Categories
Gigaset

N510IP PRO

The N510IP PRO IP DECT base station forms part of the Gigaset PRO range for small to medium businesses. The N510 IP PRO supports a wide range of Gigaset DECT handsets. Users benefit from flexible communication with exceptional sound quality. Professional features such as corporate directory access, online directories and email notification add efficiency to the workday. Wireless connectivity enables freedom of movement and multi-tasking convenience. The N510 IP PRO is compatible with over 230 VoIP providers and all common PBX systems.

N510P
Categories
Gigaset Products and services

Gigaset Fusion

The new all-in-one phone system for modern offices.

The Gigaset Fusion in dark titanium is available as part of the FX800W PRO bundle. This professional all-in-one telephone system in a timelessly elegant design is a desk phone, DECT base station and mini telephone system all in one device. All settings and functions can be individually configured via a web-based UI and be set intuitively via the newly developed user interface on the bright touch-and-swipe display. The Gigaset Fusion makes day-to-day work easier and is the ideal solution for small offices, medical practices, law firms, agencies and sophisticated home offices.

An elegant attention-getter in every office

The perfect combination of form and function: The 12.7 cm (5″) large, bright HD touch-and-swipe display of this smart all-in-one system makes it easier for you to access all phone functions and ensures that caller information is always at your fingertips – regardless of where the phone is located. High-quality materials, a stable high-gloss finish metal base and metal dome keyboard make the Gigaset Fusion an eye-catcher in any office.

Ideal for new hygiene concepts

High-quality materials such as the disinfectant-resistant surface and UV-hardened finish, as well as exclusive design elements such as the easy-to-clean, bright touch-and-swipe display give the new Gigaset Fusion a wide range of flexible positioning/use options. This all-round high-end equipment allows you to simply and easily keep the cord phone clean, even in hygienically sensitive areas.

Broad connectivity provides flexibility

The Fusion’s extensive connectivity options ensure maximum flexibility. USB-C and Bluetooth make it easy to connect external devices such as your headset your favourite way, while the flexible dual-band 5GHz/2.4GHz WiFi module enables hassle-free connection to the internet and lets you seamlessly integrate the Fusion with your existing network. The 2-port gigabit switch ensures fast LAN connection and power supply (PoE) for the device.

DECT base station functionality

When functioning as a DECT base station, the Gigaset Fusion allows you to connect up to eight Gigaset PRO handsets. This translates into a maximum of flexibility and problem-free connection when equipping your company’s overall work area. This also provides the huge advantage that you can be reached by your customers at all times with up to four parallel calls, even at peak times with high call volumes.

Easy contact management

The Gigaset Fusion’s central phone book gives you up to 500 entries and lets you easily synchronize and manage all of your customer contacts. This also includes your existing mobile phone contacts, which are a snap to import via Bluetooth, as well as your native Google and Microsoft 365 and LDAP contacts.

A large number of convenient features are available to you when doing so. The Gigaset Fusion offers up to 72 programmable display keys and widgets that allow you to optimize the device to your needs. Coloured BLF buttons indicate whether a line is free. And, the display night mode helps you save energy.

Environmentally friendly & radiation-free thanks to ECO DECT

The DECT eco mode and DECT eco mode+ functions are a paragon of an environmentally friendly solution. The two functions offer a significant 80% reduction in transmission power and energy-efficient transmission deactivation when in an idle state. The Fusion also features a proximity sensor that automatically wakes the device from sleep mode when the user gets close to it.

Another resource-saving function is the secure, DECT-encrypted range increase via HX repeater. This makes you future-proof for any further expansion of your company.

The Fusion bundle with two DECT handsets

The new Gigaset Fusion is not available as an individual product, but rather as part of the FX800W PRO bundle. This exclusive bundle includes a Gigaset Fusion plus two SL800H PRO. This smallest and lightest cordless phone in the professional Gigaset portfolio features an impressive large colour display, brilliant sound quality and an excellent battery.

