API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jan 2nd, 2014
146
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 19.27 KB | None | 0 0
raw download clone embed print report
  1. 2013-12-31 17:39:54.757758 [DEBUG] sofia.c:7954 IP 81.94.202.251 Rejected by acl "domains". Falling back to Digest auth.
  2. 2013-12-31 17:39:54.767815 [WARNING] sofia_reg.c:1533 SIP auth challenge (INVITE) on sofia profile 'internal' for [011448708752617@192.168.2.51] from ip 81.94.202.251
  3. 2013-12-31 18:15:42.567761 [DEBUG] sofia.c:7954 IP 81.94.202.251 Rejected by acl "domains". Falling back to Digest auth.
  4. 2013-12-31 18:15:42.567761 [WARNING] sofia_reg.c:1533 SIP auth challenge (INVITE) on sofia profile 'internal' for [9011448708752617@192.168.2.51] from ip 81.94.202.251
  5. 2013-12-31 18:50:46.107760 [DEBUG] sofia.c:7954 IP 81.94.202.251 Rejected by acl "domains". Falling back to Digest auth.
  6. 2013-12-31 18:50:46.107760 [WARNING] sofia_reg.c:1533 SIP auth challenge (INVITE) on sofia profile 'internal' for [448708752617@192.168.2.51] from ip 81.94.202.251
  7. 2013-12-31 19:27:48.367765 [DEBUG] sofia.c:7954 IP 81.94.202.251 Rejected by acl "domains". Falling back to Digest auth.
  8. 2013-12-31 19:27:48.367765 [WARNING] sofia_reg.c:1533 SIP auth challenge (INVITE) on sofia profile 'internal' for [00448708752617@192.168.2.51] from ip 81.94.202.251
  9. 2013-12-31 20:21:55.157758 [DEBUG] sofia.c:7954 IP 81.94.202.251 Rejected by acl "domains". Falling back to Digest auth.
  10. 2013-12-31 20:21:55.157758 [WARNING] sofia_reg.c:1533 SIP auth challenge (INVITE) on sofia profile 'internal' for [000448708752617@192.168.2.51] from ip 81.94.202.251
  11. 2013-12-31 21:46:18.458333 [DEBUG] sofia.c:7954 IP 81.94.202.251 Rejected by acl "domains". Falling back to Digest auth.
  12. 2013-12-31 21:46:18.458333 [WARNING] sofia_reg.c:1533 SIP auth challenge (INVITE) on sofia profile 'internal' for [8011448708752617@192.168.2.51] from ip 81.94.202.251
  13. 2013-12-31 23:14:11.217757 [DEBUG] sofia.c:7954 IP 81.94.202.251 Rejected by acl "domains". Falling back to Digest auth.
  14. 2013-12-31 23:14:11.217757 [WARNING] sofia_reg.c:1533 SIP auth challenge (INVITE) on sofia profile 'internal' for [7011448708752617@192.168.2.51] from ip 81.94.202.251
  15. 2014-01-01 00:38:06.147758 [DEBUG] sofia.c:7954 IP 81.94.202.251 Rejected by acl "domains". Falling back to Digest auth.
  16. 2014-01-01 00:38:06.147758 [WARNING] sofia_reg.c:1533 SIP auth challenge (INVITE) on sofia profile 'internal' for [6011448708752617@192.168.2.51] from ip 81.94.202.251
  17. 2014-01-01 02:00:48.607761 [DEBUG] sofia.c:7954 IP 81.94.202.251 Rejected by acl "domains". Falling back to Digest auth.
  18. 2014-01-01 02:00:48.617758 [WARNING] sofia_reg.c:1533 SIP auth challenge (INVITE) on sofia profile 'internal' for [5011448708752617@192.168.2.51] from ip 81.94.202.251
  19. 2014-01-01 03:26:10.277902 [DEBUG] sofia.c:7954 IP 81.94.202.251 Rejected by acl "domains". Falling back to Digest auth.
  20. 2014-01-01 03:26:10.277902 [WARNING] sofia_reg.c:1533 SIP auth challenge (INVITE) on sofia profile 'internal' for [4011448708752617@192.168.2.51] from ip 81.94.202.251
  21. 2014-01-01 04:50:24.347761 [DEBUG] sofia.c:7954 IP 81.94.202.251 Rejected by acl "domains". Falling back to Digest auth.
