Fail2ban has stopped banning IP's

FreePBX
1

Fail2ban has stopped banning IP’s. The only change I did recently was install updates using the CLI. My system is currently at 10.13.66-22.

Fail2ban is running

 service fail2ban status
fail2ban-server (pid  4246) is running...
Status
|- Number of jail:      6
`- Jail list:           apache-tcpwrapper, recidive, pbx-gui, apache-badbots, ssh-iptables, vsftpd-iptables

The only change I did recently was install updates using the CLI.  My system is currently at 10.13.66-22.

Fail2ban is running

 service fail2ban status
fail2ban-server (pid  4246) is running...
Status
|- Number of jail:      6
`- Jail list:           apache-tcpwrapper, recidive, pbx-gui, apache-badbots, ssh-iptables, vsftpd-iptables

But bad clients are attaching and not getting banned:

But bad clients are attacking and not getting banned:

	```
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"1445" <sip:[email protected]>' failed for '77.247.109.146:6117' - Wrong password
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"1445" <sip:[email protected]>' failed for '77.247.109.146:6117' - Wrong password
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"1445" <sip:[email protected]>' failed for '77.247.109.146:6117' - Wrong password
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"1445" <sip:[email protected]>' failed for '77.247.109.146:6117' - Wrong password
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"1445" <sip:[email protected]>' failed for '77.247.109.146:6117' - Wrong password
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"1445" <sip:[email protected]>' failed for '77.247.109.146:6117' - Wrong password
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"1445" <sip:[email protected]>' failed for '77.247.109.146:6117' - Wrong password
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"1445" <sip:[email protected]>' failed for '77.247.109.146:6117' - Wrong password
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"1445" <sip:[email protected]>' failed for '77.247.109.146:6117' - Wrong password
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"1445" <sip:[email protected]>' failed for '77.247.109.146:6117' - Wrong password
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"1445" <sip:[email protected]>' failed for '77.247.109.146:6117' - Wrong password
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"1445" <sip:[email protected]>' failed for '77.247.109.146:6117' - Wrong password
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"1445" <sip:[email protected]>' failed for '77.247.109.146:6117' - Wrong password
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"1445" <sip:[email protected]>' failed for '77.247.109.146:6117' - Wrong password
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"1445" <sip:[email protected]>' failed for '77.247.109.146:6117' - Wrong password
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"1445" <sip:[email protected]>' failed for '77.247.109.146:6117' - Wrong password
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"1445" <sip:[email protected]>' failed for '77.247.109.146:6117' - Wrong password
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"1445" <sip:[email protected]>' failed for '77.247.109.146:6117' - Wrong password
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"1445" <sip:[email protected]>' failed for '77.247.109.146:6117' - Wrong password
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"1445" <sip:[email protected]>' failed for '77.247.109.146:6117' - Wrong password
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"1445" <sip:[email protected]>' failed for '77.247.109.146:6117' - Wrong password
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"1445" <sip:[email protected]>' failed for '77.247.109.146:6117' - Wrong password
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"1445" <sip:[email protected]>' failed for '77.247.109.146:6117' - Wrong password
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"1445" <sip:[email protected]>' failed for '77.247.109.146:6117' - Wrong password
[2019-04-29 20:40:46] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"1445" <sip:[email protected]>' failed for '77.247.109.146:6117' - Wrong password
[2019-04-29 20:40:46] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"1445" <sip:[email protected]>' failed for '77.247.109.146:6117' - Wrong password
[2019-04-29 20:40:46] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"1445" <sip:[email protected]>' failed for '77.247.109.146:6117' - Wrong password
[2019-04-29 20:40:46] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"1445" <sip:[email protected]>' failed for '77.247.109.146:6117' - Wrong password
[2019-04-29 20:40:46] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"1445" <sip:[email protected]>' failed for '77.247.109.146:6117' - Wrong password
[2019-04-29 20:40:46] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"1445" <sip:[email protected]>' failed for '77.247.109.146:6117' - Wrong password
	[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"XXXX" <sip:[email protected]>' failed for 'x.x.x.x:x.x.x.x:x' - Wrong password
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"XXXX" <sip:[email protected]>' failed for 'x.x.x.x:x.x.x.x:x' - Wrong password
