Uploaded image for project: 'FreePBX'
  1. FreePBX
  2. FREEPBX-12388

Add Option to add Custom Service to the 'fpbxknownreg' Chain



    • Type: New Feature
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: Firewall
    • Labels:
    • ToDo:
    • Asterisk Version:
    • Distro Version:
    • Distro:
      FreePBX Distro


      In the firewall we have the ability to add custom services (like 4445 tcp/udp for FOP2). Also we have the ability in Extra Services to allow HTTP management to the External, Internal, and Other zones...

      It seems that the Other zone does not correlate to the chain in iptables called fpbxknownreg - which I take to mean the list of IP addresses that are registering that are allowed to access UCP and Zulu.

      It would be awesome if we can also add any custom services, or any other services to that allowed list, because any phones that are registering correctly with our complex passwords should allow any other regular customer access - port 80, port 443, 4445, 22, etc.

      What I've done:

      Add a custom service, 4445 to the services and assigned to the internal and other zones. I register a soft client on my computer and confirm I see my IP address appear in the fpbxknownregistrations chain. I also see the custom services appear in its own chain called "fpbxsvc-randomstuff". I also see that there are no chains logically that have a rule that mentions DROP or REJECT, so technically my connection attempt should go through the system and get allowed.... I think... but it doesn't.

      I also see that the the "fpbxknownreg" chain that lists the ports or services to allow does not expressly list out what to do after the chain finishes... so I would think that logically iptables would not process the service I've created and allow it according to my IP being present in that fpbxknownregistrations chain.

      Should the fpbxknownreg chain list to go to the zone-other chain???

        Gliffy Diagrams




              • Assignee:
                xrobau Rob Thomas
                xptpa2020 xptpa2020
              • Votes:
                0 Vote for this issue
                3 Start watching this issue


                • Created: