ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Sangoma Responsive Firewall Error on FreePBX

    IT Discussion
    freepbx linux centos 6
    2
    14
    5.2k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • scottalanmillerS
      scottalanmiller
      last edited by

      Here is the complete output of the log, including the part where the log tells you to look in the same log for more info.

      Starting firewall.
1463587870: Wall: 'Firewall service now starting.

' returned 0
1463587871: INTERFACE INIT: eth0 => trusted
1463587871: /sbin/iptables -N fpbxfirewall
iptables: Invalid argument. Run `dmesg' for more information.
1463587871: /sbin/ip6tables -N fpbxfirewall
1463587871: /sbin/iptables -I INPUT -j fpbxfirewall
1463587871: /sbin/ip6tables -I INPUT -j fpbxfirewall
1463587871: /sbin/iptables -N fpbxfirewall
iptables: Chain already exists.
1463587871: /sbin/ip6tables -N fpbxfirewall
ip6tables: Chain already exists.
1463587871: /sbin/ip6tables -A fpbxfirewall -i lo -j ACCEPT
1463587871: /sbin/iptables -A fpbxfirewall -i lo -j ACCEPT
1463587871: /sbin/ip6tables -A fpbxfirewall -p tcp -m state --state RELATED,ESTABLISHED -j ACCEPT
1463587871: /sbin/iptables -A fpbxfirewall -p tcp -m state --state RELATED,ESTABLISHED -j ACCEPT
1463587871: /sbin/ip6tables -A fpbxfirewall -p udp --sport 1:1024 -m state --state RELATED,ESTABLISHED -j ACCEPT
1463587872: /sbin/iptables -A fpbxfirewall -p udp --sport 1:1024 -m state --state RELATED,ESTABLISHED -j ACCEPT
1463587872: /sbin/iptables -A fpbxfirewall -p icmp -j ACCEPT
1463587872: /sbin/ip6tables -A fpbxfirewall -p ipv6-icmp -j ACCEPT
1463587872: /sbin/iptables -A fpbxfirewall -d 255.255.255.255/32 -j ACCEPT
1463587872: /sbin/ip6tables -A fpbxfirewall -m pkttype --pkt-type multicast -j ACCEPT
1463587872: /sbin/iptables -A fpbxfirewall -m pkttype --pkt-type multicast -j ACCEPT
1463587872: /sbin/ip6tables -A fpbxfirewall -p udp -m udp --dport 67:68 --sport 67:68 -j ACCEPT
1463587872: /sbin/iptables -A fpbxfirewall -p udp -m udp --dport 67:68 --sport 67:68 -j ACCEPT
1463587872: /sbin/iptables -N fpbx-rtp
1463587872: /sbin/ip6tables -N fpbx-rtp
1463587872: /sbin/ip6tables -A fpbxfirewall -j fpbx-rtp
1463587872: /sbin/iptables -A fpbxfirewall -j fpbx-rtp
1463587872: /sbin/iptables -N fpbxblacklist
1463587872: /sbin/ip6tables -N fpbxblacklist
1463587872: /sbin/ip6tables -A fpbxfirewall -j fpbxblacklist
1463587872: /sbin/iptables -A fpbxfirewall -j fpbxblacklist
1463587872: /sbin/iptables -N fpbxsignalling
1463587872: /sbin/ip6tables -N fpbxsignalling
1463587872: /sbin/ip6tables -A fpbxfirewall -j fpbxsignalling
1463587872: /sbin/iptables -A fpbxfirewall -j fpbxsignalling
1463587872: /sbin/iptables -N fpbxsmarthosts
1463587872: /sbin/ip6tables -N fpbxsmarthosts
1463587872: /sbin/ip6tables -A fpbxfirewall -j fpbxsmarthosts
