Fail2ban For Asterisk 16 PJSIP

Home » Asterisk Users » Fail2ban For Asterisk 16 PJSIP
Asterisk Users 2 Comments

–_000_EFCDF2C6785A7B478B3A77A6E7C36369022F38C31Fmailxaccelnet_
Content-Type: text/plain; charset=”us-ascii”
Content-Transfer-Encoding: quoted-printable

Hello

Anyone have a working copy of Fail2ban asterisk filter asterisk.conf for Asterisk 16 running PJSIP.

I have tried 10 different filters but none of them show any matches when testing with fail2ban-regex

I see date template hits but no matches….

My log
[2019-06-06 15:37:20] NOTICE[18081] res_pjsip/pjsip_distributor.c: Request ‘REGISTER’ from ‘”2405″ ‘ failed for ‘71.127.239.22:65476’ (callid: 50670137772977-30593645157868@192.168.1.8) – Failed to authenticate
[2019-06-06 15:37:52] NOTICE[18081] res_pjsip/pjsip_distributor.c: Request ‘INVITE’ from ‘”as100″ ‘ failed for ‘188.214.128.172:5076’ (callid: 03e7f9d2dcdf4252506c440137e822b7) – No matching endpoint found
[2019-06-06 15:37:58] NOTICE[18081] res_pjsip/pjsip_distributor.c: Request ‘REGISTER’ from ‘”2405″ ‘ failed for ‘71.127.239.22:65476’ (callid: 352844365933467-383842003849650@192.168.1.8) – Failed to authenticate
[2019-06-06 15:37:58] NOTICE[18081] res_pjsip/pjsip_distributor.c: Request ‘REGISTER’ from ‘”2405″ ‘ failed for ‘71.127.239.22:65476’ (callid: 352844365933467-383842003849650@192.168.1.8) – Failed to authenticate
[2019-06-06 15:37:58] NOTICE[18081] res_pjsip/pjsip_distributor.c: Request ‘REGISTER’ from ‘”2405″ ‘ failed for ‘71.127.239.22:65476’ (callid: 352844365933467-383842003849650@192.168.1.8) – Failed to authenticate
[2019-06-06 15:37:58] NOTICE[18081] res_pjsip/pjsip_distributor.c: Request ‘REGISTER’ from ‘”2405″ ‘ failed for ‘71.127.239.22:65476’ (callid: 352844365933467-383842003849650@192.168.1.8) – Failed to authenticate
[2019-06-06 15:38:36] NOTICE[18081] res_pjsip/pjsip_distributor.c: Request ‘REGISTER’ from ‘”2405″ ‘ failed for ‘71.127.239.22:65476’ (callid: 352413680053562-322991201237060@192.168.1.8) – Failed to authenticate
[2019-06-06 15:38:36] NOTICE[18081] res_pjsip/pjsip_distributor.c: Request ‘REGISTER’ from ‘”2405″ ‘ failed for ‘71.127.239.22:65476’ (callid: 352413680053562-322991201237060@192.168.1.8) – Failed to authenticate
[2019-06-06 15:38:36] NOTICE[18081] res_pjsip/pjsip_distributor.c: Request ‘REGISTER’ from ‘”2405″ ‘ failed for ‘71.127.239.22:65476’ (callid: 352413680053562-322991201237060@192.168.1.8) – Failed to authenticate
[2019-06-06 15:38:36] NOTICE[18081] res_pjsip/pjsip_distributor.c: Request ‘REGISTER’ from ‘”2405″ ‘ failed for ‘71.127.239.22:65476’ (callid: 352413680053562-322991201237060@192.168.1.8) – Failed to authenticate
[2019-06-06 15:39:14] NOTICE[18081] res_pjsip/pjsip_distributor.c: Request ‘REGISTER’ from ‘”2405″ ‘ failed for ‘71.127.239.22:65476’ (callid: 211973110361898-30014604441241@192.168.1.8) – Failed to authenticate
[2019-06-06 15:39:14] NOTICE[18081] res_pjsip/pjsip_distributor.c: Request ‘REGISTER’ from ‘”2405″ ‘ failed for ‘71.127.239.22:65476’ (callid: 211973110361898-30014604441241@192.168.1.8) – Failed to authenticate
[2019-06-06 15:39:14] NOTICE[18081] res_pjsip/pjsip_distributor.c: Request ‘REGISTER’ from ‘”2405″ ‘ failed for ‘71.127.239.22:65476’ (callid: 211973110361898-30014604441241@192.168.1.8) – Failed to authenticate
[2019-06-06 15:39:14] NOTICE[18081] res_pjsip/pjsip_distributor.c: Request ‘REGISTER’ from ‘”2405″ ‘ failed for ‘71.127.239.22:65476’ (callid: 211973110361898-30014604441241@192.168.1.8) – Failed to authenticate
[2019-06-06 15:39:17] NOTICE[18081] res_pjsip/pjsip_distributor.c: Request ‘INVITE’ from ‘”as100″ ‘ failed for ‘188.214.128.172:5071’ (callid: 8e12f1560bfe2c3ed5be895108727c46) – No matching endpoint found

Any help is much appreciated.

Thanks

John Bittner CTO
[xaccellogoemail]
380 US Highway 46, Suite 500
Totowa, NJ 07512
Phone: 201.806.2602 x2405
Fax: 201.806.2604
Cell: 973.390.1090
www.xaccel.net

CONFIDENTIALITY NOTICE:
This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information which should not be shared or forwarded. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the e-mail.

–_000_EFCDF2C6785A7B478B3A77A6E7C36369022F38C31Fmailxaccelnet_
Content-Type: text/html; charset=”us-ascii”
Content-Transfer-Encoding: quoted-printable