Child pages
  • Firewall

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Once you have done that, click on 'Add Limit' to specify rates for different SIP messages.

Important Notes

Logging must be enabled for these settings to take effect (because fail2ban evaluates logs).

Enable Alarms to alert you when Call Rate Limits are being triggered!

Settings

To enable logging and control the rate limit settings click on the settings tab (System -> Firewall -> Settings) in the left side menu.  The 'Show Advanced Settings' link at the top of the page reveals even more options.

...

Packets matching the canned attack signatures above will be logged in /var/log/sipxpbx/firewall/firewall-sipdos.log before they are dropped. (Needed by System -> SIP Security)

Log rate limit packets

Rate limited packets that are dropped will be logged in /var/log/sipxpbx/firewall/firewall-ratedrop.log before they are dropped.

...

If enabled all SIP REGISTER packets will be logged in /var/log/sipxpbx/firewall/firewall-sip.log.  Must enable if (Needed by System -> SIP Security)

Log SIP INVITEs

If enabled all SIP INVITE packets will be logged in /var/log/sipxpbx/firewall/firewall-sip.log. (Needed by System -> SIP Security)

Log SIP ACKs

If enabled all SIP ACK packets will be logged in /var/log/sipxpbx/firewall/firewall-sip.log. (Needed by System -> SIP Security)

Log SIP OPTIONS

If enabled all SIP OPTIONS packets will be logged in /var/log/sipxpbx/firewall/firewall-sip.log. (Needed by System -> SIP Security)

Max entries

To prevent log flooding the administrator can decide to limit the maximum number of similar dropped packets to be logged.  This value should be greater than or equal to 2 or -1 for no limit.

...