1463587872: /sbin/iptables -A fpbxfirewall -j fpbxsmarthosts
1463587872: /sbin/iptables -N fpbxregistrations
1463587872: /sbin/ip6tables -N fpbxregistrations
1463587872: /sbin/ip6tables -A fpbxfirewall -j fpbxregistrations
1463587872: /sbin/iptables -A fpbxfirewall -j fpbxregistrations
1463587872: /sbin/iptables -N fpbxnets
1463587872: /sbin/ip6tables -N fpbxnets
1463587872: /sbin/ip6tables -A fpbxfirewall -j fpbxnets
1463587872: /sbin/iptables -A fpbxfirewall -j fpbxnets
1463587872: /sbin/iptables -N fpbxhosts
1463587872: /sbin/ip6tables -N fpbxhosts
1463587872: /sbin/ip6tables -A fpbxfirewall -j fpbxhosts
1463587872: /sbin/iptables -A fpbxfirewall -j fpbxhosts
1463587872: /sbin/iptables -N fpbxinterfaces
1463587872: /sbin/ip6tables -N fpbxinterfaces
1463587872: /sbin/ip6tables -A fpbxfirewall -j fpbxinterfaces
1463587872: /sbin/iptables -A fpbxfirewall -j fpbxinterfaces
1463587872: /sbin/iptables -N fpbxreject
1463587872: /sbin/ip6tables -N fpbxreject
1463587872: /sbin/ip6tables -A fpbxfirewall -j fpbxreject
1463587872: /sbin/iptables -A fpbxfirewall -j fpbxreject
1463587872: /sbin/iptables -N fpbxrfw
1463587872: /sbin/ip6tables -N fpbxrfw
1463587872: /sbin/ip6tables -A fpbxfirewall -m mark --mark 0x2/0x2 -j fpbxrfw
1463587872: /sbin/iptables -A fpbxfirewall -m mark --mark 0x2/0x2 -j fpbxrfw
1463587872: /sbin/iptables -N fpbxlogdrop
1463587872: /sbin/ip6tables -N fpbxlogdrop
1463587872: /sbin/ip6tables -A fpbxfirewall -j fpbxlogdrop
1463587872: /sbin/iptables -A fpbxfirewall -j fpbxlogdrop
1463587872: /sbin/iptables -N zone-trusted
1463587872: /sbin/ip6tables -N zone-trusted
1463587872: /sbin/ip6tables -A zone-trusted -j ACCEPT
1463587872: /sbin/iptables -A zone-trusted -j ACCEPT
1463587872: /sbin/ip6tables -A fpbxrfw -m recent --set --name REPEAT --rsource 
1463587872: /sbin/iptables -A fpbxrfw -m recent --set --name REPEAT --rsource 
1463587872: /sbin/ip6tables -A fpbxrfw -m recent --set --name DISCOVERED --rsource 
1463587872: /sbin/iptables -A fpbxrfw -m recent --set --name DISCOVERED --rsource 
1463587872: /sbin/iptables -N fpbxattacker
1463587872: /sbin/ip6tables -N fpbxattacker
1463587872: /sbin/ip6tables -A fpbxrfw -m recent --rcheck --seconds 10 --hitcount 50 --name REPEAT --rsource -j fpbxattacker
ip6tables: Invalid argument. Run `dmesg' for more information.
1463587872: /sbin/iptables -A fpbxrfw -m recent --rcheck --seconds 10 --hitcount 50 --name REPEAT --rsource -j fpbxattacker
iptables: Invalid argument. Run `dmesg' for more information.
1463587872: /sbin/ip6tables -A fpbxrfw -m recent --rcheck --seconds 86400 --hitcount 1 --name ATTACKER --rsource -j fpbxattacker
1463587872: /sbin/iptables -A fpbxrfw -m recent --rcheck --seconds 86400 --hitcount 1 --name ATTACKER --rsource -j fpbxattacker
1463587872: /sbin/iptables -N fpbxshortblock
