- September 21, 2019 at 1:03 pm
I just updated Centos 7 to Centos 7.7 and now the firewalld isn’t working Well it’s working but it isn’t looking at any rules that I have set up in VitalPBX. Is there an issue with Centos 7.7 and VitalPBX :
Please let me know if there is a fix for the firewall and fail2ban working with VitalPBX.
- September 21, 2019 at 6:23 pm
- September 21, 2019 at 6:29 pm
You mean that now I have to open it the world and can’t only allow certain ports to/from a single IP address or two?
If so, that kind of defeats the purpose of a firewall doesn’t it? It opens it up to more hackers to try to hack the pbx?
If so, looks like I will have to go back and not do an upgrade to Centos 7.7? Maybe I am missing your point again.0
- September 22, 2019 at 12:57 pm
- September 22, 2019 at 1:03 pm
- September 22, 2019 at 1:41 pm
Thank you I know you told me this, you also told me by removing the mdns entry then it should work but it did’t.
I am trying to decide how I can protect my pbx since the firewall is not broken. I asked that question. Since there is no solution at this time, I will go back to what I had with out the Centos 7.7 upgrade.
That was my question if I can keep this at Centos 7.7 or go back. So it was not clear to me what I should do, Since you “told me already” as you stated, I apologize for not understanding.
Sorry for being stupid.0
- September 23, 2019 at 3:17 pm
Answering to your questions:
- Yes, you should go back to Centos version before Centos 7.7
- I told you that removing the mdns rule the error will get fixed because I believed you were using the default firewall rules.
Now, I would like to explain more deeply or clear the issue related to Centos 7.7 and firewall-d, the issue happens when a rich rule is defined with a source o destination, so, due the default firewall for vitalpbx only comes with one rule that have a destination (mdns), removing this rule is more than enough, however, if you have another custom rules with source and destination, you will have to remove the rules or remove the source and destination from those rules.
On another hand, We are working on a solution for this, we hope to get some solution for this soon.0
- September 23, 2019 at 3:55 pm
- September 29, 2019 at 3:05 pm
Has this been resolved in 2.3.6-1?
If it hasn’t and it is fixed would the best way be to do a yum update to get the fix and any other fixes the come down the road?
I would like to be able to limit certain ports only allowed from specific ip addresses vs. relying on fail2ban to catch everything.0
- September 29, 2019 at 7:01 pm
I do believe the above fixes the issue. I did the fix above and did a yum update all to get all the updates needed. Just in case I ran your yum commands again.
iptables seem to load as expected now.
It looks like all of my rules loaded as expect also.
I made some test calls in/out and everything appears to work now as expected.
Thank you kindly.0
- The topic ‘Updated 9/21/2019 and firewalld is not working.’ is closed to new replies.