[SOLVED] Fail2ban email - custom

Fail2ban is probably the wrong tool for the job, it’s regex’s are optimized to extract IP addresses from log files, and conditionally add them to iptables.

But similar behavior can be achieved very simply from bash

tail -F /var/log/asterisk/full|while read i;do if [[ $i =~ “UNREACHABLE” ]];then echo $i|mail [email protected] ;fi;done &

make your version of “unreachable” be a regex that matches exactly what you get when your trunk disappears, add that line to /etc/rc.local , you can easily reboot/restart/reload asterisk automatically if you want, and the emails you are getting are not in anyway spurious, for example

tail -F /var/log/asterisk/full|while read i;do if [[ $i =~ “unreachable” ]];then echo $i|mail [email protected] ;amportal -a r ;fi;done &

but no it is not an asterisk bug it is almost certainly a badly constructed network setup

(I hope that’s not considered inappropriate “code” or this post will probably disappear soon :wink: )

1 Like