handle_request_invite: Sending fake auth rejection for device 11sip:email@example.com;tag=0f6fa38d
That’s all well and good, but where are the attempts coming from? I would like to ban the IP address from which they came.
Right now, it says they are coming from the floating IP of the asterisk box it self. Like the old movie plot… the calls are coming from inside the house.
/var/log/asterisk/messages doesn’t reveal the point of origination.
update: I enabled security logging in logger.conf, so hopefully that will show something