[asterisk-biz] 87.230.80.186 - Trying to register
Steve Edwards
asterisk.org at sedwards.com
Thu Jun 24 13:29:11 CDT 2010
On Thu, 24 Jun 2010, bruce bruce wrote:
> Despite doing that, if you still see many registration attempts coming
> onto the box what could be the problem? I have also done iptables-save
> and service iptables restart.
Did your "save" save or overwrite your new rules?
(BTW, I don't like iptables-save because I like to keep a modification
history and comments about blocks of rules in /etc/sysconfig/iptables.
Three years from now, will the next guy know why this address was being
blocked?)
Does "sudo iptables --list --numeric --verbose" show that you are dropping
the attempts? (The first number is the number of packets that matched that
rule.)
If you have a rule like:
--append INPUT --dport 5060 --jump LOG
you can see who is sending packets and then depending on the filtering
policy that is applicable to your environment either explicitly allow the
good guys and drop everybody else or play whack-a-mole and drop the bad
guys as you find them.
--
Thanks in advance,
-------------------------------------------------------------------------
Steve Edwards sedwards at sedwards.com Voice: +1-760-468-3867 PST
Newline Fax: +1-760-731-3000
More information about the asterisk-biz
mailing list