Yois
  1. Yois

firewall-fix

Public

Network

 
AuthorCommitMessageCommit Date
YoisYois
743a91c3390FREEPBX-22653 Custom rules detection This commit modifies the earlier commit by simplifiying the detection of the custom rule setting, and by adding logging to advise end users of how to stop the firewall from resetting.
Kapil GuptaKapil Gupta
af82373c276MMerge pull request #126 in FREEPBX/firewall from ~YOIS/firewall-fix:firewall-improvements to bugfix/FREEPBX-22653-qa * commit '2aecf89931876dc8501c775c220cc61b2c0e9051': FREEPBX-22653 Firewall custom rules detection
YoisYois
2aecf899318FREEPBX-22653 Firewall custom rules detection Detect if custom rules are in place before resetting iptables
YoisYois
f9af20f9fe8FREEPBX-22674 Prevent duplicate rules in INPUT chain When the firewall reloads itself due to missing or invading rules in the INPUT chain, we back up fail2ban rules and restore them after flushing iptables. The insertRule function doesn't check for ipv4 or ipv6 chain and rules were being duplicated on each refresh. This commit checks if a rule has already been applied to prevent duplicate rules. Authored by: Franck Danard
Franck DanardFranck Danard
5dde054c9d1FREEPBX-22666 Firewall will not start if DNS is not working
Kapil GuptaKapil Gupta
28aaa30ff9b[Module Tag script: firewall 15.0.17]
Kapil GuptaKapil Gupta
678335af31dFixing FREEPBX-22654 for HTTP
Kapil GuptaKapil Gupta
4ff2a508c74[Module Tag script: firewall 15.0.16] FREEI-3677 Removing unused argument from get_registered API
Kapil GuptaKapil Gupta
88b840a503brebuilding voipfirewalld
Kapil GuptaKapil Gupta
484551db543Fixing FREEI-3677 Removing unused argument from get_registered API
Kapil GuptaKapil Gupta
67395c6a392[Module Tag script: firewall 15.0.15] FREEPBX-22654 Don't use disabled as port for restapi
Kapil GuptaKapil Gupta
9922680f95dMMerge pull request #127 in FREEPBX/firewall from ~YOIS/firewall-fix:bugfix/FREEPBX-22654 to release/15.0 * commit '28075623e73a5c05a44dbd520691fe4e77fd11c5': FREEPBX-22654 Don't use disabled as port for restapi
YoisYois
28075623e73FREEPBX-22654 Don't use disabled as port for restapi Add check for value "disabled"
Kapil GuptaKapil Gupta
8a141e762c3[Module Tag script: firewall 15.0.14] FREEPBX-22550 NTP/Chrony doesn't respond until configured in firewall
Franck DanardFranck Danard
85d7f4c5e99FREEPBX-22550 NTP/Chrony doesn't respond until configured in firewall Conflicts: Services.class.php
Franck DanardFranck Danard
0bc0703ff9cReview code NSlookup
Franck DanardFranck Danard
65536bcd9d9FREEI-3422 Add NSlookUP parsing to get IPs from hostname
Kapil GuptaKapil Gupta
6912dc6539d[Module Tag script: firewall 15.0.13]
Kapil GuptaKapil Gupta
6e55b154084rebuilding voipfirewalld
Kapil GuptaKapil Gupta
e8f6df8e09cMMerge pull request #125 in FREEPBX/firewall from ~YOIS/firewall-fix:firewall-improvements to release/15.0 * commit 'fefbba466fde58e60dcf5e5a8417163e438dfd0f': Fix typo in phar
YoisYois
fefbba466fdFix typo in phar
Kapil GuptaKapil Gupta
d2cdb2a928a[Module Tag script: firewall 15.0.12]
Kapil GuptaKapil Gupta
b1cb76554aeMMerge pull request #121 in FREEPBX/firewall from feature/FREEI-2931-need-a-mechanism-to-secure-the-api-that-does-not-rely-on-iptables to release/15.0 * commit '55203a61b6976919465b058efb43b4043d01f10a': FREEI-2931 Need a mechanism to secure the API that does not rely on iptables
