<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
</head>
<body bgcolor="#ffffff" text="#3333ff">
ola, a todos alguem pode me ajudar na configuraçao de um iptables de
fail2ban para meu servidor astrisk<br>
<br>
coloquei estas regras<br>
<br>
iptables -D INPUT -p tcp -m multiport --dport 10000:20000 -j ACCEPT<br>
iptables -D INPUT -p udp -m multiport --dport 10000:20000 -j ACCEPT<br>
iptables -D INPUT -p tcp -m multiport --dport 5060:5061 -j ACCEPT<br>
iptables -I INPUT -p tcp -m multiport --dport 80 -j ACCEPT<br>
iptables -I INPUT -p udp -m multiport --dport 80 -j ACCEPT<br>
iptables -I INPUT -p tcp --dport 22 -j ACCEPT<br>
<br>
service iptables save<br>
service iptables restart<br>
<br>
<br>
mas ficou sme audios e algun ramais nao puderam mais registrar <br>
<br>
<br>
e tabem o fail2ban nao bloqueo os ips dos ramais que ficam tentando
registrar com senha errada.<br>
<br>
<br>
<br>
coloquei assim<br>
<br>
/etc/fail2ban/filter.d/asterisk.conf<br>
<br>
failregex = NOTICE.* .*: Registration from '.*' failed for '<HOST
>' - Wrong password<br>
NOTICE.* .*: Registration from '.*' failed for '<HOST>' - No
matching peer found<br>
NOTICE.* .*: Registration from '.*' failed for '<HOST>' -
Username/auth name mismatch<br>
NOTICE.* .*: Registration from '.*' failed for '<HOST>' - Device
does not match ACL<br>
NOTICE.* <HOST /> failed to authenticate as '.*'$<br>
NOTICE.* .*: No registration for peer '.*' \(from <HOST>\)<br>
NOTICE.* .*: Host <HOST /> failed MD5 authentication for '.*' (.*)<br>
NOTICE.* .*: Failed to authenticate user .*@<HOST />.*<br>
<br>
ignoreregex =<br>
<br>
<code class="plain">/etc/fail2ban/jail.conf</code>
<div class="line alt1"><code class="number"></code><code class="plain">[asterisk-iptables]</code></div>
<div class="line alt2"><code class="number"></code></div>
<div class="line alt1"><code class="number"></code><code class="plain">enabled
= true</code></div>
<div class="line alt2"><code class="number"></code><code class="plain">filter
= asterisk</code></div>
<div class="line alt1"><code class="number"></code><code class="plain">action
= iptables-allports[name=ASTERISK, protocol=all]</code></div>
<div class="line alt2"><code class="number"></code><code class="spaces"></code><code
class="plain">sendmail-whois[name=ASTERISK, <a
href="mailto:dest=%20%3Cscript%20language=%27JavaScript%27%20type=%27text/javascript%27%3E%20%3C%21--%20var%20prefix%20=%20%27mailto:%27;%20var%20suffix%20=%20%27%27;%20var%20attribs%20=%20%27%27;%20var%20path%20=%20%27hr%27%20+%20%27ef%27%20+%20%27=%27;%20var%20addy78177%20=%20%27youremailaddress%27%20+%20%27@%27;%20addy78177%20=%20addy78177%20+%20%27somewhere%27%20+%20%27.%27%20+%20%27com%27;%20document.write%28%20%27%3Ca%20%27%20+%20path%20+%20%27%5C%27%27%20+%20prefix%20+%20addy78177%20+%20suffix%20+%20%27%5C%27%27%20+%20attribs%20+%20%27%3E%27%20%29;%20document.write%28%20addy78177%20%29;%20document.write%28%20%27%3C%5C/a%3E%27%20%29;%20//--%3E%20%3C/script%3E%20%3Cscript%20language=%27JavaScript%27%20type=%27text/javascript%27%3E%20%3C%21--%20document.write%28%20%27%3Cspan%20style=%5C%27display:%20none;%5C%27%3E%27%20%29;%20//--%3E%20%3C/script%3EEste%20endere%C3%A7o%20de%20e-mail%20est%C3%A1%20protegido%20contra%20spambots.%20Voc%C3%AA%20deve%20habilitar%20o%20JavaSc
ript%20para%20visualiz%C3%A1-lo.%20%3Cscript%20language=%27JavaScript%27%20type=%27text/javascript%27%3E%20%3C%21--%20document.write%28%20%27%3C/%27%20%29;%20document.write%28%20%27span%3E%27%20%29;%20//--%3E%20%3C/script%3E">dest=
<script language="JavaScript" type="text/javascript">
<!--
var prefix = 'mailto:';
var suffix = '';
var attribs = '';
var path = 'hr' + 'ef' + '=';
var addy90987 = 'youremailaddress' + '@';
addy90987 = addy90987 + 'somewhere' + '.' + 'com';
document.write( '<a ' + path + '\'' + prefix + addy90987 + suffix + '\'' + attribs + '>' );
document.write( addy90987 );
document.write( '<\/a>' );
//-->
</script></a><a
href="mailto:youremailaddress@somewhere.com">youremailaddress@somewhere.com</a>
<script language="JavaScript" type="text/javascript">
<!--
document.write( '<span style=\'display: none;\'>' );
//-->
</script><span
style="display: none;">Este endereço de e-mail está protegido contra
spambots. Você deve habilitar o JavaScript para visualizá-lo.
