How to whitelist IP to stop blocked registrations with bad configs (testing softphone clients)


#1

Pulling my hair out trying to figure out how to whitelist an IP

IP is listed in
fwconsole firewall list trusted
and not
fwconsole firewall list blacklist

also added to the System Admin > Intrusion protection > Whitelist

and yet gets blocked after ~3 bad logins from sip client

What am I missing?

Keep having to reboot the server to get it to unblock as I’m trying to test different SIP softphone clients and they all have settings I need to sort through…

Thanks!


#2

iptables is usually the underlying mechanism of your firewall, you can see the ‘chains’ that a connection passes through with

iptables -L

If the ‘intrusion protection’ (aka as fail2ban) pre-empts with a DROP any ALLOW chain, you will see that behavior, the mitigation is to add networks that although trusted yet have hosts that continue to ‘break the rules’ is to add them the the fail2ban ‘ignoreip’ list, which presumably is what the whitelist should do so check that it is (then rectify the situation).

Current versions of fail2ban allow you to

fail2ban-client unban -ALL

which will reset the list in the jails and maintained in the sqlite3 table.


(system) closed #3

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.