Stop fail2ban permanentlyin freepbx 13


(Mohammad Reza Sasan) #1

how to stop fail2ban permanently in freepbx 13
every time i stoped it after a whilte its comoing back
i used also
chkconfig fail2ban off

but after rester server its comming back


(Greg Snover) #2

Fail-2-Ban only kicks in if someone is trying to hack you, or you have devices that are not correctly configured (old credentials and the like) and if you take a minute under System Admin -> Intrusion Detection and exclude your LAN you won’t even have the problem there.

Why would you want to turn it off? It is a REALLY good thing to have it on…


(Dave Burgess) #3

I agree with @GSnover in this, Turning Fail2Ban off is a really, really, really bad idea.

Make sure you set up the Integrated Firewall correctly and you will have a reasonably secure system that doesn’t have the problems you are having.


(Mohammad Reza Sasan) #4

My setup is local
I added my local network in intrusion detection
But every day its blocked some of authenticated phone and drop active calls


(Dave Burgess) #5

If the phone is authenticated, Fail2Ban will not be invoked.

Fail2Ban will never drop an in-progress call unless someone is trying to hack your system from that address.

You have a different problem than Fail2Ban.


(Mohammad Reza Sasan) #6

its right but yesterday all staf is out of office but two phone is block
i check both thats already registerd
my be there is something wrong with fail2ban i know
so try to disalbe its pemanently


(Dave Burgess) #7

You are the only one having a problem that would be manifesting itself in literally thousands of installations. It is not a problem with fail2ban, it is a problem with the way you have your system set up. You have not even begun to give us the information we need to help you, and I don’t think anyone is willing to take the responsibility for you losing thousands of dollars from fraudulent calling, so I (for one) am going to stand my ground on this and say that you really need to fix your installation.


(Mohammad Reza Sasan) #8

im agree about fail2ban
also i have many installation thats work fine
i have installed it manually many times and its worked like charm always

my be something wrong with my installation this time
my local area network is 192.168.120.0/24 and i add it to intrusion detection as whitelist

for example this is fail2ban log

2017-01-03 03:48:13,833 fail2ban.actions[7527]: WARNING [asterisk-iptables] Unban 192.168.120.144
2017-01-03 03:49:22,938 fail2ban.actions[7527]: WARNING [asterisk-iptables] Ban 192.168.120.144
2017-01-03 04:19:23,177 fail2ban.actions[7527]: WARNING [asterisk-iptables] Unban 192.168.120.144
2017-01-03 04:20:33,301 fail2ban.actions[7527]: WARNING [asterisk-iptables] Ban 192.168.120.144
2017-01-03 04:50:34,229 fail2ban.actions[7527]: WARNING [asterisk-iptables] Unban 192.168.120.144
2017-01-03 04:51:43,327 fail2ban.actions[7527]: WARNING [asterisk-iptables] Ban 192.168.120.144
2017-01-03 05:21:44,197 fail2ban.actions[7527]: WARNING [asterisk-iptables] Unban 192.168.120.144
2017-01-03 05:22:52,307 fail2ban.actions[7527]: WARNING [asterisk-iptables] Ban 192.168.120.144
2017-01-03 05:52:53,316 fail2ban.actions[7527]: WARNING [asterisk-iptables] Unban 192.168.120.144
2017-01-03 05:54:03,440 fail2ban.actions[7527]: WARNING [asterisk-iptables] Ban 192.168.120.144
2017-01-03 06:24:03,662 fail2ban.actions[7527]: WARNING [asterisk-iptables] Unban 192.168.120.144
2017-01-03 06:25:13,762 fail2ban.actions[7527]: WARNING [asterisk-iptables] Ban 192.168.120.144
2017-01-03 06:55:13,830 fail2ban.actions[7527]: WARNING [asterisk-iptables] Unban 192.168.120.144
2017-01-03 06:56:22,934 fail2ban.actions[7527]: WARNING [asterisk-iptables] Ban 192.168.120.144
2017-01-03 07:26:23,007 fail2ban.actions[7527]: WARNING [asterisk-iptables] Unban 192.168.120.144
2017-01-03 07:27:30,112 fail2ban.actions[7527]: WARNING [asterisk-iptables] Ban 192.168.120.144
2017-01-03 07:57:31,099 fail2ban.actions[7527]: WARNING [asterisk-iptables] Unban 192.168.120.144
2017-01-03 07:58:40,196 fail2ban.actions[7527]: WARNING [asterisk-iptables] Ban 192.168.120.144
2017-01-03 07:58:42,775 fail2ban.actions[7527]: WARNING [recidive] Ban 192.168.120.144
2017-01-03 08:28:41,149 fail2ban.actions[7527]: WARNING [asterisk-iptables] Unban 192.168.120.144
2017-01-07 15:52:30,702 fail2ban.actions[7527]: WARNING [recidive] Unban 192.168.120.144
2017-01-07 15:52:30,714 fail2ban.actions.action[7527]: ERROR iptables -D fail2ban-recidive -s 192.168.120.144 -j REJECT --reject-with icmp-port-unreachable returned 100

this phone is grandstream 1625 and it is registerd phone so some times suddenly this happend and call drops

this my problem


(Sylvain Dube) #9

he is not had many phone blocked by fail2ban over the last year , i don’T want fail2ban and iptables in myh system but im not able to completely remove them


#10

What’s wrong with answering the question? Fail2ban is nothing but a pain in the arse when you’re trying to get going with this stuff.

chmod -x /bin/fail2ban-*

When you’ve got stuff actually working, just change the -x for +x


(Lorne Gaetz) closed #11

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.