On Sun, 28 Nov 2010, Jeremy Kister wrote: > On 11/28/2010 12:03 PM, Silver Thorne wrote: >> So, I am wondering if anyone has a firewall/IP tables statement that >> keep out unauthorised users? No one seems to get in as we use really > > http://jeremy.kister.net/code/iptables/ > > if you already have an iptables configuration, the "throttle" section is > important. if not, the iptables.init script can likely drop in place. > > if you only need north-american ip addresses to talk to your asterisk > box, i suggest you also run the make-non-na.pl from cron every week. > >
+1 Jeremy - these scripts, for NA PBXes, are perfect (and even without the heavy handed blocking of the rest of the world, the iptables stuff is invaluable). If I am digesting it correctly, this set of iptables rules does exactly what fail2ban would do, minus the logging, and without the overhead of a scripting language, correct? Love it! j -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