Detailed information on the SL800H PRO can be found here

Categories
Blog Knowledge Base

Gamma’s Gateway migration and SIP issues

Over the last few weeks and possibly going on for a few more Gamma Telecom are migrating users from their MSX SBCs to their ‘new’ SWe SBCs, and as side effect of this change is that they now do not support non-symetrical nat translation of RTP traffic

Their previous SBCs and like many other carriers do not have an issue with this and in the words of Twilio’s notes below they support both methods

** When Symmetric RTP is enabled Twilio will detect where the remote RTP stream is coming from and start sending RTP to that destination instead of the one negotiated in the SDP. Please note that this setting is more vulnerable to RTP attacks.

When Symmetric RTP is disabled, Twilio will send RTP to the destination negotiated in the SDP. This setting is considered to be more secure and therefore recommended.

On making support calls to Gamma initially they just seem to tell users that the RTP is being sent from a port that isn’t specified in the SDP, and yes that is correct, But Gamma being Gamma and even though they will have had numerous calls they don’t go any further

It seems the problem is with the customer firewalls in particular pfSense:

By default, pfSense software rewrites the source port on all outgoing connections except for UDP port 500. Some operating systems do a poor job of source port randomization, if they do it at all. This makes IP address spoofing easier and makes it possible to fingerprint hosts behind the firewall from their outbound traffic. Rewriting the source port eliminates these potential (but unlikely) security vulnerabilities. Outbound NAT rules, including the automatic rules, will show  in the Static Port column on rules set to randomize the source port.

Source port randomization breaks some rare applications. The default Automatic Outbound NAT ruleset disables source port randomization for UDP 500 because it will almost always be broken by rewriting the source port. Outbound NAT rules which preserve the original source port are called Static Port rules and have  on the rule in the Static Port column. All other traffic has the source port rewritten by default.

To add a rule for a device which requires static source ports:

  • Navigate to Firewall > NATOutbound tab
  • Select Hybrid Outbound NAT rule generation
  • Click Save
  • Click  to add a new NAT rule to the top of the list
  • Configure the rule to match the traffic that requires static port, such as a source address of a PBX.
  • Check Static Port in the Translation section of the page
  • Click Save
  • Click Apply Changes

After making that change, the source port on outgoing traffic matching the rule will be preserved. **The best practice is to use strict rules when utilizing static port to avoid any potential conflict if two local hosts use the same source port to talk to the same remote server and port using the same external IP address.**

Personally I would just make this change for the UDP port range and not all UDP ports as this could cause problem with traffic such a port 5060 when multiple servers or phones are on a site.

We have also been made aware of another issue with respect to call diversion to external numbers. By deafault Asterisk and many other IP PBXs set a diversion header in the 181 message giving the device that diverted the call and reason. in most cases this will be the extension number so the header will look like:

 Diversion: <sip:477@aaa.bbb.ccc.ddd>;reason=unconditional

This seems to cause issues at Gamma and they reject the call as it seems they are setting the callerid from this info.

To overcome this issue for chan_sip set ‘send_diversion = no’ in the general setting of sip.conf or in the “Other SIP Settings” fields in the Advanced sip setting menu. For PJSIP add it to the pjsip.endpoint_custom_post.conf file as below.

[PJSIPTwilio](+)
send_diversion=no

[GRAMMA_TEST](+)
send_diversion=no

And this seems to solve the problem.

To be honest we have only seen the problem with Gamma trunks and having tested with other suppliers and found they are not affected.

Gammas reson for this is as follows: “After reviewing the divert packet, I can see in the message header that the Diversion header is set to divert to “477”. I would recommend to change this to the full CLI you wish to forward the call to as I believe the system is trying to call “477” which wouldn’t be classed as a valid number. The 603 error you are seeing from your side would be in relation to OFCOMS national number length violation.”

