<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
Hudson, tenho um cliente que necessita ter seu asterisk c/ IP
Válido. Ja sofri c/ isso tbm até implementar a seguinte regra de
firewall.<br>
<br>
#!/bin/bash<br>
ipt=/sbin/iptables<br>
$ipt -F<br>
$ipt -A INPUT -i eth2 -s 172.16.5.0/24 -p udp -j ACCEPT<br>
$ipt -A INPUT -i eth2 -s 186.0.0.0/8 -p udp -j ACCEPT<br>
$ipt -A INPUT -i eth2 -s 187.0.0.0/8 -p udp -j ACCEPT<br>
$ipt -A INPUT -i eth2 -s 177.0.0.0/8 -p udp -j ACCEPT<br>
$ipt -A INPUT -i eth2 -s 179.0.0.0/8 -p udp -j ACCEPT<br>
$ipt -A INPUT -i eth2 -s 189.0.0.0/8 -p udp -j ACCEPT<br>
$ipt -A INPUT -i eth2 -s 200.0.0.0/8 -p udp -j ACCEPT<br>
$ipt -A INPUT -i eth2 -s 201.0.0.0/8 -p udp -j ACCEPT<br>
$ipt -A INPUT -i eth2 -p udp -j DROP<br>
<br>
Ou seja, aceito apenas conexões dos IP´s cuja classe começam c/ os
IP´s acima. Tentei deixar apenas classes BR(pelo menos acho que não
tenha mais) e resolveu meu problema visto que 99% dos ataques são
oriundos de redes fora do BR.<br>
<br>
<br>
<br>
Em 24/09/2013 02:10, Hudson Cardoso escreveu:
<blockquote cite="mid:SNT147-W15223E156CFDCD06E7C8BA32E0@phx.gbl"
type="cite">
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 12pt;
font-family:Calibri
}
--></style>
<div dir="ltr"><font style="font-size:12pt;" face="Arial" size="3">
<div> Eles não desistem nunca, agora tentam de 2 em dois,
com peers aleatorios e portas</div>
<div>diferentes, recomendo atenção, e bloqueio do ip de
origem.</div>
<div><br>
</div>
<div><br>
</div>
<div>[2013-09-24 01:58:20] NOTICE[1794]: chan_sip.c:25547
handle_request_register: Registration from '"7780"
<a class="moz-txt-link-rfc2396E" href="sip:7780@201.47.73.162:5060"><sip:7780@201.47.73.162:5060></a>' failed for
'188.138.95.18:5073' - No matching peer found</div>
<div>[2013-09-24 01:58:20] NOTICE[1794]: chan_sip.c:25547
handle_request_register: Registration from '"7780"
<a class="moz-txt-link-rfc2396E" href="sip:7780@201.47.73.162:5060"><sip:7780@201.47.73.162:5060></a>' failed for
'188.138.95.18:5073' - No matching peer found</div>
<div>[2013-09-24 01:58:32] NOTICE[1794]: chan_sip.c:25547
handle_request_register: Registration from '"9396"
<a class="moz-txt-link-rfc2396E" href="sip:9396@201.47.73.162:5060"><sip:9396@201.47.73.162:5060></a>' failed for
'188.138.95.18:5082' - No matching peer found</div>
<div>[2013-09-24 01:58:32] NOTICE[1794]: chan_sip.c:25547
handle_request_register: Registration from '"9396"
<a class="moz-txt-link-rfc2396E" href="sip:9396@201.47.73.162:5060"><sip:9396@201.47.73.162:5060></a>' failed for
'188.138.95.18:5082' - No matching peer found</div>
<div>[2013-09-24 01:58:47] NOTICE[1794]: chan_sip.c:25547
handle_request_register: Registration from '"6265"
<a class="moz-txt-link-rfc2396E" href="sip:6265@201.47.73.162:5060"><sip:6265@201.47.73.162:5060></a>' failed for
'188.138.95.18:5064' - No matching peer found</div>
<div>[2013-09-24 01:58:47] NOTICE[1794]: chan_sip.c:25547
handle_request_register: Registration from '"6265"
