fail2ban/config/filter.d/freeswitch.conf

# Fail2Ban configuration file
#
# In freeswitch configuration: <param name="log-auth-failures" value="true"/>
#

[Definition]

failregex = ^\.\d+ \[WARNING\] sofia_reg\.c:\d+ SIP auth (failure|challenge) \((REGISTER|INVITE)\) on sofia profile \'[^']+\' for \[.*\] from ip <HOST>$
            ^\.\d+ \[WARNING\] sofia_reg\.c:\d+ Can't find user \[\d+@\d+\.\d+\.\d+\.\d+\] from <HOST>$
            ^\.\d+ \[DEBUG\] sofia\.c:\d+ IP <HOST> Rejected by acl "\S+"\. Falling back to Digest auth\.$

ignoreregex =

# Author: Rupa SChomaker, soapee01, Daniel Black
# http://wiki.freeswitch.org/wiki/Fail2ban
# Thanks to Jim on mailing list of samples and guidance
#
ENH: add filter freeswitch - as raised on mailing list 2014-01-03 02:00:37 +00:00			`# Fail2Ban configuration file`
			`#`
			`# In freeswitch configuration: <param name="log-auth-failures" value="true"/>`
			`#`

			`[Definition]`

ENH: more filter expressions for freeswitch. Anchored existing one at end too 2014-01-03 21:21:22 +00:00			`failregex = ^\.\d+ \[WARNING\] sofia_reg\.c:\d+ SIP auth (failure\|challenge) \((REGISTER\|INVITE)\) on sofia profile \'[^']+\' for \[.*\] from ip <HOST>$`
			`^\.\d+ \[WARNING\] sofia_reg\.c:\d+ Can't find user \[\d+@\d+\.\d+\.\d+\.\d+\] from <HOST>$`
			`^\.\d+ \[DEBUG\] sofia\.c:\d+ IP <HOST> Rejected by acl "\S+"\. Falling back to Digest auth\.$`
ENH: add filter freeswitch - as raised on mailing list 2014-01-03 02:00:37 +00:00
			`ignoreregex =`

			`# Author: Rupa SChomaker, soapee01, Daniel Black`
			`# http://wiki.freeswitch.org/wiki/Fail2ban`
ENH: more filter expressions for freeswitch. Anchored existing one at end too 2014-01-03 21:21:22 +00:00			`# Thanks to Jim on mailing list of samples and guidance`
ENH: add filter freeswitch - as raised on mailing list 2014-01-03 02:00:37 +00:00			`#`