Kamcli, the Kamailio command line tool written in Python, got recently a couple of new features, among them ability to interact with APIBan.org service to fetch the list of IP addresses and push them to a htable of a running Kamailio instance.

APIBan runs a network of honeypots to detect and track IP addresses that initiate scanning attacks to SIP servers, making them available via a simple REST API, facilitating the increase of security for VoIP platforms that can block these IP addresses, either at application level such as Kamailio (with htable module) or in the firewall.

The kamcli offers now commands to check if an IP address is in the APIBan list, show all the IPs tracked by APIBan as well as load them into a htable of a running Kamailio instances.

❯ kamcli apiban -h
Usage: kamcli apiban [OPTIONS] COMMAND [ARGS]...

Manage APIBan records

  -h, --help Show this message and exit.

  check Check IP address against apiban.org
  load Load the records from apiban.org to a Kamailio htable
  show Show the addresses returned by apiban.org

Next is a screen recording showing kamcli apiban in action via its embedded shell with auto-completion (click on image to see if it does not play automatically):

The configuration file kamcli.ini has now a section for APIBan, allowing to set the API key and other options to interact with APIBan.org and Kamailio htable. The API key can be also read from an environment variable or be provided as a cli parameter.

Thanks for flying Kamailio!