I am not sure it is effective for DDoS or DoS, as it it just looking for "REGISTER". It will do nothing for "INVITE", which is also another DoS method.
If you have a firewall in front of it, you may want to consider implementing a Country Block and/or Abuse List. On Sat, Jan 21, 2012 at 8:51 AM, Robert B <[email protected]> wrote: > Modified from the FreeSWITCH wiki... > > http://wiki.freeswitch.org/wiki/QoS > > -A INPUT -p tcp -m tcp -m string -m hashlimit --dport 5060 -j ACCEPT > --string "REGISTER" --algo bm --to 65 --hashlimit 4/minute > --hashlimit-burst 1 --hashlimit-mode srcip,dstport --hashlimit-name > sip_r_limit > > Should this achieve the desired result of rate limited registrations? > > _______________________________________________ > sipx-users mailing list > [email protected] > List Archive: http://list.sipfoundry.org/archive/sipx-users/ -- ====================== Tony Graziano, Manager Telephone: 434.984.8430 sip: [email protected] Fax: 434.465.6833 Email: [email protected] LAN/Telephony/Security and Control Systems Helpdesk: Telephone: 434.984.8426 sip: [email protected] Helpdesk Customers: http://myhelp.myitdepartment.net Blog: http://blog.myitdepartment.net Linked-In Profile: http://www.linkedin.com/pub/tony-graziano/14/4a6/7a4 Ask about our Internet Fax services! _______________________________________________ sipx-users mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-users/
