Fail2ban asterisk AMI jail properties
Hi laylow
Would you mind to do some QA testing
Basically install nethserver-fail2ban from testing
yum install nethserver-fail2ban --enablerepo=nethserver-testing
then try to auto ban yourself from AMI or wait that other do it for you
Thank in advance
as per previous message, I installed the testing update. However I still get emails from fail2ban of 100+ or 200+ attempts:
Hi,
The IP 1.180.17.236 has just been banned by Fail2Ban after
283 attempts against asterisk.
Here is more information about 1.180.17.236
fail2ban-regex /var/log/asterisk/full /etc/fail2ban/filter.d/asterisk.conf --print-all-missed
shows no attempts (just normal asterisk log entries)
Would it be possible that the mails be about ‘cached’ banned IP’s or something like that?
I wonder if I miss a jail?
check the maxretry set for this jail, after that the --print-all-matched
could be interested also, we could known what was caught