1463587872: /sbin/ip6tables -N fpbxshortblock
1463587872: /sbin/ip6tables -A fpbxrfw -m recent --rcheck --seconds 60 --hitcount 10 --name SIGNALLING --rsource -j fpbxshortblock
1463587872: /sbin/iptables -A fpbxrfw -m recent --rcheck --seconds 60 --hitcount 10 --name SIGNALLING --rsource -j fpbxshortblock
1463587872: /sbin/ip6tables -A fpbxrfw -m recent --set --name SIGNALLING --rsource 
1463587872: /sbin/iptables -A fpbxrfw -m recent --set --name SIGNALLING --rsource 
1463587872: /sbin/ip6tables -A fpbxrfw -m recent --rcheck --seconds 86400 --hitcount 100 --name REPEAT --rsource -j fpbxattacker
ip6tables: Invalid argument. Run `dmesg' for more information.
1463587872: /sbin/iptables -A fpbxrfw -m recent --rcheck --seconds 86400 --hitcount 100 --name REPEAT --rsource -j fpbxattacker
iptables: Invalid argument. Run `dmesg' for more information.
1463587872: /sbin/ip6tables -A fpbxrfw -j ACCEPT
1463587872: /sbin/iptables -A fpbxrfw -j ACCEPT
1463587872: /sbin/ip6tables -A fpbxattacker -m recent --set --name ATTACKER --rsource 
1463587872: /sbin/iptables -A fpbxattacker -m recent --set --name ATTACKER --rsource 
1463587872: /sbin/ip6tables -A fpbxattacker -j LOG --log-prefix 'attacker: '
1463587872: /sbin/iptables -A fpbxattacker -j LOG --log-prefix 'attacker: '
1463587872: /sbin/ip6tables -A fpbxattacker -j DROP
1463587872: /sbin/iptables -A fpbxattacker -j DROP
1463587872: /sbin/ip6tables -A fpbxshortblock -m recent --set --name CLAMPED --rsource 
1463587872: /sbin/iptables -A fpbxshortblock -m recent --set --name CLAMPED --rsource 
1463587872: /sbin/ip6tables -A fpbxshortblock -j LOG --log-prefix 'clamped: '
1463587872: /sbin/iptables -A fpbxshortblock -j LOG --log-prefix 'clamped: '
1463587872: /sbin/ip6tables -A fpbxshortblock -j REJECT
1463587872: /sbin/iptables -A fpbxshortblock -j REJECT
1463587872: /sbin/ip6tables -A fpbxlogdrop -j REJECT
1463587872: /sbin/iptables -A fpbxlogdrop -j REJECT
1463587872: /sbin/iptables -N fpbxknownreg
1463587872: /sbin/ip6tables -N fpbxknownreg
1463587872: /sbin/ip6tables -A fpbxknownreg -m mark --mark 0x1/0x1 -j ACCEPT
1463587872: /sbin/iptables -A fpbxknownreg -m mark --mark 0x1/0x1 -j ACCEPT
1463587872: /sbin/iptables -N fpbxsvc-ucp
1463587872: /sbin/ip6tables -N fpbxsvc-ucp
1463587872: /sbin/ip6tables -A fpbxknownreg -j fpbxsvc-ucp
1463587872: /sbin/iptables -A fpbxknownreg -j fpbxsvc-ucp
1463587872: /sbin/iptables -N fpbxsvc-zulu
1463587872: /sbin/ip6tables -N fpbxsvc-zulu
1463587872: /sbin/ip6tables -A fpbxknownreg -j fpbxsvc-zulu
1463587872: /sbin/iptables -A fpbxknownreg -j fpbxsvc-zulu
1463587872: /sbin/ip6tables -A fpbxinterfaces -i eth0 -j zone-trusted
1463587872: /sbin/iptables -A fpbxinterfaces -i eth0 -j zone-trusted
1463587872: /sbin/iptables -A fpbxnets -s 109.98.255.68/32 -j zone-trusted
1463587872: /sbin/iptables -A fpbxnets -s 109.98.255.0/24 -j zone-trusted
