100% CPU usage with asterisk

Just now I restarted the server, and my manually injected ban IP was gone.
and I inserted again, and restart ban2fail service, and the banned record disappereared again.

[[email protected] ~]# fail2ban-client status asterisk-iptables
Status for the jail: asterisk-iptables
|- filter
|  |- File list:        /var/log/asterisk/fail2ban
|  |- Currently failed: 0
|  `- Total failed:     0
`- action
   |- Currently banned: 0
   |  `- IP list:
   `- Total banned:     0
[[email protected] ~]# fail2ban-client set  asterisk-iptables banip 62.75.128.0/17
62.75.128.0/17
[[email protected] ~]# fail2ban-client status asterisk-iptables
Status for the jail: asterisk-iptables
|- filter
|  |- File list:        /var/log/asterisk/fail2ban
|  |- Currently failed: 0
|  `- Total failed:     3
`- action
   |- Currently banned: 1
   |  `- IP list:       62.75.128.0/17
   `- Total banned:     1

AFTER restart service from GUI

Status for the jail: asterisk-iptables
|- filter
|  |- File list:        /var/log/asterisk/fail2ban
|  |- Currently failed: 0
|  `- Total failed:     0
`- action
   |- Currently banned: 0
   |  `- IP list:
   `- Total banned:     0

You will need Fail2ban 0.9 or better for that as it maintains bans over restarts in it’s own sqlite3 database., this is not available in previous versions, so I guess you are SOL there.

(did anyone mention that old RTFM thingy yet?)

I found an article saying the default freepbx fail2ban module does not work because the log file is not generating enough information for it to process, is that fixed already?

https://www.coochey.net/?p=61

As I said before, I don’t know, I don’t use it. But I can assure you that with Asterisk 10+ and fail2ban “quite new” it does, come on mcdull, stop being the “son of dull” (just kidding :slight_smile: ) and do that RTFM thing and just try it, because I won’t read you the FM anymore , or as I said before, rely on the FreePBX rpm and just be done with this thread

Thanks and I will try to read the manual again.

Wow a year old message in the highly regarded “coochey.net” community. Try the official bug tracker. Eyes rolling