<div dir="ltr">For what it's worth, if you have a FS instance exposed to the world you're almost certainly better off with something in front of it.<div><br></div><div>Even if you lock down your server in such a way that no unauthorized calls can be made, the traffic is still going to make it to your freeswitch instance. Generating enough bogus traffic could materially impact the quality of active calls by wasting CPU cycles, disk I/O from logs, and memory from the connections.</div><div><br></div><div>Whether the "something" you put in front of it is a firewall with appropriate restrictions, a SIP proxy of some kind, or something else, is up to you (depending on the amount of introspection to the request you need). But I wouldn't recommend leaving it open.</div><div><br></div><div>Best,</div><div>Colin</div></div><br><div class="gmail_quote"><div dir="ltr">On Wed, Aug 3, 2016 at 11:44 AM jungle Boogie <<a href="mailto:jungleboogie0@gmail.com">jungleboogie0@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">On 3 August 2016 at 01:12, Mirko Brankovic <<a href="mailto:mirkobrankovic@gmail.com" target="_blank">mirkobrankovic@gmail.com</a>> wrote:<br>
> Hi,<br>
> I guess you can set this to true on your profile:<br>
> <a href="https://wiki.freeswitch.org/wiki/Sofia.conf.xml#log-auth-failures" rel="noreferrer" target="_blank">https://wiki.freeswitch.org/wiki/Sofia.conf.xml#log-auth-failures</a><br>
><br>
> and than fail2ban can pick it up from the log.<br>
><br>
<br>
yes, that work's if the registration attempts are actually being<br>
picked up by freeswitch. I only see a register request and no reply<br>
from my side whatsoever.<br>
<br>
The IP address has been added to my iptables but the entries are still<br>
occurring. As seen in the original email, I have iptables to block<br>
based on the useragent but I still see the scans.<br>
<br>
<br>
<br>
> Mirko<br>
<br>
<br>
<br>
<br>
--<br>
-------<br>
inum: 883510009027723<br>
sip: <a href="mailto:jungleboogie@sip2sip.info" target="_blank">jungleboogie@sip2sip.info</a><br>
<br>
_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" rel="noreferrer" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" rel="noreferrer" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://confluence.freeswitch.org" rel="noreferrer" target="_blank">http://confluence.freeswitch.org</a><br>
<a href="http://www.cluecon.com" rel="noreferrer" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" rel="noreferrer" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" rel="noreferrer" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" rel="noreferrer" target="_blank">http://www.freeswitch.org</a><br>
</blockquote></div>