1463587873: /sbin/iptables -N fpbxsvc-ssh
1463587873: /sbin/ip6tables -N fpbxsvc-ssh
1463587873: /sbin/ip6tables -F fpbxsvc-ssh
1463587873: /sbin/ip6tables -A fpbxsvc-ssh -p tcp -m tcp --dport 22 -j ACCEPT
1463587873: /sbin/iptables -F fpbxsvc-ssh
1463587873: /sbin/iptables -A fpbxsvc-ssh -p tcp -m tcp --dport 22 -j ACCEPT
1463587873: /sbin/iptables -N zone-external
1463587873: /sbin/ip6tables -N zone-external
1463587873: /sbin/ip6tables -A zone-external -j fpbxsvc-ssh
1463587873: /sbin/iptables -N zone-internal
1463587873: /sbin/ip6tables -N zone-internal
1463587873: /sbin/ip6tables -A zone-internal -j fpbxsvc-ssh
1463587873: /sbin/iptables -A zone-external -j fpbxsvc-ssh
1463587873: /sbin/iptables -A zone-internal -j fpbxsvc-ssh
1463587873: /sbin/iptables -N fpbxsvc-http
1463587873: /sbin/ip6tables -N fpbxsvc-http
1463587873: /sbin/ip6tables -F fpbxsvc-http
1463587873: /sbin/ip6tables -A fpbxsvc-http -p tcp -m tcp --dport 80 -j ACCEPT
1463587873: /sbin/iptables -F fpbxsvc-http
1463587873: /sbin/iptables -A fpbxsvc-http -p tcp -m tcp --dport 80 -j ACCEPT
1463587873: /sbin/ip6tables -A zone-internal -j fpbxsvc-http
1463587873: /sbin/iptables -A zone-internal -j fpbxsvc-http
1463587873: /sbin/iptables -N fpbxsvc-https
1463587873: /sbin/ip6tables -N fpbxsvc-https
1463587873: /sbin/ip6tables -F fpbxsvc-https
1463587873: /sbin/ip6tables -A fpbxsvc-https -p tcp -m tcp --dport 443 -j ACCEPT
1463587873: /sbin/iptables -F fpbxsvc-https
1463587873: /sbin/iptables -A fpbxsvc-https -p tcp -m tcp --dport 443 -j ACCEPT
1463587873: /sbin/ip6tables -A zone-external -j fpbxsvc-https
1463587873: /sbin/ip6tables -A zone-internal -j fpbxsvc-https
1463587873: /sbin/iptables -A zone-external -j fpbxsvc-https
1463587873: /sbin/iptables -A zone-internal -j fpbxsvc-https
1463587873: /sbin/ip6tables -F fpbxsvc-ucp
1463587873: /sbin/ip6tables -A fpbxsvc-ucp -p tcp -m tcp --dport 81 -j ACCEPT
1463587873: /sbin/ip6tables -A fpbxsvc-ucp -p tcp -m tcp --dport 8001 -j ACCEPT
1463587873: /sbin/ip6tables -A fpbxsvc-ucp -p tcp -m tcp --dport 8003 -j ACCEPT
1463587873: /sbin/iptables -F fpbxsvc-ucp
1463587873: /sbin/iptables -A fpbxsvc-ucp -p tcp -m tcp --dport 81 -j ACCEPT
1463587873: /sbin/iptables -A fpbxsvc-ucp -p tcp -m tcp --dport 8001 -j ACCEPT
1463587873: /sbin/iptables -A fpbxsvc-ucp -p tcp -m tcp --dport 8003 -j ACCEPT
1463587873: /sbin/ip6tables -A zone-external -j fpbxsvc-ucp
1463587873: /sbin/iptables -N zone-other
1463587873: /sbin/ip6tables -N zone-other
1463587873: /sbin/ip6tables -A zone-other -j fpbxsvc-ucp
1463587873: /sbin/ip6tables -A zone-internal -j fpbxsvc-ucp
1463587873: /sbin/iptables -A zone-external -j fpbxsvc-ucp
1463587873: /sbin/iptables -A zone-other -j fpbxsvc-ucp
1463587873: /sbin/iptables -A zone-internal -j fpbxsvc-ucp
