Fail2ban not working?

Guy, do you know why fail2ban not working to me? banned this IP but still show on sngrep

here is the fail2ban status:

root@vedaxdev:/# fail2ban-client status
Status
|- Number of jail:	2
`- Jail list:	asterisk-security-iptables, freepbx-iptables
root@vedaxdev:/# fail2ban-client status freepbx-iptables
Status for the jail: freepbx-iptables
|- Filter
|  |- Currently failed:	0
|  |- Total failed:	2
|  `- File list:	/var/log/asterisk/freepbx_security.log
`- Actions
   |- Currently banned:	2
   |- Total banned:	2
   `- Banned IP list:	45.155.91.7 45.155.91.17
root@vedaxdev:/# fail2ban-client status asterisk-security-iptables
Status for the jail: asterisk-security-iptables
|- Filter
|  |- Currently failed:	0
|  |- Total failed:	2
|  `- File list:	/var/log/asterisk/full
`- Actions
   |- Currently banned:	2
   |- Total banned:	2
   `- Banned IP list:	45.155.91.7 45.155.91.17

Fail2ban appears to be working fine – there is no response to any of the INVITEs sent by the attacker.

Note that sngrep (and other capture tools) operate outside the linux firewall (iptables) – incoming packets are seen before passing through the firewall and outgoing packets are seen after passing through the firewall.

1 Like

thanks, all spammer get out from asterisk -rvvvv now

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.