[Freeswitch-users] Trouble to start fail2ban
covici at ccs.covici.com
covici at ccs.covici.com
Thu Oct 21 09:42:00 PDT 2010
Your fail2ban jail is working fine, thank goodness it has not found
anything yet. The only strange thing is that I get a mail message that
the jail stops every night when the cron.daily runs -- maybe the
logrotate is doing something funky.
Norman Tomlins <norm at voicenetwork.ca> wrote:
> Javier,
>
> I had to make some changes to the example on the FreeSwitch wiki to get
> fail2ban working correctly. I also have a step-by-step cut&paste guide on
> http://wiki.voicenetwork.ca/wiki/Main_Page#Fail2Ban for CentOS.
>
> [freeswitch-tcp]
> enabled = true
> port = 5060,5061,5080,5081
> protocol = tcp
> filter = freeswitch
> logpath = /usr/local/freeswitch/log/freeswitch.log
> action = iptables-allports[name=freeswitch-tcp, protocol=all]
> sendmail-whois[name=FreeSwitch, dest=root,
> sender=fail2ban at example.org]
>
> [freeswitch-udp]
> enabled = true
> port = 5060,5061,5080,5081
> protocol = udp
> filter = freeswitch
> logpath = /usr/local/freeswitch/log/freeswitch.log
> action = iptables-allports[name=freeswitch-udp, protocol=all]
> sendmail-whois[name=FreeSwitch, dest=root,
> sender=fail2ban at example.org]
>
>
> Norman Tomlins
> Voice Network Inc.
> http://www.VoiceNetwork.ca
>
>
> 2010/10/15 Javier Aristizábal <javieraristizabal at gmail.com>
>
> > Hi folks,
> >
> > I installed fail2ban CentOS 5.5. And i followed the wiki instructions to
> > configure fail2ban with FreeSWITCH. After i edit jail.conf with this config:
> >
> > [freeswitch-tcp]
> >
> > enabled = true
> > port = 5060,5061,5080,5081
> > protocol = tcp
> > filter = freeswitch
> > logpath = /usr/local/freeswitch/log/freeswitch.log
> >
> > [freeswitch-udp]
> >
> > enabled = true
> > port = 5060,5061,5080,5081
> > protocol = udp
> > filter = freeswitch
> > logpath = /usr/local/freeswitch/log/freeswitch.log
> > ######
> >
> > The fail2ban does not start, and the logs can not get anything.. Did anyone
> > have the same thing?
> >
> > The freeswtich.conf:
> >
> > # Fail2Ban configuration file
> > #
> > # Author: Rupa SChomaker
> > #
> >
> > [Definition]
> >
> > # Option: failregex
> > # Notes.: regex to match the password failures messages in the logfile.
> > The
> > # host must be matched by a group named "host". The tag "<HOST>"
> > can
> > # be used for standard IP/hostname matching and is only an alias
> > for
> > # (?:::f{4,6}:)?(?P<host>[\w\-.^_]+)
> > # Values: TEXT
> > #
> > failregex = \[WARNING\] sofia_reg.c:\d+ SIP auth failure \(REGISTER\) on
> > sofia profile \'\w+\' for \[.*\] from ip <HOST>
> >
> > # Option: ignoreregex
> > # Notes.: regex to ignore. If this regex matches, the line is ignored.
> > # Values: TEXT
> > #
> > ignoreregex =
> >
> >
> > Thanks
> >
> > --
> > Javier Aristizábal
> >
> >
> > _______________________________________________
> > FreeSWITCH-users mailing list
> > FreeSWITCH-users at lists.freeswitch.org
> > http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> > UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> > http://www.freeswitch.org
> >
> >
>
> ----------------------------------------------------
> Alternatives:
>
> ----------------------------------------------------
> _______________________________________________
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
--
Your life is like a penny. You're going to lose it. The question is:
How do
you spend it?
John Covici
covici at ccs.covici.com
More information about the FreeSWITCH-users
mailing list