[SOLVED] Fail2ban Firewalld Setup

Hello Forum,

I did the manual install of FreePBX 13 CentOS 7 and I am trying to manually setup fail2ban using firewalld to work with asterisk. I have the following setup in my jail.local:

enabled = true
filter = asterisk
action = firewallcmd-allports[name=SIP, protocol=all]
_ sendmail[name=SIP, dest=email, sender=email]_
logpath = /var/log/asterisk/messages
maxretry = 2
bantime = 1800

I am not 100% certain that I am doing the firewallcmd-allports portion correctly. I have not been able to find a lot of documentation (minus /etc/fail2ban/action.d/firewallcmd-allports.conf) as to how it is setup. I am calling on the vast knowledge and expertise of the community for assistance. Your help would be greatly appreciated.


I have solved my problem



Please share your solution. I’m trying to do the same but having issue to get fail2band to start with [asterisk-firewallcmd] enabled

I found the problem…
the directory “messages” for logpath = /var/log/asterisk/messages is missing. Just created the directory in /var/log/asterisk/messages then it started to work just fine…

That is great that you resolved your issue. I ran into that issue as well as a few others when setting it up from scratch. It can be a bit tasking sometimes.