Menu
▾
▴
Re: [Astlinux-devel] Using APIBAN in Astlinux
|
From: Michael K. <li...@mk...> - 2021-10-15 09:49:25
|
Hi Lonnie, thanks for your work! The script works fine and the blocked addresses seem to be very precise. I verified a few of the addresses, that I saw in sngrep, and all addresses were already included in the apiban.netset. > Am 15.10.2021 um 00:26 schrieb Lonnie Abelbeck <li...@lo...>: > > I wrote a PHP script that retrieves all the APIBAN 'banned' IPs and runs them through iprange to generate a .netset file as stdout. > > https://gist.github.com/abelbeck/28bdea0d45be8bfcbf65bb34e57fd4d4 > > Remove the trailing .php and make apiban-netset executable. > > You must have an APIBAN Key, and place it by itself (no leading/trailing text) in '/mnt/kd/apiban.conf'. > > We can decide if we want this in production AstLinux. > > Lonnie > > > > >> On Oct 14, 2021, at 9:27 AM, Lonnie Abelbeck <li...@lo...> wrote: >> >> Michael, thanks for bringing APIBAN to our attention. >> >> I re-looked at our /usr/sbin/reload-blocklist-netset script and the 'asterisk' URLs, turns out only "blocklist_de_sip.ipset" is actively updated. >> >> The 'voipbl' URL has only grown over time, no IPs have been removed, which makes false positives a problem. >> >> So, the APIBAN list may have a place, but requiring an access key and not a straight .ipset/.netset file download is a hurdle. >> >> Possibly there are other sip/asterisk related blocklists? >> >> Lonnie >> >> >> >>> On Oct 13, 2021, at 5:55 PM, Michael Knill <mic...@ip...> wrote: >>> >>> Yep it needs to go into a netset list aggregated with iprange. Note their client does actually work on Astlinux. >>> Should be pretty easy to do! >>> >>> Regards >>> Michael Knill >>> >>> From: Michael Keuter <li...@mk...> >>> Reply to: AstLinux Developers Mailing List <ast...@li...> >>> Date: Thursday, 14 October 2021 at 9:41 am >>> To: AstLinux Developers Mailing List <ast...@li...> >>> Subject: Re: [Astlinux-devel] Using APIBAN in Astlinux >>> >>> Quite interesting thread about apiban: >>> >>> https://community.freepbx.org/t/integrating-apiban-org-with-freepbx/69422/11 >>> >>> Sent from a mobile device. >>> >>> Michael Keuter >>> >>> >>>> Am 13.10.2021 um 23:24 schrieb Michael Knill <mic...@ip...>: >>>> >>>> APIBAN looks very interesting. There will be a session on it at Astricon this year as well. >>>> I assume that banned IP addresses could just be pulled into a netset list? >>>> >>>> https://apiban.org/doc.html >>>> https://www.securevoip.io/48-hours-with-apiban/ >>>> >>>> Regards >>>> >>>> Michael Knill >>>> Managing Director >>>> >>>> D: +61 2 6189 1360 >>>> P: +61 2 6140 4656 >>>> E: mic...@ip... >>>> W: ipcsolutions.com.au >>>> >>>> >>>> <image001.png> >>>> Smarter Business Communications >>>> >>>> _______________________________________________ >>>> Astlinux-devel mailing list >>>> Ast...@li... >>>> https://lists.sourceforge.net/lists/listinfo/astlinux-devel >>> _______________________________________________ >>> Astlinux-devel mailing list >>> Ast...@li... >>> https://lists.sourceforge.net/lists/listinfo/astlinux-devel >> >> >> >> _______________________________________________ >> Astlinux-devel mailing list >> Ast...@li... >> https://lists.sourceforge.net/lists/listinfo/astlinux-devel >> >> > > > > _______________________________________________ > Astlinux-devel mailing list > Ast...@li... > https://lists.sourceforge.net/lists/listinfo/astlinux-devel Michael http://www.mksolutions.info |
