Hi
This is quite complex, but im taking a shot.
We have a mikrotik 700x (will probably be some sort of RB750 router) as a boarder router. 5 Public IP address. Behind this router there is a pbx (not natted, thus has a public ip address on the bridge). I want to know if someone can provide me with a regex example of what a failed sip authentication request looks like to the mikrotik so that I can create a dynamic firewall to block the ip address from making udp 5060 request to the pbx.
Currently it only sees some sort of 404 not found if the sip ext fails authentication.
So in essence, I want the mikrotik to be able to perform the services of fail2ban.
Any ideas?