  22. 2014-01-01 04:50:24.347761 [WARNING] sofia_reg.c:1533 SIP auth challenge (INVITE) on sofia profile 'internal' for [3011448708752617@192.168.2.51] from ip 81.94.202.251
  23. 2014-01-01 05:39:01.817753 [DEBUG] sofia.c:7954 IP 81.94.202.251 Rejected by acl "domains". Falling back to Digest auth.
  24. 2014-01-01 05:39:01.817753 [WARNING] sofia_reg.c:1533 SIP auth challenge (INVITE) on sofia profile 'internal' for [2011448708752617@192.168.2.51] from ip 81.94.202.251
  25. 2014-01-01 06:39:12.997757 [DEBUG] sofia.c:7954 IP 81.94.202.251 Rejected by acl "domains". Falling back to Digest auth.
  26. 2014-01-01 06:39:12.997757 [WARNING] sofia_reg.c:1533 SIP auth challenge (INVITE) on sofia profile 'internal' for [1011448708752617@192.168.2.51] from ip 81.94.202.251
  27. 2014-01-01 08:02:13.047762 [DEBUG] sofia.c:7954 IP 81.94.202.251 Rejected by acl "domains". Falling back to Digest auth.
  28. 2014-01-01 08:02:13.047762 [WARNING] sofia_reg.c:1533 SIP auth challenge (INVITE) on sofia profile 'internal' for [0011448708752617@192.168.2.51] from ip 81.94.202.251
  29. 2014-01-01 09:22:00.927855 [DEBUG] sofia.c:7954 IP 81.94.202.251 Rejected by acl "domains". Falling back to Digest auth.
  30. 2014-01-01 09:22:00.937758 [WARNING] sofia_reg.c:1533 SIP auth challenge (INVITE) on sofia profile 'internal' for [00011448708752617@192.168.2.51] from ip 81.94.202.251
  31. 2014-01-01 10:44:11.867763 [DEBUG] sofia.c:7954 IP 81.94.202.251 Rejected by acl "domains". Falling back to Digest auth.
  32. 2014-01-01 10:44:11.867763 [WARNING] sofia_reg.c:1533 SIP auth challenge (INVITE) on sofia profile 'internal' for [000011448708752617@192.168.2.51] from ip 81.94.202.251
  33. 2014-01-01 12:12:23.997760 [DEBUG] sofia.c:7954 IP 81.94.202.251 Rejected by acl "domains". Falling back to Digest auth.
  34. 2014-01-01 12:12:23.997760 [WARNING] sofia_reg.c:1533 SIP auth challenge (INVITE) on sofia profile 'internal' for [0000011448708752617@192.168.2.51] from ip 81.94.202.251
  35. 2014-01-01 13:32:05.057757 [DEBUG] sofia.c:7954 IP 81.94.202.251 Rejected by acl "domains". Falling back to Digest auth.
  36. 2014-01-01 13:32:05.057757 [WARNING] sofia_reg.c:1533 SIP auth challenge (INVITE) on sofia profile 'internal' for [00000011448708752617@192.168.2.51] from ip 81.94.202.251
  37. 2014-01-01 14:54:43.637757 [DEBUG] sofia.c:7954 IP 81.94.202.251 Rejected by acl "domains". Falling back to Digest auth.
  38. 2014-01-01 14:54:43.637757 [WARNING] sofia_reg.c:1533 SIP auth challenge (INVITE) on sofia profile 'internal' for [000000011448708752617@192.168.2.51] from ip 81.94.202.251
  39. 2014-01-01 15:49:02.587760 [DEBUG] sofia.c:7954 IP 81.94.202.251 Rejected by acl "domains". Falling back to Digest auth.
  40. 2014-01-01 15:49:02.587760 [WARNING] sofia_reg.c:1533 SIP auth challenge (INVITE) on sofia profile 'internal' for [0000000011448708752617@192.168.2.51] from ip 81.94.202.251
  41. 2014-01-01 17:08:39.607759 [DEBUG] sofia.c:7954 IP 81.94.202.251 Rejected by acl "domains". Falling back to Digest auth.
  42. 2014-01-01 17:08:39.607759 [WARNING] sofia_reg.c:1533 SIP auth challenge (INVITE) on sofia profile 'internal' for [00000000011448708752617@192.168.2.51] from ip 81.94.202.251
  43. 2014-01-01 18:40:12.347761 [DEBUG] sofia.c:7954 IP 81.94.202.251 Rejected by acl "domains". Falling back to Digest auth.