1463587873: /sbin/iptables -N fpbxsvc-pjsip
1463587873: /sbin/ip6tables -N fpbxsvc-pjsip
1463587873: /sbin/ip6tables -F fpbxsvc-pjsip
1463587873: /sbin/ip6tables -A fpbxsvc-pjsip -p udp -m udp --dport 5060 -j ACCEPT
1463587873: /sbin/iptables -F fpbxsvc-pjsip
1463587873: /sbin/iptables -A fpbxsvc-pjsip -p udp -m udp --dport 5060 -j ACCEPT
1463587873: /sbin/ip6tables -A zone-external -j fpbxsvc-pjsip
1463587873: /sbin/ip6tables -A zone-other -j fpbxsvc-pjsip
1463587873: /sbin/ip6tables -A zone-internal -j fpbxsvc-pjsip
1463587873: /sbin/iptables -A zone-external -j fpbxsvc-pjsip
1463587873: /sbin/iptables -A zone-other -j fpbxsvc-pjsip
1463587873: /sbin/iptables -A zone-internal -j fpbxsvc-pjsip
1463587873: /sbin/iptables -N fpbxsvc-chansip
1463587873: /sbin/ip6tables -N fpbxsvc-chansip
1463587873: /sbin/ip6tables -F fpbxsvc-chansip
1463587873: /sbin/ip6tables -A fpbxsvc-chansip -p udp -m udp --dport 5061 -j ACCEPT
1463587873: /sbin/iptables -F fpbxsvc-chansip
1463587873: /sbin/iptables -A fpbxsvc-chansip -p udp -m udp --dport 5061 -j ACCEPT
1463587873: /sbin/ip6tables -A zone-internal -j fpbxsvc-chansip
1463587873: /sbin/iptables -A zone-internal -j fpbxsvc-chansip
1463587873: /sbin/iptables -N fpbxsvc-iax
1463587873: /sbin/ip6tables -N fpbxsvc-iax
1463587873: /sbin/ip6tables -F fpbxsvc-iax
1463587873: /sbin/ip6tables -A fpbxsvc-iax -p udp -m udp --dport 4569 -j ACCEPT
1463587873: /sbin/iptables -F fpbxsvc-iax
1463587873: /sbin/iptables -A fpbxsvc-iax -p udp -m udp --dport 4569 -j ACCEPT
1463587873: /sbin/ip6tables -A zone-internal -j fpbxsvc-iax
1463587873: /sbin/iptables -A zone-internal -j fpbxsvc-iax
1463587873: /sbin/iptables -N fpbxsvc-webrtc
1463587873: /sbin/ip6tables -N fpbxsvc-webrtc
1463587873: /sbin/ip6tables -F fpbxsvc-webrtc
1463587873: /sbin/ip6tables -A fpbxsvc-webrtc -p tcp -m tcp --dport 8088 -j ACCEPT
1463587873: /sbin/ip6tables -A fpbxsvc-webrtc -p tcp -m tcp --dport 8089 -j ACCEPT
1463587873: /sbin/iptables -F fpbxsvc-webrtc
1463587873: /sbin/iptables -A fpbxsvc-webrtc -p tcp -m tcp --dport 8088 -j ACCEPT
1463587873: /sbin/iptables -A fpbxsvc-webrtc -p tcp -m tcp --dport 8089 -j ACCEPT
1463587873: /sbin/ip6tables -A zone-external -j fpbxsvc-webrtc
1463587873: /sbin/iptables -A zone-external -j fpbxsvc-webrtc
1463587873: /sbin/iptables -N fpbxsvc-isymphony
1463587873: /sbin/ip6tables -N fpbxsvc-isymphony
1463587873: /sbin/ip6tables -F fpbxsvc-isymphony
1463587873: /sbin/ip6tables -A fpbxsvc-isymphony -p tcp -m tcp --dport 58080 -j ACCEPT
1463587873: /sbin/ip6tables -A fpbxsvc-isymphony -p tcp -m tcp --dport 55050 -j ACCEPT
1463587873: /sbin/iptables -F fpbxsvc-isymphony
1463587873: /sbin/iptables -A fpbxsvc-isymphony -p tcp -m tcp --dport 58080 -j ACCEPT
1463587873: /sbin/iptables -A fpbxsvc-isymphony -p tcp -m tcp --dport 55050 -j ACCEPT
