2010/10/24 Daniel-Constantin Mierla <mico...@gmail.com>: > Using fail2ban together with IP tables has the advantage of dropping the > packets before getting to application and eating cpu
I have a testing platfotm with Kamailio and fail2ban working more or less as explained in this thread. But I wonder if fail2ban is a good idea as it works inspecting regular expressions in each line of the log. Is it good enough and feasible under high traffic? wouldn't fail2ban eat too much CPU by inspecting the log file? Just wondering. Of course, the perfect solution would be Kamailio acting as fail2ban. This is, "pike" module inserting dynamic rules in iptables. Opinnions? -- Iñaki Baz Castillo <i...@aliax.net> _______________________________________________ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
