diff --git a/kamailio/default.cfg b/kamailio/default.cfg
index ac451b8..4f2799d 100644
--- a/kamailio/default.cfg
+++ b/kamailio/default.cfg
@@ -284,6 +284,11 @@ loadmodule "permissions.so"
 modparam("permissions", "db_url", "KAZOO_DB_URL")
 modparam("permissions", "db_mode", 1)
 
+######## requires permissions module ########
+#!ifdef EXTRA_TRAFFIC_FILTER_ROLE
+include_file "extra-traffic-filter-role.cfg"
+#!endif
+
 ###### local route ######
 socket_workers=5
 listen=tcp:127.0.0.1:5090
@@ -301,10 +306,16 @@ route
     route(ANTIFLOOD_LIMIT);
     #!endif
 
+    route(CLASSIFY_SOURCE);
+
     #!ifdef TRAFFIC_FILTER_ROLE
     route(FILTER_REQUEST);
     #!endif
 
+    #!ifdef EXTRA_TRAFFIC_FILTER_ROLE
+    route(EXTRA_FILTER_REQUEST);
+    #!endif
+
     #!ifdef ACL_ROLE
     route(ACL_CHECK);
     #!endif
@@ -315,8 +326,6 @@ route
 
     route(LOG_REQUEST);
 
-    route(CLASSIFY_SOURCE);
-
     #!ifdef NAT_TRAVERSAL_ROLE
     route(NAT_DETECT);
     #!endif
diff --git a/kamailio/extra-traffic-filter-role.cfg b/kamailio/extra-traffic-filter-role.cfg
new file mode 100644
index 0000000..8ff9b4b
--- /dev/null
+++ b/kamailio/extra-traffic-filter-role.cfg
@@ -0,0 +1,84 @@
+####### Extra Traffic Filter Role Configuration ########
+
+# Define default values for configuration options if not set in local.cfg
+#!ifndef ETFR_BAN_DURATION
+#!define ETFR_BAN_DURATION 1800
+#!endif
+
+# Define Bad User-Agent Patterns
+#!ifndef ETFR_BAD_UA_PATTERNS
+#!define ETFR_BAD_UA_PATTERNS "friendly-scanner|sipcli|sipsak|VaxSIPUserAgent|iWar|CSipSimple|sipvicious|sip-scan|svmap|VaxIPUserAgent|sundayddr|sipv|smap|PSYCHO|iPing|DiSipell|WebSipp|masscan|zmap|SIPBot|friendly-request|siparmyknife"
+#!endif
+#!substdef "!ETFR_SUBST_BAD_UA_PATTERNS!$def(ETFR_BAD_UA_PATTERNS)!g"
+
+# Define SQL Injection Patterns
+#!ifndef ETFR_SQL_INJECTION_PATTERNS
+#!define ETFR_SQL_INJECTION_PATTERNS "([';]+|(--)+|(%27)+|(%23)+|(%24)+|[;]+|[']+)"
+#!endif
+
+# Initialize htable for banned IPs
+#!substdef "!ETFR_SUBST_BAN_DURATION!$def(ETFR_BAN_DURATION)!g"
+modparam("htable", "htable", "etfr_banned_ips=>size=8;autoexpire=ETFR_SUBST_BAN_DURATION")
+
+# Main Request Route Enhancements
+# Place this code at the appropriate place in your main request_route
+
+route[EXTRA_FILTER_REQUEST] {
+    # Check if the source IP is banned
+    if ($sht(etfr_banned_ips=>$si)) {
+        xlog("L_WARN", "$ci|Fail2Ban| Dropping request from banned IP: $si\n");
+        exit;
+    }
+    
+    # Proceed with INVITE filtering
+    if (is_method("INVITE")) {
+        # Extract the domain from the Request URI
+        $var(domain) = $rd;
+
+        # Check if the domain is an IP address
+        if ($var(domain) =~ "^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$") {
+            # Check if the source IP is in the carrier group
+            if (!(allow_source_address(1) || allow_source_address(10))) {
+                # Source IP is not a carrier, ban the IP
+                xlog("L_ALERT", "$ci|Fail2Ban| Banned IP: $si Reason: INVITE with IP domain from untrusted source\n");
+                route(ETFR_BAN_IP);
+            } else {
+                xlog("L_WARN", "$ci|ETFR| Allowing Carrier IP: $si\n");
+                return;
+            }
+        }
+
+        # Check if the Request URI contains user '1000'
+        if ($rU == "1000") {
+            xlog("L_ALERT", "$ci|Fail2Ban| Banned IP: $si Reason: Attempt to call user 1000\n");
+            route(ETFR_BAN_IP);
+        }
+    }
+
+    # Check for known bad User-Agents
+    if ($ua =~ "(ETFR_SUBST_BAD_UA_PATTERNS)") {
+        xlog("L_ALERT", "$ci|Fail2Ban| Banned IP: $si Reason: Known bad User-Agent: $ua\n");
+        route(ETFR_BAN_IP);
+    }
+
+    # Check for SQL injection patterns in SIP message
+    if ($rb =~ "(ETFR_SQL_INJECTION_PATTERNS)" || $ru =~ "(ETFR_SQL_INJECTION_PATTERNS)") {
+        xlog("L_ALERT", "$ci|Fail2Ban| Banned IP: $si Reason: SQL injection attempt\n");
+        route(ETFR_BAN_IP);
+    }
+
+    return;
+}
+
+# Ban IP Route
+route[ETFR_BAN_IP] {
+    # Add source IP to banned IPs table with auto-expire
+    $sht(etfr_banned_ips=>$si) = $Ts;
+
+    # Log the event for Fail2Ban
+    xlog("L_ALERT", "$ci|end| Added IP $si to etfr_banned_ips htable\n");
+
+    # Drop the request
+    exit;
+}
+
diff --git a/kamailio/local.cfg b/kamailio/local.cfg
index addef24..ad0eb18 100644
--- a/kamailio/local.cfg
+++ b/kamailio/local.cfg
@@ -21,6 +21,7 @@
 # # #!trydef REGISTRAR_SYNC_ROLE
 # # #!trydef PRESENCE_NOTIFY_SYNC_ROLE
 # # #!trydef SIP_TRACE_ROLE
+# # #!trydef EXTRA_TRAFFIC_FILTER_ROLE
 
