<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii"><meta name=Generator content="Microsoft Word 12 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=EN-US link=blue vlink=purple><div class=WordSection1><div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in'><p class=MsoNormal><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:</span></b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'> asterisk-users-bounces@lists.digium.com [mailto:asterisk-users-bounces@lists.digium.com] <b>On Behalf Of </b>vip killa<br><b>Sent:</b> Wednesday, March 30, 2011 4:25 PM<br><b>To:</b> Asterisk Users Mailing List - Non-Commercial Discussion<br><b>Subject:</b> Re: [asterisk-users] asterisk and fail2ban<o:p></o:p></span></p></div><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal style='margin-bottom:12.0pt'>could you please elaborate on how you have iptables setup to work that way? <o:p></o:p></p><div><p class=MsoNormal>On Wed, Mar 30, 2011 at 4:11 PM, Gordon Henderson <<a href="mailto:gordon%2Basterisk@drogon.net">gordon+asterisk@drogon.net</a>> wrote:<o:p></o:p></p><div><p class=MsoNormal style='margin-bottom:12.0pt'>On Wed, 30 Mar 2011, Terry Brummell wrote:<o:p></o:p></p><p class=MsoNormal>I think you will find Fail2Ban the defacto standard.<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p></div><p class=MsoNormal>I don't use fai2ban. Never have, never will because I simply don't need it.<br><br>Standard iptables are good enough if you can be bothered to use them to their full abilities. No need for anything else as iptables can do connection tracking and blocking against time - just like fail2ban does. More than X connections a second/minute/hour from a given IP address? Yes, iptables can detect and block that. Works for all protocolls too - SIP, IAX, POP, SSH, etc.<br><br>Gordon<br><span style='color:#888888'><br>--</span><o:p></o:p></p><div><div><p class=MsoNormal><br><span style='color:#1F497D'>Yah, sounds simple, how do you set it up to do this? Fail2Ban was pretty easy, if it’s that easy, why was F2B even created?</span><o:p></o:p></p></div></div></div><p class=MsoNormal><o:p> </o:p></p></div></body></html>