Yeat another Firewall Issue ( Vicibox 10)

Support forum for the ViciBox ISO Server Install and ISO LiveCD Demo

Moderators: enjay, williamconley, Staydog, mflorell, MJCoate, mcargile, Kumba

Yeat another Firewall Issue ( Vicibox 10)

Postby covarrubiasgg » Mon Apr 25, 2022 3:52 pm

Hey Kumba!

Is great that the VB-firewall.pl script is already fixed.

After a new Vicibox Installation. I run

Code: Select all
zypper ref && zypper up


and enable the cron setting

Code: Select all
* * * * * /usr/bin/VB-firewall --voipbl --noblack --white --dynamic  --flush --quiet



The Dynamic Firewall was not working. Once I logged into the dynamic firewall, my IP was successfully loaded into the dynamic-list. But despite that, the firewall is not letting me in.

It looks like the firewall rules that allows the ip sets are missing.

My workaround was to copy /etc/firewalld/zones/public.xml from a Vicibox 9.0.3


Here is the file in case it helps someone : https://pastebin.com/5f4fcma8


I'm not sure if this is indeed a missing configuration on Vicibox or if there is any additional step that I'm missing

P.S. The "Yet another" in Spanish sounds like a complain, but as far as I understand is not the same in English. I used the Yet Another not as a complain, but to let you know this is a different issue.
covarrubiasgg
 
Posts: 406
Joined: Thu Jun 10, 2010 10:20 am
Location: Tijuana, Mexico

Re: Yeat another Firewall Issue ( Vicibox 10)

Postby carpenox » Tue Apr 26, 2022 12:25 pm

you can not use --noblack settings with --white or dynamic, you need to remove that trigger and --voipbl
Alma Linux 8.5 | Version: 2.14-858a | BUILD: 220513-0819 | SVN Version: 3602 | DB Schema Version: 1661 | Asterisk 16.17.0-vici
www.CyburDial.net -:- 725-22-CYBUR -:- My Blog: http://vicidial.blog -:- Whatsapp: +19549477572 -:- Skype: live:carpenox_3
carpenox
 
Posts: 1848
Joined: Wed Apr 08, 2020 2:02 am
Location: Coral Springs, FL

Re: Yeat another Firewall Issue ( Vicibox 10)

Postby covarrubiasgg » Thu Apr 28, 2022 1:49 am

Got the same result if I remove those options. I need to add the public.xml from Vicibox 9.0.3 in order to get Vicibox 10 working.
covarrubiasgg
 
Posts: 406
Joined: Thu Jun 10, 2010 10:20 am
Location: Tijuana, Mexico

Re: Yeat another Firewall Issue ( Vicibox 10)

Postby Kumba » Mon May 02, 2022 9:12 pm

Just updated vicibox-firewall to include the dynaliclist ipset in the 'external' zone. You should be able to pull in this update by doing a 'zypper up' in vicibox.
Kumba
 
Posts: 920
Joined: Tue Oct 16, 2007 11:44 pm
Location: Florida


Return to ViciBox Server Install and Demo

Who is online

Users browsing this forum: No registered users and 16 guests