Asterisk crash after "SCCP: Rejecting Connection" in logs

Hello!

I’m using FreePBX Distro:

cat /etc/asterisk/freepbxdistro-version

1.814.210.58-1

Searching for a reason why sometimes call gets broken i found this in /var/asterisk/full:

[2015-02-24 00:16:50] VERBOSE[31686] sccp_socket.c: SCCP: Rejecting Connection: Ip-address '62.210.146.81' denied. Check general deny/permit settings (deny:0.0.0.0/0.0.0.0,permit:10.0.2.0/255.255.255.0,).
[2015-02-24 00:16:50] WARNING[31686] sccp_socket.c: SCCP: Rejecting Connection: Ip-address '62.210.146.81' denied. Check general deny/permit settings (deny:0.0.0.0/0.0.0.0,permit:10.0.2.0/255.255.255.0,).
[2015-02-24 00:16:54] VERBOSE[19288] config.c:   == Parsing '/etc/asterisk/asterisk.conf': [2015-02-24 00:16:54] VERBOSE[19288] config.c:   == Found
[2015-02-24 00:16:54] VERBOSE[19288] manager.c:   == Manager registered action DataGet
[2015-02-24 00:16:54] VERBOSE[19288] loader.c:  Asterisk Dynamic Loader Starting:
[2015-02-24 00:16:54] VERBOSE[19288] config.c:   == Parsing '/etc/asterisk/modules.conf': [2015-02-24 00:16:54] VERBOSE[19288] config.c:   == Found

Same time as “sccp_socket.c: SCCP: Rejecting Connection: Ip-address” in /var/log/messages:

Feb 24 00:16:50 freepbx kernel: asterisk[31686]: segfault at 0000000000000010 rip 000000307b20a090 rsp 00000000414f4ca8 error 4

This is not single case, I have more than 70 examples like that from last 4 months in /var/log/full*.
I do not however collect /var/log/messages but I’ve found 3 examples in current log and every time “segfault” from there matches “sccp_socket.c: SCCP: Rejecting Connection” in /var/log/full.

From what I understand it’s like this: PBX gets attacked, asterisk crashes and few second later all configs are reloaded (as u can see in first code block, just a start, complete asterisk reload takes almost 10.000 lines) probably due to “asterisk_safe”.

Does anyone had similar issue? How to block this? Is there a way to disable SCCP completely so it’s not vulnerable via that protocol? I googled for it but I haven’t found similar problem.

Thanks! :smile:

Don’t include its configuration file, or remove the module from the Asterisk modules directory. Or even specify it as noload in modules.conf.

Removing the module should work even on FreePBX. I suppose FreePBX may repair the other two, but this is the wrong place to ask about FreePBX.

Google “asterisk wiki backtrace” to find out how to debug, but I think FreePBX may not supply suitable versions of the binaries for debugging.

I’m also not familiar with that version of FreePBX distro. You may want to check the version of Asterisk there as it could be a version that, due to age, is no longer receiving any bug fixes.