Hi all I have been getting emails from fail2ban like below!
The IP 192.187.114.26 has just been banned by Fail2Ban after
3 attempts against Asterisk.
Regards,
Fail2Ban
I have got around 5 today alone!
Also got a email about fail2ban stopping but I didn’t stop it
I was doing a backup at the time via my vps interface so maybe tis caused fail2ban to stop?
Anyways can I get fail2ban to ban an ip for likes 23hrs?
The ip address is a known bot I think as its listed on some voip hackers website but it keeps trying!
Also is there any other reason fail2ban service would stop?
I am running asterik/freepbx on my vps so I have no hw firewall!
fail2ban doesn’t stop on it’s own, if it stops by command then it will report so in the /var/log/fail2ban.log, if it otherwise dies without reason, then you have other problems. Reexamine how you installed it and correct as necessary.
Hi
i don’t have that logfile do i have to enable it?
I have noticed then just before the reboot on main security log all my devices re register! could be a server reboot after a backup…
Mabie i didn’t have the auto boot enabled i have enabled that now! i will monitor my emails and check for stopped service again!
about the var/log/fail2ban.log
I don’t have this log-file i only have a main logs in asterisk log folder
Sorry for posting twice had a problem with browser and didn’t finish last post!
Thanks for the info!
when i install csf i get the following error
Error: The VPS iptables rule limit (numiptent) is too low (96/105) - stopping firewall to prevent iptables blocking all connections, at line 1842
My wont wont allow any changes to numiptent…
Looks like a i out of luck with csf!
Your link is broken, but in any way, if it works for you then you did good.
In the same way that most will suggest that running ssh on port 22 is “not a good idea”, I argue similarly that SIP running on the standard TCP/UDP ports is also “not a good idea”, if you can agree to negotiate with your VSP to use “another port”, and similarly have your external extensions also use that arbitrary port, then you will have significantly less to worry about.
and no you are not a pain, but actually a refreshingly resourceful newbie