Il 06/03/2013 19:58, leo ha scritto:
I've also added Nick's suggestion:
if ($ua =~ "friendly-scanner") {
xlog("L_ERR", "Attack attempt - Request dropped");
drop();
}
But i don't have neither those events in the opensips.log file.
it depends where in the
Hi Seth,
I will check today and update SVN if necessary. I will let you know
when I am done. Thanks for letting us know.
Regards,
Alex Ionescu
On March 7, 2013 8:05:50 AM Seth Schultz wrote:
Hello,
It appears after updating to the latest 1.9.0, my OpenSIPS Control Panel
can no longer c
Hello,
It appears after updating to the latest 1.9.0, my OpenSIPS Control Panel
can no longer control RTPProxy nodes. I believe the mi commands were
modified between 1.8.2 and 1.9.0, which caused the control panel to stop
functioning properly. I am using the latest SVN revision for
OpenSIPS
maybe a log file, and deny ip is faster
but if you want it per user, it's slower, since you must check if user is
ok in a database
using ip, you only need to log and a external program (ex fail2ban) can
block it via iptables, hosts.deny or other method
2013/3/6 Muhammad Shahzad
> While this wi
While this will work for small setups but i have feeling that this won't be
suitable for high load productive systems, since it does same thing as
fail2ban but runs INLINE, blocking other sip requests till it is finished.
Thank you.
On Wed, Mar 6, 2013 at 8:48 PM, Hubert Mickael wrote:
> Hi,
Hi,
Pike module to stop flood ?
I have add perl script at pike to add firewall rule in my freebsd.
Example opensips conf:
#--- module pike ---
loadmodule "pike.so"
#--- pike params
modparam("pike", "sampling_time_unit", 2)
modparam("pike", "reqs_d
A few suggestions (mostly already suggested by many guys in this thread, i
am only arranging their order to a secure setup), opensips log level should
be at least 2.
1. I usually filter out all known nasty users / attackers right in sanity
check section of default request route. My sanity check se
Hello Bakko:
I've it configured as you but i'm still not having events in opensips.log file
like "Auth error for $fU@$fd from $si cause" for packets:
19:52:41.100695 00:08:e3:20:fb:b6 > 00:0c:29:fc:95:e1, ethertype IPv4 (0x0800),
length 384: (tos 0x0, ttl 52, id 0, offset 0, flags [DF], proto U
You need to use a SIP client that supports ICE and check its logs.
Adrian
On Mar 6, 2013, at 7:20 PM, Leonardo Uzcudun wrote:
> Hello Saul:
>
> I'm still trying to configure ICE support.
> How could i check if it is working?
> Thanks,
>
> Leo.
> Da: Saúl Ibarra Corretgé
> A: OpenSIPS users ma
Hello Saul:
I'm still trying to configure ICE support.
How could i check if it is working?
Thanks,
Leo.
Da: Saúl Ibarra Corretgé
A: OpenSIPS users mailling list
Inviato: Giovedì 28 Febbraio 2013 12:07
Oggetto: Re: [OpenSIPS-Users] NAT
On Feb 28, 2013, at 1
Hello Bogdan,
Thank you so much for your response. When using the dialplan module to:
1) Translate username/domain. Do you mean using the "match_exp" field?
And splitting up the username and domain using script?
2) How do we extract group ID from the dialplan table?
As I have seen in "Building T
We have run into similar situations where transport changes. The most
common reason that we have found is due to non-explicit transport. We have
implemented explicit setting of transport in the contact / record-route to
make sure that transport is honored. If there is no transport, the RFC
says
Hi,
I have configured an incoming TLS service from the client which is working fine.
Opensips converts it to UPD and feeds it to some freeswitch servers.
All works okay until cleardown, whereby if the far end clears, the BYE message
is not converted from UDP back to TLS.
Should opensips rememb
Hi Bogdan-Andrei,
As you said, the RURI should point to B and the problem is solved.
The rest of BYE messages are filled with "" as RURI in my
initial post. Many thanks for your answer.
Best wishes,
Chen-Che
--
View this message in context:
http://opensips-open-sip-server.1449251.n2.nabble.c
I am not sure but it seems that the data in one or more column is larger
then column width provided by MySQL, resulting in buffer overflow. Can you
check which SQL query might have caused this problem? There are two
possibilities,
1. Table encoding is multi-byte char and opensips is somehow consid
Thanks to your response.