 ################################################################################
 ## SERVER INFORMATION
@@ -155,3 +156,27 @@ listen=UDP_SIP
 listen=TCP_SIP
 listen=UDP_ALG_SIP
 listen=TCP_ALG_SIP
+
+################################################################################
+## Extra Traffic Filter Role Settings
+################################################################################
+## These settings apply if you enable the EXTRA_TRAFFIC_FILTER_ROLE
+##   It will ban IPs where an IP is found in the request uri, unless it is from
+##   a carrier. It will also ban from usernames of 1000@ unless you allow it.
+##   It will also ban SQL injection attacks and bad sip clients (or older
+##   depreciated ones.
+
+# You can either define carriers here, in a file, or run a script to populate
+# the address table in the database
+## modparam("permissions", "address", "group=10, ip=192.168.1.100")
+## modparam("permissions", "address", "group=10, ip=192.168.1.101")
+## modparam("permissions", "address", "group=10, ip=192.168.1.102")
+
+# Define ban duration in seconds (Optional, default is 1800 seconds)
+# # #!define ETFR_BAN_DURATION 1800
+
+# Define Bad User-Agent Patterns (Optional, default includes a comprehensive list)
+# # #!define ETFR_BAD_UA_PATTERNS "friendly-scanner|sipcli|sipsak|VaxSIPUserAgent|iWar|CSipSimple|sipvicious|sip-scan|svmap|VaxIPUserAgent|sundayddr|sipv|smap|PSYCHO|iPing|DiSipell|WebSipp|masscan|zmap|SIPBot|friendly-request|siparmyknife"
+
+# Define SQL Injection Patterns (Optional, default includes common patterns)
+# # #!define ETFR_SQL_INJECTION_PATTERNS "([';]+|(--)+|(%27)+|(%24)+|(%23)+|[;]+|[']+|[\"+]+)"
\ No newline at end of file
diff --git a/kamailio/traffic-filter-role.cfg b/kamailio/traffic-filter-role.cfg
index 8fe1013..a1baf4e 100644
--- a/kamailio/traffic-filter-role.cfg
+++ b/kamailio/traffic-filter-role.cfg
@@ -55,3 +55,27 @@ route[FILTER_TO_DOMAIN]
     }
 }
 
+route[CCP_SECURITY_CHECKS] {
+#!ifdef WITH_CCP_SECURITY_CHECKS
+  if (is_method("INVITE|REGISTER")) {
+
+    if($ua =~ "(friendly-scanner|sipvicious|pplsip)") {
+        xlog("$ci|block|Fail2Ban blocking traffic from $si Script Kiddie trying to exploit\n");
+        drop();
+        exit;
+    }
+
+    if($au =~ "(\=)|(\-\-)|(')|(\#)|(\%27)|(\%24)" and $au != $null) {
+        xlog("$ci|block|Fail2Ban blocking traffic from $si SQL Injection attack over SIP\n");
+        drop();
+        exit;
+    }
+
+    if($(hdr(Record-Route)[0]{nameaddr.uri}) != $si and $(hdr(Record-Route)[0]{nameaddr.uri}) != $null) {
+        xlog("$ci|block|Fail2Ban blocking traffic from $si Spoofing attack over SIP\n");
+        drop();
+        exit;
+    }
+  }
+#!endif
+}