(SOLVED)Issue with dynaportal whitelist and IPBLOCK

All installation and configuration problems and questions

Moderators: gerski, enjay, williamconley, Op3r, Staydog, gardo, mflorell, MJCoate, mcargile, Kumba, Michael_N

(SOLVED)Issue with dynaportal whitelist and IPBLOCK

Postby vapiano » Wed Jun 22, 2022 11:57 am

Version: 2.14-858a
Build: 220513-0819
Asterisk 13.38.2
Cloud VPS, 4 vCPU Cores, 8 GB RAM, 200 GB SSD
ViciBox_v10.x86_64 10.0.1.iso

Hello, I am happy to be here in this great forum. Hope you can help me.

I was playing a bit with building a dynaportal. After setting up the firewall, I went to Admin->Ip List and enabled the whitelist. My problem is now that when entering in dynaportal 6666 and the password, I get validated but am not able to open the admin page. Getting always the message "Your IP Address is not allowed: XX.XXX.XX.XX: |6666|IPBLOCK|". When entering in dynaportal as an agent, it is possible to log in in agents account. But admin page isn´t possible anymore.
Ipset list shows me that my IP is listed in the dynamiclist but still access in admin page is not possible.

Is there a way to disable the whitelist via console or to put manually an IP int the whitelist via console?

Thank you
Last edited by vapiano on Tue Jun 28, 2022 5:06 pm, edited 2 times in total.
vapiano
 
Posts: 35
Joined: Tue Jun 21, 2022 2:17 pm

Re: Issue with dynaportal whitelist and IPBLOCK

Postby vapiano » Wed Jun 22, 2022 1:58 pm

Okay I got it solved now by a freelancer I engaged. I dont kow what he did exactly but he told me that in asteriks database it was the system_settings table and he changed allow_ip_list field to 0.
vapiano
 
Posts: 35
Joined: Tue Jun 21, 2022 2:17 pm

Re: Issue with dynaportal whitelist and IPBLOCK

Postby williamconley » Wed Jun 22, 2022 5:07 pm

Sounds like your firewall may be off. You may want to check on that. Allowing YOU was the goal, not allowing EVERYONE.
Vicidial Installation and Repair, plus Hosting and Colocation
Newest Product: Vicidial Agent Only Beep - Beta
http://www.PoundTeam.com # 352-269-0000 # +44(203) 769-2294
williamconley
 
Posts: 20018
Joined: Wed Oct 31, 2007 4:17 pm
Location: Davenport, FL (By Disney!)

Re: Issue with dynaportal whitelist and IPBLOCK

Postby vapiano » Fri Jun 24, 2022 5:26 pm

williamconley wrote:Sounds like your firewall may be off. You may want to check on that. Allowing YOU was the goal, not allowing EVERYONE.


My firewall is on.

My problem is now that disableing allow_ip_list field to 0 let me visit again the admin page but now the field doesn´t exist anymore in the admin section.

So I need a way to disable only the whitelist (ViciWhite). How can I disable the whitelist or put manually my IP into the whitelist via mysql?
vapiano
 
Posts: 35
Joined: Tue Jun 21, 2022 2:17 pm

Re: Issue with dynaportal whitelist and IPBLOCK

Postby williamconley » Sat Jun 25, 2022 2:49 pm

disabling the ability to VIEW/Modify IP lists has no effect on the firewall itself. That was a byproduct of whatever else the technician did. Sounds like he may have locked you out of the ability to modify the IP lists on purpose. Perhaps that capability has been limited to a different user, or turned off entirely. But the IPs in those lists are still there, and the firewall still operates however that technician has set it up. He may have put in an override value or changed firewall entirely. He may be entering IP values directly into those IP lists in the database, or any one of several other scenarios.

If nobody else can get to the server (ie: whitelist), but you CAN, you then just have to ask yourself if you trust the technician.
Vicidial Installation and Repair, plus Hosting and Colocation
Newest Product: Vicidial Agent Only Beep - Beta
http://www.PoundTeam.com # 352-269-0000 # +44(203) 769-2294
williamconley
 
Posts: 20018
Joined: Wed Oct 31, 2007 4:17 pm
Location: Davenport, FL (By Disney!)

Re: Issue with dynaportal whitelist and IPBLOCK

Postby vapiano » Sat Jun 25, 2022 6:00 pm

williamconley wrote:disabling the ability to VIEW/Modify IP lists has no effect on the firewall itself. That was a byproduct of whatever else the technician did. Sounds like he may have locked you out of the ability to modify the IP lists on purpose. Perhaps that capability has been limited to a different user, or turned off entirely. But the IPs in those lists are still there, and the firewall still operates however that technician has set it up. He may have put in an override value or changed firewall entirely. He may be entering IP values directly into those IP lists in the database, or any one of several other scenarios.

