On Wed, Mar 30, 2011 at 03:36:10PM -0500, Danny Nicholas wrote:
> I don't use F2B either, but from what I understand, it is a packaged
> iptables automation. If you are a unix/linux guru or have a small amount of
> traffic, I can see where manual iptables maintenance would be fine; F2B
> would be for the "less-informed" or more heavily attacked amongst us.
Fail2ban monitors log files. It looks for certain regular expressions.
When those are matched frequiently enough, it runs a certain action.
So in this case if it sees lines for a failed SIP registration /
invite in /var/log/asterisk/messages from a certain IP address, it will
add an iptables rule to block that IP address (in one specific chain).
Sure, you can do that manually. Or with your own monitoring script.
--
Tzafrir Cohen
icq#16849755 jabber:[email protected]
+972-50-7952406 mailto:[email protected]
http://www.xorcom.com iax:[email protected]/tzafrir
--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
http://www.asterisk.org/hello
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