<script language="JavaScript" type="text/javascript">
<!--
document.write( '</' );
document.write( 'span>' );
//-->
</script></span>,
<a
href="mailto:sender=%20%3Cscript%20language=%27JavaScript%27%20type=%27text/javascript%27%3E%20%3C%21--%20var%20prefix%20=%20%27mailto:%27;%20var%20suffix%20=%20%27%27;%20var%20attribs%20=%20%27%27;%20var%20path%20=%20%27hr%27%20+%20%27ef%27%20+%20%27=%27;%20var%20addy62105%20=%20%27fail2ban%27%20+%20%27@%27;%20addy62105%20=%20addy62105%20+%20%27somewhere%27%20+%20%27.%27%20+%20%27com%27;%20document.write%28%20%27%3Ca%20%27%20+%20path%20+%20%27%5C%27%27%20+%20prefix%20+%20addy62105%20+%20suffix%20+%20%27%5C%27%27%20+%20attribs%20+%20%27%3E%27%20%29;%20document.write%28%20addy62105%20%29;%20document.write%28%20%27%3C%5C/a%3E%27%20%29;%20//--%3E%20%3C/script%3E%20%3Cscript%20language=%27JavaScript%27%20type=%27text/javascript%27%3E%20%3C%21--%20document.write%28%20%27%3Cspan%20style=%5C%27display:%20none;%5C%27%3E%27%20%29;%20//--%3E%20%3C/script%3EEste%20endere%C3%A7o%20de%20e-mail%20est%C3%A1%20protegido%20contra%20spambots.%20Voc%C3%AA%20deve%20habilitar%20o%20JavaScript%2
0para%20visualiz%C3%A1-lo.%20%3Cscript%20language=%27JavaScript%27%20type=%27text/javascript%27%3E%20%3C%21--%20document.write%28%20%27%3C/%27%20%29;%20document.write%28%20%27span%3E%27%20%29;%20//--%3E%20%3C/script%3E">sender=
<script language="JavaScript" type="text/javascript">
<!--
var prefix = 'mailto:';
var suffix = '';
var attribs = '';
var path = 'hr' + 'ef' + '=';
var addy88102 = 'fail2ban' + '@';
addy88102 = addy88102 + 'somewhere' + '.' + 'com';
document.write( '<a ' + path + '\'' + prefix + addy88102 + suffix + '\'' + attribs + '>' );
document.write( addy88102 );
document.write( '<\/a>' );
//-->
</script></a><a
href="mailto:fail2ban@somewhere.com">fail2ban@somewhere.com</a>
<script language="JavaScript" type="text/javascript">
<!--
document.write( '<span style=\'display: none;\'>' );
//-->
</script><span
style="display: none;">Este endereço de e-mail está protegido contra
spambots. Você deve habilitar o JavaScript para visualizá-lo.
<script language="JavaScript" type="text/javascript">
<!--
document.write( '</' );
document.write( 'span>' );
//-->
</script></span>]</code></div>
<div class="line alt1"><code class="number"></code><code class="plain">logpath
= /var/log/asterisk/full</code></div>
<div class="line alt2"><code class="number"></code><code class="plain">maxretry
= 5</code></div>
<div class="line alt1"><code class="number"></code><code class="plain">bantime
= 600<br>
<br>
</code><strong>/etc/asterisk/logger.conf</strong><br>
[general]<br>
dateformat=%F %T<br>
<br>
<br>
<br>
</div>
<br>
<BR>
<BR>
__________ Información de ESET NOD32 Antivirus, versión de la base de firmas de virus 5512 (20101007) __________<BR>
<BR>
ESET NOD32 Antivirus ha comprobado este mensaje.<BR>
<BR>
<A HREF="http://www.eset.com">http://www.eset.com</A><BR>
</body>
</html>