Thanks for all the insights !<br> Yes, its to limit the no. of calls on the server, set a high watermark<br> So guess should start by looking at the ratelimit module ..<br> <br> thanks<br> -m<br><br><b><i>Kapil Dhawan <sersavvy@hotmail.com></i></b> wrote:<blockquote class="replbq" style="border-left: 2px solid rgb(16, 16, 255); margin-left: 5px; padding-left: 5px;"> Need to write a module, nothin available as such.<br><br><br>>From: "Frank Fischer" <frank.fischer @digitalnomads.ch=""><br>>To: "'Hendrik Scholz'" <hendrik.scholz @freenet-ag.de="">,"'Mike W'" <br>><mwick00 @yahoo.com=""><br>>CC: serusers@lists.iptel.org<br>>Subject: RE: [Serusers] limiting no. of concurrent calls ?<br>>Date: Wed, 8 Feb 2006 18:16:47 +0100<br>><br>><br>>In case he's encountering DOS attacks SER is IMHO the wrong place to defend<br>>against these attacks. A smart Firewall should do that job.<br>>In case it's only a bandwith problem again a firewall or any kind
of QoS<br>>device could manage the bandwith "before" SER.<br>>In case he really wants to limit calls per user some kind of call statefull<br>>module would be requiered in SER. As far as i have been told recently some<br>>basic work related to call state tracking is done in the current <br>>development<br>>iof a module call b2buac or similar. This might deliver the basic <br>>mechanisms<br>>needed to implement call limits per user.<br>><br>>- Frank<br>><br>><br>> > -----Original Message-----<br>> > From: serusers-bounces@iptel.org<br>> > [mailto:serusers-bounces@lists.iptel.org] On Behalf Of Hendrik Scholz<br>> > Sent: Wednesday, February 08, 2006 4:27 PM<br>> > To: Mike W<br>> > Cc: serusers@lists.iptel.org<br>> > Subject: Re: [Serusers] limiting no. of concurrent calls ?<br>> ><br>> > Hi!<br>> ><br>> > Mike W wrote:<br>> > > Thanks for the pointer, i need to look at the total
calls<br>> > at the proxy.<br>> > > It could be a counter that increments at a INVITE (and<br>> > subsequent OK)<br>> > > and decrements at a BYE/ CANCEL<br>> ><br>> > You'll still run into the very same problems. You have to<br>> > take INVITEs<br>> > without Authentication into account. How about retransmissions?<br>> > People might want to throw advertisements for Session Border<br>> > Controllers<br>> > at you ;)<br>> ><br>> > > Is this something that can be configured/ customised ?<br>> ><br>> > If it's the plain number of requests per second that you want to allow<br>> > not taking any specific behaviour into account you might want to try<br>> > the ratelimit module from CVS.<br>> ><br>> > What's the problem you are facing? Are you seeing DOS-like attacks?<br>> > I'm asking as I'm interested in implementing countermeasures.<br>> ><br>> >
Hendrik<br>> ><br>> > --<br>> > freenet Cityline GmbH, Hamburger Chaussee 2-4, 24114 Kiel, Germany<br>> > Phone: +49 (0)431 9020552, Fax: +49 (0)431 9020559<br>> > Internet: http://www.freenet.de, eMail: hendrik.scholz@freenet-ag.de<br>> ><br>> > _______________________________________________<br>> > Serusers mailing list<br>> > serusers@lists.iptel.org<br>> > http://lists.iptel.org/mailman/listinfo/serusers<br>> ><br>><br>><br>>_______________________________________________<br>>Serusers mailing list<br>>serusers@lists.iptel.org<br>>http://lists.iptel.org/mailman/listinfo/serusers<br><br>_________________________________________________________________<br>NRIs Zero balance Account. FREE Money Transfers with FREE DVD <br>https://www.online.citibank.co.in/portal/rca_msntagofline.htm<br><br></mwick00></hendrik.scholz></frank.fischer></blockquote><br><p>__________________________________________________<br>Do You
Yahoo!?<br>Tired of spam? Yahoo! Mail has the best spam protection around <br>http://mail.yahoo.com