<div dir="ltr"><div><div><div>Hi,<br><br></div>I configured fail2ban several times a while ago, but not with freeswitch...<br><br></div>If you see that rules are missing, just add them and you can use SSH rules as template. I believe it should make a trick.<br><br></div><div>And I see from you rules, that you are allowing all traffic and this is really bad idea...<br><br></div><div>You should drop everything and allow only needed traffic.<br></div><div><br></div>With kind regards,<br></div><div class="gmail_extra"><br clear="all"><div><div class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr">Jurijs<br></div></div></div>
<br><div class="gmail_quote">On Thu, Sep 8, 2016 at 12:15 AM, Don Hawkins <span dir="ltr"><<a href="mailto:hawkins@hawkinsegroup.com" target="_blank">hawkins@hawkinsegroup.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Thanks for the reply!<div><br></div><div><b>Fail2Ban is running:</b></div><div><div>root@sip:/etc/fail2ban# fail2ban-client start</div><div>ERROR Server already running</div></div><div><br></div><div><br></div><div><b>I added everything in /etc/fail2ban/jail.conf</b></div><div><div><br></div><div>[ssh]</div><div>enabled = true<br></div><div>port = 22</div><div>filter = sshd</div><div>logpath = /var/log/auth.log</div><div>maxretry = 6</div><div><br></div><div>[freeswitch]</div><div>enabled = true</div><div>port = 5060,5061,5080,5081</div><div>filter = freeswitch</div><div>logpath = /var/log/freeswitch/<wbr>freeswitch.log</div><div>maxretry = 10</div></div><div><br></div><div><br></div><div><b>I also created /etc/fail2ban/filter.<wbr>d/freeswitch.conf</b> as shown on <a href="https://github.com/fail2ban/fail2ban/blob/master/config/filter.d/freeswitch.conf" target="_blank">https://github.com/<wbr>fail2ban/fail2ban/blob/master/<wbr>config/filter.d/freeswitch.<wbr>conf</a></div><div><br></div><div><br></div><div><div><b>root@sip:/etc/fail2ban/filter.<wbr>d# iptables -S</b></div><div>-P INPUT ACCEPT</div><div>-P FORWARD ACCEPT</div><div>-P OUTPUT ACCEPT</div><div>-N fail2ban-ssh</div><div>-A INPUT -p tcp -m multiport --dports 22 -j fail2ban-ssh</div></div><div><br></div><div><br></div><div>As you can see when running iptables -S it shoes the "fail2ban-ssh" rule but nothing about FreeSwitch.</div><div><br></div><div><br></div><div>Any help is appreciated.</div><div><br></div><div><br></div></div><div class="gmail_extra"><div><div class="h5"><br><div class="gmail_quote">On Wed, Sep 7, 2016 at 11:01 AM, jungle Boogie <span dir="ltr"><<a href="mailto:jungleboogie0@gmail.com" target="_blank">jungleboogie0@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span>On 7 September 2016 at 08:33, Don Hawkins <<a href="mailto:hawkins@hawkinsegroup.com" target="_blank">hawkins@hawkinsegroup.com</a>> wrote:<br>
> It keeps saying it's not there, but I did add it, is there something I'm<br>
> missing?<br>
<br>
</span>How did you add it? Is fail2ban running? Have you restarted your<br>
computer after setting up fail2ban? If you do iptables -S, do you see<br>
the rules?<br>
<br>
<br>
--<br>
-------<br>
inum: 883510009027723<br>
sip: <a href="mailto:jungleboogie@sip2sip.info" target="_blank">jungleboogie@sip2sip.info</a><br>
<br>
______________________________<wbr>______________________________<wbr>_____________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" rel="noreferrer" target="_blank">http://www.freeswitchsolutions<wbr>.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" rel="noreferrer" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://confluence.freeswitch.org" rel="noreferrer" target="_blank">http://confluence.freeswitch.o<wbr>rg</a><br>
<a href="http://www.cluecon.com" rel="noreferrer" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswi<wbr>tch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" rel="noreferrer" target="_blank">http://lists.freeswitch.org/ma<wbr>ilman/listinfo/freeswitch-user<wbr>s</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" rel="noreferrer" target="_blank">http://lists.frees<wbr>witch.org/mailman/options/<wbr>freeswitch-users</a><br>
<a href="http://www.freeswitch.org" rel="noreferrer" target="_blank">http://www.freeswitch.org</a><br>
</blockquote></div><br><br clear="all"><div><br></div></div></div><span class="HOEnZb"><font color="#888888">-- <br><div data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><span style="color:rgb(102,102,102)"><span>Sincerely,<br>Don Hawkins<br>CEO<br>Hawkins Enterprise Group LLC<br><a href="http://hawkinsegroup.com" target="_blank">http://hawkinsegroup.com</a><br><a href="http://zello.com" target="_blank">Zello PTT</a>: push2don<br></span></span></div><div><span style="color:rgb(102,102,102)"><span>P: <a href="tel:469-214-5044" value="+14692145044" target="_blank">469-214-5044</a><br></span></span></div><div dir="ltr"><span style="color:rgb(102,102,102)"><span><a value="+12146991224"></a></span></span></div></div></div></div></div></div>
</font></span></div>
<br>______________________________<wbr>______________________________<wbr>_____________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" rel="noreferrer" target="_blank">http://www.<wbr>freeswitchsolutions.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" rel="noreferrer" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://confluence.freeswitch.org" rel="noreferrer" target="_blank">http://confluence.freeswitch.<wbr>org</a><br>
<a href="http://www.cluecon.com" rel="noreferrer" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.<wbr>freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" rel="noreferrer" target="_blank">http://lists.freeswitch.org/<wbr>mailman/listinfo/freeswitch-<wbr>users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" rel="noreferrer" target="_blank">http://lists.<wbr>freeswitch.org/mailman/<wbr>options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" rel="noreferrer" target="_blank">http://www.freeswitch.org</a><br></blockquote></div><br></div>