Running Asterisk 16 with FreePBX 14 – not the distro version – expert – roll your own on Centos 7
I have installed fail2ban and firewalld and both are working fine
I am using flowroute as my SIP Trunk provide over port 5065 (I moved my regular sip port from 5060 to 5065)
The issue is i am getting a ton of connection attempts on my sip port and while fail2ban does catch them and ban them – i would like to simply lock down 5065 so that the only connections allowed are from from flowroute servers in the first place
To that end i did the following:
In the public zone of Firewalld i have added 5065/tcp as an allowed port
Ok – so just to answer my own question and for future reference in case someone has the same question
the answer i believe is as follows:
first do not allow 5065 (in my case or 5060 if using out of the box settings) as an allowed port
then when setting up the rich rules – at least for flowroute you need to allow traffic to BOTH tcp and udp – this was my mistake – my rich rules above only allowed tcp and not udp as well – this caused intermitent inbound call connections
therefore the correct set of rich rules for locking down flowroute with firewalld are as follows: