Stop fail2ban permanentlyin freepbx 13

how to stop fail2ban permanently in freepbx 13
every time i stoped it after a whilte its comoing back
i used also
chkconfig fail2ban off

but after rester server its comming back

1 Like

Fail-2-Ban only kicks in if someone is trying to hack you, or you have devices that are not correctly configured (old credentials and the like) and if you take a minute under System Admin -> Intrusion Detection and exclude your LAN you won’t even have the problem there.

Why would you want to turn it off? It is a REALLY good thing to have it on…

1 Like

I agree with @GSnover in this, Turning Fail2Ban off is a really, really, really bad idea.

Make sure you set up the Integrated Firewall correctly and you will have a reasonably secure system that doesn’t have the problems you are having.

My setup is local
I added my local network in intrusion detection
But every day its blocked some of authenticated phone and drop active calls

If the phone is authenticated, Fail2Ban will not be invoked.

Fail2Ban will never drop an in-progress call unless someone is trying to hack your system from that address.

You have a different problem than Fail2Ban.

its right but yesterday all staf is out of office but two phone is block
i check both thats already registerd
my be there is something wrong with fail2ban i know
so try to disalbe its pemanently

You are the only one having a problem that would be manifesting itself in literally thousands of installations. It is not a problem with fail2ban, it is a problem with the way you have your system set up. You have not even begun to give us the information we need to help you, and I don’t think anyone is willing to take the responsibility for you losing thousands of dollars from fraudulent calling, so I (for one) am going to stand my ground on this and say that you really need to fix your installation.

im agree about fail2ban
also i have many installation thats work fine
i have installed it manually many times and its worked like charm always

my be something wrong with my installation this time
my local area network is and i add it to intrusion detection as whitelist

for example this is fail2ban log

2017-01-03 03:48:13,833 fail2ban.actions[7527]: WARNING [asterisk-iptables] Unban
2017-01-03 03:49:22,938 fail2ban.actions[7527]: WARNING [asterisk-iptables] Ban
2017-01-03 04:19:23,177 fail2ban.actions[7527]: WARNING [asterisk-iptables] Unban
2017-01-03 04:20:33,301 fail2ban.actions[7527]: WARNING [asterisk-iptables] Ban
2017-01-03 04:50:34,229 fail2ban.actions[7527]: WARNING [asterisk-iptables] Unban
2017-01-03 04:51:43,327 fail2ban.actions[7527]: WARNING [asterisk-iptables] Ban
2017-01-03 05:21:44,197 fail2ban.actions[7527]: WARNING [asterisk-iptables] Unban
2017-01-03 05:22:52,307 fail2ban.actions[7527]: WARNING [asterisk-iptables] Ban
2017-01-03 05:52:53,316 fail2ban.actions[7527]: WARNING [asterisk-iptables] Unban
2017-01-03 05:54:03,440 fail2ban.actions[7527]: WARNING [asterisk-iptables] Ban
2017-01-03 06:24:03,662 fail2ban.actions[7527]: WARNING [asterisk-iptables] Unban
2017-01-03 06:25:13,762 fail2ban.actions[7527]: WARNING [asterisk-iptables] Ban
2017-01-03 06:55:13,830 fail2ban.actions[7527]: WARNING [asterisk-iptables] Unban
2017-01-03 06:56:22,934 fail2ban.actions[7527]: WARNING [asterisk-iptables] Ban
2017-01-03 07:26:23,007 fail2ban.actions[7527]: WARNING [asterisk-iptables] Unban
2017-01-03 07:27:30,112 fail2ban.actions[7527]: WARNING [asterisk-iptables] Ban
2017-01-03 07:57:31,099 fail2ban.actions[7527]: WARNING [asterisk-iptables] Unban
2017-01-03 07:58:40,196 fail2ban.actions[7527]: WARNING [asterisk-iptables] Ban
2017-01-03 07:58:42,775 fail2ban.actions[7527]: WARNING [recidive] Ban
2017-01-03 08:28:41,149 fail2ban.actions[7527]: WARNING [asterisk-iptables] Unban
2017-01-07 15:52:30,702 fail2ban.actions[7527]: WARNING [recidive] Unban
2017-01-07 15:52:30,714 fail2ban.actions.action[7527]: ERROR iptables -D fail2ban-recidive -s -j REJECT --reject-with icmp-port-unreachable returned 100

this phone is grandstream 1625 and it is registerd phone so some times suddenly this happend and call drops

this my problem

he is not had many phone blocked by fail2ban over the last year , i don’T want fail2ban and iptables in myh system but im not able to completely remove them

What’s wrong with answering the question? Fail2ban is nothing but a pain in the arse when you’re trying to get going with this stuff.

chmod -x /bin/fail2ban-*

When you’ve got stuff actually working, just change the -x for +x

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.