[Freeswitch-users] Security - IPtables, Fail2Ban, Rate Limit ..

Lloyd Aloysius lloyd.aloysius at gmail.com
Tue Sep 24 12:26:48 UTC 2019


Recently see lots of attacks. Try to protect the system. Currently using
iptables and fail2ban. It is not enough. I see the following page explain
rate limit.

https://freeswitch.org/confluence/display/FREESWITCH/Security


# Trixter's SIP rate limiter (This helps protect you from DoS attacks)
iptables -A INPUT -p udp --dport 5060 -m limit --limit 5/s --limit-burst 5
-i eth0 -j REJECT
iptables -A INPUT -p udp --dport 5080 -m limit --limit 5/s --limit-burst 5
-i eth0 -j REJECT

What is the best limit for 500 phones. Is there any other best practice to
protect the system for Dos attacks.

Thanks
Lloyd
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20190924/317f2cea/attachment.html>


More information about the FreeSWITCH-users mailing list