On Feb 9, 2016, at 9:08 PM, Benjamin L. Naber <benja...@project23d.com> wrote:
> how do I get the adaptive ban plugin to ban IPs that are trying to
> register their phones?
>
> I've been having to manually add IP address ranges and host to the
> blockedhosts file.
>
> this is a line I keep seeing with the many of the same IP addresses:
>
> router-pbx local0.notice asterisk[2214]: NOTICE[2236]: chan_sip.c:23587 in
> handle_request_invite: Call from '' (195.154.58.8:5070) to extension
> '801972595499945' rejected because extension not found in context 'from-pstn'.
Hi Benjamin,
This issue have been brought up before, matching the log would be simple to add
to the Adaptive Ban plugin (one line addition) but it turns out this kind of
log error can easily occur under normal operation by users dialing the wrong
number.
If I remember correctly, we (the community here) decided not to act on this log.
Alternate Suggestions:
o If you do not require anonymous calls to your default context ("bogus" in
this example), in your sip.conf [general] section try:
[general]
...
context=bogus
allowguest=no
alwaysauthreject=yes
...
o Limit known, remote SIP endpoints by IPv4 address using the
"dyndns-host-open" plugin.
o Limit known, remote SIP endpoints by whitelisting the SIP User-Agent using
the "sip-user-agent" plugin.
Ref: http://doc.astlinux.org/userdoc:tt_firewall_plugins
o Only use SIP TCP/TLS on the public interface.
Ref: https://wiki.asterisk.org/wiki/display/AST/SIP+TLS+Transport
o Finally, manually ban via the Firewall tab -> Block Host/CIDR: 195.154.58.8
Lonnie
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
Astlinux-users mailing list
Astlinux-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/astlinux-users
Donations to support AstLinux are graciously accepted via PayPal to
pay...@krisk.org.
