I’m moving from Asterisk 13 and FreePBX 13 to Asterisk 18 and FreePBX 16. Previously I had just fail2ban. I note that now there is a FireWall module.
Are there any issues / special precautions to implementing both?
Note: With the new install I will be looking to set up trunks to a SIP provider (currently using an ATA) so obviously more exposure. Also to call in from abroad via VPN and then dial out.
Many thanks
Alan
I use them. The Responsive firewall uses F2B. Works as you would expect based on the versions of the software.
behavior depends on the order of which they are called, if F2B is called first then Presumably any other firewall will be ‘Appended’ to any chains in INPUT, and vice versa although you can set F2B to insert it’s chains at any arbitrary position that already exists, by default it is
chain = local
but you can customise, from jail.conf itself
chain = <known/chain>
Many thanks @comtech for a quick reply.
When you say “Responsive firewall” are you referring to the FireWall module? If so, does this imply that one should only customise using the Firewall menus in FreePBX and leave the fail2ban config file alone?
Alan
Read the material and make the decision based on your unique needs.
I see that the Responsive Firewall page does make reference to fail2ban:
and implies they can co-exist.
[as the text is an image it therefore did not get found on a search I did earlier]
That is correct.
one thing I didn’t see mentioned were the options for Fail2Ban Bypass and Intrusion Detection Sync Firewall
those are pretty nifty options you would want enabled in most cases …
command line functions are detailed by ~]# fwconsole firewall --help
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.
