Подскажите, пожалуйста, что это такое? Экстеншена 1001 не существует, а звонки были.
[May 25 05:51:54] VERBOSE[30968] netsock2.c: == Using SIP VIDEO TOS bits 136
[May 25 05:51:54] VERBOSE[30968] netsock2.c: == Using SIP VIDEO CoS mark 6
[May 25 05:51:54] VERBOSE[30968] netsock2.c: == Using SIP RTP TOS bits 184
[May 25 05:51:54] VERBOSE[30968] netsock2.c: == Using SIP RTP CoS mark 5
[May 25 05:51:54] VERBOSE[8321] pbx.c: -- Executing [810972597315746@from-trunk-sip-1001:1] Set("SIP/1001-0000007f", "GROUP()=OUT_28") in new stack
[May 25 05:51:54] VERBOSE[8321] pbx.c: -- Executing [810972597315746@from-trunk-sip-1001:2] Goto("SIP/1001-0000007f", "from-trunk,810972597315746,1") in new stack
[May 25 05:51:54] VERBOSE[8321] pbx.c: -- Goto (from-trunk,810972597315746,1)
[May 25 05:51:54] VERBOSE[8321] pbx.c: -- Executing [810972597315746@from-trunk:1] NoOp("SIP/1001-0000007f", "Catch-All DID Match - Found 810972597315746 - You probably want a DID for this.") in new stack
[May 25 05:51:54] VERBOSE[8321] pbx.c: -- Executing [810972597315746@from-trunk:2] Goto("SIP/1001-0000007f", "ext-did,s,1") in new stack
[May 25 05:51:54] VERBOSE[8321] pbx.c: -- Goto (ext-did,s,1)
[May 25 05:51:54] VERBOSE[8321] pbx.c: -- Executing [s@ext-did:1] Set("SIP/1001-0000007f", "__FROM_DID=s") in new stack
[May 25 05:51:54] VERBOSE[8321] pbx.c: -- Executing [s@ext-did:2] Set("SIP/1001-0000007f", "CHANNEL(language)=ru") in new stack
[May 25 05:51:54] VERBOSE[8321] pbx.c: -- Executing [s@ext-did:3] Gosub("SIP/1001-0000007f", "app-blacklist-check,s,1") in new stack
[May 25 05:51:54] VERBOSE[8321] pbx.c: -- Executing [s@app-blacklist-check:1] GotoIf("SIP/1001-0000007f", "0?blacklisted") in new stack
[May 25 05:51:54] VERBOSE[8321] pbx.c: -- Executing [s@app-blacklist-check:2] Set("SIP/1001-0000007f", "CALLED_BLACKLIST=1") in new stack
[May 25 05:51:54] VERBOSE[8321] pbx.c: -- Executing [s@app-blacklist-check:3] Return("SIP/1001-0000007f", "") in new stack
[May 25 05:51:54] VERBOSE[8321] pbx.c: -- Executing [s@ext-did:4] ExecIf("SIP/1001-0000007f", "0 ?Set(CALLERID(name)=1001)") in new stack
[May 25 05:51:54] VERBOSE[8321] pbx.c: -- Executing [s@ext-did:5] Set("SIP/1001-0000007f", "__CALLINGPRES_SV=allowed_not_screened") in new stack
[May 25 05:51:54] VERBOSE[8321] pbx.c: -- Executing [s@ext-did:6] Set("SIP/1001-0000007f", "CALLERPRES()=allowed_not_screened") in new stack
[May 25 05:51:54] VERBOSE[8321] pbx.c: -- Executing [s@ext-did:7] Goto("SIP/1001-0000007f", "ivr-3,s,1") in new stack
[May 25 05:51:54] VERBOSE[8321] pbx.c: -- Goto (ivr-3,s,1)
[May 25 05:51:54] VERBOSE[8321] pbx.c: -- Executing [s@ivr-3:1] Set("SIP/1001-0000007f", "MSG=custom/IVR_Delta_M_muz") in new stack
[May 25 05:51:54] VERBOSE[8321] pbx.c: -- Executing [s@ivr-3:2] Set("SIP/1001-0000007f", "LOOPCOUNT=0") in new stack
[May 25 05:51:54] VERBOSE[8321] pbx.c: -- Executing [s@ivr-3:3] Set("SIP/1001-0000007f", "__DIR-CONTEXT=") in new stack
[May 25 05:51:54] VERBOSE[8321] pbx.c: -- Executing [s@ivr-3:4] Set("SIP/1001-0000007f", "_IVR_CONTEXT_ivr-3=") in new stack
[May 25 05:51:54] VERBOSE[8321] pbx.c: -- Executing [s@ivr-3:5] Set("SIP/1001-0000007f", "_IVR_CONTEXT=ivr-3") in new stack
[May 25 05:51:54] VERBOSE[8321] pbx.c: -- Executing [s@ivr-3:6] GotoIf("SIP/1001-0000007f", "0?begin") in new stack
[May 25 05:51:54] VERBOSE[8321] pbx.c: -- Executing [s@ivr-3:7] Answer("SIP/1001-0000007f", "") in new stack
[May 25 05:51:54] VERBOSE[8321] pbx.c: -- Executing [s@ivr-3:8] Wait("SIP/1001-0000007f", "1") in new stack
[May 25 05:51:54] VERBOSE[8321] pbx.c: == Spawn extension (ivr-3, s, 8) exited non-zero on 'SIP/1001-0000007f'
[May 25 05:51:54] VERBOSE[8321] pbx.c: -- Executing [h@ivr-3:1] Hangup("SIP/1001-0000007f", "") in new stack
[May 25 05:51:54] VERBOSE[8321] pbx.c: == Spawn extension (ivr-3, h, 1) exited non-zero on 'SIP/1001-0000007f'[root@pbx /]
спросил
2013-05-27 08:35:50 +0400
zavulon 238 ● 17 ● 2 ● 13
судя по вод этому 810972597315746 - вас ломают
awsswa ( 2013-05-27 08:40:45 +0400 )редактироватьох, блин. А что за способ то, может кто сталкивался? Через WEB интерфейс и подбор паролей экстеншенов исключено, там 18 символьные в разных регистрах и т.п. fail2ban работает. А тут даже IP не светится =(
zavulon ( 2013-05-27 08:49:26 +0400 )редактироватьпару месяцев назад меня также пытиались вскрыть, схема практически такаяже, закрывай все IP кроме проверенных.
romariosar ( 2013-05-27 10:47:07 +0400 )редактировать