I’m preety new to MT and I’m totally new to ROS scripting… Recently, I notice a large number of unsuccessfull attepmts to log in into my VoIP server at home (actually it’s just a Raspberry PI with debian and FreePBX+Asterisk). Each time I check - the IP address is from China, so I wan’t to add those addresses automatically to my “SIP SPAM” address list which is blocked on MT.
At this moment - I use a bash script at my RPI that calls a ip-api.com API and if the response contains “countryCode”:“CN” then it’s added to iptables with DROP and iptables is beign reloaded.
I’d like to do the same on my MT so the connection won’t even pass the router, so it will raise a network security level and it will lower a network traffic.
But honestly… I have no idea on how to do it. I’ve google’ing for some answears, but found nothing interesting…
Thank you for the reply, and sorry for the delay - I’m overworked recently.
Unfortunately I can’t allow only specific IP addresses as it’s a connection to SIP server and my Customer’s employees are using sip-phone app on their phones, so it’s quite unpredictable what will be the user’s IP subnet next time…
In an era of reducing costs to the absolute minimum - none of my Customers will agree to that
At this moment - I have automated the process by updating a blocked IPs list by downloading it from my SIP server’s iptables once a day. Seem’s it’s working quite fine
If you don’t mind sharing that script of yours. I’m currently having almost 30,000 lines of allowed and block ip in the list. Mostly blocked. But still getting a couple attempts from bad actors daily. This would be great addition to the r4011 since it still have plenty resources left to do extra blocking.
