James I did try your dial plan but it didn't work for some reason. I am sure
there is a way I can modify the adaptive-ban config file and get the same
results.
Cheers
________________________________
From: James Babiak <ja...@routed.com>
To: astlinux-users@lists.sourceforge.net
Sent: Sunday, May 27, 2012 10:24 AM
Subject: Re: [Astlinux-users] Adaptive-ban not working?
Ionel,
Last month when you first reported this, I pasted a dialplan snippit
you can use inside of Asterisk to automatically add these scanning
hosts to the block list. It also appended each IP to a "banlist"
file that you can process on system startup to reapply all the bans
when the box reboots.
If you go this route, you can add that to the end of your default
incoming call context. It will prevent subsequent scans from the
same IP.
-James
On 05/27/2012 08:22 AM, Ionel Chila wrote:
Is there a way I can change something in my adaptive plug config and stop this
kind of behavior? It gets old after a while to manually add all those hosts to
the "block" list.
>My PBX is just a home setup so I have no "operational" issues with many users
>dialing the wrong number :-)
>
>
>I greatly appreciate it
>
>
>
>
>
>
>
>________________________________
> From: Lonnie Abelbeck <li...@lonnie.abelbeck.com>
>To: AstLinux Users Mailing List <astlinux-users@lists.sourceforge.net>
>Cc: Ionel Chila <ionelch...@yahoo.com>
>Sent: Friday, April 13, 2012 6:27 PM
>Subject: Re: [Astlinux-users] Adaptive-ban not working?
>
>Hi Ionel,
>
>This issue have been brought up before, matching the log
would be simple to add to the Adaptive Ban plugin (one line
addition) but it turns out this kind of log error can easily
occur under normal operation by users dialing the wrong
number.
>
>The only exception is the "found in context 'default'" part
of the logs, since most don't have a 'default' context.
>
>If I remember correctly, we (the community here) decided not
to act on this log.
>
>Please refresh my memory if I got this wrong.
>
>Lonnie
>
>PS: Of couse you an manually ban via the Firewall tab ->
Block Host/CIDR: 72.55.156.56
>
>
>On Apr 13, 2012, at 6:07 PM, Ionel Chila wrote:
>
>> My settings are to ban a host after 6 tries but it
doesn't look like is banning it :-)
>>
>> # The number of log failures to ban host
>> #
------------------------------------------------------------------------------
>> ADAPTIVE_BAN_COUNT=6
>>
>>
>> And yes is enabled :-)
>> # To actually enable this plugin make ENABLED=1:
>> #
------------------------------------------------------------------------------
>> ENABLED=1
>>
>> Any ideas???
>>
>> Apr 13 07:37:58 HOME-PBX local0.notice asterisk[1069]:
NOTICE[1125]: chan_sip.c:22461 in handle_request_invite:
Call from '' (72.55.156.56:5060) to
>> extension '67234303429347' rejected because extension
not found in context 'default'.
>> Apr 13 07:37:58 HOME-PBX local0.notice asterisk[1069]:
NOTICE[1125]: chan_sip.c:22461 in handle_request_invite:
Call from '' (72.55.156.56:5060) to extension
'00441212790870' rejected because extension not found in
context 'default'.
>> Apr 13 07:38:00 HOME-PBX local0.notice asterisk[1069]:
NOTICE[1125]: chan_sip.c:22461 in handle_request_invite:
Call from '' (72.55.156.56:5060) to extension
'011441212790875' rejected because extension not found in
context 'default'.
>> Apr 13 07:38:02 HOME-PBX local0.notice asterisk[1069]:
NOTICE[1125]: chan_sip.c:22461 in handle_request_invite:
Call from '' (72.55.156.56:5060) to extension
'000441212790875' rejected because extension not found in
context 'default'.
>> Apr 13 07:38:04 HOME-PBX local0.notice asterisk[1069]:
NOTICE[1125]: chan_sip.c:22461 in handle_request_invite:
Call from '' (72.55.156.56:5060) to extension
'900441212790876' rejected because extension not found in
context 'default'.
>> Apr 13 07:38:06 HOME-PBX local0.notice asterisk[1069]:
NOTICE[1125]: chan_sip.c:22461 in handle_request_invite:
Call from '' (72.55.156.56:5060) to extension
'9011441212790877' rejected because extension not found in
context 'default'.
>> Apr 13 07:38:08 HOME-PBX local0.notice asterisk[1069]:
NOTICE[1125]: chan_sip.c:22461 in handle_request_invite:
Call from '' (72.55.156.56:5060) to extension
'+011441212790874' rejected because extension not found in
context 'default'.
>> Apr 13 07:38:10 HOME-PBX local0.notice asterisk[1069]:
NOTICE[1125]: chan_sip.c:22461 in handle_request_invite:
Call from '' (72.55.156.56:5060) to extension
'+00441212790876' rejected because extension not found in
context 'default'.
>> Apr 13 07:38:12 HOME-PBX local0.notice asterisk[1069]:
NOTICE[1125]: chan_sip.c:22461 in handle_request_invite:
Call from '' (72.55.156.56:5060) to extension
'+000441212790873' rejected because extension not found in
context 'default'.
>> Apr 13 07:38:14 HOME-PBX local0.notice asterisk[1069]:
NOTICE[1125]: chan_sip.c:22461 in handle_request_invite:
Call from '' (72.55.156.56:5060) to extension
'+441212790872' rejected because extension not found in
context 'default'.
>> Apr 13 07:38:16 HOME-PBX local0.notice asterisk[1069]:
NOTICE[1125]: chan_sip.c:22461 in handle_request_invite:
Call from '' (72.55.156.56:5060) to extension
'+9011441212790875' rejected because extension not found in
context 'default'.
>> Apr 13 07:38:18 HOME-PBX local0.notice asterisk[1069]:
NOTICE[1125]: chan_sip.c:22461 in handle_request_invite:
Call from '' (72.55.156.56:5060) to extension
'+900441212790874' rejected because extension not found in
context 'default'.
>> Apr 13 07:38:20 HOME-PBX local0.notice asterisk[1069]:
NOTICE[1125]: chan_sip.c:22461 in handle_request_invite:
Call from '' (72.55.156.56:5060) to extension
'0441212790873' rejected because extension not found in
context 'default'.
>> Apr 13 07:38:22 HOME-PBX local0.notice asterisk[1069]:
NOTICE[1125]: chan_sip.c:22461 in handle_request_invite:
Call from '' (72.55.156.56:5060) to extension
'8011441212790878' rejected because extension not found in
context 'default'.
>> Apr 13 07:38:24 HOME-PBX local0.notice asterisk[1069]:
NOTICE[1125]: chan_sip.c:22461 in handle_request_invite:
Call from '' (72.55.156.56:5060) to extension
'001441212790877' rejected because extension not found in
context 'default'.
>> Apr 13 07:38:26 HOME-PBX local0.notice asterisk[1069]:
NOTICE[1125]: chan_sip.c:22461 in handle_request_invite:
Call from '' (72.55.156.56:5060) to extension
'01441212790873' rejected because extension not found in
context 'default'.
>> Apr 13 07:38:28 HOME-PBX local0.notice asterisk[1069]:
NOTICE[1125]: chan_sip.c:22461 in handle_request_invite:
Call from '' (72.55.156.56:5060) to extension
'++441212790878' rejected because extension not found in
context 'default'.
>> Apr 13 07:38:30 HOME-PBX local0.notice asterisk[1069]:
NOTICE[1125]: chan_sip.c:22461 in handle_request_invite:
Call from '' (72.55.156.56:5060) to extension
'9000441212790878' rejected because extension not found in
context 'default'.
>>
>>
------------------------------------------------------------------------------
>> For Developers, A Lot Can Happen In A Second.
>> Boundary is the first to Know...and Tell You.
>> Monitor Your Applications in Ultra-Fine Resolution. Try
it FREE!
>> http://p.sf.net/sfu/Boundary-d2dvs2_______________________________________________
>> Astlinux-users mailing list
>> Astlinux-users@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>>
>> Donations to support AstLinux are graciously accepted
via PayPal to pay...@krisk.org.
>
>
>
>
>
>
>------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
>
>
>_______________________________________________
Astlinux-users mailing list Astlinux-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to
support AstLinux are graciously accepted via PayPal to pay...@krisk.org.
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Astlinux-users mailing list
Astlinux-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/astlinux-users
Donations to support AstLinux are graciously accepted via PayPal to
pay...@krisk.org.
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Astlinux-users mailing list
Astlinux-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/astlinux-users
Donations to support AstLinux are graciously accepted via PayPal to
pay...@krisk.org.