I put an asterisk.conf as:
root@fqdn_short:/etc/fail2ban/jail.d#
root@fqdn_short:/etc/fail2ban/jail.d# cat asterisk.conf
[asterisk-iptables]
# if more than 4 attempts are made within 6 hours, ban for 24 hours
enabled = true
filter = asterisk
action = iptables-allports[name=ASTERISK, protocol=all]
sendmail[name=ASTERISK, dest=thufir@fqdn_long,
sender=fail2ban@local.local]
logpath = /var/log/asterisk/messages
maxretry = 4
findtime = 21600
bantime = 86400
root@fqdn_short:/etc/fail2ban/jail.d#
this is a reasonable configuration? How do I know this is running? I
stopped and then started with:
systemctl start fail2ban
according to:
systemctl status fail2ban.service
it looks to be running. The log shows:
2017-01-11 13:05:30,493 fail2ban.filter [9264]: INFO Added
logfile = /var/log/asterisk/messages
2017-01-11 13:05:30,523 fail2ban.jail [9264]: INFO Jail
'sshd' started
2017-01-11 13:05:30,528 fail2ban.jail [9264]: INFO Jail
'asterisk-iptables' started
thanks,
Thufir
------------------------------------------------------------------------------
Developer Access Program for Intel Xeon Phi Processors
Access to Intel Xeon Phi processor-based developer platforms.
With one year of Intel Parallel Studio XE.
Training and support from Colfax.
Order your platform today. http://sdm.link/xeonphi
_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
