Responsive firewall is on, at least one of the hacking IP addresses is in the firewall's blacklist. Fail2ban is set to ban 3 attempts in 30 minutes, permanently. I'll set the asterisk log to verbose and see if I can pick up src and dest. As for congestion, nothing is congested. This PBX services 10 extensions, 6 internal and 4 external, but only used by me and my wife, and the relevant trunks are 3-channel -- the likelihood of ever hitting congestion is nil. I suspect that FPBX shows the hack attempts as congested because it defaults down to it.
↧