How would one sync firewall blacklist between servers?
I think it would depend on your version of FreePBX. For example, I believe in FreePBX 15 there is an API, so you could manage your firewall rules from a central repository.
I was thinking more of a rsync to all the clients servers and then reload the firewall.
I guess it’s time to learn how to program using the API.
I’m inclined to believe this discussion would be better held in a more private channel.
If I was Sangoma, the last thing I’d want to do is put the file locations for the system’s black lists out where “anyone” could find them. The module is proprietary, so this sounds like a reasonable feature request.
Here’s an approach that might help:
Every FreePBX system has a deployment ID. Use that Deployment ID as a security key to move the information from system to system. Since all of your deployments have the same “owner” credentials, allowing for a “sync” between the two (or more) systems could them be automated and handled securely.
Failing that, request a way to export (with encryption) the rules so that you can then import them into your other system.
What module, FreePBX Firewall? Firewall is open source, AGPL:
[root@freepbx ~]# fwconsole ma list | grep fire | firewall | 22.214.171.124 | Enabled | AGPLv3+ |
Firewall does have a dependency on the Commercial sysadmin module, but all the firewall code is there for all to see.
Well take me out back and paint me purple…
@posi211 - you have source code! Climb in and make it your biatch,
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.