1463587873: /sbin/ip6tables -A zone-external -j fpbxsvc-isymphony
1463587873: /sbin/ip6tables -A zone-internal -j fpbxsvc-isymphony
1463587873: /sbin/iptables -A zone-external -j fpbxsvc-isymphony
1463587873: /sbin/iptables -A zone-internal -j fpbxsvc-isymphony
1463587873: /sbin/iptables -N fpbxsvc-provis
1463587873: /sbin/ip6tables -N fpbxsvc-provis
1463587873: /sbin/ip6tables -F fpbxsvc-provis
1463587873: /sbin/ip6tables -A fpbxsvc-provis -p tcp -m tcp --dport 83 -j ACCEPT
1463587873: /sbin/iptables -F fpbxsvc-provis
1463587873: /sbin/iptables -A fpbxsvc-provis -p tcp -m tcp --dport 83 -j ACCEPT
1463587873: /sbin/ip6tables -A zone-other -j fpbxsvc-provis
1463587873: /sbin/ip6tables -A zone-internal -j fpbxsvc-provis
1463587873: /sbin/iptables -A zone-other -j fpbxsvc-provis
1463587873: /sbin/iptables -A zone-internal -j fpbxsvc-provis
1463587873: /sbin/iptables -N fpbxsvc-vpn
1463587873: /sbin/ip6tables -N fpbxsvc-vpn
1463587873: /sbin/ip6tables -F fpbxsvc-vpn
1463587873: /sbin/ip6tables -A fpbxsvc-vpn -p udp -m udp --dport 1194 -j ACCEPT
1463587873: /sbin/iptables -F fpbxsvc-vpn
1463587873: /sbin/iptables -A fpbxsvc-vpn -p udp -m udp --dport 1194 -j ACCEPT
1463587873: /sbin/ip6tables -A zone-external -j fpbxsvc-vpn
1463587873: /sbin/ip6tables -A zone-other -j fpbxsvc-vpn
1463587873: /sbin/ip6tables -A zone-internal -j fpbxsvc-vpn
1463587873: /sbin/iptables -A zone-external -j fpbxsvc-vpn
1463587873: /sbin/iptables -A zone-other -j fpbxsvc-vpn
1463587873: /sbin/iptables -A zone-internal -j fpbxsvc-vpn
1463587873: /sbin/iptables -N fpbxsvc-restapps
1463587873: /sbin/ip6tables -N fpbxsvc-restapps
1463587873: /sbin/ip6tables -F fpbxsvc-restapps
1463587873: /sbin/ip6tables -A fpbxsvc-restapps -p tcp -m tcp --dport 84 -j ACCEPT
1463587873: /sbin/iptables -F fpbxsvc-restapps
1463587873: /sbin/iptables -A fpbxsvc-restapps -p tcp -m tcp --dport 84 -j ACCEPT
1463587873: /sbin/ip6tables -A zone-internal -j fpbxsvc-restapps
1463587873: /sbin/iptables -A zone-internal -j fpbxsvc-restapps
1463587873: /sbin/iptables -N fpbxsvc-xmpp
1463587873: /sbin/ip6tables -N fpbxsvc-xmpp
1463587873: /sbin/ip6tables -F fpbxsvc-xmpp
1463587873: /sbin/ip6tables -A fpbxsvc-xmpp -p tcp -m tcp --dport 5222 -j ACCEPT
1463587873: /sbin/iptables -F fpbxsvc-xmpp
1463587873: /sbin/iptables -A fpbxsvc-xmpp -p tcp -m tcp --dport 5222 -j ACCEPT
1463587873: /sbin/ip6tables -A zone-external -j fpbxsvc-xmpp
1463587873: /sbin/ip6tables -A zone-other -j fpbxsvc-xmpp
1463587873: /sbin/ip6tables -A zone-internal -j fpbxsvc-xmpp
1463587873: /sbin/iptables -A zone-external -j fpbxsvc-xmpp
1463587873: /sbin/iptables -A zone-other -j fpbxsvc-xmpp
1463587873: /sbin/iptables -A zone-internal -j fpbxsvc-xmpp
1463587873: /sbin/iptables -N fpbxsvc-ftp
1463587873: /sbin/ip6tables -N fpbxsvc-ftp
1463587873: /sbin/ip6tables -F fpbxsvc-ftp
