wardmundy
Nerd Uno
- Joined
- Oct 12, 2007
- Messages
- 19,201
- Reaction score
- 5,220
The Fail2Ban Wiki is reporting that Asterisk 1.8 (again) improved things by changing the log entries for failed login attempts. The new 1.8 entries now include the port number, e.g.
This obviously breaks PIAF's existing Fail2Ban REGEX screening which looked for Wrong password immediately after the IP address.
The fix is to log into your server as root and issue the following commands:
NOTE: All Incredible PBX 1.8 future installs now include the patch provided you download a fresh copy of the .x installer.
HTML:
Nov 4 18:30:40 localhost asterisk[32229]: NOTICE[32257]: chan_sip.c:23417 in handle_request_register: Registration from 'XXXXXXXXXXXXXXXXX' failed for '192.168.200.100:36998' - Wrong password
The fix is to log into your server as root and issue the following commands:
HTML:
cd /etc/fail2ban/filter.d
wget http://pbxinaflash.net/source/fail2ban/asterisk18.conf
mv asterisk.conf asterisk14.conf
mv asterisk18.conf asterisk.conf
service fail2ban restart
NOTE: All Incredible PBX 1.8 future installs now include the patch provided you download a fresh copy of the .x installer.