Asterisk

From Fail2ban
Revision as of 12:51, 17 December 2008 by 83.104.166.90 (talk) (New page: Hello all, I have fail2ban installed on CentOS 4.7 with Shoreline Firewall (Shorewall) and IpTables. This works well with SSH, Apache and Named bans. However, I am still trying to get it ...)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigationJump to search

Hello all,

I have fail2ban installed on CentOS 4.7 with Shoreline Firewall (Shorewall) and IpTables. This works well with SSH, Apache and Named bans. However, I am still trying to get it to ban failed SIP registration attempts in Asterisk.

My jail.conf contains the following for Asterisk:

[asterisk-iptables]

enabled = true filter = asterisk action = iptables-allports[name=ASTERISK, protocol=all] 

          sendmail[name=ASTERISK, dest=phil@infinitygrp.co.uk, sender=fail2ban@asterisk1.local]

logpath = /var/log/messages maxretry = 2 bantime = 259200

I know I need to create a filter for this service to use but have no clue where to start. Does anybody know if this has been done already?

Thank you in advance for any assistance

Phil

Retrieved from "http://wiki.fail2ban.org/wiki/index.php?title=Asterisk&oldid=2314"