[Freeswitch-users] Log of Authentication Attempts/Failures

Густаво Силва gfs at etherway.ru
Mon Jun 15 10:27:31 MSD 2015


I have checked in the sofia_reg.c code of the freeswitch 1.2.11 version, 
and this is available for this version.

if (auth_res != AUTH_OK && auth_res != AUTH_RENEWED && !stale) {
                         if (auth_res == AUTH_FORBIDDEN) {
                                 nua_respond(nh, SIP_403_FORBIDDEN, 
NUTAG_WITH_THIS_MSG(de->data->e_msg), TAG_END());
                                 forbidden = 1;
                         } else {
                                 nua_respond(nh, SIP_401_UNAUTHORIZED, 
NUTAG_WITH_THIS_MSG(de->data->e_msg), TAG_END());
                         }

                         if (profile->debug) {
switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_DEBUG, "Send %s for 
[%s@%s]\n",
forbidden ? "forbidden" : "challenge", to_user, to_host);
                         }
                         /* Log line added to support Fail2Ban */
                         if (sofia_test_pflag(profile, 
PFLAG_LOG_AUTH_FAIL)) {
switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_WARNING, "SIP auth %s 
(%s) on sofia profile '%s' "
"for [%s@%s] from ip %s\n", forbidden ? "failure" : "challenge",
(regtype == REG_INVITE) ? "INVITE" : "REGISTER", profile->name, to_user, 
to_host, network_ip);
                         }

I am just getting this in the log file. I am avoiding to update cause 
this server is in production environment.

Somehow it is not processing the last "if" statement.

On 11.06.2015 17:19, Michael Jerris wrote:
> You should start with trying our most recent release 1.4.19
>
> On Thursday, June 11, 2015, Густаво Силва <gfs at etherway.ru 
> <mailto:gfs at etherway.ru>> wrote:
>
>     Hello Guys,
>
>     I am trying to log the attempts and failures of the authentication
>     process but I am not able to get the log as described in the
>     freeswitch site.
>
>     I have already set my profile to log it by doing:
>
>     <param name="log-auth-failures" value="true"/>
>
>     and I reloaded the sofia mod.
>
>     I should get in the freeswitch log, "SIP auth challenge" or "SIP
>     auth failure", but I am getting only "Send challenge for" and
>     "Send forbidden for" if the authentication fails.
>
>     I am using the freeswitch version 1.2.11.
>
>     What else should I do?
>
>     Regards,
>     Gustavo
>
>
>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://confluence.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20150615/ed13a78f/attachment.html 


Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users mailing list