I am setting up provisioning script for the phones; so I frequently send authentication failures to the server (or, I am just too error-prone :). So, I went into System Admin -> Intrusion Detection, and added my IP into the whitelist. Unfortunately, it doesn’t seem to have any effect. /etc/fail2ban/jail.local has ignoreip = 127.0.0.1 and then some strange ip that doesn’t look familiar. It stays there whether I add or remove my IP address. When I come later to FreePBX, my ip is; so it gets stored somewhere (database?) It just doesn’t have any effect on fail2ban. Once I misbehave, I got locked out.
Note, I am familiar with how fail2ban works. What I can’t figure out the link between intrusion detection in FreePBX and fail2ban.
As a somewhat side note, given that I ran PIAF’s TravelerMan and essentially closed my server to all unknown IPs, the value of fail2ban is questionable! Once we go into production, I don’t want an errant phone to lock all other users in the office!