[Freeswitch-users] Getting fail2ban working properly
Mirko Brankovic
mirkobrankovic at gmail.com
Thu Sep 8 10:53:04 MSD 2016
On ubuntu it is called :
Chain fail2ban-freeswitch (1 references)
iptables -L should give you the chain if F2B started correctly, otherwise
see the fail2ban log for errors.
On Thu, Sep 8, 2016 at 7:42 AM, Jurijs Ivolga <jurijs.ivolga at gmail.com>
wrote:
> Hi,
>
> I configured fail2ban several times a while ago, but not with freeswitch...
>
> If you see that rules are missing, just add them and you can use SSH rules
> as template. I believe it should make a trick.
>
> And I see from you rules, that you are allowing all traffic and this is
> really bad idea...
>
> You should drop everything and allow only needed traffic.
>
> With kind regards,
>
> Jurijs
>
> On Thu, Sep 8, 2016 at 12:15 AM, Don Hawkins <hawkins at hawkinsegroup.com>
> wrote:
>
>> Thanks for the reply!
>>
>> *Fail2Ban is running:*
>> root at sip:/etc/fail2ban# fail2ban-client start
>> ERROR Server already running
>>
>>
>> *I added everything in /etc/fail2ban/jail.conf*
>>
>> [ssh]
>> enabled = true
>> port = 22
>> filter = sshd
>> logpath = /var/log/auth.log
>> maxretry = 6
>>
>> [freeswitch]
>> enabled = true
>> port = 5060,5061,5080,5081
>> filter = freeswitch
>> logpath = /var/log/freeswitch/freeswitch.log
>> maxretry = 10
>>
>>
>> *I also created /etc/fail2ban/filter.d/freeswitch.conf* as shown on
>> https://github.com/fail2ban/fail2ban/blob/master/config/
>> filter.d/freeswitch.conf
>>
>>
>> *root at sip:/etc/fail2ban/filter.d# iptables -S*
>> -P INPUT ACCEPT
>> -P FORWARD ACCEPT
>> -P OUTPUT ACCEPT
>> -N fail2ban-ssh
>> -A INPUT -p tcp -m multiport --dports 22 -j fail2ban-ssh
>>
>>
>> As you can see when running iptables -S it shoes the "fail2ban-ssh" rule
>> but nothing about FreeSwitch.
>>
>>
>> Any help is appreciated.
>>
>>
>>
>> On Wed, Sep 7, 2016 at 11:01 AM, jungle Boogie <jungleboogie0 at gmail.com>
>> wrote:
>>
>>> On 7 September 2016 at 08:33, Don Hawkins <hawkins at hawkinsegroup.com>
>>> wrote:
>>> > It keeps saying it's not there, but I did add it, is there something
>>> I'm
>>> > missing?
>>>
>>> How did you add it? Is fail2ban running? Have you restarted your
>>> computer after setting up fail2ban? If you do iptables -S, do you see
>>> the rules?
>>>
>>>
>>> --
>>> -------
>>> inum: 883510009027723
>>> sip: jungleboogie at sip2sip.info
>>>
>>> ____________________________________________________________
>>> _____________
>>> Professional FreeSWITCH Consulting Services:
>>> consulting at freeswitch.org
>>> http://www.freeswitchsolutions.com
>>>
>>> Official FreeSWITCH Sites
>>> http://www.freeswitch.org
>>> http://confluence.freeswitch.org
>>> http://www.cluecon.com
>>>
>>> FreeSWITCH-users mailing list
>>> FreeSWITCH-users at lists.freeswitch.org
>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>> http://www.freeswitch.org
>>>
>>
>>
>>
>> --
>> Sincerely,
>> Don Hawkins
>> CEO
>> Hawkins Enterprise Group LLC
>> http://hawkinsegroup.com
>> Zello PTT <http://zello.com>: push2don
>> P: 469-214-5044
>>
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services:
>> consulting at freeswitch.org
>> http://www.freeswitchsolutions.com
>>
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://confluence.freeswitch.org
>> http://www.cluecon.com
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>>
>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://confluence.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
--
Regards,
Mirko
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20160908/6088687d/attachment.html
Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users
mailing list