See the Packet below

Session Initiation Protocol (181)
    Status-Line: SIP/2.0 181 Call is being forwarded
        Status-Code: 181
        [Resent Packet: False]
        [Request Frame: 22149]
        [Response Time (ms): 187]
    Message Header
        Via: SIP/2.0/UDP xxx.yyy.aaa.zzz:5060;branch=z9hG4bK04B82da620259a59a1a;received=xxx.yyy.aaa.zzz;rport=5060
            Transport: UDP
            Sent-by Address: xxx.yyy.aaa.zzz
            Sent-by port: 5060
            Branch: z9hG4bK04B82da620259a59a1a
            Received: xxx.yyy.aaa.zzz
            RPort: 5060
        From: <sip:01234567890@xxx.yyy.aaa.zzz>;tag=gK0441ee4f
            SIP from address: sip:01234567890@xxx.yyy.aaa.zzz
            SIP from tag: gK0441ee4f
        To: <sip:07890123456@aaa.bbb.ccc.ddd>;tag=as24643c1b
            SIP to address: sip:07890123456@aaa.bbb.ccc.ddd
            SIP to tag: as24643c1b
        Call-ID: 71571273_130153708@xxx.yyy.aaa.zzz
        [Generated Call-ID: 71571273_130153708@xxx.yyy.aaa.zzz]
        CSeq: 321899 INVITE
            Sequence Number: 321899
            Method: INVITE
        Server: FPBX-16.0.40.7(18.9)
        Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
        Supported: replaces, timer
        Session-Expires: 1800;refresher=uas
        Contact: <sip:07890123456@aaa.bbb.ccc.ddd:5060>
            Contact URI: sip:07890123456@aaa.bbb.ccc.ddd:5060
                Contact URI User Part: 07890123456
                Contact URI Host Part: aaa.bbb.ccc.ddd
                Contact URI Host Port: 5060
        Diversion: <sip:477@aaa.bbb.ccc.ddd>;reason=unconditional
        Content-Length: 0

Now the RFC says :

“When a diversion occurs, a Diversion header SHOULD be added to the forwarded request or forwarded 3xx response. The Diversion header MUST contain the Request-URI of the request prior to the diversion. The Diversion header SHOULD contain a reason that the diversion occurred.”

Which is what happens, Gamma seem to have confused what the diversion header does as they seem to assume its setting the diversion destination or outbound caller ID, Neither of which are the uses for the Diversion header.

‘I will add updates here as and when they become available.’

Categories
Blog Services Support

ISDN Switch Off 2025

It’s the biggest and most important modernisation of the public phone network ever, and your business needs to check and may need to make changes to ensure a smooth transition

In 2017 BT announced it intended to Switch Off ISDN and PSTN by the end of 2025. From September 2023 new ISDN lines will not be available for purchase. Businesses must make alternative plans and migrate all ISDN / PSTN channels or they will be without a telephony service. All equipment that currently uses the PSTN will stop working: such as alarms, elevator phones, EPOS machines, door entry systems etc

There are four options, all suitable for businesses ranging in size from as few as 3 employees to many thousands of employees. All you have to do is decide which is the best fit for you

Option 1: Adapt What You Have

Extend the life of your current phone system by connecting it to the internet. This is simply done by adding hardware known as a VoIP Gateway and a link known as a SIP Trunk, which uses your existing Internet connection. It’s easy, affordable, and users notice no difference – no new cables, no new handsets, no new training.

Option 2: Blend It All Together

Mix options 1, 2, and 3 to suit your needs. For example, an on-premise system at your head office, and a cloud-based system serving your remote sites. Or connect a cloud-based unified communications platform to an on-premise VoIP Gateway or SIP Trunk-powered system. Whatever the blend, enjoy the same seamlessly-integrated user experience.

Option 3: Upgrade What You Have

Replace your installed on-premise system with the latest feature-rich digital technology known as a Unified Communications (UC) Platform; this can be installed on your site as hardware or software, fully under your control. All your telephony now on the internet, but also seamlessly aligned with your email, messaging, and chat applications via an easy-to-use, easily accessible user interface. Plus, it can all be replicated on employees’ desktop computers, laptops and mobile devices for super-convenience.

