Distro and fail2ban

For some reason, fail2ban config in the latest Distro download points to /var/log/asterisk/fail2ban instead of /var/log/asterisk/full

All you need to do to make fail2ban work is to edit /etc/fail2ban/jail.local, edit the logpath variable and restart fail2ban.

I did those changes (logger_logfiles_custom.conf and jail.local), restarted asterisk and fail2ban and everything works without any issues now.

Fail2ban should work much faster this way since there is really a lot less info to parse.

As an afterthought, maybe (in some future update) you should add these two lines to the /etc/fail2ban/asterisk.conf

NOTICE.* .*: Failed to authenticate user .*@<HOST>.* NOTICE.* .*: Sending fake auth rejection for device .*@<HOST>.*
A lot of times brute force attacks result in “Sending fake auth…” so this does help with keeping those script kiddies at bay.

Anyway, great job and fast response.


Actually do not edit that file. We purposely setup a new log file for fail2ban with just notices in it so the log file is smaller for fail2ban to parse and can react quicker.

Just add this to your /etc/asterisk/logger_logfiles_custom.conf

fail2ban => notice

I fixed it just now in all version of the Distro that uses the new fail2ban RPM. Not sure how I missed setting up the log file at install time.

Hi, I have 2 questions.
I am running 1.815.210.58-1 why is the fail2ban version 0.8.4 from 2009 when the latest version is 0.8.7 from 7/2012 ?


I am getting these warnings after upgrade to 2.10

WARNING ‘action’ not defined in ‘php-url-fopen’. Using default value WARNING ‘action’ not defined in ‘lighttpd-fastcgi’. Using default value ERROR No file found for /var/log/asterisk/fail2ban ERROR No file found for /var/log/vsftpd.log

I guess the warnings are becuase PHP was updated, but fail2ban is out of date?


According to nuronce latest fail2ban is 0.8.7 or not?

Why do I have 0.8.6-9 ?

cat /etc/asterisk/freepbxdistro-version

yum list fail2ban Loaded plugins: fastestmirror, kmod Loading mirror speeds from cached hostfile Installed Packages fail2ban.noarch 0.8.6-9 installed