From ac1a5da7ca2f19f398a734419a30ffedb4db25df Mon Sep 17 00:00:00 2001 From: Larry Gadallah Date: Sun, 17 Dec 2023 18:59:05 -0800 Subject: [PATCH] Copying missing resources/fail2ban/freeswitch-dos.conf from debian dir, adding missing copy of sip-auth-challenge-ip.conf and sip-auth-challenge.conf, setting default setting for allowipv6 directive --- freebsd/resources/fail2ban.sh | 10 ++++++++- .../resources/fail2ban/freeswitch-dos.conf | 21 +++++++++++++++++++ 2 files changed, 30 insertions(+), 1 deletion(-) create mode 100755 freebsd/resources/fail2ban/freeswitch-dos.conf diff --git a/freebsd/resources/fail2ban.sh b/freebsd/resources/fail2ban.sh index d54ae08..9a7dbf7 100755 --- a/freebsd/resources/fail2ban.sh +++ b/freebsd/resources/fail2ban.sh @@ -11,7 +11,7 @@ cd "$(dirname "$0")" verbose "Installing Fail2ban" #add the dependencies -pkg install --yes py38-fail2ban +pkg install --yes py39-fail2ban #enable fail2ban service echo 'fail2ban_enable="YES"' >> /etc/rc.conf @@ -25,6 +25,14 @@ cp fail2ban/fusionpbx.conf /usr/local/etc/fail2ban/filter.d/fusionpbx.conf cp fail2ban/nginx-404.conf /usr/local/etc/fail2ban/filter.d/nginx-404.conf cp fail2ban/nginx-dos.conf /usr/local/etc/fail2ban/filter.d/nginx-dos.conf cp fail2ban/jail.local /usr/local/etc/fail2ban/jail.local +cp fail2ban/sip-auth-challenge-ip.conf /usr/local/etc/fail2ban/filter.d/sip-auth-challenge-ip.conf +cp fail2ban/sip-auth-challenge.conf /usr/local/etc/fail2ban/filter.d/sip-auth-challenge.conf + +# Fix default setting for allowipv6 directive +mv /usr/local/etc/fail2ban/fail2ban.conf /usr/local/etc/fail2ban/fail2ban.conf.dist +cat /usr/local/etc/fail2ban/fail2ban.conf.dist | sed '/^#allowipv6/s//allowipv6/' > /usr/local/etc/fail2ban/fail2ban.conf +chown root:wheel /usr/local/etc/fail2ban/fail2ban.conf +chmod 0644 /usr/local/etc/fail2ban/fail2ban.conf #restart fail2ban service fail2ban start diff --git a/freebsd/resources/fail2ban/freeswitch-dos.conf b/freebsd/resources/fail2ban/freeswitch-dos.conf new file mode 100755 index 0000000..3407183 --- /dev/null +++ b/freebsd/resources/fail2ban/freeswitch-dos.conf @@ -0,0 +1,21 @@ +# Fail2Ban configuration file +# +# Author: soapee01 +# + +[Definition] + +# Option: failregex +# Notes.: regex to match the password failures messages in the logfile. The +# host must be matched by a group named "host". The tag "" can +# be used for standard IP/hostname matching and is only an alias for +# (?:::f{4,6}:)?(?P[\w\-.^_]+) +# Values: TEXT +# +failregex = \[WARNING\] sofia_reg.c:\d+ SIP auth challenge \(REGISTER\) on sofia profile \'\w+\' for \[.*\] from ip + +# Option: ignoreregex +# Notes.: regex to ignore. If this regex matches, the line is ignored. +# Values: TEXT +# +ignoreregex =