Menu
▾
▴
Re: [Astlinux-devel] Using APIBAN in Astlinux
|
From: Lonnie A. <li...@lo...> - 2021-10-15 13:09:15
|
Thanks Michael for testing. Yes, the 'apiban' IPs seem high quality, seemingly aged after 7 days or so, and regularly updated. If we were to incorporate apiban-netset into the reload-blocklist-netset script, should it be a new 'apiban' type or include it as part of the existing 'asterisk' type? Lonnie > On Oct 15, 2021, at 4:49 AM, Michael Keuter <li...@mk...> wrote: > > Hi Lonnie, > > thanks for your work! > The script works fine and the blocked addresses seem to be very precise. > > I verified a few of the addresses, that I saw in sngrep, and all addresses were already included in the apiban.netset. > >> Am 15.10.2021 um 00:26 schrieb Lonnie Abelbeck <li...@lo...>: >> >> I wrote a PHP script that retrieves all the APIBAN 'banned' IPs and runs them through iprange to generate a .netset file as stdout. >> >> https://gist.github.com/abelbeck/28bdea0d45be8bfcbf65bb34e57fd4d4 >> >> Remove the trailing .php and make apiban-netset executable. >> >> You must have an APIBAN Key, and place it by itself (no leading/trailing text) in '/mnt/kd/apiban.conf'. >> >> We can decide if we want this in production AstLinux. >> >> Lonnie >> >> >> >> >>> On Oct 14, 2021, at 9:27 AM, Lonnie Abelbeck <li...@lo...> wrote: >>> >>> Michael, thanks for bringing APIBAN to our attention. >>> >>> I re-looked at our /usr/sbin/reload-blocklist-netset script and the 'asterisk' URLs, turns out only "blocklist_de_sip.ipset" is actively updated. >>> >>> The 'voipbl' URL has only grown over time, no IPs have been removed, which makes false positives a problem. >>> >>> So, the APIBAN list may have a place, but requiring an access key and not a straight .ipset/.netset file download is a hurdle. >>> >>> Possibly there are other sip/asterisk related blocklists? >>> >>> Lonnie >>> >>> >>> >>>> On Oct 13, 2021, at 5:55 PM, Michael Knill <mic...@ip...> wrote: >>>> >>>> Yep it needs to go into a netset list aggregated with iprange. Note their client does actually work on Astlinux. >>>> Should be pretty easy to do! >>>> >>>> Regards >>>> Michael Knill >>>> >>>> From: Michael Keuter <li...@mk...> >>>> Reply to: AstLinux Developers Mailing List <ast...@li...> >>>> Date: Thursday, 14 October 2021 at 9:41 am >>>> To: AstLinux Developers Mailing List <ast...@li...> >>>> Subject: Re: [Astlinux-devel] Using APIBAN in Astlinux >>>> >>>> Quite interesting thread about apiban: >>>> >>>> https://community.freepbx.org/t/integrating-apiban-org-with-freepbx/69422/11 >>>> >>>> Sent from a mobile device. >>>> >>>> Michael Keuter >>>> >>>> >>>>> Am 13.10.2021 um 23:24 schrieb Michael Knill <mic...@ip...>: >>>>> >>>>> APIBAN looks very interesting. There will be a session on it at Astricon this year as well. >>>>> I assume that banned IP addresses could just be pulled into a netset list? >>>>> >>>>> https://apiban.org/doc.html >>>>> https://www.securevoip.io/48-hours-with-apiban/ >>>>> >>>>> Regards >>>>> >>>>> Michael Knill >>>>> Managing Director >>>>> >>>>> D: +61 2 6189 1360 >>>>> P: +61 2 6140 4656 >>>>> E: mic...@ip... >>>>> W: ipcsolutions.com.au >>>>> >>>>> >>>>> <image001.png> >>>>> Smarter Business Communications >>>>> >>>>> _______________________________________________ >>>>> Astlinux-devel mailing list >>>>> Ast...@li... >>>>> https://lists.sourceforge.net/lists/listinfo/astlinux-devel >>>> _______________________________________________ >>>> Astlinux-devel mailing list >>>> Ast...@li... >>>> https://lists.sourceforge.net/lists/listinfo/astlinux-devel >>> >>> >>> >>> _______________________________________________ >>> Astlinux-devel mailing list >>> Ast...@li... >>> https://lists.sourceforge.net/lists/listinfo/astlinux-devel >>> >>> >> >> >> >> _______________________________________________ >> Astlinux-devel mailing list >> Ast...@li... >> https://lists.sourceforge.net/lists/listinfo/astlinux-devel > > > Michael > > http://www.mksolutions.info > > > > > > _______________________________________________ > Astlinux-devel mailing list > Ast...@li... > https://lists.sourceforge.net/lists/listinfo/astlinux-devel > > |
