[asterisk-dev] fail2ban with asterisk security log?
Andrew Latham
lathama at gmail.com
Thu Dec 13 10:49:55 CST 2012
On Thu, Dec 13, 2012 at 9:01 AM, Russell Bryant
<russell at russellbryant.net> wrote:
> Greetings,
>
> I'm looking at documenting the security log for "Asterisk: The Definitive
> Guide".
>
> Now that the security log file supports security events from both AMI and
> chan_sip, has anyone written any scripts to process these events? An
> updated fail2ban config perhaps? Or anything else?
>
> Thanks,
>
> --
> Russell Bryant
For log parsing Fail2ban still works great but a much better solution
is using iptables "recent" and the newish "ipset" tool. Many people
also use the Do Not Route or Peer (DROP) lists.
--
~ Andrew "lathama" Latham lathama at gmail.com http://lathama.net ~
More information about the asterisk-dev
mailing list