[Asterisk-Users] Recommendation for dialplan in case of DDoS atta cks?

Kristian Kielhofner kris at krisk.org
Mon Feb 28 12:52:50 MST 2005


Colin Anderson wrote:
> I'm trying to formulate a strategy for our interconnected Asterisk IAX peers
> to failover to the PSTN in the event of a DDoS. We currently use them like
> this:
> 
> DID--->PRI--->Primary Asterisk--->IAX--->On-site Asterisk--->SIP
> 
> This works fine, and everyone is happy. One of my concerns, though, is if we
> get DDoS'd - which happens probably once every couple of years. I'd like to
> have the dialplan failover to PSTN to shunt calls to the PSTN--->User's cell
> number in the case of a DDoS attack. 
> 
> My current thinking is K.I.S.S - just put the user's cell as the next step
> in the dialplan. However, I'd like for this to be controllable - when things
> are working OK, I don't want the calls being routed to the cells *at all*. I
> also don't want to have an extensions.conf and an extensions_emergency.conf
> and do the _emergency as an commented out include. I'd like for it to be
> automatic i.e. Asterisk detects Internet latency is above a certain
> threshold, then automagically does the cell thing. 
> 
> Any suggestions? I fooled around in Google for about a half hour on this,
> and of course the Wiki was no help. TIA

How about a combination of GotoIF, and app_dbodbc (or app_db):

exten => 700,1,playback(ddos-on)
exten => 700,2,DBput(DDOS/yes)

exten => 701,1,playback(ddos-off)
exten => 701,2,DBdel(DDOS/yes)

[mymainaa]
exten => s,1,DBGET(TRUE=DDOS/yes)
exten => s,2,Do this

exten =) s,102,do something else

Just a very lazy, simple example, but it should work.

--
Kristian Kielhofner



More information about the asterisk-users mailing list