  44. 2014-01-01 18:40:12.347761 [WARNING] sofia_reg.c:1533 SIP auth challenge (INVITE) on sofia profile 'internal' for [99011448708752617@192.168.2.51] from ip 81.94.202.251
  45. 2014-01-01 20:01:51.618197 [DEBUG] sofia.c:7954 IP 81.94.202.251 Rejected by acl "domains". Falling back to Digest auth.
  46. 2014-01-01 20:01:51.618197 [WARNING] sofia_reg.c:1533 SIP auth challenge (INVITE) on sofia profile 'internal' for [999011448708752617@192.168.2.51] from ip 81.94.202.251
  47. 2014-01-01 21:29:02.327760 [DEBUG] sofia.c:7954 IP 81.94.202.251 Rejected by acl "domains". Falling back to Digest auth.
  48. 2014-01-01 21:29:02.327760 [WARNING] sofia_reg.c:1533 SIP auth challenge (INVITE) on sofia profile 'internal' for [9999011448708752617@192.168.2.51] from ip 81.94.202.251
  49. 2014-01-01 22:51:07.917759 [DEBUG] sofia.c:7954 IP 81.94.202.251 Rejected by acl "domains". Falling back to Digest auth.
  50. 2014-01-01 22:51:07.927869 [WARNING] sofia_reg.c:1533 SIP auth challenge (INVITE) on sofia profile 'internal' for [99999011448708752617@192.168.2.51] from ip 81.94.202.251
  51. 2014-01-02 00:15:12.607760 [DEBUG] sofia.c:7954 IP 81.94.202.251 Rejected by acl "domains". Falling back to Digest auth.
  52. 2014-01-02 00:15:12.607760 [WARNING] sofia_reg.c:1533 SIP auth challenge (INVITE) on sofia profile 'internal' for [999999011448708752617@192.168.2.51] from ip 81.94.202.251
  53. 2014-01-02 01:23:58.097951 [DEBUG] sofia.c:7954 IP 81.94.202.251 Rejected by acl "domains". Falling back to Digest auth.
  54. 2014-01-02 01:23:58.097951 [WARNING] sofia_reg.c:1533 SIP auth challenge (INVITE) on sofia profile 'internal' for [9999999011448708752617@192.168.2.51] from ip 81.94.202.251
  55. 2014-01-02 02:08:32.097758 [DEBUG] sofia.c:7954 IP 81.94.202.251 Rejected by acl "domains". Falling back to Digest auth.
  56. 2014-01-02 02:08:32.097758 [WARNING] sofia_reg.c:1533 SIP auth challenge (INVITE) on sofia profile 'internal' for [99999999011448708752617@192.168.2.51] from ip 81.94.202.251
  57. 2014-01-02 02:50:54.857761 [DEBUG] sofia.c:7954 IP 81.94.202.251 Rejected by acl "domains". Falling back to Digest auth.
  58. 2014-01-02 02:50:54.857761 [WARNING] sofia_reg.c:1533 SIP auth challenge (INVITE) on sofia profile 'internal' for [900448708752617@192.168.2.51] from ip 81.94.202.251
  59. 2014-01-02 03:33:22.937761 [DEBUG] sofia.c:7954 IP 81.94.202.251 Rejected by acl "domains". Falling back to Digest auth.
  60. 2014-01-02 03:33:22.937761 [WARNING] sofia_reg.c:1533 SIP auth challenge (INVITE) on sofia profile 'internal' for [90011448708752617@192.168.2.51] from ip 81.94.202.251
  61. 2014-01-02 04:15:15.168210 [DEBUG] sofia.c:7954 IP 81.94.202.251 Rejected by acl "domains". Falling back to Digest auth.
  62. 2014-01-02 04:15:15.168210 [WARNING] sofia_reg.c:1533 SIP auth challenge (INVITE) on sofia profile 'internal' for [900011448708752617@192.168.2.51] from ip 81.94.202.251
  63. 2014-01-02 04:56:44.867763 [DEBUG] sofia.c:7954 IP 81.94.202.251 Rejected by acl "domains". Falling back to Digest auth.
  64. 2014-01-02 04:56:44.867763 [WARNING] sofia_reg.c:1533 SIP auth challenge (INVITE) on sofia profile 'internal' for [9000011448708752617@192.168.2.51] from ip 81.94.202.251
  65. 2014-01-02 05:38:16.857760 [DEBUG] sofia.c:7954 IP 81.94.202.251 Rejected by acl "domains". Falling back to Digest auth.
