retronetworking
/
yate
12
0
Fork 2
Code Issues Pull Requests Projects Releases Wiki Activity

Added separate setting for activating the SIP flood protection mechanism. 

git-svn-id: http://voip.null.ro/svn/yate@5234 acf43c95-373e-0410-b603-e72c3f656dc1
This commit is contained in:
oana 2012-08-20 11:06:06 +00:00
parent ba95578d4d
commit c14f9e2e31
2 changed files with 18 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
conf.d/ysipchan.conf.sample
View File

@ -38,12 +38,18 @@
; Low priorities are not recommended except for debugging
;thread=normal
; floodevents: int: How many SIP events retrieved in a row trigger the drop mechanism
; for INVITE/REGISTER/SUBSCRIBE/OPTIONS messages. Other messages, as well as reINVITEs,
; will be allowed
; NOTE! This mechanism is activated by default, to disable it configure this parameter to 0.
; floodevents: int: How many SIP events retrieved in a row trigger a flood warning and the drop mechanism
; for INVITE/REGISTER/SUBSCRIBE/OPTIONS messages if the flood protection is on.
; NOTE! The drop mechanism is separately activated by the floodprotection setting which is on by default. Also,
; setting this parameter to 0 will disable the flood warning and protection.
;floodevents=100
; floodprotection: bool: Activate the drop mechanism for INVITE/REGISTER/SUBSCRIBE/OPTIONS messages when
; the number of SIP events retrieved in a row exceeds the number set for floodevents setting.
; Other messages, as well as reINVITEs, will be allowed.
; NOTE! This mechanism is activated by default, to disable it configure this parameter to false.
;floodprotection=on
; maxforwards: int: Default Max-Forwards header, used to avoid looping calls
;maxforwards=20

12
modules/ysipchan.cpp
View File

@ -1027,7 +1027,8 @@ static unsigned int s_engineStop = 0; // engine.stop message counter
static bool s_engineHalt = false; // engine.halt received
static unsigned int s_bindRetryMs = 500; // Listeners bind retry interval
static String s_realm = "Yate";
static int s_floodEvents = 20;
static int s_floodEvents = 100;
static bool s_floodProtection = true;
static int s_maxForwards = 20;
static int s_nat_refresh = 25;
static bool s_privacy = false;
@ -2556,7 +2557,7 @@ int YateSIPUDPTransport::process()
b[res] = 0;
if (s_printMsg)
printRecvMsg(b,res);
if (s_floodEvents && plugin.ep() && plugin.ep()->s_evCount >= s_floodEvents && !msgIsAllowed(b,res)) {
if (s_floodProtection && s_floodEvents && plugin.ep() && plugin.ep()->s_evCount >= s_floodEvents && !msgIsAllowed(b,res)) {
if (Time::now() >= s_printFloodTime) {
Debug(&plugin,DebugWarn,"Flood detected, dropping INVITE/REGISTER/SUBSCRIBE/OPTIONS messages, allowing reINVITES");
s_printFloodTime = Time::now() + 10000000;
@ -4265,8 +4266,10 @@ void YateSIPEndPoint::run()
for (;;)
{
if (!canRead()) {
if ((s_evCount % s_floodEvents) == 0)
Debug(&plugin,DebugMild,"Severe flood detected: %d events",s_evCount);
if (s_evCount == s_floodEvents)
Debug(&plugin,DebugMild,"Flood detected: %d handled events",s_evCount);
else if ((s_evCount % s_floodEvents) == 0)
Debug(&plugin,DebugWarn,"Severe flood detected: %d events",s_evCount);
}
SIPEvent* e = m_engine->getEvent();
if (e)
@ -7663,6 +7666,7 @@ void SIPDriver::initialize()
s_globalMutex.unlock();
s_maxForwards = s_cfg.getIntValue("general","maxforwards",20);
s_floodEvents = s_cfg.getIntValue("general","floodevents",100);
s_floodProtection = s_cfg.getBoolValue("general","floodprotection",true);
s_privacy = s_cfg.getBoolValue("general","privacy");
s_auto_nat = s_cfg.getBoolValue("general","nat",true);
s_progress = s_cfg.getBoolValue("general","progress",false);