Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 14 replies
  • Subscribers 2 subscribers
  • Views 4677 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Strange high bandwidth SIP traffic

most_ahdy
Hi,
  From about 2 weeks ago, Astaro receive strange high load SIP traffic sourced from 42.234.141.122.adsl-pool.jlccptt.net.cn as shown in the attached screen shot, and when I block this traffic using the flow control window it  cause nothing, so how can I block this kind of traffic or how can I track this traffic, please note that I searched all my log files I did not find any log with the source "42.234.141.122.adsl-pool.jlccptt.net.cn". any information about how can  I track this traffic and stop it.
Thanks,
Mostafa Aly


This thread was automatically locked due to age.
Parents
  • 0
    Yes I have DNAT rules

    Meanwhile, you can create a PacketFilter rule to DROP traffic from that address.

    Mostafa, if you are using auto firewall rules with your DNATs, you need to disable the relevant ones to use Barry's prescription.  The basic rule is that DNATs come before proxies and VPNs, and manual routes and firewall rules come after.

    Cheers - Bob
    PS I failed to notice that you had already addressed that, Barry! [:)]
Reply
  • 0
    Yes I have DNAT rules

    Meanwhile, you can create a PacketFilter rule to DROP traffic from that address.

    Mostafa, if you are using auto firewall rules with your DNATs, you need to disable the relevant ones to use Barry's prescription.  The basic rule is that DNATs come before proxies and VPNs, and manual routes and firewall rules come after.

    Cheers - Bob
    PS I failed to notice that you had already addressed that, Barry! [:)]
Children
No Data