-
Type:
Bug
-
Status: Closed
-
Priority:
Minor
-
Resolution: Duplicate
-
Affects Version/s: None
-
Fix Version/s: None
-
Component/s: Firewall, System Admin (Commercial)
-
Labels:None
-
ToDo:
-
Asterisk Version:18
-
Distro Version:15
-
Distro:FreePBX Distro
Rule sync set to legacy
Results in this (expected):
```
[jbusch@pbx ~]$ sudo iptables -L -n
Chain INPUT (policy ACCEPT)
target prot opt source destination
fail2ban-recidive all – 0.0.0.0/0 0.0.0.0/0
fail2ban-BadBots tcp – 0.0.0.0/0 0.0.0.0/0 multiport dports 80,443
fail2ban-FTP tcp – 0.0.0.0/0 0.0.0.0/0 multiport dports 21
fail2ban-apache-auth all – 0.0.0.0/0 0.0.0.0/0
fail2ban-SSH tcp – 0.0.0.0/0 0.0.0.0/0 multiport dports 22
fail2ban-PBX-GUI all – 0.0.0.0/0 0.0.0.0/0
fail2ban-SIP all – 0.0.0.0/0 0.0.0.0/0
ACCEPT udp – 52.14.37.123 0.0.0.0/0 udp dpt:161 /* Skyetel SNMP */
fpbxfirewall all – 0.0.0.0/0 0.0.0.0/0
```
but enabling the sync results in fail2ban not being included anywhere.
```
[jbusch@pbx ~]$ sudo iptables -L -n
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT udp – 52.14.37.123 0.0.0.0/0 udp dpt:161 /* Skyetel SNMP */
fpbxfirewall all – 0.0.0.0/0 0.0.0.0/0
```
Subsequently, if I add an address manually to Intrusion Detection's whitelist, it is never used, since the Intrustion Detection rules are never called.
