(08:07:50 PM) [email protected]/3B5B7251: seriously i did not know
that it was accepted as part of 4.4. that ratelimit thingy
- was a private message I sent to the poster.
On 04/27/2011 08:01 PM, George Niculae wrote:
On Wed, Apr 27, 2011 at 2:55 PM, Tony Graziano
<[email protected] <mailto:[email protected]>>
wrote:
In 4.4, there is new dialogue in proxy>advanced.
Penalize Threshold Violators (Default: checked)
If set on true the IPs identified as threshold violators are
automatically added on the black list
Packets per Second (Default: 100)
Number of packets per second allowed from an IP address before
considering it a DoS attack. Every time this threshold is exceeded the
Violation Rate value associated with this IP is incremented.
Violation Rate (Default: 50)
When this threshold is exceeded the IP address is added on the
black list.
Penalty Period (Default: 3600)
Length of time (in milliseconds) that rate violators will be
penalized.
White List
List of trusted IPs (comma separated values of IP addresses or subnet)
that will be never added on the black list.
Black List
List of untrusted IPs (comma separated values of IP addresses or
subnet) considered DoS Attackers.
Is this dialogue internal only to the proxy? If so, where does one
view any violations? Are there any alarms, I don't see any in the
list? If this is not internal to the proxy, is there a format/method
for pushing it to a firewall?
This is not intended to be in 4.4 but 4.6 only, these sipxproxy
settings were merged in by mistake I guess, I'll take a look
Thanks,
George
_______________________________________________
sipx-dev mailing list
[email protected]
List Archive: http://list.sipfoundry.org/archive/sipx-dev/
_______________________________________________
sipx-dev mailing list
[email protected]
List Archive: http://list.sipfoundry.org/archive/sipx-dev/
