[INCLUDES]
before = common.conf [Definition]
failregex = NOTICE%(pid_re)s .: Registration from '.' failed for '<HOST>.*' - Wrong password$
NOTICE%(pid_re)s .: Registration from '.' failed for '<HOST>.' - No matching peer found$
NOTICE%(pid_re)s .: Registration from '.' failed for '<HOST>.*' - Username/auth name mismatch$
NOTICE%(pid_re)s .: Registration from '.' failed for '<HOST>.' - Device does not match ACL$
NOTICE%(pid_re)s .: Registration from '.' failed for '<HOST>.*' - Peer is not supposed to register$
NOTICE%(pid_re)s .: Registration from '.' failed for '<HOST>.' - ACL error (permit/deny)$
NOTICE%(pid_re)s <HOST>. failed to authenticate as '.'$
NOTICE%(pid_re)s .: No registration for peer '.' (from <HOST>.)$
NOTICE%(pid_re)s .: Host <HOST>. failed MD5 authentication for '.' (.)$
NOTICE%(pid_re)s .: Failed to authenticate user .@<HOST>.*$
ignoreregex =
Hi.
There is a filter for Asterisk:
/etc/fail2ban/filter.d/asterisk.conf
and in jail.conf
You may have to adapt the configurations to you system