<html>
  <head>
    <meta content="text/html; charset=ISO-8859-1"
      http-equiv="Content-Type">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    Mike, lembrando que se tratando de SIP, que usa o protocolo UDP, vc
    pode fazer conforme abaixo:<br>
    Esse exemplo abaixo possuo em um cliente onde bloqueio qualquer
    tentativa de se logar na central via SIP c/ alguma classe diferente
    das que est&atilde;o listadas(que s&atilde;o classes BR)<br>
    Apenas isso vai resolver seu problema!<br>
    <br>
    #!/bin/bash<br>
    ipt=/sbin/iptables<br>
    $ipt -F<br>
    $ipt -A INPUT -i eth2 -s 172.16.5.0/24 -p udp -j ACCEPT<br>
    $ipt -A INPUT -i eth2 -s 186.0.0.0/8 -p udp -j ACCEPT<br>
    $ipt -A INPUT -i eth2 -s 187.0.0.0/8 -p udp -j ACCEPT<br>
    $ipt -A INPUT -i eth2 -s 177.0.0.0/8 -p udp -j ACCEPT<br>
    $ipt -A INPUT -i eth2 -s 179.0.0.0/8 -p udp -j ACCEPT<br>
    $ipt -A INPUT -i eth2 -s 189.0.0.0/8 -p udp -j ACCEPT<br>
    $ipt -A INPUT -i eth2 -s 198.50.96.130 -p udp -j ACCEPT<br>
    $ipt -A INPUT -i eth2 -s 200.0.0.0/8 -p udp -j ACCEPT<br>
    $ipt -A INPUT -i eth2 -s 201.0.0.0/8 -p udp -j ACCEPT<br>
    $ipt -A INPUT -i eth2 -p udp -j DROP<br>
    <br>
    <br>
    Em 26/07/2013 09:30, Mike escreveu:
    <blockquote
      cite="mid:BLU404-EAS247B98A0B1B21132AEA05F7A06A0@phx.gbl"
      type="cite">
      <meta http-equiv="Content-Type" content="text/html;
        charset=ISO-8859-1">
      <meta name="Generator" content="Microsoft Word 15 (filtered
        medium)">
      <style><!--
/* Font Definitions */
@font-face
        {font-family:"Cambria Math";
        panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
        {font-family:Calibri;
        panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
        {margin:0cm;
        margin-bottom:.0001pt;
        font-size:12.0pt;
        font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
        {mso-style-priority:99;
        color:blue;
        text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
        {mso-style-priority:99;
        color:purple;
        text-decoration:underline;}
span.EstiloDeEmail17
        {mso-style-type:personal-reply;
        font-family:"Calibri","sans-serif";
        color:#1F497D;}
.MsoChpDefault
        {mso-style-type:export-only;
        font-family:"Calibri","sans-serif";
        mso-fareast-language:EN-US;}
@page WordSection1
        {size:612.0pt 792.0pt;
        margin:70.85pt 3.0cm 70.85pt 3.0cm;}
div.WordSection1
        {page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
      <div class="WordSection1">
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US">Pessoal,
            agrade&ccedil;o muito a todos pelas dicas.<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US"><o:p>&nbsp;</o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US">Bruno
            estou lendo j&aacute; os links que me passou.<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US"><o:p>&nbsp;</o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US">Fiz
            v&aacute;rias tentativas j&aacute; inclusive esta que voc&ecirc; me passou, mas
            ao carregar o servi&ccedil;o ele me d&aacute; um erro. &nbsp;Mesmo eu deixando
            a regra -A INPUT -s 192.168.25.34 -j ACCEPT apos reiniciar o
            servi&ccedil;o, ele me bloqueia sempre. N&atilde;o libera meu acesso.<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US"><o:p>&nbsp;</o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US"
            lang="EN-US">[root@ibridge ~]# service iptables restart<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US"
            lang="EN-US">iptables: Liberando regras do
            firewall:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; [&nbsp; OK&nbsp; ]<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US">iptables:
            Configurando chains para a pol&Atilde;&shy;tica ACCEPT: filt[&nbsp; OK&nbsp; ]<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US">iptables:
            Descarregando m&Atilde;&sup3;dulos:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; [&nbsp; OK&nbsp; ]<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#C00000;mso-fareast-language:EN-US"
            lang="EN-US">iptables: Aplicando regras do firewall:Bad
            argument `iptables'<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#C00000;mso-fareast-language:EN-US"
