Received incoming SIP connection from unknown peer
Добавлено: 01 мар 2013, 15:33Если кто-либо из вас видит такие строчки в консоли, то это значит, что вас бамбардируют кулхацкеры на предмет прозвониться через несовершенный диал-план. И это потому, что стоит у вас в sip.conf
allowguest=yes
Если по каким-то причинам вам это нужно, но защититься от кулхыцкеров тоже необходимо, то добавляем в контексте [from-sip-external] в стандартную фразу
Received incoming SIP connection from unknown peer содержимое переменной ${SIPURI}
exten => _.,1,NoOp(Received incoming SIP connection from unknown peer ${SIPURI} to ${EXTEN})
перечитываем диал-план
CLI> dialplan reload
и добавляем правило в
/etc/fail2ban/filter.d/asterisk.conf
failregex = NOTICE.* .*: Registration from '.*' failed for '<HOST>' - Wrong password
NOTICE.* .*: Registration from '.*' failed for '<HOST>' - No matching peer found
NOTICE.* .*: Registration from '.*' failed for '<HOST>' - Username/auth name mismatch
NOTICE.* .*: Registration from '.*' failed for '<HOST>' - Device does not match ACL
NOTICE.* .*: Registration from '.*' failed for '<HOST>' - Peer is not supposed to register
NOTICE.* <HOST> failed to authenticate as '.*'$
NOTICE.* .*: No registration for peer '.*' \(from <HOST>\)
NOTICE.* .*: Host <HOST> failed MD5 authentication for '.*' (.*)
NOTICE.* .*: Failed to authenticate user .*@<HOST>.*
^.*Received incoming SIP connection from unknown peer sip:.*@<HOST>:
Перезапускаем сервис
# service fail2ban restart
allowguest=yes
Если по каким-то причинам вам это нужно, но защититься от кулхыцкеров тоже необходимо, то добавляем в контексте [from-sip-external] в стандартную фразу
Received incoming SIP connection from unknown peer содержимое переменной ${SIPURI}
exten => _.,1,NoOp(Received incoming SIP connection from unknown peer ${SIPURI} to ${EXTEN})
перечитываем диал-план
CLI> dialplan reload
и добавляем правило в
/etc/fail2ban/filter.d/asterisk.conf
failregex = NOTICE.* .*: Registration from '.*' failed for '<HOST>' - Wrong password
NOTICE.* .*: Registration from '.*' failed for '<HOST>' - No matching peer found
NOTICE.* .*: Registration from '.*' failed for '<HOST>' - Username/auth name mismatch
NOTICE.* .*: Registration from '.*' failed for '<HOST>' - Device does not match ACL
NOTICE.* .*: Registration from '.*' failed for '<HOST>' - Peer is not supposed to register
NOTICE.* <HOST> failed to authenticate as '.*'$
NOTICE.* .*: No registration for peer '.*' \(from <HOST>\)
NOTICE.* .*: Host <HOST> failed MD5 authentication for '.*' (.*)
NOTICE.* .*: Failed to authenticate user .*@<HOST>.*
^.*Received incoming SIP connection from unknown peer sip:.*@<HOST>:
Перезапускаем сервис
# service fail2ban restart
