Iptables -A INPUT -p udp -m udp -dport 5060 -m string -string "REGISTER sip:" -algo bm -to 65535 -m recent -update -seconds 60 -hitcount 12 -rttl -name VOIP -rsource Iptables -A INPUT -p udp -m udp -dport 5060 -m string -string "INVITE sip:" -algo bm -to 65535 -m recent -set -name VOIPINV -rsource (microsft i have no idea) iptables -A INPUT -p udp -m udp -dport 5060 -m string -string "INVITE sip:" -algo bm -to 65535 -m recent -update -seconds 60 -hitcount 12 -rttl -name VOIPINV -rsource you can slow them down by iptables manually or learn how to add this at boot depending on your version of Linux. If your requests are INVITE or REGISTER like my example. Tcpdump: verbose output suppressed, use -v or -vv for full protocol decode # tcpdump -i ens3 port sip -l -A | egrep -i 'INVITE sip' Tcpdump -i eth0 port sip -l -A | egrep -i 'User-Agent' I would start by looking at sip show channels and or using tcpdump and some direct asterisk console commands tcpdump -i eth0 port sip -l -A | egrep -i 'INVITE sip'
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
June 2023
Categories |