Firewall Blacklist/Whitelist

:( It is not working for me. I have a self-hosted (Public IP) box and to test it, I set IPTables to drop all packets from my IP address but I could still register a phone and use the system as normal. I ran the ./firewall-whitelist-gen.sh and ./firewall-whitelist.sh and Applied configuration in Webmin - but that made no difference. I am running 1.7.5.5.3 Purple.
Thanks!
 
rossiv said:
:( It is not working for me. I have a self-hosted (Public IP) box and to test it, I set IPTables to drop all packets from my IP address but I could still register a phone and use the system as normal. I ran the ./firewall-whitelist-gen.sh and ./firewall-whitelist.sh and Applied configuration in Webmin - but that made no difference. I am running 1.7.5.5.3 Purple.
Thanks!
Click to expand...

Can you post the output of "iptables -vnL"? and tell us what the IP address of the blocked phone is?
 
kh40s said:
Can you post the output of "iptables -vnL"? and tell us what the IP address of the blocked phone is?
Click to expand...
Well I would, but my server is not responding and I think I blocked myself from it... :D And it is 40 miles away from me..... OR it somehow turned itself off or the power went out or something. If I can get access to it again, I will post back.
 
Hi

I see your script opens up IP Tables for your Voice over IP providers, if I have read your script properly.

You advocate not opening an external firewall to SIP providers, simply choosing the right SIP provider, and the right router, yet the script opens these ports to the carriers IP address on IP-Tables.

I think that these should only be opened if the carrier is sending DID to you over SIP without authentication.

Can you explain further why opening the ports on IP-Tables to carriers is necessary in this scenario but not where an external hardware firewall is concerned.

Joe
 
Ive installed these scripts on two machines and have the same issue on both.

The scripts run, the the running firewall is updated, the iptables gets copied, but the iptables file is not updated.

Bassically, no whitelist after a reboot or iptables restart.
 
After running the two scripts,

Trying doing: service iptables save

Check to see if they're still there: iptables -nL

Reload iptables: service iptables restart

Check to see if they're still there: iptables -nL
 
wardmundy said:
After running the two scripts,

Trying doing: service iptables save

Check to see if they're still there: iptables -nL

Reload iptables: service iptables restart

Check to see if they're still there: iptables -nL
Click to expand...

"Service iptables save" fixed my issue.

I checked the script, and this command is commented out at the end of the script.
 
You must log in or register to reply here.

Members online

No members online now.
Total: 97 (members: 0, guests: 97)

Latest Posts

Forum statistics

Threads
26,700
Messages
174,476
Members
20,270
Latest member
kossolax
Get 3CX - Absolutely Free!

Link up your team and customers Phone System Live Chat Video Conferencing

Hosted or Self-managed. Up to 10 users free forever. No credit card. Try risk free.

3CX
A 3CX Account with that email already exists. You will be redirected to the Customer Portal to sign in or reset your password if you've forgotten it.
Verify your Email

Check your inbox!

We’ve sent you an email. Click on the button in the email body to verify your email address – (if you can not find it, check your spam folder).

Upon verification you will be directed to the 3CX setup wizard.

Back
Top