I'm running centos 6.8 and I've installed freepbx-13 and
fail2ban-0.9.4-2.el6.noarch, which I got from 'yum install fail2ban'.
I'm trying to create a jail to block failed login attempts in the
freepbx GUI. One accesses the freepbx gui in a browser so it's
http/https access.
I tried this in jail.local: (copied from an earlier version of
jail.local on a freepbx-disto machine)
-------------
[pbx-gui]
port = http,https
action = %(banaction)s[name=%(__name__)s-tcp, port="%(port)s",
protocol="tcp", chain="%(chain)s", actname=%(banaction)s-tcp]
%(mta)s-whois[name=%(__name__)s, dest="%(destemail)s"]
logpath = /var/log/asterisk/freepbx_security.log
maxretry = 2
--------------
but it doesn't work. I don't know whether this should be an apache
jail or a seperate [pbx-gui] jail. The failed gui logins are logged
in:
/var/log/asterisk/freepbx_security.log. A typical failed login looks
like this in the log file:
------------------
[2016-10-19 07:39:17] {"username":"gffddf","extdisplay":false}
[2016-10-19 07:39:17] Authentication failure for gffddf from <ip-address>
-------------------
I have searched on google but everything I found refers to earlier
versions on freepbx and fail2ban and I can't make sense of it when
trying to translate it to the new jail.local file in fail2ban-0.9..
Thanks for any help
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
