miga

1. /etc/fail2ban/filter.d/asterisk.conf:
2. # Fail2Ban configuration file
3. #
4. #
5. # $Revision: 250 $
6. #
7.  
8. [INCLUDES]
9.  
10. # Read common prefixes. If any customizations available -- read them from
11. # common.local
12. #before = common.conf
13.  
14.  
15. [Definition]
16.  
17. #_daemon = asterisk
18.  
19. # Option:  failregex
20. # Notes.:  regex to match the password failures messages in the logfile. The
21. #          host must be matched by a group named "host". The tag "<HOST>" can
22. #          be used for standard IP/hostname matching and is only an alias for
23. #          (?:::f{4,6}:)?(?P<host>\S+)
24. # Values:  TEXT
25. #
26.  
27. failregex = NOTICE.* .*: Registration from '.*' failed for '<HOST>' - Wrong password
28.             NOTICE.* .*: Registration from '.*' failed for '<HOST>' - No matching peer found
29.             NOTICE.* .*: Registration from '.*' failed for '<HOST>' - Username/auth name mismatch
30.             NOTICE.* .*: Registration from '.*' failed for '<HOST>' - Device does not match ACL
31.             NOTICE.* <HOST> failed to authenticate as '.*'$
32.             NOTICE.* .*: No registration for peer '.*' \(from <HOST>\)
33.             NOTICE.* .*: Host <HOST> failed MD5 authentication for '.*' (.*)
34.             NOTICE.* .*: Failed to authenticate user .*@<HOST>.*
35.  
36. # Option:  ignoreregex
37. # Notes.:  regex to ignore. If this regex matches, the line is ignored.
38. # Values:  TEXT
39. #
40. ignoreregex =