Hi Rob,
Great job on something that is well and truly overdue in a PBX Distro!!
So, I believe I found a hiccup in the processes that managed to get myself locked out!! As per the warnings and everything else I ensured that I had added my home IP address where I was testing from to the Whitelist of IP addresses and then ensured that the eth0 interface was set as External to ensure that traffic was starting to be filtered.
I checked the iptables and could see that my IP address had been added to the zone-trusted.
After this I then tried to connect my phone to a newly created extension and register it to receive incoming calls. I saw a couple of connection attempts and then it stopped and I lost access to the web management GUI.
After connecting back onto console and checking iptables I could see that fail2ban had killed my IP address due to multiple failed connection attempts. At first I thought I had the password wrong, but turns out it was due to using port 5060 instead of 5061 as it was only a SIP extension not PJSIP extension.
It seems that fail2ban is kicking in first and blocking the IP address before it gets to the trusted network IP addresses.
Hope this allows you to test and replicate.
I admittedly haven’t tried your new version, but I was testing with ISO downloaded yesterday on a fresh install of BETA – 10.13.66
Matt