1463587873: /sbin/ip6tables -A fpbxsvc-ftp -p tcp -m tcp --dport 21 -j ACCEPT
1463587873: /sbin/iptables -F fpbxsvc-ftp
1463587873: /sbin/iptables -A fpbxsvc-ftp -p tcp -m tcp --dport 21 -j ACCEPT
1463587873: /sbin/ip6tables -A zone-internal -j fpbxsvc-ftp
1463587873: /sbin/iptables -A zone-internal -j fpbxsvc-ftp
1463587873: /sbin/iptables -N fpbxsvc-tftp
1463587873: /sbin/ip6tables -N fpbxsvc-tftp
1463587873: /sbin/ip6tables -F fpbxsvc-tftp
1463587873: /sbin/ip6tables -A fpbxsvc-tftp -p udp -m udp --dport 69 -j ACCEPT
1463587873: /sbin/iptables -F fpbxsvc-tftp
1463587873: /sbin/iptables -A fpbxsvc-tftp -p udp -m udp --dport 69 -j ACCEPT
1463587873: /sbin/ip6tables -A zone-internal -j fpbxsvc-tftp
1463587873: /sbin/iptables -A zone-internal -j fpbxsvc-tftp
1463587873: /sbin/iptables -N fpbxsvc-nfs
1463587873: /sbin/ip6tables -N fpbxsvc-nfs
1463587873: /sbin/iptables -N rejsvc-nfs
1463587873: /sbin/ip6tables -N rejsvc-nfs
1463587873: /sbin/ip6tables -A fpbxreject -j rejsvc-nfs
1463587873: /sbin/iptables -A fpbxreject -j rejsvc-nfs
1463587873: /sbin/iptables -N fpbxsvc-smb
1463587873: /sbin/ip6tables -N fpbxsvc-smb
1463587873: /sbin/iptables -N rejsvc-smb
1463587873: /sbin/ip6tables -N rejsvc-smb
1463587873: /sbin/ip6tables -A fpbxreject -j rejsvc-smb
1463587873: /sbin/iptables -A fpbxreject -j rejsvc-smb
1463587873: /sbin/ip6tables -A fpbx-rtp -p udp -m udp --dport 10000:20000 -j ACCEPT
1463587873: /sbin/ip6tables -A fpbx-rtp -p udp -m udp --dport 4000:4999 -j ACCEPT
1463587873: /sbin/iptables -A fpbx-rtp -p udp -m udp --dport 10000:20000 -j ACCEPT
1463587873: /sbin/iptables -A fpbx-rtp -p udp -m udp --dport 4000:4999 -j ACCEPT
1463587873: /sbin/iptables -A fpbxsignalling -p udp -m udp --dport 5061 -j MARK --set-xmark 0x1/0xffffffff
1463587873: /sbin/iptables -A fpbxsignalling -p udp -m udp --dport 5060 -j MARK --set-xmark 0x1/0xffffffff
1463587873: /sbin/ip6tables -A fpbxhosts -s ::1/128 -j zone-trusted
1463587873: /sbin/iptables -A fpbxhosts -s 127.0.0.1/32 -j zone-trusted
rfw rule 2 not valid (Is '-m recent --rcheck --seconds 86400 --hitcount 1 --name ATTACKER --rsource -j fpbxattacker', should start with '-m recent --rcheck --seconds 10 --hitcount 50 --name REPEAT --rsource')
THIS MAY BE A KERNEL ISSUE. IF THIS KEEPS OCCURRING REBOOT YOUR MACHINE URGENTLY.
1463587908: Wall: 'Firewall Rules corrupted! Restarting in 5 seconds
More information available in /tmp/firewall.log
' returned 0
ERROR  Unable to contact server. Is it running?
PHP Warning:  date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'America/New_York' for 'EDT/-4.0/DST' instead in /var/www/html/admin/modules/sysadmin/hooks/fail2ban-generate on line 76
ERROR  Unable to contact server. Is it running?
      1 Reply Last reply Reply Quote 0
      • scottalanmillerS
        scottalanmiller
        last edited by

