[asterisk-users] Changing storm-prevention behaviour in logger.conf

Tilghman Lesher tlesher at digium.com
Sat Apr 17 17:15:25 CDT 2010


On Saturday 17 April 2010 16:14:23 Remco Bressers wrote:
> Dear List,
>
> According to https://issues.asterisk.org/view.php?id=14905 there is a storm
> prevention mechanism in newer Asterisks. If i look in my logfile, i see :
>
> [2010-04-17 15:12:01] NOTICE[1190] chan_sip.c: Registration from '"xxxx"
> <sip:xxx at xxx.xxx.xxx.xxx>' failed for 'xx.xx.xx.xx' - Wrong password
> [2010-04-17 15:12:01] NOTICE[1190] chan_sip.c: Last message repeated 3
> times
>
> This IS a good thing to do, but i want to disable this behaviour. We are
> using fail2ban to ban scripts and people from the Asterisk system. On
> version 1.4.23 this worked fine, but now this mechanism is in place, i
> cannot use fail2ban anymore.
>
> Is there any option to disable this behaviour, or even better, add it to
> logger.conf so anybody can decide what to do? I just want all logging and
> it seems impossible now. Maybe a patch on the source?

That's not Asterisk doing that.  That's your system logger.  AFAIK, there's no
way to turn that off, as it's a defense mechanism against an attacker filling
your disks, causing lost messages and possible crashes (on some platforms).

-- 
Tilghman Lesher
Digium, Inc. | Senior Software Developer
twitter: Corydon76 | IRC: Corydon76-dig (Freenode)
Check us out at: www.digium.com & www.asterisk.org



More information about the asterisk-users mailing list