Net::SIP::Dropper::ByIPPort(3) drops SIP messages based on senders IP and port


use Net::SIP::Dropper::ByIPPort;
my $drop_by_ipport = Net::SIP::Dropper::ByIPPort->new(
database => '/path/to/database.drop',
methods => [ 'REGISTER', '...', '' ],
attempts => 10,
interval => 60,
my $dropper = Net::SIP::Dropper->new( cb => $drop_by_ipport );
my $chain = Net::SIP::ReceiveChain->new([ $dropper, ... ]);


With "Net::SIP::Dropper::ByIPPort" one can drop packets, if too much packets are received from the same IP and port within a specific interval. This is to stop bad behaving clients.


new ( ARGS )
ARGS is a hash with the following keys:
Optional file name of database or callback for storing/retrieving the data.

If it is a callback it will be called with "$callback->(\%data)" to retrieve the data (%data will be updated) and "$callback->(\%data,true)" to save the data. No return value will be expected from the callback.

%data contains the number of attempts from a specific IP, port at a specific time in the following format: "$data{ip}{port}{time} = count"

After how many attempts within the specific interval the packet will be dropped. Argument is required.
The interval for attempts. Argument is required.
Optional argument to restrict dropping to specific methods.

Is array reference of method names, if one of the names is empty also responses will be considered. If not given all packets will be checked.


This method is called as a callback from the Net::SIP::Dropper object. It returns true if the packet should be dropped, e.g. if there are too much packets from the same ip,port within the given interval.
This method is called from within "run" but can also be called by hand. It will expire all entries which are outside of the interval.
This method is called from "expire" and "run" for saving to the database after changes, but can be called by hand to, useful if you made manual changes using the "data" method.
This method gives access to the internal hash which stores the attempts. An attempt from a specific IP and port and a specific time (as int, like time() gives) will be added to

By manually manipulating the hash one can restrict a specific IP,port forever (just set time to a large value and add a high number of attempts) or even restrict access for the whole IP (all ports) until time by using a port number of 0.

After changes to the data it is advised to call "savedb".