[Freeswitch-users] Trouble to start fail2ban

Norman Tomlins norm at voicenetwork.ca
Wed Oct 20 05:17:49 PDT 2010 

Javier,

I had to make some changes to the example on the FreeSwitch wiki to get
fail2ban working correctly.   I also have a step-by-step cut&paste guide on
http://wiki.voicenetwork.ca/wiki/Main_Page#Fail2Ban for CentOS.

[freeswitch-tcp]
enabled  = true
port     = 5060,5061,5080,5081
protocol = tcp
filter   = freeswitch
logpath  = /usr/local/freeswitch/log/freeswitch.log
action   = iptables-allports[name=freeswitch-tcp, protocol=all]
           sendmail-whois[name=FreeSwitch, dest=root,
sender=fail2ban at example.org]

[freeswitch-udp]
enabled  = true
port     = 5060,5061,5080,5081
protocol = udp
filter   = freeswitch
logpath  = /usr/local/freeswitch/log/freeswitch.log
action   = iptables-allports[name=freeswitch-udp, protocol=all]
           sendmail-whois[name=FreeSwitch, dest=root,
sender=fail2ban at example.org]


Norman Tomlins
Voice Network Inc.
http://www.VoiceNetwork.ca


2010/10/15 Javier Aristizábal <javieraristizabal at gmail.com>

> Hi folks,
>
> I installed fail2ban CentOS 5.5. And i followed the wiki instructions to
> configure fail2ban with FreeSWITCH. After i edit jail.conf with this config:
>
> [freeswitch-tcp]
>
> enabled  = true
> port     = 5060,5061,5080,5081
> protocol = tcp
> filter   = freeswitch
> logpath  = /usr/local/freeswitch/log/freeswitch.log
>
> [freeswitch-udp]
>
> enabled  = true
> port     = 5060,5061,5080,5081
> protocol = udp
> filter   = freeswitch
> logpath  = /usr/local/freeswitch/log/freeswitch.log
> ######
>
> The fail2ban does not start, and the logs can not get anything.. Did anyone
> have the same thing?
>
> The freeswtich.conf:
>
> # Fail2Ban configuration file
> #
> # Author: Rupa SChomaker
> #
>
> [Definition]
>
> # Option:  failregex
> # Notes.:  regex to match the password failures messages in the logfile.
> The
> #          host must be matched by a group named "host". The tag "<HOST>"
> can
> #          be used for standard IP/hostname matching and is only an alias
> for
> #          (?:::f{4,6}:)?(?P<host>[\w\-.^_]+)
> # Values:  TEXT
> #
> failregex = \[WARNING\] sofia_reg.c:\d+ SIP auth failure \(REGISTER\) on
> sofia profile \'\w+\' for \[.*\] from ip <HOST>
>
> # Option:  ignoreregex
> # Notes.:  regex to ignore. If this regex matches, the line is ignored.
> # Values:  TEXT
> #
> ignoreregex =
>
>
> Thanks
>
> --
> Javier Aristizábal
>
>
> _______________________________________________
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20101020/fe848599/attachment.html

More information about the FreeSWITCH-users mailing list