When you run the GNU Gatekeeper, you can block Spam Calls from the well known bots ("MERA RU", "SimpleOPAL" etc.) eg. using a small LUA script in your config.

But that alone doesn't stop the load on the server, because often these bots keep on making calls.

Fail2ban to the rescue!

With this filter definition in /etc/fail2ban/filter.d/gnugk.conf you can check fro rejected calls:

[Definition]
failregex = Dropping call CRV=[0-9]+ from :[0-9]+ due to Setup authentication failure
ignoreregex =


And then you can add this jail definition to /etc/fail2ban/jail.local to block the IP:

[gnugk]
enabled  = true
logpath  = /var/log/gnugk.log
filter   = gnugk
bantime  = 6000
maxretry = 2
action   = iptables[name=GnuGk, port=1720, protocol=tcp]


Voila!