[asterisk-users] "Register Attacks" End of ENUM ?
Norbert Zawodsky
norbert at zawodsky.at
Tue Jul 27 05:36:51 CDT 2010
Am 27.07.2010 08:42, schrieb Motiejus Jakštys:
> If all you need is block the SIP traffic from external sources, you
> may do the following:
> # iptables -A INPUT -s 192.168.1.0/24 -p udp --dport 5060 -j ACCEPT
> # iptables -A INPUT -p udp --dport 5060 -j DROP
>
> # iptables-save> /etc/iptables.up.rules
> and somewhere in init scripts (depending on your lsb release):
> # iptables-restore< /etc/iptables.up.rules
>
> fail2ban is more suitable if you have external environment (plus it's
> more complicated than just these 2 rules).
>
Hello Motiejus, Hello Nick!
thanks for your answers. My OP was definitely not meant as a request for
help. I just wanted to start some small discussion.
The point is that
a) I don't know fail2ban, and
b) I think that small box which runs my asterisk wouldn't take another
additional application (like fail2ban)
@Motiejus:
Thanks for your rules! Since it seems that you are an iptables expert,
may I ask you:
I want to restrict SIP traffic to my internal network AND to a special
adress-range (adresses of my voip provider) from external network.
iptables -A INPUT -s 192.168.1.0/24 -p udp --dport 5060 -j ACCEPT
iptables -A INPUT -m iprange --src-range [FROM_IP]-[TO_IP] -j ACCEPT
iptables -A INPUT -p udp --dport 5060 -j DROP
Would that do the trick ?
But that would keep out any calls via ENUM mechanism too. Am I right?
Norbert
More information about the asterisk-users
mailing list