Reply To: RE: Could someone explain the different whitelists and banlist?

VitalPBX Community Support General Discussion Could someone explain the different whitelists and banlist? Reply To: RE: Could someone explain the different whitelists and banlist?

    InTeleSync
    Participant
    Up
    0
    Down

    I have learned [the hard way] that if you define a Firewall Whitelist, then the behavior will be that ALL connections will be blacklisted with only the Whitelist allowed in. This happens with your first entry into the Firewall Whitelist.

    What’s worse is that if you decide to go and remove all entries from that Firewall Whitelist, essentially taking yourself what you would perceive to be back to the system installation default, then ALL connections will ***continue*** to be blacklisted.

    At that point, particularly if you’re on something like AWS which does not provide a console access, then you’re dorked! The rewrite of iptables from within the VitalPBX GUI needs to accommodate for this type of change accordingly.

    Please fix this VitalPBX.

    As to @ictall’s question, it seems to me that running the Firewall at all on something like GCS/AWS/Azure is not really necessary since there’s a firewall in front of the instance anyways. Of course, with it off then the possibility of dorking yourself becomes less.

    So all this begs the question… If Firewall is Disabled does Intrustion Protection (fail2ban) still work if that is Enabled in the GUI?

    0