Well if Gerald could repost his config that would be a great leg-up... see: http://www.mail-archive.com/[email protected]/msg19311.html
On Sun, Feb 5, 2012 at 10:44 AM, S.K.- G <[email protected]> wrote: > OK, I think I will try to integrate fail2ban with SIPX .. Any “How to“ > recommendations? http://sourceforge.net/projects/fail2ban/files/**** > > ** ** > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Michael Picher > *Sent:* Sunday, February 05, 2012 9:13 AM > > *To:* Discussion list for users of sipXecs software > *Subject:* Re: [sipx-users] Sip Vicious and Remote Workers**** > > ** ** > > it's call pfblocker... add the package in the first menu on the left...** > ** > > On Sun, Feb 5, 2012 at 8:55 AM, S.K.- G <[email protected]> wrote:**** > > Nice!! **** > > Welcome me to the SIP Vicious too L.My CDR record is full of “Failed” trials > to international numbers .. Any help on how to install/configure the SIPX, > Country Block Option in pfSense? The gz link doesn’t seem to work.**** > > **** > > Cheers**** > > Saad**** > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Robert B > *Sent:* Sunday, February 05, 2012 8:42 AM > *To:* [email protected]**** > > > *Subject:* Re: [sipx-users] Sip Vicious and Remote Workers**** > > **** > > Keith,**** > > > > These other solutions that are being recommended are great, but I actually > found a very simple way that works "well enough" for me *so far*... > > Change your iptable rule that allows port 5060 to something like the > following: > > -A INPUT -p tcp -m tcp -m string -m hashlimit --dport 5060 -j ACCEPT > --string "REGISTER sip:" --algo bm --to 65 --hashlimit 5/second > --hashlimit-burst 10 --hashlimit-mode srcip,dstport --hashlimit-name > sip_r_limit > > It adds a simple rate limiter using source IP and destination port hash so > that no single IP can send more than five REGISTER commands per second. > This is not the be-all-end-all solution. However, in lieu of taking the > time to setup fail2ban, this should do the trick. > > -- Robert > > > > On 2/4/2012 5:47 PM, Keith Laidlaw wrote: **** > > I have a working, stable sipX system (4.4.0 from ISO) with various > same-subnet phones and sipxbridge to an ITSP (Voip.ms). The entire system > is behind a port restricted NAT. All is well.**** > > **** > > Recently I tried to add remote workers to the mix, very carefully. The > first - and only - thing I did was port forward 5060 TCP/UDP and > 30000-31000 UDP. When I did this I experienced what I suspect is the > sipvicious problem described elsewhere in this list. Every 24 hours or so, > sipxproxy and sipxregistrar prevent phones from registering and the only > cure is to restart those two.**** > > **** > > My questions:**** > > **** > > 1) What is the best way to confirm that my problem is due to > sipvicious.**** > > 2) Is the detailed reason that sipvicious causes an irrecoverable > lockup well known?**** > > 3) Does 4.6 handle this situation better and make it into a (self) > recoverable situation?**** > > 4) Does 4.6 offer sipvicious protection to minimise this from > happening in the first place?**** > > 5) In the meantime, is pfsense my best option to block sipvicious > (and also change me to symmetric)?**** > > 6) Is there an ISO for pfsense that is appropriate for sipx? Or an > ISO with instructions for configuring for sipx?**** > > **** > > Any help would be appreciated.**** > > **** > > Keith**** > > **** > > **** > > > _______________________________________________ > sipx-users mailing list > [email protected] > List Archive: http://list.sipfoundry.org/archive/sipx-users/**** > > > > **** > > ** ** > > -- > Michael Picher, Director of Technical Services > eZuce, Inc.**** > > 300 Brickstone Square**** > > Suite 201**** > > Andover, MA. 01810**** > > O.978-296-1005 X2015 > M.207-956-0262 > @mpicher <http://twitter.com/mpicher> > www.ezuce.com**** > > ** ** > > > ------------------------------------------------------------------------------------------------------------ > **** > > Hope to see you at the sipX CoLab! http://www.sipfoundry.org/sipx-colab*** > * > > A gathering for - open source users, eZuce customers & eZuce partners**** > > Get the inside track on 4.6 and a glimpse at the future of sipXecs!**** > > ** ** > > _______________________________________________ > sipx-users mailing list > [email protected] > List Archive: http://list.sipfoundry.org/archive/sipx-users/ > -- Michael Picher, Director of Technical Services eZuce, Inc. 300 Brickstone Square**** Suite 201**** Andover, MA. 01810 O.978-296-1005 X2015 M.207-956-0262 @mpicher <http://twitter.com/mpicher> www.ezuce.com ------------------------------------------------------------------------------------------------------------ Hope to see you at the sipX CoLab! http://www.sipfoundry.org/sipx-colab A gathering for - open source users, eZuce customers & eZuce partners Get the inside track on 4.6 and a glimpse at the future of sipXecs!
_______________________________________________ sipx-users mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-users/
