[asterisk-iptables]

How do I stop these sort of “pings”? Is it a ping or probe?

fqdn_subdomain*CLI> 
fqdn_subdomain*CLI> sip set debug on
SIP Debugging enabled

<--- SIP read from UDP:67.212.84.21:5010 --->
OPTIONS sip:s@xxx.xxx.xxx.xxx:5060 SIP/2.0
Via: SIP/2.0/UDP 67.212.84.21:5010;branch=0
From: sip:ping@noname.com;tag=uloc-5875e606-bf5-0e907-52564b36-097516a3
To: sip:s@xxx.xxx.xxx.xxx:5060
Call-ID: cb004ab7-90480501-ff4ce23@67.212.84.21
CSeq: 1 OPTIONS
Content-Length: 0

<------------->
--- (7 headers 0 lines) ---
Sending to 67.212.84.21:5010 (NAT)
Looking for s in default (domain xxx.xxx.xxx.xxx)

<--- Transmitting (NAT) to 67.212.84.21:5010 --->
SIP/2.0 200 OK
Via: SIP/2.0/UDP 67.212.84.21:5010;branch=0;received=67.212.84.21;rport=5010
From: sip:ping@noname.com;tag=uloc-5875e606-bf5-0e907-52564b36-097516a3
To: sip:s@xxx.xxx.xxx.xxx:5060;tag=as6ee49ab1
Call-ID: cb004ab7-90480501-ff4ce23@67.212.84.21
CSeq: 1 OPTIONS
Server: Asterisk PBX 13.1.0~dfsg-1.1ubuntu4
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
Supported: replaces, timer
Contact: <sip:xxx.xxx.xxx.xxx:5060>
Accept: application/sdp
Content-Length: 0


<------------>
Scheduling destruction of SIP dialog 'cb004ab7-90480501-ff4ce23@67.212.84.21' in 32000 ms (Method: OPTIONS)
fqdn_subdomain*CLI> 
fqdn_subdomain*CLI> 

The fail2ban config I have so far:

root@fqdn_subdomain:/etc/asterisk# 
root@fqdn_subdomain:/etc/asterisk# cat /etc/fail2ban/jail.d/asterisk.conf 

[asterisk-iptables]
# if more than 4 attempts are made within 6 hours, ban for 24 hours
enabled  = true
filter   = asterisk
action   = iptables-allports[name=ASTERISK, protocol=all]
              sendmail[name=ASTERISK, dest=thufir@fqdn_full, sender=fail2ban@local.local]
logpath  = /var/log/asterisk/messages
maxretry = 4
findtime = 21600
bantime = 86400

root@fqdn_subdomain:/etc/asterisk# 

the source I was reading for asterisk & fail2ban was saying to edit jail.conf, which caused me problems. Or, perhaps I misread the directions. So, asking here how I can further secure Asterisk.

thses are used to “qualify” the link between the two hosts, it allows to assess wether the remote is ready or not, the time for the round trip between two hosts, and also helps maintaining firewalls open.
it is control with the qualify= param in sip.conf