Option 4: Migrate To The Cloud

Follow hundreds of millions of organisations worldwide by replacing your on-premise system with a powerful, cloud-powered Unified Communications (UC) solution. All your calls, email, chat, and messaging now via the internet; limitless ability to add the latest new features at will; and pay monthly, only for the services you use.

Sangoma have produced a useful Webinar: “How To Prepare For The Great British ISDN Switch Off”Webinar Recording: “How To Prepare For The Great British ISDN Switch Off”

If you have any questions or need advice email or call us.

Categories
Blog Gigaset Special Offers

Gigasets Bundle of Joy

We’re thrilled to present an exclusive opportunity to transform your communication experience – introducing the Gigaset Bundle of Joy Promotion! Elevate your connectivity with the ultimate combination of an N670 IP base station and 2 R650H handsets, all at an unbeatable price. Don’t miss out on this fantastic deal, available until October 31st 2023.

The N670 Base features include

  • Supports up to 20 users (increase to 250 via license)
  • Single cell system, upgradable with licenses
  • Supports up to 8 simultaneous calls
  • Zero-touch configuration via auto-provisioning

The R650 Handset features include

  • Large 1.8″ TFT display
  • IP65 dust & water resistant
  • Vibration & flashing alerts
  • Handsfree and 2.5mm headset connection
  • Phonebook up to 200 entries

Seamless Connectivity

The N670 IP Base Station offers seamless connectivity for crystal-clear communication. Experience exceptional voice quality and reliability, ensuring conversations are always top-notch.

Exceptional Mobility

Whether you’re looking to create a simple single cell solution, or a future-proof package which can be scaled to accommodate up to 20,000 handsets**, this bundle can be scaled as your customers’ business grows. With support for the S650H, SL750H and Maxwell C handsets too, it can be adapted to suit each individual user requirements.

Unmatched Value

This bundle, with 30% off RRP, offers exceptional value for an advanced communication setup. Equip workspaces with state-of-the-art devices without breaking the bank.

Call 01225580025 or Email for your pricing.

Categories
Blog

Missed call Notification

This new module does what it says, Users get an email notification of a missed call on their handset. With this module, either the PBX admin or the user can configure email notifications for whenever they miss a call.

A new menu entry will appear in the Applications menu which lists the Missed Call status for all the users on the system that have an email address defined in User Management.

This free module allows the sending of Missed call notifications to the user’s configured email address, on following events – 

  • Missed Internal call
  • Missed External call
  • Missed from Queue call
  • Missed from Ring Group call.

To change notifications types, the Admin can use User Management where they can edit users notification settings:

Or the user can do this themselves using the UCP, or once set up,

There are also dialable feature codes to enable or disable notifications on a per-extension basis, by default these are set to:
Missed Call Notification Activate *56
Missed Call Notification Deactivate *57
Missed Call Notification Toggle *58

This is a useful addition to FreePBX and can see situations where this would be really useful. Hotel reception desks for example.

Categories
Products and services

Sangoma Desktop Softphone

Sangoma Desktop Softphone turns a user’s computer into a fully featured phone that is primed to take full advantage of all of Sangoma’s unified communications features.

Sangoma Desktop Softphone For Desktop turns a user’s computer into a fully featured phone that is primed to take full advantage of all of Star2Star’s unified communications features. Sangoma Desktop Softphone lets users make, answer, hold, and transfer calls, participate in voice conferencing, access voicemail, integrate calls with CRM software, and more.

