Uploaded image for project: 'FreePBX'
  1. FreePBX
  2. FREEPBX-18511

Adding to trusted list with fwconsole fails, works in GUI

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 13, 15
    • Fix Version/s: 13, 15
    • Component/s: Firewall
    • Labels:
      None
    • ToDo:

      Description

      firewall 13.0.57.1

       

      When adding an FQDN to the trusted zone using the GUI, the resolved IP gets added to iptables as expected. However, using fwconsole to add an fqdn to trusted zone fails to write the iptables rule. The fqdn does continue to show in the firewall trusted list.

       

      [root@34693894 ~]# nslookup stormydaniels.com
      Server:         10.10.0.9
      Address:        10.10.0.9#53
      
      Non-authoritative answer:
      Name:   stormydaniels.com
      Address: 104.250.128.108
      
      [root@34693894 ~]# fwconsole firewall trust stormydaniels.com
      Attempting to add 'stormydaniels.com' to Zone 'trusted' ... Success!
      
      [root@34693894 ~]# iptables-save | grep 104.250.128.108

      Now remove and re-add the same fqdn using the GUI:

      [root@34693894 ~]# iptables-save | grep 104.250.128.108
      -A fpbxhosts -s 104.250.128.108/32 -j zone-trusted

      Same issue with IP addresses:

      [root@34693894 ~]# fwconsole firewall trust 10.9.8.7
      Attempting to add '10.9.8.7/32' to Zone 'trusted' ... Success!
      [root@34693894 ~]# fwconsole firewall list trusted | grep 10.9.8.7
              10.9.8.7/32
      [root@34693894 ~]# iptables-save | grep 10.9.8.7

      adding same address in GUI

      [root@34693894 ~]# iptables-save | grep 10.9.8.7
      -A fpbxnets -s 10.9.8.7/32 -j zone-trusted

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                xrobau Rob Thomas
                Reporter:
                lgaetz Lorne Gaetz
              • Votes:
                1 Vote for this issue
                Watchers:
                6 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: