipwise.com [spce-user-bounces at lists.sipwise.com] en nombre de Daniel Grotti [dgrotti at sipwise.com]
Enviado el: miércoles, 12 de junio de 2013 10:18
Para: spce-user at lists.sipwise.com
Asunto: Re: [Spce-user] doubts about Banned Users and  dos_whitelisted_ips

Hi Antonio,

maybe some users fails to authenticate more then 3 times.
How is your 'failed_auth_ban_enable' value ?

br,
Daniel



On 06/11/2013 06:41 PM, Antonio David Martin wrote:
> I have the settings  dos_ban_enable: 'no'  in the config.yml file and also I have done ngcpcfg apply.
> Plus after that I have restarted the kamailio-lb. Despite all I keep getting subscribers in the Banned User list
>
> Am I doing something wrong?
>
> Thanks in advance
>
> David Martín
>
> --------------------------
>
> Hi all,
>
> I am working with sipwise ce updated to 2.8.
>
> I have two interfaces, Kamailio-lb is listening in an private IP 192.168.1.21 for clients, and is also listening in an public IP (whitout clients) with other eth interface.
>
> Since I have updated to the 2.8 I frequently (5 times a day) find "(null)@192.168.1.21" in the "Banned Users" list, maybe sipwise takes it as a pattern or something, I don't know, but suddently many subscribers get disconnected. As I remove the entry from the "ban users" the subscribers get connected again.
>
> Clients have many networks subnets, all agregatted in 10.0.0.0/8. So my question is, Do I have to disable the security by setting  dos_ban_enable: 'no' ? Can I set a network instead of an IP in the 'dos_whitelisted_ips'?
>
> Thanks in advance
>
> David Martín
>
> _______________________________________________
> Spce-user mailing list
> Spce-user at lists.sipwise.com
> http://lists.sipwise.com/listinfo/spce-user
>

_______________________________________________
Spce-user mailing list
Spce-user at lists.sipwise.com
http://lists.sipwise.com/listinfo/spce-user

More information about the Spce-user mailing list