Hi, @xrobau is it still ok for me to post on this thread with some issues I am having with the firewall or is there somewhere else I should post?
Iāve moved your post to a new thread, thereās a pile of messages in the old one.
Thank you so much. I am a bit new to posting on this forum so I am sorry for any mistake
I have a FreePBX box version 14.0.1.36 wit the System FIreWall 13.0.49.2. This issue happens every second reboot. The FreePBX box is not in production and I am in the process of setting it up, every now and then I reboot it after making some changes. The second reboot gives me Firewall Rules are corrupted! in a loop.
No fpbxinterfaces in ipv6
1521767906: Wall: 'Firewall Rules corrupted! Restarting in 5 seconds
More information available in /tmp/firewall.log
ā returned 0
However, nothing on our network is giving out ipv6 address and it only has the default one.
Yesterday I had searched for that error mesasge and didnāt find anything. I did it again today and it actauly took me to this page: FREEPBX-14164 and it seems to be the same issue.
It sounds like youāve disabled IPv6 in the kernel. You canāt do that, it causes all sorts of problems.
Thanks, I didnāt know that.
Hi, @xrobau
I have went ahead and re-enabled the ipv6 in the kernel but I am still getting these error messages. Do you have anything that may help me? So far I did :
-
/etc/sysconfig/network-scripts/ifcfg-eth0 has the following lines pertaining to ipv6
- IPV6INIT=yes
- IPV6_AUTOCONF=yes
- IPV6_DEFROUTE=yes
- IPV6_FAILURE_FATAL=no
- IPV6_PEERDNS=yes
- IPV6_PEERROUTES=yes
-
/etc/sysctl.d/99-sysctl.conf has
- net.ipv6.conf.all.disable_ipv6 = 0
- net.ipv6.conf.default.disable_ipv6 = 0
-
I ran sysctl -w net.ipv6.conf.all.disable_ipv6=0 and sysctl -w net.ipv6.conf.default.disable_ipv6=0
-
In /etc/default/grub I have GRUB_CMDLINE_LINUX="ipv6.disable=0 (after adding this to the existing line item I ran grub2-mkconfig -o /boot/grub2/grub.cfg and rebooted.)
Until you can type ip addr
and see ipv6 link-local addresses, it will continue to error. I suggest you REMOVE everything related to your disabling of IPv6, rather than trying to set it to something.
I have tried, I thought the above commands would re-enable it for me. Could you point me in the right direction of removing everything related to the disabled IPv6.
Is this what Iām supposed to see
Looks fine to me! So Iām guessing youāre getting a different error.
This was the error message I was seeing yesterday before I posted again. I do have the same error message in my /tmp/firewall.log , but I am going to restart the box and monitor it for a few as it normally takes it a while to break. I will post an update on whether or not it is occurring again. Thanks again for all your help.
Firewall requires Sysadmin. Sysadmin assumes that if you have a licence file, it hasnāt been tampered with.
We do have Sysadmin, we recently bought it last week and Iāll look to see why it is giving that error.
It still says No fpbxinterfaces in ipv6, even though we do have it enabled, would the course of action be to destroy the VM and start over again?
Hi sorry to go back to an old post, but does FreePBX require a gateway that has ipv6 enabled as well as an actual ipv6 ip assigned to it?
We built a new box and it is still having the same issue and when I check the activation sysadmin is there.
If your machine is still saying the licence file is tampered, then something crazy is happening with your machine, and thereās nothing we can do about that. Sorry!
Thanks! I am going to take that box down and build a brand new one and hopefully, it all goes well. Thanks again for all the help/
I just did the install of FreePBX with Asterisk-NAF for GoogleVoice SIP
I assumed I could Install the FreePBX Firewall.
I just found old posts talking about problems with Firewall on Debian, this is running on ubuntu 18.04
When I go to available modules and click on Firewall it says
Missing Requirements:
The File ā/usr/lib/sysadmin/includes.phpā must exist.
The Module Named āmanagerā is required.
From what I read here in this thread āFirewall requires Sysadmin. Sysadmin assumes that if you have a licence fileā which seems to imply the FreePBX Firewall is a No-go witgh Open Source FreePBX?
Its all so confusing ā¦
Unless you install a Distro system, the Manager module is not available. In fact, none of the commercial modules are available.
To install the firewall, you need to install a Distro system (not roll-your-own) and then āupgradeā the rest of the system to work with Google Voice. Good luck.
Thereās no TECHNICAL reason why not - all the code is open source. The problem is that all the āstuffā for secure privilege escalation of firewall is done as part of Sysadmin (which requires FreePBX Distro).
Someone just needs to figure out a way to do it on other OSs so it DOESNāT require that. And I canāt think of a good way to make it secure - in Distro itās secure because itās all root owned and RPM locked, along with all the preexisting integrity checking.