From f0a72884f80b9f9f3369696616e12dd8bf2cd54c Mon Sep 17 00:00:00 2001 From: FusionPBX Date: Wed, 11 Jul 2018 19:51:08 -0600 Subject: [PATCH] Update jail.local --- freebsd/resources/fail2ban/jail.local | 59 ++++++++------------------- 1 file changed, 17 insertions(+), 42 deletions(-) diff --git a/freebsd/resources/fail2ban/jail.local b/freebsd/resources/fail2ban/jail.local index 2f54d05..5c2654c 100755 --- a/freebsd/resources/fail2ban/jail.local +++ b/freebsd/resources/fail2ban/jail.local @@ -1,6 +1,6 @@ -[freeswitch-udp] +[freeswitch] enabled = true -port = 5060,5061,5080,5081 +port = 5060:5091 protocol = all filter = freeswitch #logpath = /var/log/freeswitch/freeswitch.log @@ -8,25 +8,12 @@ logpath = /usr/local/freeswitch/log/freeswitch.log maxretry = 5 findtime = 600 banaction = pf -bantime = 600 +bantime = 3600 # sendmail-whois[name=FreeSwitch, dest=root, sender=fail2ban@example.org] #no smtp server installed -[freeswitch-tcp] -enabled = true -port = 5060,5061,5080,5081 -protocol = all -filter = freeswitch -#logpath = /var/log/freeswitch/freeswitch.log -logpath = /usr/local/freeswitch/log/freeswitch.log -maxretry = 5 -findtime = 600 -banaction = pf -bantime = 600 -# sendmail-whois[name=FreeSwitch, dest=root, sender=fail2ban@example.org] #no smtp server installed - -[freeswitch-ip-tcp] +[freeswitch-ip] enabled = false -port = 5060,5061,5080,5081 +port = 5060:5091 protocol = all filter = freeswitch-ip #logpath = /var/log/freeswitch/freeswitch.log @@ -36,11 +23,11 @@ findtime = 30 banaction = pf bantime = 86400 -[freeswitch-ip-udp] +[sip-auth-challenge-ip] enabled = false -port = 5060,5061,5080,5081 +port = 5060:5091 protocol = all -filter = freeswitch-ip +filter = sip-auth-challenge-ip #logpath = /var/log/freeswitch/freeswitch.log logpath = /usr/local/freeswitch/log/freeswitch.log maxretry = 1 @@ -48,33 +35,21 @@ findtime = 30 banaction = pf bantime = 86400 -[freeswitch-dos-udp] +[sip-auth-challenge] enabled = true -port = 5060,5061,5080,5081 +port = 5060:5091 protocol = all -filter = freeswitch-dos +filter = sip-auth-challenge #logpath = /var/log/freeswitch/freeswitch.log logpath = /usr/local/freeswitch/log/freeswitch.log maxretry = 50 findtime = 30 banaction = pf -bantime = 6000 - -[freeswitch-dos-tcp] -enabled = true -port = 5060,5061,5080,5081 -protocol = all -filter = freeswitch-dos -#logpath = /var/log/freeswitch/freeswitch.log -logpath = /usr/local/freeswitch/log/freeswitch.log -maxretry = 50 -findtime = 30 -banaction = pf -bantime = 6000 +bantime = 7200 [freeswitch-404] enabled = true -port = 5060,5061,5080,5081 +port = 5060:5091 protocol = all filter = freeswitch-404 #logpath = /var/log/freeswitch/freeswitch.log @@ -94,7 +69,7 @@ logpath = /var/log/auth.log maxretry = 10 findtime = 600 banaction = pf -bantime = 600 +bantime = 3600 [nginx-404] enabled = true @@ -102,10 +77,10 @@ port = 80,443 protocol = tcp filter = nginx-404 logpath = /var/log/nginx/access*.log -banaction = pf -bantime = 600 findtime = 60 maxretry = 120 +banaction = pf +bantime = 3600 [nginx-dos] # Based on apache-badbots but a simple IP check (any IP requesting more than @@ -117,6 +92,6 @@ protocol = tcp filter = nginx-dos logpath = /var/log/nginx/access*.log findtime = 60 +maxretry = 240 banaction = pf bantime = 172800 -maxretry = 240