Features

  • Workforce Flexibility: Your staff will no longer be tethered to one location, allowing employees to work remotely while expanding your potential pool of employees to a much greater geographic area.
  • Cost Savings: Instead of purchasing a computer and a desk phone, you can just purchase a computer and a headset, saving hundreds or even thousands of dollars with softphone software.
  • Efficiency: Employees can stay in contact on the go or from home, softphones allow them to respond faster. Even better, Desktop Softphone allows them to take advantage of our many powerful features that will go anywhere they go, unlike a traditional mobile phone that lacks much of this functionality.
  • Incredible Functionality: With Desktop Softphone, your employees have access to a complete unified communications system at their keyboard, meaning they can do it all wherever they are.
  • Business Voice & Business Voice+ Compatible: Use Desktop Softphone with either of the Full Spectrum Communications platforms for the ultimate flexibility.

Email or Call for current licence pricing

Categories
Gigaset Handsets Products and services

Gigaset SL800

Combining the slim-line design of a smartphone with the technology of a professional DECT mobile device, the Gigaset SL800H PRO offers users the best experience in DECT mobile devices. With a lightweight design, large 2.4” TFT colour display as well as advanced sound quality and long battery life, the SL800H PRO offers the highest level of mobility freedom including connectivity to headsets or Bluetooth.

The SL800H PRO offers users all day usage with its extended battery life of up to 15 hours of talk time with a range of up to 50 metres indoors & 300 metres outdoors. Users can rest assured not to miss calls with vibrating alert as well as individual ringer melodies for VIP entries and internal callers.

What’s more the SL800H PRO offers users the option of using the SL800H PRO as a Hotel phone, by reducing options linking to internal business functions such as reduced calendar functions and Bluetooth menu but allowing for quick data exchange and deleting call lists on a time-controlled basis.

This handset is fully compatible with both Gigaset N510IP PRO and N670IP singlecell solutions as well as the N720IP PRO and N870IP PRO multicell DECT solution.

Feature highlights
• Large illuminated 2.4″ TFT colour display
• Headset operation via Bluetooth® 4.2 or 3.5mm jack
• Up to 15h talk time and 300h standby time
• Audio profiles can be selected quickly using a separate key
• Handsfree with brilliant HDSP ready TM/CAT -IQ 2.01
Acoustic quality and high maximum volume
• Hotel option – automatic deletion of sensitive data
• SUOTA – Software update via the air interface
• Scratch and disinfectant resistant
• Local telephone book with search function and up to 500
vCards and access to the company telephone book via PBX
(XML, LDAP)2
• Data exchange via Bluetooth® or Micro-USB
• Vibrating alarm
• No ringing in the charging cradle adjustable for parallel call
• Key lock with PIN protection
• Charging:
• Charging also via Micro-USB connection
• Charging cradle included free of charge
• Full compatibility with the professional Gigaset DECT
Single and multi-cell systems

Email or Call for current pricing and qty discounts

Categories
Handsets Products and services Sangoma Phones

P-Series IP Phones

Sangoma’s line of P-Series phones are designed to deliver the features you need, at price points perfect for every type of user, and every type of business.

All models include color screens, high definition voice, are headset-ready, provide unprecedented plug-and-play deployment, and have built-in productivity applications including voicemail, call log, contacts, phone status, user presence, parking and more.

Sangoma’s P-Series phones are the only phones that are compatible across Sangoma’s communications as a service portfolio, further enhancing their value.

Entry-Level – The Sangoma P310/P315 Phones
Sangoma’s value-line is perfect for large floor deployments in offices, schools, manufacturing, and retail.
Mid-Range – The Sangoma P320, P325, P330 Phones
Perfect for knowledge workers, with built-in business applications*, controlled via a large 4.3-inch IPS display and plenty of programmable function keys. The P330 also supports built-in Bluetooth and WiFi as well as the forthcoming PM200 expansion module.
Executive – The Sangoma P370 Phone (coming soon!)
For the executives in the office who demand a sleek desktop presence, the P370 delivers. With a large 7.0” 1280×800 color IPS touchscreen display, built-in Bluetooth and WiFi, all of Sangoma’s business applications* are easy-to-use with finger-touch access.

