it's call pfblocker... add the package in the first menu on the left... On Sun, Feb 5, 2012 at 8:55 AM, S.K.- G <[email protected]> wrote:
> Nice!! **** > > Welcome me to the SIP Vicious too L.My CDR record is full of “Failed” trials > to international numbers .. Any help on how to install/configure the SIPX, > Country Block Option in pfSense? The gz link doesn’t seem to work.**** > > ** ** > > Cheers**** > > Saad**** > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Robert B > *Sent:* Sunday, February 05, 2012 8:42 AM > *To:* [email protected] > > *Subject:* Re: [sipx-users] Sip Vicious and Remote Workers**** > > ** ** > > Keith, > > > These other solutions that are being recommended are great, but I actually > found a very simple way that works "well enough" for me *so far*... > > Change your iptable rule that allows port 5060 to something like the > following: > > -A INPUT -p tcp -m tcp -m string -m hashlimit --dport 5060 -j ACCEPT > --string "REGISTER sip:" --algo bm --to 65 --hashlimit 5/second > --hashlimit-burst 10 --hashlimit-mode srcip,dstport --hashlimit-name > sip_r_limit > > It adds a simple rate limiter using source IP and destination port hash so > that no single IP can send more than five REGISTER commands per second. > This is not the be-all-end-all solution. However, in lieu of taking the > time to setup fail2ban, this should do the trick. > > -- Robert > > > > On 2/4/2012 5:47 PM, Keith Laidlaw wrote: **** > > I have a working, stable sipX system (4.4.0 from ISO) with various > same-subnet phones and sipxbridge to an ITSP (Voip.ms). The entire system > is behind a port restricted NAT. All is well.**** > > **** > > Recently I tried to add remote workers to the mix, very carefully. The > first - and only - thing I did was port forward 5060 TCP/UDP and > 30000-31000 UDP. When I did this I experienced what I suspect is the > sipvicious problem described elsewhere in this list. Every 24 hours or so, > sipxproxy and sipxregistrar prevent phones from registering and the only > cure is to restart those two.**** > > **** > > My questions:**** > > **** > > **1) **What is the best way to confirm that my problem is due to > sipvicious.**** > > **2) **Is the detailed reason that sipvicious causes an > irrecoverable lockup well known?**** > > **3) **Does 4.6 handle this situation better and make it into a > (self) recoverable situation?**** > > **4) **Does 4.6 offer sipvicious protection to minimise this from > happening in the first place?**** > > **5) **In the meantime, is pfsense my best option to block > sipvicious (and also change me to symmetric)?**** > > **6) **Is there an ISO for pfsense that is appropriate for sipx? Or > an ISO with instructions for configuring for sipx?**** > > **** > > Any help would be appreciated.**** > > **** > > Keith**** > > **** > > ** ** > > _______________________________________________ > sipx-users mailing list > [email protected] > List Archive: http://list.sipfoundry.org/archive/sipx-users/ > -- Michael Picher, Director of Technical Services eZuce, Inc. 300 Brickstone Square**** Suite 201**** Andover, MA. 01810 O.978-296-1005 X2015 M.207-956-0262 @mpicher <http://twitter.com/mpicher> www.ezuce.com ------------------------------------------------------------------------------------------------------------ Hope to see you at the sipX CoLab! http://www.sipfoundry.org/sipx-colab A gathering for - open source users, eZuce customers & eZuce partners Get the inside track on 4.6 and a glimpse at the future of sipXecs!
_______________________________________________ sipx-users mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-users/
