[Spce-user] iptables with fail2ban
fry
spce at friibii.ch
Mon Feb 23 16:01:13 EST 2015
hi all,
i got a lot of register-tries on kamailio, so i descided to use fail2ban
to block the ip's.
fail2ban 'blocked' 3 ip's because of UA matching. but i still get
registers from this ip - so i'm asking myself why iptables is not blocking?
does anybody had this as well?
thanks
fry
***
=> /var/log/fail2ban.log
2015-02-23 21:40:20,980 fail2ban.actions: WARNING [kamailio-iptables]
Ban 212.129.41.61
2015-02-23 21:43:55,698 fail2ban.actions: WARNING [kamailio-iptables]
Ban 62.210.251.50
2015-02-23 21:51:41,135 fail2ban.actions: WARNING [kamailio-iptables]
Ban 46.105.33.166
=> iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
fail2ban-KAMAILIO all -- anywhere anywhere
fail2ban-ssh tcp -- anywhere anywhere
multiport dports ssh
mediaproxy all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
[...]
Chain fail2ban-KAMAILIO (1 references)
target prot opt source destination
DROP all -- 46.105.33.166 anywhere
DROP all -- 62.210.251.50 anywhere
DROP all -- 212-129-41-61.rev.poneytelecom.eu anywhere
RETURN all -- anywhere anywhere
More information about the Spce-user
mailing list