Fail2ban not working?

FreePBX Security
1

Guy, do you know why fail2ban not working to me? banned this IP but still show on sngrep

Ảnh màn hình 2024-04-17 lúc 15.31.18
Ảnh màn hình 2024-04-17 lúc 15.31.181470×1640 356 KB

here is the fail2ban status:

root@vedaxdev:/# fail2ban-client status
Status
|- Number of jail:	2
`- Jail list:	asterisk-security-iptables, freepbx-iptables
root@vedaxdev:/# fail2ban-client status freepbx-iptables
Status for the jail: freepbx-iptables
|- Filter
|  |- Currently failed:	0
|  |- Total failed:	2
|  `- File list:	/var/log/asterisk/freepbx_security.log
`- Actions
   |- Currently banned:	2
   |- Total banned:	2
   `- Banned IP list:	45.155.91.7 45.155.91.17
root@vedaxdev:/# fail2ban-client status asterisk-security-iptables
Status for the jail: asterisk-security-iptables
|- Filter
|  |- Currently failed:	0
|  |- Total failed:	2
|  `- File list:	/var/log/asterisk/full
`- Actions
   |- Currently banned:	2
   |- Total banned:	2
   `- Banned IP list:	45.155.91.7 45.155.91.17
2

Fail2ban appears to be working fine – there is no response to any of the INVITEs sent by the attacker.

Note that sngrep (and other capture tools) operate outside the linux firewall (iptables) – incoming packets are seen before passing through the firewall and outgoing packets are seen after passing through the firewall.

1 Like
3

thanks, all spammer get out from asterisk -rvvvv now

4

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.