I will testing this solution
bye
Le 06/03/2013 11:54, Bogdan-Andrei Iancu a écrit :
Hi Mickael,
In this case I would suggest using 2 groups of rules - one for the
short numbers, one for the normal numbers.
First try the short numbers and enforce the matching based
Any ideas here? :/
On Tue, Mar 5, 2013 at 10:10 AM, Brett Nemeroff wrote:
> Hey All,
> I'm running opensips 1.8.2 svnrevision: 2:9628M
>
> I'm getting some random crashes. Load isn't terribly high on these boxes
> and I can't figure out what specifically is causing the crash.
>
>
__
Hi,
OK, in 1.8 was fixed , so I suggest moving on with latest 1.8.2
(fully compatible with 1.8.0) to get rid of that.
Note that the log you see is completely harmless .
Regards,
Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
http
Hello,
The wrong ERROR message has been removed in newer versions of
OpenSIPS, so either update your 1.8 sources to get rid of them (
would strongly recommend this, since there have been many bug-fixes
since the release of 1.8.0 - now we are at 1.8.2 ) , or simply
Dear Bogdan-Andrei:
Thank you very much for your answer.
Here I sending you the information:
opensips -V
version: opensips 1.8.0-tls (x86_64/linux)
flags: STATS: Off, USE_IPV6, USE_TCP, USE_TLS, DISABLE_NAGLE, USE_MCAST,
SHM_MEM, SHM_MMAP, PKG_MALLOC, F_MALLOC, FAST_LOCK-ADAPTIVE_WAIT
ADAPTIVE_
Hi Miguel,
It seems you have an older version of opensips - which one you use
??
errno 4 means SYSTEM INTERRUPT and in the current code is properly
handled (not displayed as regular error).
Please do an "opensips -V" and post here.
Hi Mickael,
In this case I would suggest using 2 groups of rules - one for the short
numbers, one for the normal numbers.
First try the short numbers and enforce the matching based on the len of
the number (I guess the premium numbers have some fix len) ; also
consider the L flag (see
http:
Hello,
I'm using this configuration:
if (is_method("REGISTER")) {
$var(auth_code) = www_authorize("", "subscriber");
if ( $var(auth_code) == -1 || $var(auth_code) == -2 ) {
xlog("L_NOTICE","Auth error for $fU@$fd from $si cause
$var(auth_code)");
}
Hello Alexandre:
I've enabled fail2ban according the instructions in the page but it seems
opensips is not loggin the register attemps. Should i increment the debug level?
### Global Parameters #
debug=3
log_stderror=no
#Changed for fail2ban
#log_facility=LOG_LOCAL0
log_facility=LOG
OK, super - I just want you to be aware of that ;)
Regards,
Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
http://www.opensips-solutions.com
On 03/06/2013 12:03 AM, Schneur Rosenberg wrote:
Thanks by me its always the same ip so its fine, thanks
On Tue, Mar 5, 2013 at 3:04 PM, Bogdan-And
if ($ua =~ "friendly-scanner") {
xlog("L_ERR", "Attack attempt - Request dropped");
drop();
}
--
Nick
2013/3/6 leo
> Hello:
>
> I'm receiving on my OpenSIPS server a lot of register request. I believe
> that is someone trying to attack the sip ser
Hi,
It's not OK for me, look:
If I have:
+33 366985475 (landline number in France)
and
+33 3669 (premium rate number in France)
In my DB in dr_rules table I have:
INSERT INTO `dr_rules` (`ruleid`, `groupid`, `prefix`, `timerec`,
`priority`, `routeid`, `gwlist`, `attrs`, `description`) VALUES
Hello,
Maybe you should use fail2ban :
http://www.opensips.org/Resources/DocsTutFail2ban
Regards,
MOUTOT Alexandre
a.mou...@alphalink.fr
- Original Message -
> From: "leo"
> To: users@lists.opensips.org
> Sent: Wednesday, March 6, 2013 10:10:35 AM
> Subject: [OpenSIPS-Users] How to pr
Hello:
I'm receiving on my OpenSIPS server a lot of register request. I believe
that is someone trying to attack the sip service because the source IP is
not one that i know. Here is the request:
10:03:54.191249 00:08:e3:20:fb:b6 > 00:0c:29:fc:95:e1, ethertype IPv4
(0x0800), length 384: (tos 0x0,
29 matches
Mail list logo