            lang="EN-US">Error occurred at line: 18<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US"
            lang="EN-US">Try `iptables-restore -h' or 'iptables-restore
            --help' for more information.<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US"
            lang="EN-US">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
          </span><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US">[FALHOU]<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US">Estou
            com a regra abaixo.<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US"><o:p>&nbsp;</o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US"
            lang="EN-US"># Firewall configuration written by
            system-config-firewall<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US"
            lang="EN-US"># Manual customization of this file is not
            recommended.<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US"
            lang="EN-US">*filter<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US"
            lang="EN-US">:INPUT ACCEPT [0:0]<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US"
            lang="EN-US">:FORWARD ACCEPT [0:0]<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US"
            lang="EN-US">:OUTPUT ACCEPT [0:0]<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US"
            lang="EN-US">-A INPUT -m state --state ESTABLISHED,RELATED
            -j ACCEPT<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US"
            lang="EN-US">-A INPUT -p icmp -j ACCEPT<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US"
            lang="EN-US">-A INPUT -i lo -j ACCEPT<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US"
            lang="EN-US"><o:p>&nbsp;</o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US"
            lang="EN-US">-P INPUT DROP<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US"
            lang="EN-US">-P OUTPUT DROP<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US"
            lang="EN-US">-P FORWARD DROP<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US"
            lang="EN-US"><o:p>&nbsp;</o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US"
            lang="EN-US">iptables -A INPUT -s 192.168.25.34 -j ACCEPT
            ;;meu ip local<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US"
            lang="EN-US">-A INPUT -s 192.168.25.34 -j ACCEPT<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US"
            lang="EN-US">-A INPUT -s 192.168.25.82 -j ACCEPT<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US"
            lang="EN-US"><o:p>&nbsp;</o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US"
            lang="EN-US">-A INPUT -m state --state NEW -m tcp -p tcp
            --dport 22 -j ACCEPT<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US"
            lang="EN-US">-A INPUT -m state --state NEW -m tcp -p tcp
            --dport 80 -j ACCEPT<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US"
            lang="EN-US">-A INPUT -m state --state NEW -m tcp -p tcp
            --dport 88 -j ACCEPT<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US"
            lang="EN-US">-A INPUT -m state --state NEW -m tcp -p tcp
            --dport 3306 -j ACCEPT<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US"
            lang="EN-US">-A INPUT -m state --state NEW -m tcp -p tcp
            --dport 5038 -j ACCEPT<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US"
            lang="EN-US">-A INPUT -m state --state NEW -m udp -p udp
            --dport 1:65535 -j ACCEPT<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US"
            lang="EN-US">-A INPUT -j REJECT --reject-with
            icmp-host-prohibited<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US"
            lang="EN-US">-A FORWARD -j REJECT --reject-with
            icmp-host-prohibited<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US">COMMIT<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US"><o:p>&nbsp;</o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US">Muito
            Obrigado!<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US"><o:p>&nbsp;</o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US"><o:p>&nbsp;</o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US">Att:
