Added dos test on flexisip suite & updated flexisip.conf

tester/flexisip/flexisip.conf

@@ -60,31 +60,35 @@ bind-address=0.0.0.0
 #  Default value: 3478
 port=3478
 
+
 ##
-## DOS protection parameters.
+## This module bans user when they are sending too much packets on
+## a given timelapse
 ##
-[dos-protection]
-# Enable or disable DOS protection using IPTables firewall.
-#  Default value: false
-enabled=false
+[module::DoS]
+# Indicate whether the module is activated.
+#  Default value: true
+enabled=true
 
-# List of whitelist IPs which won't be affected by DOS protection.
-#  Default value: 127.0.0.1
-authorized-ip=127.0.0.1
+# A request/response enters module if the boolean filter evaluates
+# to true. Ex: from.uri.domain contains 'sip.linphone.org', from.uri.domain
+# in 'a.org b.org c.org', (to.uri.domain in 'a.org b.org c.org')
+# && (user-agent == 'Linphone v2')
+#  Default value: 
+filter=
 
-# Local ports to protect.
-#  Default value: 5060
-port=5060
+# Number of milliseconds to calculate the packet rate
+#  Default value: 1000
+time-period=1000
 
-# Time (in seconds) while an IP have to not send any packet in order
-# to leave the blacklist.
-#  Default value: 60
-ban-duration=60
+# Maximum packet rate received in [time-period] millisecond(s) to
+# consider to consider it a DoS attack.
+#  Default value: 5
+packet-rate-limit=5
 
-# Number of packets authorized in 1sec before considering them as
-# DOS attack.
-#  Default value: 20
-packets-limit=20
+# Number of minutes to ban the ip/port using iptables
+#  Default value: 1
+ban-time=1
 
 
 ##
@@ -273,10 +277,6 @@ fork-late=true
 call-fork-timeout=20
 
 
-# Only forward one response of forked invite to the caller
-#  Default value: true
-fork-one-response=true
-
 # All the forked have to decline in order to decline the caller
 # invite
 #  Default value: false
@@ -544,3 +544,5 @@ filter=
 #  Default value:
 collector-address=sip:collector@sip.example.org
 
+
+

tester/flexisip_tester.c

@@ -858,6 +858,43 @@ static void file_transfer_message_external_body_to_rcs_client(void) {
 	linphone_core_manager_destroy(pauline);
 }
 
+static void dos_module_trigger(void) {
+	char *to;
+	LinphoneChatRoom *chat_room;
+	int i = 0;
+	int number_of_messge_to_send = 100;
+	LinphoneCoreManager* marie = linphone_core_manager_new("marie_rc");
+	LinphoneCoreManager* pauline = linphone_core_manager_new("pauline_rc");
+	
+	reset_counters(&marie->stat);
+	reset_counters(&pauline->stat);
+	
+	to = linphone_address_as_string(marie->identity);
+	chat_room = linphone_core_create_chat_room(pauline->lc,to);
+	
+	do {
+		char msg[128];
+		sprintf(msg, "Flood message number %i", i);
+		linphone_chat_room_send_message(chat_room, msg);
+		ms_usleep(100000);
+		i++;
+	} while (i < number_of_messge_to_send);
+	// At this point we should be banned for a minute
+	
+	ms_usleep(90000000); // Wait 90 seconds to ensure we are not banned anymore
+	CU_ASSERT_TRUE(marie->stat.number_of_LinphoneMessageReceived < number_of_messge_to_send);
+	
+	reset_counters(&marie->stat);
+	reset_counters(&pauline->stat);
+	
+	linphone_chat_room_send_message(chat_room, "This one should pass through");
+	CU_ASSERT_TRUE(wait_for(pauline->lc,marie->lc,&marie->stat.number_of_LinphoneMessageReceived, 1));
+
+	linphone_core_manager_destroy(marie);
+	linphone_core_manager_destroy(pauline);
+	ms_free(to);
+}
+
 test_t flexisip_tests[] = {
 	{ "Subscribe forking", subscribe_forking },
 	{ "Message forking", message_forking },
@@ -877,7 +914,8 @@ test_t flexisip_tests[] = {
 	{ "Call with ipv6", call_with_ipv6 },
 	{ "File transfer message rcs to external body client", file_transfer_message_rcs_to_external_body_client },
 	{ "File transfer message external body to rcs client", file_transfer_message_external_body_to_rcs_client },
-	{ "File transfer message external body to external body client", file_transfer_message_external_body_to_external_body_client }
+	{ "File transfer message external body to external body client", file_transfer_message_external_body_to_external_body_client },
+	{ "DoS module trigger by sending a lot of chat messages", dos_module_trigger }
 };