<div dir="ltr">Olá galera.<div><br></div><div>já instalei o fail2ban em outros servidores (centOS 5.x, 6.2) e estão funcionando normalmente, porém, instalei no centOS 6.4 e pelo visto não esta bloqueando os IP com tentativas de autenticação no servidor.</div>
<div><br></div><div>Fiz alguns testes tentando logar ramal com senha errada por diversas vezes e ele não bloqueou.</div><div><br></div><div>asterisk.conf</div><div><br></div><div><div>[INCLUDES]</div><div><br></div><div>before = common.conf<br>
</div><div><br></div><div>_daemon = asterisk</div><div><br></div><div>[Definition]</div><div><br></div><div>failregex = NOTICE%(__pid_re)s .*: Registration from '.*' failed for '<HOST>' - Wrong password$<br>
</div><div> NOTICE%(__pid_re)s .*: Registration from '.*' failed for '<HOST>' - No matching peer found$</div><div> NOTICE%(__pid_re)s .*: Registration from '.*' failed for '<HOST>' - Username/auth name mismatch$</div>
<div> NOTICE%(__pid_re)s .*: Registration from '.*' failed for '<HOST>' - Device does not match ACL$</div><div> NOTICE%(__pid_re)s .*: Registration from '.*' failed for '<HOST>' - Peer is not supposed to register$</div>
<div> NOTICE%(__pid_re)s .*: Registration from '.*' failed for '<HOST>' - ACL error (permit/deny)$</div><div> NOTICE%(__pid_re)s <HOST> failed to authenticate as '.*'$</div>
<div> NOTICE%(__pid_re)s .*: No registration for peer '.*' \(from <HOST>\)$</div><div> NOTICE%(__pid_re)s .*: Host <HOST> failed MD5 authentication for '.*' (.*)$</div><div>
NOTICE%(__pid_re)s .*: Failed to authenticate user .*@<HOST>.*$</div><div><br></div><div>ignoreregex =<br></div><div><br></div><div><br></div><div style>e no arquivo jail.conf adicionei o seguinte</div><div style>
<br></div><div style><div>[asterisk-iptables]</div><div><br></div><div>enabled = true</div><div>filter = asterisk</div><div>action = iptables-allports[name=ASTERISK, protocol=all]</div><div> sendmail-whois[name=ASTERISK, dest=root, sender=<a href="mailto:daniloricalmeida@gmail.com">daniloricalmeida@gmail.com</a>]</div>
<div>logpath = /var/log/asterisk/messages</div><div>maxretry = 5</div><div>bantime = 259200</div><div><br></div><div style>starto ele, e aparece as seguinte mensagens:</div><div style><br></div><div style><div># service fail2ban start</div>
<div>Iniciando o fail2ban:</div><div>Message from syslogd@ruffus at Jun 21 14:14:44 ...</div><div> ¿<30>fail2ban.filter : INFO Added logfile = /var/log/secure</div><div><br></div><div>Message from syslogd@ruffus at Jun 21 14:14:44 ...</div>
<div> ¿<30>fail2ban.filter : INFO Set maxRetry = 5</div><div><br></div><div>Message from syslogd@ruffus at Jun 21 14:14:44 ...</div><div> ¿<30>fail2ban.filter : INFO Set findtime = 600</div><div><br></div>
<div>Message from syslogd@ruffus at Jun 21 14:14:45 ...</div><div> ¿<30>fail2ban.filter : INFO Added logfile = /var/log/asterisk/messages</div><div><br></div><div>Message from syslogd@ruffus at Jun 21 14:14:45 ...</div>
<div> ¿<30>fail2ban.filter : INFO Set maxRetry = 5</div><div><br></div><div>Message from syslogd@ruffus at Jun 21 14:14:45 ...</div><div> ¿<30>fail2ban.filter : INFO Set findtime = 600</div><div><br></div>
<div>Message from syslogd@ruffus at Jun 21 14:14:45 ...</div><div> ¿<30>fail2ban.filter : INFO Added logfile = /var/log/asterisk/messages</div><div><br></div><div>Message from syslogd@ruffus at Jun 21 14:14:45 ...</div>
<div> ¿<30>fail2ban.filter : INFO Set maxRetry = 10</div><div><br></div><div>Message from syslogd@ruffus at Jun 21 14:14:45 ...</div><div> ¿<30>fail2ban.filter : INFO Set findtime = 600</div><div><br></div>
<div>Message from syslogd@ruffus at Jun 21 14:14:45 ...</div><div> ¿<30>fail2ban.filter : INFO Added logfile = /var/log/asterisk/messages</div><div><br></div><div>Message from syslogd@ruffus at Jun 21 14:14:45 ...</div>
<div> ¿<30>fail2ban.filter : INFO Set maxRetry = 10</div><div><br></div><div>Message from syslogd@ruffus at Jun 21 14:14:45 ...</div><div> ¿<30>fail2ban.filter : INFO Set findtime = 600</div><div> [ OK ]</div>
<div><br></div><div style>agradeço quem puder ajudar</div></div><div><br></div></div>-- <br><div dir="ltr"><b style="background-color:rgb(255,255,255)"><font color="#0000ff">att</font></b><div><b style="background-color:rgb(255,255,255)"><font color="#0000ff">Danilo Almeida</font></b></div>
</div>
</div></div>