SOLVED Travelin Man not updating whitelist (Green / Asterisk11)

You got a little lost in the conversation.

I was trying to get the new chain 'WHITELIST' working but I also had issues. So I gave up and just changed everything to the system chain 'INPUT'

So if you were using a clean build and did not do any of the changes listed above you would only have to do :

1: --->>> Edit the sudoers file - /etc/sudoers - to add the line
asterisk ALL = NOPASSWD: /sbin/iptables
at the very bottom.

2: --->>> Edit the web page - /var/www/travelman/37272/index.php -
change these lines:

exec('sudo /sbin/iptables -D WHITELIST -s '.$thisip.' -j ACCEPT');
exec('sudo /sbin/iptables -A WHITELIST -s '.$thisip.' -j ACCEPT');

to these lines:
exec('sudo /sbin/iptables -D INPUT -s '.$thisip.' -j ACCEPT');
exec('sudo /sbin/iptables -A INPUT -s '.$thisip.' -j ACCEPT');
That's all that is needed to make it work . . .


I went on to say that if your only issue is that you need to restart iptables you could just add the following command listed below after the above commands. (on any set of instructions) - however I did not need to restart the iptables. I only needed the changes listed as #1 and as #2 above.

This line will restart the tables inside that index.php file --->>> exec('sudo /sbin/iptables-restart')

Hope this is clearer.

Paul
 
Paul,
in the sudoers file at the very bottom there is already the last line with asterisk ALL= NOPASSWD: with things like /sbin/reboot and a few others, can i add to those or should i start a new line below that?

as for number 2, in my /var/www/travelman directory i dont have a file with 37272, i have instead these numbers all of which have index.php in them: 13777, 32118, 34895, 35845, 41547 so which one should i change? or should i change all of them?
thanks
Ben


LetMeSee said:
You got a little lost in the conversation.

I was trying to get the new chain 'WHITELIST' working but I also had issues. So I gave up and just changed everything to the system chain 'INPUT'

So if you were using a clean build and did not do any of the changes listed above you would only have to do :

1: --->>> Edit the sudoers file - /etc/sudoers - to add the line
asterisk ALL = NOPASSWD: /sbin/iptables
at the very bottom.

2: --->>> Edit the web page - /var/www/travelman/37272/index.php -
change these lines:

exec('sudo /sbin/iptables -D WHITELIST -s '.$thisip.' -j ACCEPT');
exec('sudo /sbin/iptables -A WHITELIST -s '.$thisip.' -j ACCEPT');

to these lines:
exec('sudo /sbin/iptables -D INPUT -s '.$thisip.' -j ACCEPT');
exec('sudo /sbin/iptables -A INPUT -s '.$thisip.' -j ACCEPT');
That's all that is needed to make it work . . .


I went on to say that if your only issue is that you need to restart iptables you could just add the following command listed below after the above commands. (on any set of instructions) - however I did not need to restart the iptables. I only needed the changes listed as #1 and as #2 above.

This line will restart the tables inside that index.php file --->>> exec('sudo /sbin/iptables-restart')

Hope this is clearer.

Paul
Click to expand...
 
ariban said:
Paul,
in the sudoers file at the very bottom there is already the last line with asterisk ALL= NOPASSWD: with things like /sbin/reboot and a few others, can i add to those or should i start a new line below that?

as for number 2, in my /var/www/travelman directory i dont have a file with 37272, i have instead these numbers all of which have index.php in them: 13777, 32118, 34895, 35845, 41547 so which one should i change? or should i change all of them?
thanks
Ben
Click to expand...

Make it easy and just add a new line for the sudoers file.

The name of the web folder may vary based on the install. It may even be randomly generated - I did not check.

However, I wonder why you have all the subdirectories in the var/www/travelman. You only need one per remote user and I though you only had one remote.

As per the instructions, you can rename the directories to make it easier for yourself - like your anniversary / birthday or something easy to remember when your on the road to trigger the firewall open and the sip extension allow.

If you are indeed using all 5 directories, then you need to change all 5 index.php files. Since each remote user /extension is tied to one directory, each user must be able to update the iptables with their IP.

Paul
 
Hi Paul,
I will make the changes to all 5 and see what happens, do i have to rerun secure iptables for this to take effect?
Ben
 
No. You only run secure_iptables once at the very beginning to setup the defaults.

Unless your defaults change, like the administration PC or like me, to remove all the 'extras' stuck in as all the allowed suppliers ip's . I like clean iptables and there were so many extras, it was making me use the 'more' command too much.
 
ok i made all the changes you mentioned, however last night i got back from my travels and i have to wait till i go somewhere to test teh new settings to see if it works automatically. right now i have to login to my server via ssh and run iptables restart, so the new ip gets updated for it to work remotely.
thanks for all your help
 
Your welcome.

You can test these changes sitting at the server using your cell phone (if you have a data plan) and a sip client like CSipSimple or 3CXPhone.

Just make sure you don't have your phone's wifi on and also allow sip over your data plan in the Sip programs settings.

Then use your cell phone browser to open the proper traveling man web address and then sign in with the sip client.

Do both. Try sip client, wait for no registration, open traveling man and then retry registration.

That is how I tested it.

Paul
 
LetMeSee said:
Your welcome.

You can test these changes sitting at the server using your cell phone (if you have a data plan) and a sip client like CSipSimple or 3CXPhone.

Just make sure you don't have your phone's wifi on and also allow sip over your data plan in the Sip programs settings.

Then use your cell phone browser to open the proper traveling man web address and then sign in with the sip client.

Do both. Try sip client, wait for no registration, open traveling man and then retry registration.

That is how I tested it.

Paul
Click to expand...


i know its old fashion but i list in mexico where incoming calls are free and i have a prepaid phone for some outgoing and i never use data on my cell, i am always at home with wifi, but one of these days i will go to someone and use his wifi and see if its fixed!
 
i tried it but its still not working! i have to manually login via ssh and run iptables restart for it to update and then my remote phone connects.
i think i will simply redownload everything and reinstall the entire thing and hopefully that works.
do i have to install travelinman 2 before installing 3 or only travelinman 3?
 
that did the trick, i reinstalled the latest and its working now! finally! thanks for all your help and time!
 
You must log in or register to reply here.

Members online

Total: 80 (members: 1, guests: 79)

Latest Posts

Forum statistics

Threads
26,689
Messages
174,413
Members
20,259
Latest member
Fadeek86
Get 3CX - Absolutely Free!

Link up your team and customers Phone System Live Chat Video Conferencing

Hosted or Self-managed. Up to 10 users free forever. No credit card. Try risk free.

3CX
A 3CX Account with that email already exists. You will be redirected to the Customer Portal to sign in or reset your password if you've forgotten it.
Verify your Email

Check your inbox!

We’ve sent you an email. Click on the button in the email body to verify your email address – (if you can not find it, check your spam folder).

Upon verification you will be directed to the 3CX setup wizard.

Back
Top