  66. 2014-01-02 05:38:16.857760 [WARNING] sofia_reg.c:1533 SIP auth challenge (INVITE) on sofia profile 'internal' for [90000011448708752617@192.168.2.51] from ip 81.94.202.251
  67. 2014-01-02 06:20:07.147762 [DEBUG] sofia.c:7954 IP 81.94.202.251 Rejected by acl "domains". Falling back to Digest auth.
  68. 2014-01-02 06:20:07.147762 [WARNING] sofia_reg.c:1533 SIP auth challenge (INVITE) on sofia profile 'internal' for [900000011448708752617@192.168.2.51] from ip 81.94.202.251
  69. 2014-01-02 07:01:50.377761 [DEBUG] sofia.c:7954 IP 81.94.202.251 Rejected by acl "domains". Falling back to Digest auth.
  70. 2014-01-02 07:01:50.377761 [WARNING] sofia_reg.c:1533 SIP auth challenge (INVITE) on sofia profile 'internal' for [9000000011448708752617@192.168.2.51] from ip 81.94.202.251
  71. 2014-01-02 07:46:20.447764 [DEBUG] sofia.c:7954 IP 81.94.202.251 Rejected by acl "domains". Falling back to Digest auth.
  72. 2014-01-02 07:46:20.447764 [WARNING] sofia_reg.c:1533 SIP auth challenge (INVITE) on sofia profile 'internal' for [90000000011448708752617@192.168.2.51] from ip 81.94.202.251
  73. 2014-01-02 09:05:33.857758 [DEBUG] sofia.c:7954 IP 81.94.202.251 Rejected by acl "domains". Falling back to Digest auth.
  74. 2014-01-02 09:05:33.867783 [WARNING] sofia_reg.c:1533 SIP auth challenge (INVITE) on sofia profile 'internal' for [80011448708752617@192.168.2.51] from ip 81.94.202.251
  75.  
  76. # Fail2Ban configuration file.
  77. #
  78. # This file was composed for Debian systems from the original one
  79. # provided now under /usr/share/doc/fail2ban/examples/jail.conf
  80. # for additional examples.
  81. #
  82. # To avoid merges during upgrades DO NOT MODIFY THIS FILE
  83. # and rather provide your changes in /etc/fail2ban/jail.local
  84. #
  85. # Author: Yaroslav O. Halchenko <debian@onerussian.com>
  86. #
  87. # $Revision$
  88. #
  89.  
  90. # The DEFAULT allows a global definition of the options. They can be overridden
  91. # in each jail afterwards.
  92.  
  93. [DEFAULT]
  94.  
  95. # "ignoreip" can be an IP address, a CIDR mask or a DNS host
  96. ignoreip = 127.0.0.1/8 192.168.2.0/24 192.168.1.0/24
  97. bantime = 604800
  98. maxretry = 3
  99.  
  100. # "backend" specifies the backend used to get files modification. Available
  101. # options are "gamin", "polling" and "auto".
  102. # yoh: For some reason Debian shipped python-gamin didn't work as expected
  103. # This issue left ToDo, so polling is default backend for now
  104. backend = auto
  105.  
  106. #
  107. # Destination email address used solely for the interpolations in
  108. # jail.{conf,local} configuration files.
  109. destemail = root@localhost
  110.  
  111. #
  112. # ACTIONS
  113. #
  114.  
  115. # Default banning action (e.g. iptables, iptables-new,
  116. # iptables-multiport, shorewall, etc) It is used to define
  117. # action_* variables. Can be overridden globally or per
  118. # section within jail.local file
  119. banaction = iptables-multiport
  120.  
  121. # email action. Since 0.8.1 upstream fail2ban uses sendmail
  122. # MTA for the mailing. Change mta configuration parameter to mail
  123. # if you want to revert to conventional 'mail'.
  124. mta = sendmail
  125.  
  126. # Default protocol
  127. protocol = tcp
  128.  
  129. # Specify chain where jumps would need to be added in iptables-* actions
  130. chain = INPUT
  131.  
  132. #
  133. # Action shortcuts. To be used to define action parameter
  134.  
  135. # The simplest action to take: ban only
  136. action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
  137.  
  138. # ban & send an e-mail with whois report to the destemail.
  139. action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
  140. %(mta)s-whois[name=%(__name__)s, dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"]
  141.  
  142. # ban & send an e-mail with whois report and relevant log lines
  143. # to the destemail.
  144. action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
  145. %(mta)s-whois-lines[name=%(__name__)s, dest="%(destemail)s", logpath=%(logpath)s, chain="%(chain)s"]
  146.  
