System Admin Network Intrusion Monitoring

I am trying to confirm as to whether the white list in FreePBX covers SSH in addition to the FreePBX GUI?

Presumably, 127.0.0.1, 192.168.1.0/24 and any external IP’s would need to be whitelisted. Is there anything else that would need adding, presuming the whitelist in the GUI can handle SSH, to ensure I am not locked out when I am away?

If the System Admin Whitelist does not cover SSH, how can I whitelist without the whitelist rules I add being written over by the module?

Thanks

This is a front-end for the fail2ban application - you might want to research that a bit more in depth. I have a lot of custom stuff done with fail2ban and iptables that hasn’t been overridden by this module so I think you’re safe there. The CLI is much better for managing this anyway, though, IMHO.

Actually and perhaps counter-intuitively, you should not whitelist (ignoreip in fail2ban talk) your external IP in the Asterisk jail ( but you probably should blacklist it) .

Likely no legitimate SIP connections will originate from that address, but many spoofed connections will appear to come from it (These guys might be a**sholes, but many are cleverer than we are :wink: )

@dicko You’re the cleverest a-hole I know. <3