[asterisk-dev] External scripts for parsing the security logs
Fred Posner
fred at qxork.com
Mon Nov 23 15:31:56 CST 2020
On Mon, 2020-11-23 at 16:22 -0500, Sean Bright wrote:
> On 11/23/2020 4:09 AM, Mohit Dhiman wrote:
> > can anyone please recommend any existing external scripts that can
> > parse the Asterisk security logs and possibly take appropriate
> > actions like IP blocking.
>
> Fail2ban
I wrote one years ago that I still use:
https://github.com/fredposner/scripts/blob/master/asterisk/check-failed-regs.pl
You'll need to make a chain called "asterisk" in iptables.
Also, we started providing a pro-active block to sip attacks with
apiban in January. There's a go client that will update iptables as
well:
https://github.com/palner/apiban
--
Fred Posner
fred at qxork.com
https://qxork.com
Direct/SMS: +1 (336) 439-3733
Need Fred? Call Fred. 336-HEY-FRED
Matrix: @fred:matrix.lod.com
More information about the asterisk-dev
mailing list