  147. # Choose default action. To change, just override value of 'action' with the
  148. # interpolation to the chosen action shortcut (e.g. action_mw, action_mwl, etc) in jail.local
  149. # globally (section [DEFAULT]) or per specific section
  150. action = %(action_)s
  151.  
  152. #
  153. # JAILS
  154. #
  155.  
  156. # Next jails corresponds to the standard configuration in Fail2ban 0.6 which
  157. # was shipped in Debian. Enable any defined here jail by including
  158. #
  159. # [SECTION_NAME]
  160. # enabled = true
  161.  
  162. #
  163. # in /etc/fail2ban/jail.local.
  164. #
  165. # Optionally you may override any other parameter (e.g. banaction,
  166. # action, port, logpath, etc) in that section within jail.local
  167.  
  168. [ssh]
  169.  
  170. enabled = true
  171. port = ssh
  172. filter = sshd
  173. logpath = /var/log/auth.log
  174. maxretry = 6
  175.  
  176. [dropbear]
  177.  
  178. enabled = false
  179. port = ssh
  180. filter = sshd
  181. logpath = /var/log/dropbear
  182. maxretry = 6
  183.  
  184. # Generic filter for pam. Has to be used with action which bans all ports
  185. # such as iptables-allports, shorewall
  186. [pam-generic]
  187.  
  188. enabled = false
  189. # pam-generic filter can be customized to monitor specific subset of 'tty's
  190. filter = pam-generic
  191. # port actually must be irrelevant but lets leave it all for some possible uses
  192. port = all
  193. banaction = iptables-allports
  194. port = anyport
  195. logpath = /var/log/auth.log
  196. maxretry = 6
  197.  
  198. [xinetd-fail]
  199.  
  200. enabled = false
  201. filter = xinetd-fail
  202. port = all
  203. banaction = iptables-multiport-log
  204. logpath = /var/log/daemon.log
  205. maxretry = 2
  206.  
  207.  
  208. [ssh-ddos]
  209.  
  210. enabled = false
  211. port = ssh
  212. filter = sshd-ddos
  213. logpath = /var/log/auth.log
  214. maxretry = 6
  215.  
  216. #
  217. # HTTP servers
  218. #
  219.  
  220. [apache]
  221.  
  222. enabled = false
  223. port = http,https
  224. filter = apache-auth
  225. logpath = /var/log/apache*/*error.log
  226. maxretry = 6
  227.  
  228. # default action is now multiport, so apache-multiport jail was left
  229. # for compatibility with previous (<0.7.6-2) releases
  230. [apache-multiport]
  231.  
  232. enabled = false
  233. port = http,https
  234. filter = apache-auth
  235. logpath = /var/log/apache*/*error.log
  236. maxretry = 6
  237.  
  238. [apache-noscript]
  239.  
  240. enabled = false
  241. port = http,https
  242. filter = apache-noscript
  243. logpath = /var/log/apache*/*error.log
  244. maxretry = 6
  245.  
  246. [apache-overflows]
  247.  
  248. enabled = false
  249. port = http,https
  250. filter = apache-overflows
  251. logpath = /var/log/apache*/*error.log
  252. maxretry = 2
  253.  
  254. #
  255. # FTP servers
  256. #
  257.  
  258. [vsftpd]
  259.  
  260. enabled = false
  261. port = ftp,ftp-data,ftps,ftps-data
  262. filter = vsftpd
  263. logpath = /var/log/vsftpd.log
  264. # or overwrite it in jails.local to be
  265. # logpath = /var/log/auth.log
  266. # if you want to rely on PAM failed login attempts
  267. # vsftpd's failregex should match both of those formats
  268. maxretry = 6
  269.  
  270.  
  271. [proftpd]
  272.  
  273. enabled = false
  274. port = ftp,ftp-data,ftps,ftps-data
  275. filter = proftpd
  276. logpath = /var/log/proftpd/proftpd.log
  277. maxretry = 6
  278.  
  279.  
  280. [pure-ftpd]
  281.  
  282. enabled = false
  283. port = ftp,ftp-data,ftps,ftps-data
  284. filter = pure-ftpd
  285. logpath = /var/log/auth.log
  286. maxretry = 6
  287.  
  288.  
  289. [wuftpd]
  290.  
  291. enabled = false
  292. port = ftp,ftp-data,ftps,ftps-data
  293. filter = wuftpd
  294. logpath = /var/log/auth.log
  295. maxretry = 6
  296.  
  297.  
  298. #
  299. # Mail servers
  300. #
  301.  
