Difference between revisions of "Cannot Connect From Certain IP"

From Kolmisoft Wiki
Jump to navigationJump to search
(Created page with ''''Check if IP blocked or not at this moment by iptables:''' #iptables -L -n | grep 192.168.11.125<br> '' REJECT all -- 192.168.11.125 0.0.0.0/0 reject…')
 
 
Line 1: Line 1:
'''Check if IP blocked or not at this moment by iptables:'''
'''Check if IP blocked or not at this moment by iptables:'''


  #iptables -L -n | grep 192.168.11.125<br>
  iptables -L -n | grep 192.168.11.125
 
Output:
  '' REJECT    all  --  192.168.11.125        0.0.0.0/0            reject-with icmp-port-unreachable''
  '' REJECT    all  --  192.168.11.125        0.0.0.0/0            reject-with icmp-port-unreachable''


'''Check Fail2ban log for blocked IP:'''
'''Check Fail2ban log for blocked IP:'''


  #grep -F "192.168.11.125" /var/log/fail2ban.log<br>
  grep -F "192.168.11.125" /var/log/fail2ban.log
 
Output:
  ''2020-02-04 08:41:12,175 fail2ban.filter        [1788]: INFO    [asterisk-iptables] Found 192.168.11.125''
  ''2020-02-04 08:41:12,175 fail2ban.filter        [1788]: INFO    [asterisk-iptables] Found 192.168.11.125''
  ''2020-02-04 08:41:13,131 fail2ban.actions        [1788]: NOTICE  [asterisk-iptables] Ban 192.168.11.125''
  ''2020-02-04 08:41:13,131 fail2ban.actions        [1788]: NOTICE  [asterisk-iptables] Ban 192.168.11.125''
Line 19: Line 23:
'''To check Asterisk log by IP:'''
'''To check Asterisk log by IP:'''


  #grep -F "192.168.11.125" /var/log/asterisk/messages<br>
  grep -F "192.168.11.125" /var/log/asterisk/messages
 
Output:
  ''[2020-02-04 08:53:28] NOTICE[2451] chan_sip.c: Registration from '<sip:123456@192.168.11.120>' failed for '192.168.11.125:62219' - Wrong password''
  ''[2020-02-04 08:53:28] NOTICE[2451] chan_sip.c: Registration from '<sip:123456@192.168.11.120>' failed for '192.168.11.125:62219' - Wrong password''
  ''[2020-02-04 08:55:28] NOTICE[2451] chan_sip.c: Registration from '<sip:123456@192.168.11.120>' failed for '192.168.11.125:62219' - Wrong password''
  ''[2020-02-04 08:55:28] NOTICE[2451] chan_sip.c: Registration from '<sip:123456@192.168.11.120>' failed for '192.168.11.125:62219' - Wrong password''
  ''[2020-02-04 08:57:28] NOTICE[2451] chan_sip.c: Registration from '<sip:123456@192.168.11.120>' failed for '192.168.11.125:62219' - Wrong password''
  ''[2020-02-04 08:57:28] NOTICE[2451] chan_sip.c: Registration from '<sip:123456@192.168.11.120>' failed for '192.168.11.125:62219' - Wrong password''
  ''[2020-02-04 08:59:28] NOTICE[2451] chan_sip.c: Registration from '<sip:123456@192.168.11.120>' failed for '192.168.11.125:62219' - Wrong password''
  ''[2020-02-04 08:59:28] NOTICE[2451] chan_sip.c: Registration from '<sip:123456@192.168.11.120>' failed for '192.168.11.125:62219' - Wrong password''

Latest revision as of 10:26, 4 February 2020

Check if IP blocked or not at this moment by iptables: 

iptables -L -n | grep 192.168.11.125

Output: 

 REJECT     all  --  192.168.11.125        0.0.0.0/0            reject-with icmp-port-unreachable

Check Fail2ban log for blocked IP: 

grep -F "192.168.11.125" /var/log/fail2ban.log

Output: 

2020-02-04 08:41:12,175 fail2ban.filter         [1788]: INFO    [asterisk-iptables] Found 192.168.11.125
2020-02-04 08:41:13,131 fail2ban.actions        [1788]: NOTICE  [asterisk-iptables] Ban 192.168.11.125
2020-02-04 08:51:13,973 fail2ban.actions        [1788]: NOTICE  [asterisk-iptables] Unban 192.168.11.125
2020-02-04 08:51:28,470 fail2ban.filter         [1788]: INFO    [asterisk-iptables] Found 192.168.11.125
2020-02-04 08:53:28,767 fail2ban.filter         [1788]: INFO    [asterisk-iptables] Found 192.168.11.125
2020-02-04 08:55:29,018 fail2ban.filter         [1788]: INFO    [asterisk-iptables] Found 192.168.11.125
2020-02-04 08:57:29,433 fail2ban.filter         [1788]: INFO    [asterisk-iptables] Found 192.168.11.125
2020-02-04 08:59:28,785 fail2ban.filter         [1788]: INFO    [asterisk-iptables] Found 192.168.11.125
2020-02-04 08:59:29,689 fail2ban.actions        [1788]: NOTICE  [asterisk-iptables] Ban 192.168.11.125

To check Asterisk log by IP: 

grep -F "192.168.11.125" /var/log/asterisk/messages

Output: 

[2020-02-04 08:53:28] NOTICE[2451] chan_sip.c: Registration from '<sip:123456@192.168.11.120>' failed for '192.168.11.125:62219' - Wrong password
[2020-02-04 08:55:28] NOTICE[2451] chan_sip.c: Registration from '<sip:123456@192.168.11.120>' failed for '192.168.11.125:62219' - Wrong password
[2020-02-04 08:57:28] NOTICE[2451] chan_sip.c: Registration from '<sip:123456@192.168.11.120>' failed for '192.168.11.125:62219' - Wrong password
[2020-02-04 08:59:28] NOTICE[2451] chan_sip.c: Registration from '<sip:123456@192.168.11.120>' failed for '192.168.11.125:62219' - Wrong password
Retrieved from "https://wiki.kolmisoft.com/index.php?title=Cannot_Connect_From_Certain_IP&oldid=25218"