Email or Call for current pricing and qty discounts

Categories
Asterisk Support Blog Elastix Support FreePBX Knowledge Base Security

Keeping the Bots out and allowing your friends in

Since this post was originally written things have advanced, FreePBX has an integrated firewall with intrusion detection using Fail2Ban, and this should always be enabled even if system is on premise.

Another major step forward in protection is APIBAN this is a client program that helps prevent unwanted SIP traffic by identifying addresses of known bad actors before they attack your system. Bad bots are collected through globally deployed honeypots. To use APIBAN you will need a key these are obtained from here . More details on API ban are here if you are interested in using it in different situations.

To simplify installation on Freepbx based systems I have simple script that downloads and install it, this can be downloaded here or from the command line of the server as follows:

wget https://freeaccesspublic.s3.eu-west-2.amazonaws.com/apiban.sh
Make it an executable : chmod +x  apiban.sh
then run the script : ./apiban.sh your_api_key

If you dont add your APIKEY on the command line vi will open and you can add it manually. The script will then initially run the client which will take a few seconds to download the initial set of bots, then it will add a line to the crontab file and restart the cron daemon. the timing of the cronjob is randomised to be between every 4 and 22 minutes.

We have seen many Bots attacking Asterisk servers, Interestingly its not always good old sipvicious anymore but a Windows program called sipcli and originating mainly from the US and Germany.

Normally our iptables firewalls are updated but for some reason these keep getting through, So we have now based rules on the User-Agent in iptables as well

Here are a few examples to get rid of many of the favourites

-A INPUT -p udp -m udp --dport 5060 -m string --string "User-Agent: friendly-scanner" --algo bm --to 65535 -j DROP
-A INPUT -p udp -m udp --dport 5060 -m string --string "User-Agent: sipcli" --algo bm --to 65535 -j DROP
-A INPUT -p udp -m udp --dport 5060 -m string --string "User-Agent: sipvicious" --algo bm --to 65535 -j DROP
-A INPUT -p udp -m udp --dport 5060 -m string --string "User-Agent: VaxSIPUserAgent" --algo bm --to 65535 -j DROP