<a class="moz-txt-link-rfc2396E" href="sip:6265@201.47.73.162:5060"><sip:6265@201.47.73.162:5060></a>' failed for
'188.138.95.18:5064' - No matching peer found</div>
<div>[2013-09-24 01:58:49] NOTICE[1794]: chan_sip.c:25547
handle_request_register: Registration from '"1316"
<a class="moz-txt-link-rfc2396E" href="sip:1316@201.47.73.162:5060"><sip:1316@201.47.73.162:5060></a>' failed for
'188.138.95.18:5076' - No matching peer found</div>
<div>[2013-09-24 01:58:49] NOTICE[1794]: chan_sip.c:25547
handle_request_register: Registration from '"5457"
<a class="moz-txt-link-rfc2396E" href="sip:5457@201.47.73.162:5060"><sip:5457@201.47.73.162:5060></a>' failed for
'188.138.95.18:5063' - No matching peer found</div>
<div>[2013-09-24 01:58:50] NOTICE[1794]: chan_sip.c:25547
handle_request_register: Registration from '"5457"
<a class="moz-txt-link-rfc2396E" href="sip:5457@201.47.73.162:5060"><sip:5457@201.47.73.162:5060></a>' failed for
'188.138.95.18:5063' - No matching peer found</div>
<div>[2013-09-24 01:58:55] NOTICE[1794]: chan_sip.c:25547
handle_request_register: Registration from '"8487"
<a class="moz-txt-link-rfc2396E" href="sip:8487@201.47.73.162:5060"><sip:8487@201.47.73.162:5060></a>' failed for
'188.138.95.18:5078' - No matching peer found</div>
<div>[2013-09-24 01:58:55] NOTICE[1794]: chan_sip.c:25547
handle_request_register: Registration from '"8487"
<a class="moz-txt-link-rfc2396E" href="sip:8487@201.47.73.162:5060"><sip:8487@201.47.73.162:5060></a>' failed for
'188.138.95.18:5078' - No matching peer found</div>
<div>[2013-09-24 01:59:17] NOTICE[1794]: chan_sip.c:25547
handle_request_register: Registration from '"710"
<a class="moz-txt-link-rfc2396E" href="sip:710@201.47.73.162:5060"><sip:710@201.47.73.162:5060></a>' failed for
'188.138.95.18:5076' - No matching peer found</div>
<div><br>
</div>
</font><br>
<br>
<pre style="line-height:17px;white-space:normal;color:rgb(42, 42, 42);background-color:rgb(255, 255, 255);">Hudson
(048) 8413-7000
Para quem nao cre, nenhuma prova converte,Para aquele que cre, nenhuma prova precisa. </pre>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
KHOMP: completa linha de placas externas FXO, FXS, GSM e E1;
Media Gateways de 1 a 64 E1s para SIP com R2, ISDN e SS7;
Intercomunicadores para acesso remoto via rede IP. Conheça em <a class="moz-txt-link-abbreviated" href="http://www.Khomp.com">www.Khomp.com</a>.
_______________________________________________
ALIGERA – Fabricante nacional de Gateways SIP-E1 para R2, ISDN e SS7.
Placas de 1E1, 2E1, 4E1 e 8E1 para PCI ou PCI Express.
Channel Bank – Appliance Asterisk - Acesse <a class="moz-txt-link-abbreviated" href="http://www.aligera.com.br">www.aligera.com.br</a>.
_______________________________________________
Para remover seu email desta lista, basta enviar um email em branco para <a class="moz-txt-link-abbreviated" href="mailto:asteriskbrasil-unsubscribe@listas.asteriskbrasil.org">asteriskbrasil-unsubscribe@listas.asteriskbrasil.org</a></pre>
</blockquote>
<br>
</body>
</html>