Updated 9/21/2019 and firewalld is not working.

VitalPBX Community Support General Discussion Updated 9/21/2019 and firewalld is not working.

  • This topic has 24 replies, 2 voices, and was last updated 1 year ago by Steve.
  • Post
    Steve
    Participant

    I just updated Centos 7 to Centos 7.7 and now the firewalld isn’t working  Well it’s working but it isn’t looking at any rules that I have set up in VitalPBX.  Is there an issue with Centos 7.7 and VitalPBX :

    VitalPBX 2.3.6-1
    Asterisk 16.5.0-1
    DAHDI 2.11.1-7

    Please let me know if there is a fix for the firewall and fail2ban working with VitalPBX.

    Thank you.

    0
Viewing 15 replies - 1 through 15 (of 24 total)
  • Replies
    Steve
    Participant
    Up
    0
    Down

    In looking at messages there are all kinds of firewalld errors.

    I will keep searching.

     

    0
    Up
    0
    Down

    This a known issue by Centos & Redhat: https://bugs.centos.org/view.php?id=16425&nbn=7

    You may fix this on VitalPBX removing the mdns rule from the firewall.

    0
    Steve
    Participant
    Up
    0
    Down

    Thanks for the help.  I did the following:

    firewall-cmd –permanent –direct –add-rule ipv6 filter OUTPUT 0 -p udp –dport=5353 -j DROP firewall-cmd –permanent –direct –add-rule ipv4 filter OUTPUT 0 -p udp –dport=5353 -j DROP firewall-cmd –reload

    Then I got:

    Error: COMMAND_FAILED: argument of type ‘Rich_Destination’ is not iterable.

    I am again stuck, could you advise if this is correct or incorrect what how to “removing the mdns rule from the firewall” is how I should have attempted it?

    TIA.

     

     

    0
    Steve
    Participant
    Up
    0
    Down

    I was talking about removing the rule from VitalPBX’s GUI. Check the picture attached.

    0
    Steve
    Participant
    Up
    0
    Down

    Sorry, I miss understood.  I will restore a previous backup and then do a yum update and then go in and remove the mdns.

    Thank you for the clarification

     

     

    0
    Steve
    Participant
    Up
    0
    Down

    Thanks very much.  I will 

    0
    Up
    0
    Down

    You’re welcome

    0
    Steve
    Participant
    Up
    0
    Down

    I removed that rule from firewalld via the VitalPBX web interface.  I rebooted after the yum update and I still can’t get back into VitalPBX.  None of the rules are being added back in.  They are in the web interface but not being loaded into firewalld.  All that iptables -S shows is attached.

     

    0
    Steve
    Participant
    Up
    0
    Down

    There are several errors stating iptables-restore are failing.

    0
    Up
    0
    Down

    Try restarting firewalld

    0
    Steve
    Participant
    Up
    0
    Down

    I did, I even rebooted.  

    0
    Up
    0
    Down

    Do you have any other firewall rule with source or destination defined?

    0
    Steve
    Participant
    Up
    0
    Down

    Yes.  The pbx is installed on a VPS and I only allow my remote site access along with my trunk providers.  The only thing that is wide open in RTP and openvpn.

    I open all ports between my VPS and the static IP address that I have the phones other wide everthing is pretty much closed.

     

    0
    Steve
    Participant
    Up
    0
    Down

    I used to remove firewalld and used iptables by themselves until VitalPBX came out with OpenVPN and decided to stick with ‘out-of-the’box vs. going back to just ipeables.  I haven’t really learned firewalld yet, I am not bad with just iptables.  I realize that firewalld is a different intrface that sets up iptables.  That is why I always went back to iptables and removed firewalld in the past.  This installation is only a couple months old with 100% VitalPBX.

     

    0
Viewing 15 replies - 1 through 15 (of 24 total)
  • The topic ‘Updated 9/21/2019 and firewalld is not working.’ is closed to new replies.