I have fail2ban working to protect my Asterisk servers. Almost everything works like it should. When I change any fail2ban configuration file and restart fail2ban (or reload it) (Fedora 21, using IPTables) the appropriate miscreants are sent to IPTables Hell and all is right with the world. BUT, that is the end of it. When a new miscreant comes along and attacks my server I see the several (retry limit is 4) new entries in the log file (findtime is a day) and they aren't coming particularly quickly (a few seconds to a minute in between attempts), but fail2ban doesn't do anything. It does not appear to be reading the log file on a regular basis (reported to be every second). I assume fail2ban goes out, looks at the log file for its time or size and if those numbers have changed it re-reads the file or a part of it. Whatever it is doing, it isn't for Asterisk. The same instance of fail2ban is doing a fine job of sending the ssh demons back to Hell so it is running.
If I run: fail2ban-client get asterisk logpath I get: No file is currently monitored And the fail2ban debug log says: fail2ban.server [18925]: INFO Jail asterisk is not a FileFilter instance So.what am I doing wrong? Thanks.
------------------------------------------------------------------------------
_______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
