On Tue, Oct 28, 2014 at 5:31 PM, Jan Willamowius <jan@xxxxxxxxxxxxxx> wrote: > I'd suggest to use a authentication policy to block spam and not mix it > into call routing if possible. Authentication happens before the > routing process and is designed to handle exactly this. > > We recently used SQLAuth with a client to block a SPAM wave, but > depending on the characteristics of the incoming spam you can also pick > LUA or one of the other authentication policies. See > http://www.gnugk.org/gnugk-manual-8.html OK, that will work I think. In the following, I want to allow all calls, all the time, from my internal 10/8 network. If I find a bad actor in my logs, I add their IP address to the banTable with "allowCall" set to FALSE. If they connect again, then they're blocked. I want to make sure that by default we're still open to calls without needing to put the entire internet into the banTable. I know it's going to be whack-a-mole in the beginning, but it's something. If I want to chain rules, then would something like this work? [Gatekeeper::Auth] FileIPAuth=alternative SQLAuth=alternative [SQLAuth] CallQuery=SELECT allowCall FROM banTable WHERE ipAddress = '%callerip' [FileIPAuth] 10/8=allow If I then create a MySQL table that looks like this: (syntax may not be exact for the create, but it's probably close) create table banTable( `row` bigint(20) unsigned NOT NULL AUTO_INCREMENT, `allowCall` boolean default TRUE, `ipAddress` varchar(255) NOT NULL, `modified` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, key (row), key(ipAddress)) engine=innodb default charset utf8; ------------------------------------------------------------------------------ _______________________________________________________ Posting: mailto:Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx Archive: http://sourceforge.net/mailarchive/forum.php?forum_name=openh323gk-users Unsubscribe: http://lists.sourceforge.net/lists/listinfo/openh323gk-users Homepage: http://www.gnugk.org/
