[asterisk-bugs] [JIRA] (ASTERISK-25567) Log IP Addresses for automatic firewalling (e.g. fail2ban)
Troy Bowman (JIRA)
noreply at issues.asterisk.org
Mon Nov 16 19:20:33 CST 2015
[ https://issues.asterisk.org/jira/browse/ASTERISK-25567?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=228332#comment-228332 ]
Troy Bowman commented on ASTERISK-25567:
----------------------------------------
The security log does not log bad call attempts, does it? For example, the patch I wish to give adds the part in parentheses below, which allows me to eventually ban people trying to call through my system:
Nov 17 01:01:48] NOTICE[3002][C-00000dd5] chan_sip.c: Call from '' (37.75.209.155:10009) to extension '011972597380122' rejected because extension not found in context 'incoming'.
[Nov 17 01:01:49] NOTICE[3002][C-00000dd6] chan_sip.c: Call from '' (37.75.209.155:10000) to extension '1010288011972597380122' rejected because extension not found in context 'incoming'.
[Nov 17 01:01:50] NOTICE[3002][C-00000dd7] chan_sip.c: Call from '' (37.75.209.155:10019) to extension '1010333011972597380122' rejected because extension not found in context 'incoming'.
[Nov 17 01:01:51] NOTICE[3002][C-00000dd8] chan_sip.c: Call from '' (37.75.209.155:10014) to extension '1010555011972597380122' rejected because extension not found in context 'incoming'.
> Log IP Addresses for automatic firewalling (e.g. fail2ban)
> ----------------------------------------------------------
>
> Key: ASTERISK-25567
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-25567
> Project: Asterisk
> Issue Type: Improvement
> Security Level: None
> Components: Channels/chan_sip/Registration
> Affects Versions: 13.6.0
> Environment: Linux
> Reporter: Troy Bowman
> Assignee: Troy Bowman
> Severity: Minor
>
> Please consider adding IP addresses to registration failures to allow programs like fail2ban to firewall abusers after a certain number of attempts.
> I will attach a patch which illustrates the idea when I've been granted the permission to do so.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list