  302. [postfix]
  303.  
  304. enabled = false
  305. port = smtp,ssmtp
  306. filter = postfix
  307. logpath = /var/log/mail.log
  308.  
  309.  
  310. [couriersmtp]
  311.  
  312. enabled = false
  313. port = smtp,ssmtp
  314. filter = couriersmtp
  315. logpath = /var/log/mail.log
  316.  
  317.  
  318. #
  319. # Mail servers authenticators: might be used for smtp,ftp,imap servers, so
  320. # all relevant ports get banned
  321. #
  322.  
  323. [courierauth]
  324.  
  325. enabled = false
  326. port = smtp,ssmtp,imap2,imap3,imaps,pop3,pop3s
  327. filter = courierlogin
  328. logpath = /var/log/mail.log
  329.  
  330.  
  331. [sasl]
  332.  
  333. enabled = false
  334. port = smtp,ssmtp,imap2,imap3,imaps,pop3,pop3s
  335. filter = sasl
  336. # You might consider monitoring /var/log/mail.warn instead if you are
  337. # running postfix since it would provide the same log lines at the
  338. # "warn" level but overall at the smaller filesize.
  339. logpath = /var/log/mail.log
  340.  
  341. [dovecot]
  342.  
  343. enabled = false
  344. port = smtp,ssmtp,imap2,imap3,imaps,pop3,pop3s
  345. filter = dovecot
  346. logpath = /var/log/mail.log
  347.  
  348. # DNS Servers
  349.  
  350.  
  351. # These jails block attacks against named (bind9). By default, logging is off
  352. # with bind9 installation. You will need something like this:
  353. #
  354. # logging {
  355. # channel security_file {
  356. # file "/var/log/named/security.log" versions 3 size 30m;
  357. # severity dynamic;
  358. # print-time yes;
  359. # };
  360. # category security {
  361. # security_file;
  362. # };
  363. # };
  364. #
  365. # in your named.conf to provide proper logging
  366.  
  367. # !!! WARNING !!!
  368. # Since UDP is connection-less protocol, spoofing of IP and imitation
  369. # of illegal actions is way too simple. Thus enabling of this filter
  370. # might provide an easy way for implementing a DoS against a chosen
  371. # victim. See
  372. # http://nion.modprobe.de/blog/archives/690-fail2ban-+-dns-fail.html
  373. # Please DO NOT USE this jail unless you know what you are doing.
  374. #[named-refused-udp]
  375. #
  376. #enabled = false
  377. #port = domain,953
  378. #protocol = udp
  379. #filter = named-refused
  380. #logpath = /var/log/named/security.log
  381.  
  382. [named-refused-tcp]
  383.  
  384. enabled = false
  385. port = domain,953
  386. protocol = tcp
  387. filter = named-refused
  388. logpath = /var/log/named/security.log
  389.  
  390. [freeswitch]
  391. enabled = true
  392. port = 5060,5061,5080,5081
  393. filter = freeswitch
  394. logpath = /opt/fs-1.2/log/freeswitch.log
  395. maxretry = 10
  396. action = iptables-allports[name=freeswitch, protocol=all]
  397. sendmail-whois[name=FreeSwitch, dest=root, sender=jim@fayettedigital.com]
  398. # Fail2Ban configuration file
  399. #
  400. # Author: Rupa SChomaker
  401. #
  402.  
  403. [Definition]
  404.  
  405. # Option: failregex
  406. # Notes.: regex to match the password failures messages in the logfile. The
  407. # host must be matched by a group named "host". The tag "<HOST>" can
  408. # be used for standard IP/hostname matching and is only an alias for
  409. # (?:::f{4,6}:)?(?P<host>[\w\-.^_]+)
  410. # Values: TEXT
  411. #
  412. # \[WARNING\] sofia_reg.c:\d+ Can't find user \[.*\] from <HOST>
  413. failregex = \[WARNING\] sofia_reg.c:\d+ SIP auth failure \(REGISTER\) on sofia profile \'[^']+\' for \[.*\] from ip <HOST>
  414. \[WARNING\] sofia_reg.c:\d+ SIP auth failure \(INVITE\) on sofia profile \'[^']+\' for \[.*\] from ip <HOST>
  415. \[WARNING\] sofia_reg.c:\d+ Can't find user \[.*\] from <HOST>
  416.  
  417. # Option: ignoreregex
  418. # Notes.: regex to ignore. If this regex matches, the line is ignored.
  419. # Values: TEXT
  420. #
  421. ignoreregex =
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!