PitzKey
November 15, 2021, 12:16pm
1
For those of you who use APIBAN on FreePBX 13, you may have noticed that the go client cannot fetch anymore the list of bad IP addresses due to an SSL error. (This issue is only on FreePBX 13. FreePBX 14 and up works fine)
The Palner Group/Fred Posner created a new go client that skips the SSL verification
See original installation guide by Lorne:
The last few Open Source Lounge sessions have seen conversation around apiban.org , with last night’s session getting a detailed presentation by Fred Posner on how it all works. The apiban.org project is a SIP blacklist compiled from honeypots with a simple API that allows you to dynamically update iptables rules with known current attackers. Generally I’m not a fan of blacklists on principle, but there are obviously situations where whitelisting won’t work. If one is working with this constraint…
And instead of the regular client, you will need to use:
wget https://github.com/palner/apiban/raw/master/clients/go/apiban-iptables-skipverify/apiban-iptables-client-skipverify
Same with setting up the cron job:
*/5 * * * * root /usr/local/bin/apiban/apiban-iptables-client-skipverify >/dev/null 2>&1
2 Likes
system
December 16, 2021, 12:16pm
2
This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.