            Mike<o:p></o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US"><o:p>&nbsp;</o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US"><o:p>&nbsp;</o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US"><o:p>&nbsp;</o:p></span></p>
        <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1F497D;mso-fareast-language:EN-US"><o:p>&nbsp;</o:p></span></p>
        <p class="MsoNormal"><b><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;">De:</span></b><span
style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;">
            <a class="moz-txt-link-abbreviated" href="mailto:asteriskbrasil-bounces@listas.asteriskbrasil.org">asteriskbrasil-bounces@listas.asteriskbrasil.org</a>
            [<a class="moz-txt-link-freetext" href="mailto:asteriskbrasil-bounces@listas.asteriskbrasil.org">mailto:asteriskbrasil-bounces@listas.asteriskbrasil.org</a>] <b>Em
              nome de </b>Bruno Gerotto<br>
            <b>Enviada em:</b> sexta-feira, 26 de julho de 2013 08:34<br>
            <b>Para:</b> <a class="moz-txt-link-abbreviated" href="mailto:asteriskbrasil@listas.asteriskbrasil.org">asteriskbrasil@listas.asteriskbrasil.org</a><br>
            <b>Assunto:</b> Re: [AsteriskBrasil] RES: Iptables<o:p></o:p></span></p>
        <p class="MsoNormal"><o:p>&nbsp;</o:p></p>
        <div>
          <p class="MsoNormal">Bom dia Mike, tudo em ordem.<o:p></o:p></p>
          <div>
            <p class="MsoNormal"><o:p>&nbsp;</o:p></p>
          </div>
          <div>
            <p class="MsoNormal">Seguinte, tamb&eacute;m n&atilde;o tenho mtooooo
              conhecimento em iptables e fail2ban, mas acredito que
              consigo te dar uma for&ccedil;a com minhas pr&oacute;prias palavras..<o:p></o:p></p>
          </div>
          <div>
            <p class="MsoNormal"><o:p>&nbsp;</o:p></p>
          </div>
          <div>
            <p class="MsoNormal">Quando voc&ecirc; usa a op&ccedil;&atilde;o -P no comando
              iptables (iptables -P INPUT DROP), voc&ecirc; est&aacute; querendo
              dizer que a politica padr&atilde;o do firewall para as conex&otilde;es
              de entrada &eacute; drop, ou seja, todas as conex&otilde;es de entrada a
              esse servidor ser&atilde;o barradas.<o:p></o:p></p>
          </div>
          <div>
            <p class="MsoNormal"><o:p>&nbsp;</o:p></p>
          </div>
          <div>
            <p class="MsoNormal">Como voc&ecirc; usou DROP para INPUT, FORWARD
              E OUTPUT, voc&ecirc; isolou o servidor de toda a rede.<o:p></o:p></p>
          </div>
          <div>
            <p class="MsoNormal"><o:p>&nbsp;</o:p></p>
          </div>
          <div>
            <p class="MsoNormal">Por&eacute;m existem as regras com -A
              (iptables&nbsp;<span
style="font-size:11.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:black">-A
                INPUT -s 111.1111.111.111 -j ACCEPT), ou seja, voc&ecirc; pode
                dizer que suas regras de entrada padr&atilde;o ser&atilde;o drop, mas
                quando chegar uma conex&atilde;o de determinado ip voc&ecirc; vai
                aceitar..</span><o:p></o:p></p>
          </div>
          <div>
            <p class="MsoNormal"><o:p>&nbsp;</o:p></p>
          </div>
          <div>
            <p class="MsoNormal"><span
style="font-size:11.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:black">Partindo
                desses principios da pra voc&ecirc; bloquear tudo e liberar
                somente o necess&aacute;rio... oque eu sempre costumo fazer.</span><o:p></o:p></p>
          </div>
          <div>
            <p class="MsoNormal"><o:p>&nbsp;</o:p></p>
          </div>
          <div>
            <p class="MsoNormal"><span
style="font-size:11.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:black">Quanto
                ao Fail2ban, oque ele faz &eacute; analisar os arquivos de log
                de uma aplica&ccedil;&atilde;o e bloquear a origem dos acessos caso
                haja uma determinada quantia de erros. Ele faz isso
                criando regras no iptables.</span><o:p></o:p></p>
          </div>
          <div>
            <p class="MsoNormal"><o:p>&nbsp;</o:p></p>
          </div>
          <div>
            <p class="MsoNormal"><span
style="font-size:11.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:black">Segue
                alguns links que j&aacute; me ajudaram muito.</span><o:p></o:p></p>
