1) # apt-get install fail2ban iptables python
2) # cd /etc/fail2ban/filter.d/
тут фильтры. (ололо)
3) # vim asterisk.conf
дописать в конфиг параметры очевидны.
дописать в конфиг
6) Перезапускаем проверяем.
# iptables -L -v
2) # cd /etc/fail2ban/filter.d/
тут фильтры. (ололо)
3) # vim asterisk.conf
4) # vim /etc/fail2ban/jail.conf[INCLUDES]failregex = NOTICE.* .*: Registration from '.*' failed for '<HOST>:.*' - Wrong passwordNOTICE.* .*: Registration from '.*' failed for '<HOST>:.*' - No matching peer foundNOTICE.* .*: Registration from '.*' failed for '<HOST>:.*' - No matching peer foundNOTICE.* .*: Registration from '.*' failed for '<HOST>:.*' - Username/auth name mismatchNOTICE.* .*: Registration from '.*' failed for '<HOST>:.*' - Device does not match ACLNOTICE.* .*: Registration from '.*' failed for '<HOST>:.*' - Peer is not supposed to registerNOTICE.* .*: Registration from '.*' failed for '<HOST>:.*' - ACL error (permit/deny)NOTICE.* .*: Registration from '.*' failed for '<HOST>:.*' - Device does not match ACLNOTICE.* .*: Registration from '\".*\".*' failed for '<HOST>:.*' - No matching peer foundNOTICE.* .*: Registration from '\".*\".*' failed for '<HOST>:.*' - Wrong passwordNOTICE.* <HOST> failed to authenticate as '.*'$NOTICE.* .*: No registration for peer '.*' \(from <HOST>\)NOTICE.* .*: Host <HOST> failed MD5 authentication for '.*' (.*)NOTICE.* .*: Failed to authenticate user .*@<HOST>.*NOTICE.* .*: <HOST> failed to authenticate as '.*'NOTICE.* .*: <HOST> tried to authenticate with nonexistent user '.*'VERBOSE.*SIP/<HOST>-.*Received incoming SIP connection from unknown peerignoreregex =
дописать в конфиг параметры очевидны.
# from asterisk5) # vim /home/asterisk/ap/etc/logger.conf
[asterisk-iptables]
enabled = true
filter = asterisk
action = iptables-allports[name=ASTERISK, protocol=all]
sendmail-whois[name=ASTERISK, dest=root, sender=root@kyct.ru]
logpath = /home/asterisk/ap/log/messages
maxretry = 6
bantime = 259200
дописать в конфиг
[general]
dateformat=%F %T
6) Перезапускаем проверяем.
# iptables -L -v
