fail2ban

I’m running (vanilla) Asterisk 10.7.0 on Debian 6.0.7
I have a line from localphone.com/ for incoming calls

Trying to set up fail2ban according site sourceforge.net/p/raspbx/discuss … /6288a838/

On this website is a description how to configure fail2ban.

There is a text (somewhere at the end)
[ul]Please be aware that this configuration only works if you have allowguest=no in your sip.conf file, and a good practice is to also add alwaysauthreject=yes.[/ul]

But with allowguest=no I can’t receive calls anymore from localphone.com

I have put in /etc/fail2ban/jail.conf
[ul][DEFAULT]

“ignoreip” can be an IP address, a CIDR mask or a DNS host

ignoreip = 127.0.0.1 localphone.com <------- !!!
bantime = 600
maxretry = 3[/ul]

hoping localphone.com should be ignored by fail2ban.
But that is not the case. :unamused: I still can’t receive calls.

What is my problem?

Your problem is that you haven’t provided enough logging or configuration file content to debug your problem.

However, as described, the problem is not with fail2ban, but with the sip.conf peer entry for your ITSP. For some reason this is not being matched.

[quote=“david55”]Your problem is that you haven’t provided enough logging or configuration file content to debug your problem.

However, as described, the problem is not with fail2ban, but with the sip.conf peer entry for your ITSP. For some reason this is not being matched.[/quote]

What logging or configuration file content do you want me to provide ?

wiki.asterisk.org/wiki/display/ … nformation

plus all of sip.conf except that relating only to local devices. Obviously remove all sensitive data, but not so as to lose information.

As localphone.com does not seem to use any loadbalancing system in the communication to the users all incoming traffic should come from one single IPv4-address: 94.75.247.45 (aka localphone.com).
So Your sip.conf would be very interesting as the peer for localphone.com shoud be found if it’s correctly configured and it should be absolutely safe to set allowguest=no.

IMHO this shouldn’t be a fail2ban-problem but one with Your configuration.