          </div>
          <div>
            <p class="MsoNormal"><o:p>&nbsp;</o:p></p>
          </div>
          <div>
            <p class="MsoNormal"><span
style="font-size:11.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:black">Fail2ban
                com asterisk</span><o:p></o:p></p>
          </div>
          <div>
            <p class="MsoNormal"><a moz-do-not-send="true"
                href="http://asterisk.zip.net/asterisk/">http://asterisk.zip.net/asterisk/</a>&nbsp;(Da
              um ctrl + f e procura por fail2ban pq ta bem no meio da
              pagina e ela &eacute; um pouco extensa).<o:p></o:p></p>
          </div>
          <div>
            <p class="MsoNormal"><a moz-do-not-send="true"
href="http://www.vivaolinux.com.br/dica/Evitando-bruteforce-de-SSH-utilizando-o-Fail2ban">http://www.vivaolinux.com.br/dica/Evitando-bruteforce-de-SSH-utilizando-o-Fail2ban</a><o:p></o:p></p>
          </div>
          <div>
            <p class="MsoNormal"><a moz-do-not-send="true"
href="http://www.vivaolinux.com.br/artigo/Bloqueio-de-repetidas-tentativas-de-login-ao-seu-Linux?pagina=5">http://www.vivaolinux.com.br/artigo/Bloqueio-de-repetidas-tentativas-de-login-ao-seu-Linux?pagina=5</a><o:p></o:p></p>
          </div>
          <div>
            <p class="MsoNormal"><a moz-do-not-send="true"
href="http://www.servidordebian.org/pt/wheezy/security/brute_force_attack/fail2ban">http://www.servidordebian.org/pt/wheezy/security/brute_force_attack/fail2ban</a><o:p></o:p></p>
          </div>
          <div>
            <p class="MsoNormal"><a moz-do-not-send="true"
                href="http://www.fail2ban.org/wiki/index.php/Asterisk">http://www.fail2ban.org/wiki/index.php/Asterisk</a><o:p></o:p></p>
          </div>
          <div>
            <p class="MsoNormal"><o:p>&nbsp;</o:p></p>
          </div>
          <div>
            <p class="MsoNormal"><o:p>&nbsp;</o:p></p>
          </div>
          <div>
            <p class="MsoNormal"><span
style="font-size:11.5pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:black">Firewall
                Iptables com Asterisk</span><o:p></o:p></p>
          </div>
          <div>
            <p class="MsoNormal"><a moz-do-not-send="true"
                href="http://wiki.ubuntu-br.org/Iptables">http://wiki.ubuntu-br.org/Iptables</a><o:p></o:p></p>
          </div>
          <div>
            <p class="MsoNormal"><a moz-do-not-send="true"
href="http://web.mit.edu/rhel-doc/4/RH-DOCS/rhel-sg-pt_br-4/s1-firewall-ipt-fwd.html">http://web.mit.edu/rhel-doc/4/RH-DOCS/rhel-sg-pt_br-4/s1-firewall-ipt-fwd.html</a><o:p></o:p></p>
          </div>
          <div>
            <p class="MsoNormal"><o:p>&nbsp;</o:p></p>
          </div>
          <div>
            <p class="MsoNormal">Espero ter ajudado.<o:p></o:p></p>
          </div>
          <div>
            <p class="MsoNormal"><o:p>&nbsp;</o:p></p>
          </div>
          <div>
            <p class="MsoNormal"><o:p>&nbsp;</o:p></p>
          </div>
          <div>
            <p class="MsoNormal"><br clear="all">
              <o:p></o:p></p>
            <div>
              <p class="MsoNormal">ATT.<o:p></o:p></p>
              <div>
                <p class="MsoNormal">Bruno Gerotto<o:p></o:p></p>
              </div>
            </div>
          </div>
        </div>
      </div>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <br>
      <pre wrap="">_______________________________________________
KHOMP: completa linha de placas externas FXO, FXS, GSM e E1;
Media Gateways de 1 a 64 E1s para SIP com R2, ISDN e SS7;
Intercomunicadores para acesso remoto via rede IP. Conhe&ccedil;a em <a class="moz-txt-link-abbreviated" href="http://www.Khomp.com">www.Khomp.com</a>.
_______________________________________________
ALIGERA &#8211; Fabricante nacional de Gateways SIP-E1 para R2, ISDN e SS7.
Placas de 1E1, 2E1, 4E1 e 8E1 para PCI ou PCI Express.
Channel Bank &#8211; Appliance Asterisk - Acesse <a class="moz-txt-link-abbreviated" href="http://www.aligera.com.br">www.aligera.com.br</a>.
_______________________________________________
Para remover seu email desta lista, basta enviar um email em branco para <a class="moz-txt-link-abbreviated" href="mailto:asteriskbrasil-unsubscribe@listas.asteriskbrasil.org">asteriskbrasil-unsubscribe@listas.asteriskbrasil.org</a></pre>
    </blockquote>
    <br>
  </body>
</html>