If nobody else can get to the server (ie: whitelist), but you CAN, you then just have to ask yourself if you trust the technician.

It was my fault that I have locked myself out from the server by enabling the whitelist without adding my IP into it. I engaged the technician after I have messed up.

And he was a help because by turning the allow_ip_list to 0 I got access to my server again. But he doesn´t know how to only disable the whitelist or how to put manually my IP into whitelist. This is what I am looking for now. Maybe somebody knows how to help here.
vapiano
 
Posts: 35
Joined: Tue Jun 21, 2022 2:17 pm

Re: Issue with dynaportal whitelist and IPBLOCK

Postby carpenox » Mon Jun 27, 2022 2:32 pm

firewall-cmd --add-source=youriphere --zone=trusted --permanent
firewall-cmd --reload
Alma Linux 9.3 | Version: 2.14-911a | SVN Version: 3815 | DB Schema Version: 1710 | Asterisk 18.18.1
www.dialer.one -:- 1-833-DIALER-1 -:- https://linktr.ee/CyburDial -:- WhatsApp: +19549477572 -:- Skype: live:carpenox_3
carpenox
 
Posts: 2230
Joined: Wed Apr 08, 2020 2:02 am
Location: Coral Springs, FL

Re: Issue with dynaportal whitelist and IPBLOCK

Postby vapiano » Tue Jun 28, 2022 12:09 pm

carpenox wrote:firewall-cmd --add-source=youriphere --zone=trusted --permanent
firewall-cmd --reload


Got for both commands a message "success" but still does not work.

When doing:

mysql -p
use asterisk
select * from vicidial_ip_list_entries;

i can see that there are no IP adresses in viciwhite. Does it help to put my ip adress in there and if yes, with which command do I put my IP adress into this vicidial_ip_list_entries?
vapiano
 
Posts: 35
Joined: Tue Jun 21, 2022 2:17 pm

Re: Issue with dynaportal whitelist and IPBLOCK

Postby carpenox » Tue Jun 28, 2022 3:06 pm

what ports do u have in trusted zone?
Alma Linux 9.3 | Version: 2.14-911a | SVN Version: 3815 | DB Schema Version: 1710 | Asterisk 18.18.1
www.dialer.one -:- 1-833-DIALER-1 -:- https://linktr.ee/CyburDial -:- WhatsApp: +19549477572 -:- Skype: live:carpenox_3
carpenox
 
Posts: 2230
Joined: Wed Apr 08, 2020 2:02 am
Location: Coral Springs, FL

Re: Issue with dynaportal whitelist and IPBLOCK

Postby williamconley » Tue Jun 28, 2022 3:09 pm

Code: Select all
mysql asterisk -e "insert into vicidial_ip_list_entries values ('ViciWhite','xx.xx.xx.xx')"


with your ip rather than xx.xx.xx.xx of course
Vicidial Installation and Repair, plus Hosting and Colocation
Newest Product: Vicidial Agent Only Beep - Beta
http://www.PoundTeam.com # 352-269-0000 # +44(203) 769-2294
williamconley
 
Posts: 20018
Joined: Wed Oct 31, 2007 4:17 pm
Location: Davenport, FL (By Disney!)

Re: Issue with dynaportal whitelist and IPBLOCK

Postby vapiano » Tue Jun 28, 2022 4:15 pm

williamconley wrote:
Code: Select all
mysql asterisk -e "insert into vicidial_ip_list_entries values ('ViciWhite','xx.xx.xx.xx')"


with your ip rather than xx.xx.xx.xx of course


Damnnnnnnnnnnn, yessss!!!! That was it!! Thank you so much. Finally I can continue working after more than one week.
vapiano
 
Posts: 35
Joined: Tue Jun 21, 2022 2:17 pm

Re: (SOLVED)Issue with dynaportal whitelist and IPBLOCK

Postby carpenox » Wed Jun 29, 2022 4:11 pm

good stuff Bill, great postback vapiano
Alma Linux 9.3 | Version: 2.14-911a | SVN Version: 3815 | DB Schema Version: 1710 | Asterisk 18.18.1
www.dialer.one -:- 1-833-DIALER-1 -:- https://linktr.ee/CyburDial -:- WhatsApp: +19549477572 -:- Skype: live:carpenox_3
carpenox
 
Posts: 2230
Joined: Wed Apr 08, 2020 2:02 am
Location: Coral Springs, FL


Return to Support

Who is online

Users browsing this forum: Majestic-12 [Bot] and 84 guests