<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=us-ascii" http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
Tilghman Lesher wrote:
<blockquote cite="mid:201004171715.25502.tlesher@digium.com" type="cite">
<pre wrap="">On Saturday 17 April 2010 16:14:23 Remco Bressers wrote:
</pre>
<blockquote type="cite">
<pre wrap="">Dear List,
According to <a class="moz-txt-link-freetext" href="https://issues.asterisk.org/view.php?id=14905">https://issues.asterisk.org/view.php?id=14905</a> there is a storm
prevention mechanism in newer Asterisks. If i look in my logfile, i see :
[2010-04-17 15:12:01] NOTICE[1190] chan_sip.c: Registration from '"xxxx"
<a class="moz-txt-link-rfc2396E" href="mailto:sip:xxx@xxx.xxx.xxx.xxx"><sip:xxx@xxx.xxx.xxx.xxx></a>' failed for 'xx.xx.xx.xx' - Wrong password
[2010-04-17 15:12:01] NOTICE[1190] chan_sip.c: Last message repeated 3
times
This IS a good thing to do, but i want to disable this behaviour. We are
using fail2ban to ban scripts and people from the Asterisk system. On
version 1.4.23 this worked fine, but now this mechanism is in place, i
cannot use fail2ban anymore.
Is there any option to disable this behaviour, or even better, add it to
logger.conf so anybody can decide what to do? I just want all logging and
it seems impossible now. Maybe a patch on the source?
</pre>
</blockquote>
<pre wrap=""><!---->
That's not Asterisk doing that. That's your system logger. AFAIK, there's no
way to turn that off, as it's a defense mechanism against an attacker filling
your disks, causing lost messages and possible crashes (on some platforms).
</pre>
</blockquote>
If running syslog-ng, check syslog-ng.conf and the summary option.
Setting summary to 0 turns off that behavior.<br>
<br>
Lyle Giese<br>
LCR Computer Services, Inc.<br>
<br>
</body>
</html>