2010/10/24 Daniel-Constantin Mierla <miconda(a)gmail.com>om>:
Using fail2ban together with IP tables has the
advantage of dropping the
packets before getting to application and eating cpu
I have a testing platfotm with Kamailio and fail2ban working more or
less as explained in this thread. But I wonder if fail2ban is a good
idea as it works inspecting regular expressions in each line of the
log. Is it good enough and feasible under high traffic? wouldn't
fail2ban eat too much CPU by inspecting the log file? Just wondering.
Of course, the perfect solution would be Kamailio acting as fail2ban.
This is, "pike" module inserting dynamic rules in iptables. Opinnions?
--
Iñaki Baz Castillo
<ibc(a)aliax.net>