Firewall locking up system, enabled, no connection to external trunks

This is actually an upgrade issue. I’m using the distro version Freepbx 13 all updates included. After upgrading to Freepbx 13 from — well, I can’t remember, I had to upgrade to 12 first and then to 13, so it was old.

Anyway, I added another network card for external access to be exposed to the internet for call forwarding and remote connections. The new card has a public static IP address, The original card has a local IP address and no route to the internet. Setting up the firewall places both interfaces in trusted zones. Everything setup, I put the external card on external and click the green check mark and the server immediately locks up. Then I have to shut down and restart to get back in. The interfaces go back to trusted. I’m getting tons of hackers trying to get in on the ssh console and ended up getting so much traffic at the interface that it affects other networks connected on that same public block.

Looking in the message log, I keep seeing messages: Unparsable output from getservices… This account is currently not available. unable to see safemode in services. I get this message even when the firewall isn’t installed. But I have seen others complain about it in relation to this issue.

I have done the fwconsole ma --edge upgrade firewall. Same issue.

I can get it to set and not lock up when I first reinstall the firewall module. But as soon as everything is set, I can’t connect to the external trunks (Sangoma). When I reboot, both networks go back to trusted.

I was successful in setting up a new machine multihome, just like this one. It locked up the first attempt, but installing the --edge upgrade fixed it. This machine that I upgraded is not and it is a very active phone server.

I’m out of options. Anyone have any other ideas?