On Thu, 24 Jun 2010, bruce bruce wrote:
Despite doing that, if you still see many registration attempts coming
onto the box what could be the problem? I have also done iptables-save
and service iptables restart.
Did your "save" save or overwrite your new rules?
(BTW, I don't like iptables-save because I like to keep a modification
history and comments about blocks of rules in /etc/sysconfig/iptables.
Three years from now, will the next guy know why this address was being
blocked?)
Does "sudo iptables --list --numeric --verbose" show that you are dropping
the attempts? (The first number is the number of packets that matched that
rule.)
If you have a rule like:
--append INPUT --dport 5060 --jump LOG
you can see who is sending packets and then depending on the filtering
policy that is applicable to your environment either explicitly allow the
good guys and drop everybody else or play whack-a-mole and drop the bad
guys as you find them.
--
Thanks in advance,
-------------------------------------------------------------------------
Steve Edwards [email protected] Voice: +1-760-468-3867 PST
Newline Fax: +1-760-731-3000
--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
asterisk-biz mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-biz
