Hello,
My log is filled with more then 200’000 lines like that :
297376 [2023-02-19 07:50:51] NOTICE[1120] chan_sip.c: Registration from '"101" <sip:[email protected]>' failed for '45.93.16.218:56950' - Wrong password
297377 [2023-02-19 07:50:51] NOTICE[1120] chan_sip.c: Registration from '"101" <sip:[email protected]>' failed for '45.93.16.218:56950' - Wrong password
297378 [2023-02-19 07:50:51] NOTICE[1120] chan_sip.c: Registration from '"101" <sip:[email protected]>' failed for '45.93.16.218:56950' - Wrong password
297379 [2023-02-19 07:50:51] NOTICE[1120] chan_sip.c: Registration from '"101" <sip:[email protected]>' failed for '45.93.16.218:56950' - Wrong password
297380 [2023-02-19 07:50:51] NOTICE[1120] chan_sip.c: Registration from '"101" <sip:[email protected]>' failed for '45.93.16.218:56950' - Wrong password
297381 [2023-02-19 07:50:51] NOTICE[1120] chan_sip.c: Registration from '"101" <sip:[email protected]>' failed for '45.93.16.218:56950' - Wrong password
297382 [2023-02-19 07:50:51] NOTICE[1120] chan_sip.c: Registration from '"101" <sip:[email protected]>' failed for '45.93.16.218:56950' - Wrong password
297383 [2023-02-19 07:50:51] NOTICE[1120] chan_sip.c: Registration from '"101" <sip:[email protected]>' failed for '45.93.16.218:56950' - Wrong password
297384 [2023-02-19 07:50:51] NOTICE[1120] chan_sip.c: Registration from '"101" <sip:[email protected]>' failed for '45.93.16.218:56950' - Wrong password
297385 [2023-02-19 07:50:51] NOTICE[1120] chan_sip.c: Registration from '"101" <sip:[email protected]>' failed for '45.93.16.218:56950' - Wrong password
297386 [2023-02-19 07:50:51] NOTICE[1120] chan_sip.c: Registration from '"101" <sip:[email protected]>' failed for '45.93.16.218:56950' - Wrong password
297387 [2023-02-19 07:50:51] NOTICE[1120] chan_sip.c: Registration from '"101" <sip:[email protected]>' failed for '45.93.16.218:56950' - Wrong password
297388 [2023-02-19 07:50:51] NOTICE[1120] chan_sip.c: Registration from '"101" <sip:[email protected]>' failed for '45.93.16.218:56950' - Wrong password
297389 [2023-02-19 07:50:51] NOTICE[1120] chan_sip.c: Registration from '"101" <sip:[email protected]>' failed for '45.93.16.218:56950' - Wrong password
297390 [2023-02-19 07:50:51] NOTICE[1120] chan_sip.c: Registration from '"101" <sip:[email protected]>' failed for '45.93.16.218:56950' - Wrong password
I am using FreeBPX 15 (updated yesterday).
Max Retry for Intrusion Detection is set to 5.
Then why isn’t this IP banned after 5 unsuccessful attempts?