For Freepbx format add following to the Firewalls custom rules


-A fpbxreject -p udp --dport 5060:5261 -m string --string "REGISTER sip:server.domain.co.uk" --algo bm -j ACCEPT
-A fpbxreject -p udp --dport 5060:5261 -m string --string "REGISTER sip:" --algo bm -j DROP
-A fpbxreject -p tcp --dport 5060:5261 -m string --string "REGISTER sip:server.domain.co.uk" --algo bm -j ACCEPT
-A fpbxreject -p tcp --dport 5060:5261 -m string --string "REGISTER sip:" --algo bm -j DROP
-A fpbxreject -p udp -m udp --dport 5060:5261 -m string --string "sip:a'or'3=3--@" --algo bm --to 65535 -j DROP
-A fpbxreject -p udp -m udp --dport 5060:5261 -m string --string "User-Agent: PolycomSoundPointIP SPIP_550 UA 3.3.2.0413" --algo bm --to 65535 -j DROP
-A fpbxreject -p udp -m udp --dport 5060:5261 -m string --string "User-Agent: Avaya IP Phone 1120E" --algo bm --to 65535 -j DROP
-A fpbxreject -p udp -m udp --dport 5060:5261 -m string --string "User-Agent: Cisco-SIPGateway/IOS-15.2.4.M5" --algo bm --to 65535 -j DROP
-A fpbxreject -p udp -m udp --dport 5060:5261 -m string --string "User-Agent: PolycomVVX-VVX_401-UA5.4.1.18405" --algo bm --to 65535 -j DROP
-A fpbxreject -p udp -m udp --dport 5060:5261 -m string --string "User-Agent: eyeBeam release 3006o stamp 17551" --algo bm --to 65535 -j DROP
-A fpbxreject -p udp -m udp --dport 5060:5261 -m string --string "User-Agent: owenee" --algo bm --to 65535 -j DROP
-A fpbxreject -p tcp -m tcp --dport 5060:5261 -m string --string "User-Agent: owenee" --algo bm --to 65535 -j DROP
-A fpbxreject -p udp -m udp --dport 5060:5261 -m string --string "User-Agent: Custom" --algo bm --to 65535 -j DROP
-A fpbxreject -p tcp -m tcp --dport 5060:5261 -m string --string "User-Agent: Custom" --algo bm --to 65535 -j DROP
-A fpbxreject -p udp -m udp --dport 5060:5261 -m string --string "User-Agent: SIP" --algo bm --to 65535 -j DROP
-A fpbxreject -p tcp -m tcp --dport 5060:5261 -m string --string "User-Agent: SIP" --algo bm --to 65535 -j DROP
-A fpbxreject -p udp -m udp --dport 5060:5261 -m string --string "User-Agent: gazllove" --algo bm --to 65535 -j DROP
-A fpbxreject -p tcp -m tcp --dport 5060:5261 -m string --string "User-Agent: gazllove" --algo bm --to 65535 -j DROP
-A fpbxreject -p udp -m udp --dport 5060:5261 -m string --string "User-Agent: pplsip" --algo bm --to 65535 -j DROP
-A fpbxreject -p tcp -m tcp --dport 5060:5261 -m string --string "User-Agent: pplsip" --algo bm --to 65535 -j DROP
-A fpbxreject -p udp -m udp --dport 5060:5261 -m string --string "User-Agent: sipcli" --algo bm --to 65535 -j DROP
-A fpbxreject -p tcp -m tcp --dport 5060:5261 -m string --string "User-Agent: sipcli" --algo bm --to 65535 -j DROP
-A fpbxreject -p udp -m udp --dport 5060:5261 -m string --string "User-Agent: sipvicious" --algo bm --to 65535 -j DROP
-A fpbxreject -p tcp -m tcp --dport 5060:5261 -m string --string "User-Agent: sipvicious" --algo bm --to 65535 -j DROP
-A fpbxreject -p udp -m udp --dport 5060:5261 -m string --string "User-Agent: sip-scan" --algo bm --to 65535 -j DROP
-A fpbxreject -p tcp -m tcp --dport 5060:5261 -m string --string "User-Agent: sip-scan" --algo bm --to 65535 -j DROP
-A fpbxreject -p udp -m udp --dport 5060:5261 -m string --string "User-Agent: sipsak" --algo bm --to 65535 -j DROP
-A fpbxreject -p tcp -m tcp --dport 5060:5261 -m string --string "User-Agent: sipsak" --algo bm --to 65535 -j DROP
-A fpbxreject -p udp -m udp --dport 5060:5261 -m string --string "User-Agent: sundayddr" --algo bm --to 65535 -j DROP
-A fpbxreject -p tcp -m tcp --dport 5060:5261 -m string --string "User-Agent: sundayddr" --algo bm --to 65535 -j DROP
-A fpbxreject -p udp -m udp --dport 5060:5261 -m string --string "User-Agent: friendly-scanner" --algo bm --to 65535 -j DROP
-A fpbxreject -p tcp -m tcp --dport 5060:5261 -m string --string "User-Agent: friendly-scanner" --algo bm --to 65535 -j DROP
-A fpbxreject -p udp -m udp --dport 5060:5261 -m string --string "User-Agent: iWar" --algo bm --to 65535 -j DROP
-A fpbxreject -p tcp -m tcp --dport 5060:5261 -m string --string "User-Agent: iWar" --algo bm --to 65535 -j DROP
-A fpbxreject -p udp -m udp --dport 5060:5261 -m string --string "User-Agent: CSipSimple" --algo bm --to 65535 -j DROP
-A fpbxreject -p tcp -m tcp --dport 5060:5261 -m string --string "User-Agent: CSipSimple" --algo bm --to 65535 -j DROP
-A fpbxreject -p udp -m udp --dport 5060:5261 -m string --string "User-Agent: SIVuS" --algo bm --to 65535 -j DROP
-A fpbxreject -p tcp -m tcp --dport 5060:5261 -m string --string "User-Agent: SIVuS" --algo bm --to 65535 -j DROP
-A fpbxreject -p udp -m udp --dport 5060:5261 -m string --string "User-Agent: Gulp" --algo bm --to 65535 -j DROP
-A fpbxreject -p tcp -m tcp --dport 5060:5261 -m string --string "User-Agent: Gulp" --algo bm --to 65535 -j DROP
-A fpbxreject -p udp -m udp --dport 5060:5261 -m string --string "User-Agent: sipv" --algo bm --to 65535 -j DROP
-A fpbxreject -p tcp -m tcp --dport 5060:5261 -m string --string "User-Agent: sipv" --algo bm --to 65535 -j DROP
-A fpbxreject -p udp -m udp --dport 5060:5261 -m string --string "User-Agent: smap" --algo bm --to 65535 -j DROP
-A fpbxreject -p tcp -m tcp --dport 5060:5261 -m string --string "User-Agent: smap" --algo bm --to 65535 -j DROP
-A fpbxreject -p udp -m udp --dport 5060:5261 -m string --string "User-Agent: friendly-request" --algo bm --to 65535 -j DROP
-A fpbxreject -p tcp -m tcp --dport 5060:5261 -m string --string "User-Agent: friendly-request" --algo bm --to 65535 -j DROP
-A fpbxreject -p udp -m udp --dport 5060:5261 -m string --string "User-Agent: VaxIPUserAgent" --algo bm --to 65535 -j DROP
-A fpbxreject -p tcp -m tcp --dport 5060:5261 -m string --string "User-Agent: VaxIPUserAgent" --algo bm --to 65535 -j DROP
-A fpbxreject -p udp -m udp --dport 5060:5261 -m string --string "User-Agent: VaxSIPUserAgent" --algo bm --to 65535 -j DROP
-A fpbxreject -p tcp -m tcp --dport 5060:5261 -m string --string "User-Agent: VaxSIPUserAgent" --algo bm --to 65535 -j DROP
-A fpbxreject -p udp -m udp --dport 5060:5261 -m string --string "User-Agent: siparmyknife" --algo bm --to 65535 -j DROP
-A fpbxreject -p tcp -m tcp --dport 5060:5261 -m string --string "User-Agent: siparmyknife" --algo bm --to 65535 -j DROP
-A fpbxreject -p udp -m udp --dport 5060:5261 -m string --string "User-Agent: Test" --algo bm --to 65535 -j DROP
-A fpbxreject -p tcp -m tcp --dport 5060:5261 -m string --string "User-Agent: Test" --algo bm --to 65535 -j DROP

