適用:Debian 7.x
檔案下載:
#> tar xzf 0.9.2.tar.gz #> cd fail2ban-0.9.2/ #> python setup.py install
驗證安裝
#> fail2ban-client -h
/etc/asterisk/logger.conf:
... [logfiles] ... fail2ban => notice,warning,security
套用設定
#> asterisk -rx "logger reload" #> asterisk -rx "logger show channels"
for Asterisk)
/etc/fail2ban/jail.d/asterisk.conf
[asterisk] enabled = true logpath = /var/log/asterisk/fail2ban maxretry = 5 bantime = 259200
for SSH)
/etc/fail2ban/jail.d/sshd.conf
[sshd] enabled = true bantime = 7200 findtime = 900 maxretry = 4
#> service fail2ban start
#> cd fail2ban-0.9.2/ #> cp files/debian-initd /etc/init.d/fail2ban #> chmod 0755 /etc/init.d/fail2ban #> update-rc.d fail2ban defaults
Call from '' (195.154.134.116:5071) to extension '8011441295298642' rejected because extension not found in context 'public'.
Ans:設定 Asterisk 的 allowguest=no
編輯 sip.conf
allowguest=no
套用新設定
#> asterisk -rx "sip reload" #> asterisk -rx "sip show settings" | grep -i "Allow unknown access" Allow unknown access: No