Been a little while since posting. I ran into a unique one today.
We use an RBL list that is sync’d with an ipset ruleset and then access it with iptables using the advanced custom rule -I INPUT 1 -m set --match-set rbl src -j DROP. This works well.
We have some users that are listed as a trusted network on the freepbx firewall, but have somehow gotten themselves blocked on a the RBL list we use.
It appears as if the iptables command above is inserting the rule at a spot in the chain that will cause the users to be blocked, even though they are on a trusted network.
Hoping someone else can suggest where to add this rule such that the trusted and local ip lists are allowed through and not blocked fist by the RBL or fail2ban rules?
Hoping for some insight. Im not sure where else to consider inserting the rule.
I should probably clarify the point a little bit. I have an RBL list that I use for this PBX. I had it set to insert the command to check against the ipset list at the top of the INPUT chain. The problem was if an IP address ended up on the RBL there, even if it was whitelisted or a trusted network, it gets blocked.
I am wondering if there is a better place to insert my rule than the INPUT chain, such that even if somehow the user gets on the black list, the white list / trusted network trumps it and allows the connection through.
I toyed with the idea of inserting it into the fpbxreject chain, which appears below the trusted networks etc.