Also its worth adding these ranges as little good will ever come from them

# Ponytelecom ranges
-A INPUT -s 62.210.0.0/16 -j DROP
-A INPUT -s 195.154.0.0/16 -j DROP
-A INPUT -s 212.129.0.0/18 -j DROP
-A INPUT -s 62.4.0.0/19 -j DROP
-A INPUT -s 212.83.128.0/19 -j DROP
-A INPUT -s 212.83.160.0/19 -j DROP
-A INPUT -s 212.47.224.0/19 -j DROP
-A INPUT -s 163.172.0.0/16 -j DROP
-A INPUT -s 51.15.0.0/16 -j DROP
-A INPUT -s 151.115.0.0/16 -j DROP

# VITOX TELECOM
-A INPUT -s 77.247.109.0/255.255.255.0 -p udp -j DROP 
-A INPUT -s 185.53.88.0/24 -p udp -j DROP 
-A INPUT -s 185.53.89.0/24 -p udp -j DROP 
-A INPUT -s 37.49.224.0/24 -p udp -j DROP 
-A INPUT -s 37.49.230.0/24 -p udp -j DROP 
-A INPUT -s 37.49.231.0/24 -p udp -j DROP 
-A INPUT -s 77.247.110.0/255.255.255.0 -p udp -j DROP