Firewall Disabled

MrXirtam · 2020-08-06 16:17:10 UTC

I have been noticing, one by one, the multiple different servers I manage, a particular security concern. I use the fail2ban and I have it send me emails on attempts. The pattern I have noticed is I will receive emails of attempts that were banned, multiple ones in a row. When I log onto the server to check the status of it, I see right away that the firewall is disabled! I check on these frequently, at least once a week and I know they are always enabled and running. I enable the firewall, and monitor it afterwards, and there are no problems after that happens. But this has happened to three different FreePBX systems I manage. I don’t know if it’s coincidence but the only common factor I can see is that all of them had their Let’s Encrypt cert due to renew. They still had nearly a month left, so they were still valid, but there was a security message indicating it was due to for renewal and it hadn’t processed automatically yet. When I manually update the certificate, it processes normally and shows it is updated. I run this after the firewall was re-enabled. I do not know if this is a bug with this particular series of events, but as I mentioned, it has happened on multiple different servers. Any ideas?

They are all running the following versions:
FreePBX 15.0.16.72
Asterisk 16.11.1
Firewall Module 15.0.6.20
Certificate Manager Module 15.0.25.3

jerrm · 2020-08-07 03:05:30 UTC

The release LetsEncrypt updates are broken, and as you’ve discovered, leave the firewall completely broken.

The edge certman module is a little better, but can still leave the firewall disabled or compromised.

A few of the recent discussions:

MrXirtam · 2020-08-06 16:47:59 UTC

Ooof, I wasn’t able to find any of those articles. Thank you for the insight. Hopefully they can be squared away soon.

phoneguy82 · 2020-08-07 02:37:06 UTC

Yep, same here. Firewall is disabled every single morning and thousands of attempted fraud calls and etc. This is just crazy, it’s been almost a week since first reports! It was working just fine a couple weeks back and then bam. I am also using their Distro and I see the bug report is minor and resolved already. ITS NOT RESOLVED SANGOMA!!! I have a couple customers wanting to ditch this system due to all the issues recently.
FIX YOUR Code!!
This bug report is what Im talking about. Oh, and even on Edge track newest version of CertManager is only 15.0.25.3, regardless as .4 doesnt fix the problem either from the posts and reports so far.
https://issues.freepbx.org/browse/FREEPBX-21683

system · 2020-09-07 02:37:13 UTC

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.