On 04/05/2011 03:06 PM, [email protected] wrote:
I apologize for jumping into the middle without reading the beginning of the discussion in which this central requirement to avoid an external application was stated, as I now infer from Mr. McGowan. Sorry for missing the point.Message: 12 Date: Tue, 5 Apr 2011 13:36:21 -0500 From: Sherwood McGowan<[email protected]> Subject: Re: [asterisk-users] Iptables configuration to handle brute, force registrations? To: Asterisk Users Mailing List - Non-Commercial Discussion <[email protected]> Cc: Bill Michaelson<[email protected]> Message-ID:<[email protected]> Content-Type: text/plain; charset="iso-8859-1" On Tue, Apr 5, 2011 at 1:31 PM, Bill Michaelson<[email protected]> wrote:> fail2ban might be good for this. > >I think you missed the point, which is reducing the need for an external application that searches logs in order to determine whether or not to block an IP. Why run fail2ban and add overhead when you can just do the same thing with iptables itself?
I'll have to read up on fail2ban also. I thought it monitored the tails of logs. I did not know that it searched them.
My intent was to suggest using an established tool that would consolidate the IP blocking and unblocking function for all ports into a single application without imposing additional maintenance overhead of new code for this purpose. Obviously, I'm not seeing the big picture. Sorry for my myopic comments and for cluttering the list. I won't make the mistake of offering worthless contributions in the future.
smime.p7s
Description: S/MIME Cryptographic Signature
-- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