        I should note that eth0 was not set to trusted in the interface. It was set to external.

        1 Reply Last reply Reply Quote 0
        • scottalanmillerS
          scottalanmiller
          last edited by

          Module version was 13.0.28. Looks like a number of people reporting this error with 13.0.26 from two weeks ago.

          1 Reply Last reply Reply Quote 0
          • scottalanmillerS
            scottalanmiller
            last edited by

            http://community.freepbx.org/t/firewall-v13-0-26-reporting-firewall-rules-corrupted/34765

            JaredBuschJ 1 Reply Last reply Reply Quote 0
            • JaredBuschJ
              JaredBusch
              last edited by

              @scottalanmiller said in Sangoma Responsive Firewall Error on FreePBX:

              I should note that eth0 was not set to trusted in the interface. It was set to external.

              Interesting that your setting seems not applied. If there are reports of errors, I would roll it back.

              I had a weird error on reboot at one point over the weekend, but everything was good after that.

              The FreePBX GUI makes it easy to roll back a module at least.

              Click check online in module admin and then you can see the "Previous" option in the module info that will show you the rollback buttons.

              0_1463589527104_upload-6b3d97e4-fb30-4441-a57e-75e2dfc8ddf0

              1 Reply Last reply Reply Quote 0
              • JaredBuschJ
                JaredBusch @scottalanmiller
                last edited by

                @scottalanmiller official issue tracker report: http://issues.freepbx.org/browse/FREEPBX-12342

                scottalanmillerS 1 Reply Last reply Reply Quote 0
                • scottalanmillerS
                  scottalanmiller
                  last edited by

                  New install, no rollbacks.

                  0_1463590043268_Screenshot from 2016-05-18 19:47:11.png

                  JaredBuschJ 2 Replies Last reply Reply Quote 0
                  • JaredBuschJ
                    JaredBusch @scottalanmiller
                    last edited by

                    @scottalanmiller said in Sangoma Responsive Firewall Error on FreePBX:

                    New install, no rollbacks.

                    0_1463590043268_Screenshot from 2016-05-18 19:47:11.png

                    You can still roll it back to a prior version.

                    1 Reply Last reply Reply Quote 0
                    • JaredBuschJ
                      JaredBusch @scottalanmiller
                      last edited by

                      @scottalanmiller You did not click the "Check Online" button first. Once you do, you will have the option as stated previously.

                      scottalanmillerS 1 Reply Last reply Reply Quote 1
                      • scottalanmillerS
                        scottalanmiller @JaredBusch
                        last edited by

                        @JaredBusch said in Sangoma Responsive Firewall Error on FreePBX:

                        @scottalanmiller official issue tracker report: http://issues.freepbx.org/browse/FREEPBX-12342

                        LOL, got reported as I was discovering it 🙂

                        1 Reply Last reply Reply Quote 0
                        • scottalanmillerS
                          scottalanmiller @JaredBusch
                          last edited by

                          @JaredBusch said in Sangoma Responsive Firewall Error on FreePBX:

                          @scottalanmiller You did not click the "Check Online" button first. Once you do, you will have the option as stated previously.

                          I did that, actually. Let me try again.

                          1 Reply Last reply Reply Quote 0
                          • scottalanmillerS
                            scottalanmiller
                            last edited by

                            That worked (the rollback)... testing 3.0.27.1

                            1 Reply Last reply Reply Quote 1
                            • scottalanmillerS
                              scottalanmiller
                              last edited by

                              Looks like that one is working, thanks.

                              1 Reply Last reply Reply Quote 1
                              • 1 / 1
                              • First post
                                Last post