Pulling my hair out trying to figure out how to whitelist an IP
IP is listed in
fwconsole firewall list trusted
and not
fwconsole firewall list blacklist
also added to the System Admin > Intrusion protection > Whitelist
and yet gets blocked after ~3 bad logins from sip client
What am I missing?
Keep having to reboot the server to get it to unblock as I’m trying to test different SIP softphone clients and they all have settings I need to sort through…
iptables is usually the underlying mechanism of your firewall, you can see the ‘chains’ that a connection passes through with
iptables -L
If the ‘intrusion protection’ (aka as fail2ban) pre-empts with a DROP any ALLOW chain, you will see that behavior, the mitigation is to add networks that although trusted yet have hosts that continue to ‘break the rules’ is to add them the the fail2ban ‘ignoreip’ list, which presumably is what the whitelist should do so check that it is (then rectify the situation).
Current versions of fail2ban allow you to
fail2ban-client unban -ALL
which will reset the list in the jails and maintained in the sqlite3 table.