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"XXXX" <sip:[email protected]>' failed for 'x.x.x.x:x.x.x.x:x' - Wrong password
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"XXXX" <sip:[email protected]>' failed for 'x.x.x.x:x.x.x.x:x' - Wrong password
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"XXXX" <sip:[email protected]>' failed for 'x.x.x.x:x.x.x.x:x' - Wrong password
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"XXXX" <sip:[email protected]>' failed for 'x.x.x.x:x.x.x.x:x' - Wrong password
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"XXXX" <sip:[email protected]>' failed for 'x.x.x.x:x.x.x.x:x' - Wrong password
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"XXXX" <sip:[email protected]>' failed for 'x.x.x.x:x.x.x.x:x' - Wrong password
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"XXXX" <sip:[email protected]>' failed for 'x.x.x.x:x.x.x.x:x' - Wrong password
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"XXXX" <sip:[email protected]>' failed for 'x.x.x.x:x.x.x.x:x' - Wrong password
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"XXXX" <sip:[email protected]>' failed for 'x.x.x.x:x.x.x.x:x' - Wrong password
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"XXXX" <sip:[email protected]>' failed for 'x.x.x.x:x.x.x.x:x' - Wrong password
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"XXXX" <sip:[email protected]>' failed for 'x.x.x.x:x.x.x.x:x' - Wrong password
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"XXXX" <sip:[email protected]>' failed for 'x.x.x.x:x.x.x.x:x' - Wrong password
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"XXXX" <sip:[email protected]>' failed for 'x.x.x.x:x.x.x.x:x' - Wrong password
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"XXXX" <sip:[email protected]>' failed for 'x.x.x.x:x.x.x.x:x' - Wrong password
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"XXXX" <sip:[email protected]>' failed for 'x.x.x.x:x.x.x.x:x' - Wrong password
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"XXXX" <sip:[email protected]>' failed for 'x.x.x.x:x.x.x.x:x' - Wrong password
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"XXXX" <sip:[email protected]>' failed for 'x.x.x.x:x.x.x.x:x' - Wrong password
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"XXXX" <sip:[email protected]>' failed for 'x.x.x.x:x.x.x.x:x' - Wrong password
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"XXXX" <sip:[email protected]>' failed for 'x.x.x.x:x.x.x.x:x' - Wrong password
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"XXXX" <sip:[email protected]>' failed for 'x.x.x.x:x.x.x.x:x' - Wrong password
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"XXXX" <sip:[email protected]>' failed for 'x.x.x.x:x.x.x.x:x' - Wrong password
[2019-04-29 20:40:45] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"XXXX" <sip:[email protected]>' failed for 'x.x.x.x:x.x.x.x:x' - Wrong password
[2019-04-29 20:40:46] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"XXXX" <sip:[email protected]>' failed for 'x.x.x.x:x.x.x.x:x' - Wrong password
[2019-04-29 20:40:46] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"XXXX" <sip:[email protected]>' failed for 'x.x.x.x:x.x.x.x:x' - Wrong password
[2019-04-29 20:40:46] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"XXXX" <sip:[email protected]>' failed for 'x.x.x.x:x.x.x.x:x' - Wrong password
[2019-04-29 20:40:46] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"XXXX" <sip:[email protected]>' failed for 'x.x.x.x:x.x.x.x:x' - Wrong password
[2019-04-29 20:40:46] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"XXXX" <sip:[email protected]>' failed for 'x.x.x.x:x.x.x.x:x' - Wrong password
[2019-04-29 20:40:46] NOTICE[2127]: chan_sip.c:28690 handle_request_register: Registration from '"XXXX" <sip:[email protected]>' failed for 'x.x.x.x:x.x.x.x:x' - Wrong password

There are also some very huge log files

158M -rw-r-----   1 asterisk asterisk 158M Apr 23 03:19 fail2ban-20190423
188K -rw-rw-r--   1 asterisk asterisk 183K Apr 29 20:41 ucpnode_out.log
209M -rw-r-----   1 asterisk asterisk 209M Apr 29 20:43 full
212M -rw-r-----   1 asterisk asterisk 212M Apr 24 03:33 full-20190424
232K -rw-rw-r--   1 asterisk asterisk 225K Jan 26 23:56 prosody.log
249M -rw-r-----   1 asterisk asterisk 249M Apr 29 03:39 full-20190429
326M -rw-rw-r--   1 asterisk asterisk 326M Sep  6  2016 freepbx_dbug-20190127
354M -rw-r-----   1 asterisk asterisk 354M Apr 26 03:22 full-20190426
396M -rw-r-----   1 asterisk asterisk 396M Apr 28 03:22 full-20190428
486M -rw-r--r--   1 asterisk asterisk 486M Apr 25 03:40 fail2ban-20190425
672K -rw-rw-r--   1 asterisk asterisk 669K Sep  6  2016 freepbx_debug
690M -rw-r-----   1 asterisk asterisk 690M Apr 27 03:12 full-20190427
1.2G -rw-r-----   1 asterisk asterisk 1.2G Apr 24 03:33 fail2ban-20190424
1.3G -rw-r-----   1 asterisk asterisk 1.3G Apr 29 20:43 fail2ban
1.5G -rw-r--r--   1 asterisk asterisk 1.5G Apr 29 03:39 fail2ban-20190429
2.0G -rw-r-----   1 asterisk asterisk 2.0G Apr 26 03:22 fail2ban-20190426
2.3G -rw-r--r--   1 asterisk asterisk 2.3G Apr 28 03:22 fail2ban-20190428
4.0G -rw-r--r--   1 asterisk asterisk 4.0G Apr 27 03:12 fail2ban-20190427
```	```

There are also some very huge log files

158M -rw-r----- 1 asterisk asterisk 158M Apr 23 03:19 fail2ban-20190423
188K -rw-rw-r-- 1 asterisk asterisk 183K Apr 29 20:41 ucpnode_out.log
209M -rw-r----- 1 asterisk asterisk 209M Apr 29 20:43 full
212M -rw-r----- 1 asterisk asterisk 212M Apr 24 03:33 full-20190424
232K -rw-rw-r-- 1 asterisk asterisk 225K Jan 26 23:56 prosody.log
249M -rw-r----- 1 asterisk asterisk 249M Apr 29 03:39 full-20190429
326M -rw-rw-r-- 1 asterisk asterisk 326M Sep 6 2016 freepbx_dbug-20190127
354M -rw-r----- 1 asterisk asterisk 354M Apr 26 03:22 full-20190426
396M -rw-r----- 1 asterisk asterisk 396M Apr 28 03:22 full-20190428
486M -rw-r–r-- 1 asterisk asterisk 486M Apr 25 03:40 fail2ban-20190425
672K -rw-rw-r-- 1 asterisk asterisk 669K Sep 6 2016 freepbx_debug
690M -rw-r----- 1 asterisk asterisk 690M Apr 27 03:12 full-20190427
1.2G -rw-r----- 1 asterisk asterisk 1.2G Apr 24 03:33 fail2ban-20190424
1.3G -rw-r----- 1 asterisk asterisk 1.3G Apr 29 20:43 fail2ban
1.5G -rw-r–r-- 1 asterisk asterisk 1.5G Apr 29 03:39 fail2ban-20190429
2.0G -rw-r----- 1 asterisk asterisk 2.0G Apr 26 03:22 fail2ban-20190426
2.3G -rw-r–r-- 1 asterisk asterisk 2.3G Apr 28 03:22 fail2ban-20190428
4.0G -rw-r–r-- 1 asterisk asterisk 4.0G Apr 27 03:12 fail2ban-20190427

2

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.