GSP
Quick Navigator
Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
Net::SIP::Dropper::ByIPPort(3) User Contributed Perl Documentation Net::SIP::Dropper::ByIPPort(3)

Net::SIP::Dropper::ByIPPort - drops SIP messages based on senders IP and port 

    use Net::SIP::Dropper::ByIPPort;
    my $drop_by_ipport = Net::SIP::Dropper::ByIPPort->new(
        database => '/path/to/database.drop',
        methods => [ 'REGISTER', '...', '' ],
        attempts => 10,
        interval => 60,
    );

    my $dropper = Net::SIP::Dropper->new( cb => $drop_by_ipport );
    my $chain = Net::SIP::ReceiveChain->new([ $dropper, ... ]);

With "Net::SIP::Dropper::ByIPPort" one can drop packets, if too much packets are received from the same IP and port within a specific interval. This is to stop bad behaving clients.

new ( ARGS )
ARGS is a hash with the following keys:
database
Optional file name of database or callback for storing/retrieving the data.

If it is a callback it will be called with "$callback->(\%data)" to retrieve the data (%data will be updated) and "$callback->(\%data,true)" to save the data. No return value will be expected from the callback.

%data contains the number of attempts from a specific IP, port at a specific time in the following format: "$data{ip}{port}{time} = count"

attempts
After how many attempts within the specific interval the packet will be dropped. Argument is required.
interval
The interval for attempts. Argument is required.
methods
Optional argument to restrict dropping to specific methods.

Is array reference of method names, if one of the names is empty also responses will be considered. If not given all packets will be checked.

run ( PACKET, LEG, FROM )
This method is called as a callback from the Net::SIP::Dropper object. It returns true if the packet should be dropped, e.g. if there are too much packets from the same ip,port within the given interval.
expire
This method is called from within "run" but can also be called by hand. It will expire all entries which are outside of the interval.
savedb
This method is called from "expire" and "run" for saving to the database after changes, but can be called by hand to, useful if you made manual changes using the "data" method.
data
This method gives access to the internal hash which stores the attempts. An attempt from a specific IP and port and a specific time (as int, like time() gives) will be added to "$self->data->{ip}{port}{time}".

By manually manipulating the hash one can restrict a specific IP,port forever (just set time to a large value and add a high number of attempts) or even restrict access for the whole IP (all ports) until time by using a port number of 0.

After changes to the data it is advised to call "savedb".

2021-05-04 perl v5.32.1
Search for    or go to Top of page |  Section 3 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.