Franck DanardFranck Danard
55203a61b69FREEI-2931 Need a mechanism to secure the API that does not rely on iptables
Kapil GuptaKapil Gupta
cdb11937860[Module Tag script: firewall 15.0.11]
Kapil GuptaKapil Gupta
9308518b020MMerge pull request #124 in FREEPBX/firewall from ~YOIS/firewall-fix:bugfix/FREEPBX-22563-tag15.0.10 to release/15.0 * commit '7439d514c326b31be8fa936def89ab10020c271a': FREEPBX-22563 Fail2Ban SIP jail GUI refresh
YoisYois
7439d514c32FREEPBX-22563 Fail2Ban SIP jail GUI refresh On load of the blocked page, the page refresh function was running twice. This causes an error. Removed the extra call to the function.
Kapil GuptaKapil Gupta
d999ddcaf09[Module Tag script: firewall 15.0.10]
Kapil GuptaKapil Gupta
62c44b023d4MMerge pull request #123 in FREEPBX/firewall from ~YOIS/firewall-fix:bugfix/FREEPBX-22574 to release/15.0 * commit '19ae43462bc2a451f11a9ef4025e7317d9b94a8c': FREEPBX-22574 Refresh correct rules
YoisYois
19ae43462bcFREEPBX-22574 Refresh correct rules The initial patch to fix this was replacing the wrong rules in iptables, since PHP arrays are 0 indexed, but iptables is 1 indexed. By incrementing the variable before assigning we ensure the correct rule is updated
Kapil GuptaKapil Gupta
d9603dfb301[Module Tag script: firewall 16.0.42.3]
Kapil GuptaKapil Gupta
7be7d74dbf8Fixing FREEPBX-22654 for HTTP
Kapil GuptaKapil Gupta
a20fc1e747e[Module Tag script: firewall 16.0.42.2] FREEI-3677 Removing unused argument from get_registered API
Kapil GuptaKapil Gupta
3bea13853e9rebuilding voipfirewalld
Kapil GuptaKapil Gupta
b10a6f50108Fixing FREEI-3677 Removing unused argument from get_registered API
Kapil GuptaKapil Gupta
71e61c94576[Module Tag script: firewall 16.0.42.1]
YoisYois
a43ea1af1feFREEPBX-22654 Don't use disabled as port for restapi Add check for value "disabled"
Kapil GuptaKapil Gupta
14412a9a2a9[Module Tag script: firewall 16.0.42] FREEPBX-22550 NTP/Chrony doesn't respond until configured in firewall
Franck DanardFranck Danard
33da0876cbaFREEPBX-22550 NTP/Chrony doesn't respond until configured in firewall Conflicts: Services.class.php
Kapil GuptaKapil Gupta
155f46e22b7[Module Tag script: firewall 16.0.41]
Kapil GuptaKapil Gupta
3eb439562c8rebuilding voipfirewalld
YoisYois
3274235cfa8Fix typo in phar
Franck DanardFranck Danard
5c7ed703f2fFREEI-2931 Need a mechanism to secure the API that does not rely on iptables
Kapil GuptaKapil Gupta
1bccbe06dc4[Module Tag script: firewall 16.0.40]
YoisYois
1739c6e73efFREEPBX-22563 Fail2Ban SIP jail GUI refresh On load of the blocked page, the page refresh function was running twice. This causes an error. Removed the extra call to the function.
Kapil GuptaKapil Gupta
7ed5f39911b[Module Tag script: firewall 16.0.39]
Kapil GuptaKapil Gupta
f6673e8c800rebuilding voipfirewalld
YoisYois
a9d823a9666FREEPBX-22574 Refresh correct rules The initial patch to fix this was replacing the wrong rules in iptables, since PHP arrays are 0 indexed, but iptables is 1 indexed. By incrementing the variable before assigning we ensure the correct rule is updated
Kapil GuptaKapil Gupta
6de4dada0faMMerge remote-tracking branch 'origin/release/15.0' into release/16.0 Conflicts: hooks/voipfirewalld
Kapil GuptaKapil Gupta
d0dea547488[Module Tag script: firewall 15.0.9]