サーラリマンは働き過ぎ、社畜化に注意しよう!!

fail2ban asterisk

asterisk
スポンサーリンク

最新fail2banをインストール

git clone https://github.com/fail2ban/fail2ban.git
cd fail2ban
sudo python setup.py install

cp files/debian-initd /etc/init.d/fail2ban
update-rc.d fail2ban defaults
service fail2ban start

vi /etc/fail2ban/jail.local

[DEFAULT]
ignoreip = 127.0.0.1 192.168.1.0/24 all.sipis.acrobits.cz 216.93.246.120 104.198.91.17 ckenko25.jp

[asterisk]
enabled = true
port = 5060,5061
action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s", protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp]
%(banaction)s[name=%(__name__)s-udp, port="%(port)s", protocol="udp", chain="%(chain)s", actname=%(banaction)s-udp]
%(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"]
#logpath = /var/log/asterisk/security
logpath = /var/log/asterisk/security_log
maxretry = 3
bantime = 172800
findtime = 1200

fail2ban-client reload

fail2ban-client status asterisk

コメント