Uploaded image for project: 'FreePBX'
  1. FreePBX
  2. FREEPBX-17401

A Fail2Ban rule will not not trigger on often used method for scanning.

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: Fail2Ban
    • Labels:
      None
    • ToDo:
    • Asterisk Version:
      14.0.2.18
    • Distro Version:
      12.7.4-1804-2.sng7
    • Distro:
      FreePBX Distro

      Description

      L.S.

      This is a duplicate of issue https://issues.freepbx.org/browse/FREEPBX-11575

      I reopend that one, but I realize that that issue is for another version of FreePBX (distro). So I am recreating the ticket for the current version.

      The issue is that the rule:

      ^(%(__prefix_line)s|[]\s*)%(log_prefix)s Request from '[^']*' failed for '<HOST>:\d+' .+ No matching endpoint found$

      Will never match any relevant lines since the request has type like 'OPTIONS' or 'INVITE' etc.

      I would suggest that the following replacement broadly matches any (future) request type.

      ^(%(__prefix_line)s|[]\s*)%(log_prefix)s Request '.' from '[^']*' failed for '<HOST>:\d' .+ No matching endpoint found$

       

      This is for fail2ban-fpbx-0.8.14-75.sng7.noarch

      Kind regards, Arjen

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  Unassigned
                  Reporter:
                  a_r_ a_r_
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  3 Start watching this issue

                  Dates

                  • Created:
                    Updated:

                    NextupJiraPlusStatus

                    Error rendering 'slack.nextup.jira:nextup-jira-plus-status'. Please contact your Jira administrators.