We've started to get probed from the internet and it's annoying our administrative staff, because our VCs will wake up and then the other side disconnects. Banning the IPs at the firewall is too labor intensive and has too long a turn-around time. We're using Routing::Explicit to map a one-to-one external IP to each internal system. I've currently got a vqueue that I already use to manipulate calls, but it seems like the only things I can do is either reject the call, route to alias, or route to gateway. The vqueue is deeper in the RoutingPolicy and is after Explicit. If I configure vqueue first in my routing list, I can appropriately setup a dynamic "reject" list (with aging, etc) so that these IPs that connect and then immediately disconnect will get rejected before the GnuGK starts to proxy the call to the internal system. That's easy. :) But if I don't reject the call, how do I get the rest of the RoutingPolicy to execute? I don't want to try to get my script to then become its own gatekeeper; I'd still like the internal, explicit etc rules to trigger if the vqueue script allows the call to proceed. I also don't think that I want to set a "1 second" timeout, but if that's what I need to do to then I can. I've tried to route the call back to GnuGK, but that doesn't seem to work. (Setting the alias or gateway as the IP of the GnuGK) ------------------------------------------------------------------------------ _______________________________________________________ Posting: mailto:Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx Archive: http://sourceforge.net/mailarchive/forum.php?forum_name=openh323gk-users Unsubscribe: http://lists.sourceforge.net/lists/listinfo/openh323gk-users Homepage: http://www.gnugk.org/
