Moderators: gerski, enjay, williamconley, Op3r, Staydog, gardo, mflorell, MJCoate, mcargile, Kumba, Michael_N
vicibox11:~ # firewall-cmd --list-all --zone-external
usage: see firewall-cmd man page
firewall-cmd: error: unrecognized arguments: --zone-external
vicibox11:~ # firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: eth0
sources:
services: dhcpv6-client rtp viciportal viciportal-ssl
ports: 446/tcp 5060/udp 10000-20000/udp 80/tcp 443/tcp
protocols:
forward: no
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
rule family="ipv4" source ipset="whitenets" service name="asterisk" accept
rule family="ipv4" source ipset="whitenets" service name="apache2" accept
rule family="ipv4" source ipset="whiteips" service name="apache2" accept
rule family="ipv4" source ipset="dynamiclist" service name="apache2" accept
rule family="ipv4" source ipset="dynamiclist" service name="apache2-ssl" accept
rule family="ipv4" source ipset="dynamiclist" service name="asterisk" accept
rule family="ipv4" source ipset="whitenets" service name="apache2-ssl" accept
rule family="ipv4" source ipset="whiteips" service name="asterisk" accept
rule family="ipv4" source ipset="whiteips" service name="apache2-ssl" accept
vicibox11:~ #
carpenox wrote:oops i meant --zone=external - typo sorry
vicibox11:~ # firewall-cmd --list-all --zone=external
external (active)
target: default
icmp-block-inversion: no
interfaces:
sources: ipset:whiteips ipset:whitenets ipset:dynamiclist
services: apache2 apache2-ssl asterisk dhcpv6-client rtp ssh
ports:
protocols:
forward: no
masquerade: yes
forward-ports:
source-ports:
icmp-blocks:
rich rules:
You have new mail in /var/spool/mail/root
vicibox11:~ #
[Aug 27 16:30:29] == WebSocket connection from '7x.10x.xx.xx:6xxx6' for protocol 'sip' accepted using version '13'
[Aug 27 16:30:29] -- Registered SIP '1001' at 7x.10x.xx.xx:6xxx6
[Aug 27 16:30:51] == Manager 'sendcron' logged on from 127.0.0.1
[Aug 27 16:30:51] == Using SIP RTP CoS mark 5
[Aug 27 16:30:51] -- Called 1001
[Aug 27 16:27:53] > 0x7f63240f46b0 -- Strict RTP learning after remote address set to: xx.xx.xx.xx:1x7x4
[Aug 27 16:27:53] -- Executing [s@trunkinbound:1] NoOp("SIP/xxxxxxxxx-00000007", "Incoming call to trunkinbound") in new stack
[Aug 27 16:27:53] -- Executing [s@trunkinbound:2] AGI("SIP/xxxxxxxxx-00000007", "agi://127.0.0.1:4577/call_log") in new stack
[Aug 27 16:27:53] -- <SIP/xxxxxxxxx-00000007>AGI Script agi://127.0.0.1:4577/call_log completed, returning 0
[Aug 27 16:27:53] -- Executing [s@trunkinbound:3] Goto("SIP/xxxxxxxxx-00000007", "handle_did,xxxxxxxxx,1") in new stack
[Aug 27 16:27:53] -- Goto (handle_did,xxxxxxxxx,1)
[Aug 27 16:27:53] -- Executing [xxxxxxxxx@handle_did:1] AGI("SIP/xxxxxxxxx-00000007", "agi-DID_route.agi") in new stack
[Aug 27 16:27:53] -- Launched AGI Script /usr/share/asterisk/agi-bin/agi-DID_route.agi
[Aug 27 16:27:53] -- <SIP/xxxxxxxxx-00000007>AGI Script agi-DID_route.agi completed, returning 0
[Aug 27 16:27:53] -- Executing [99909*2***DID@default:1] Answer("SIP/xxxxxxxxx-00000007", "") in new stack
[Aug 27 16:27:54] -- Executing [99909*2***DID@default:2] AGI("SIP/xxxxxxxxx-00000007", "agi-VDAD_ALL_inbound.agi") in new stack
[Aug 27 16:27:54] -- Launched AGI Script /usr/share/asterisk/agi-bin/agi-VDAD_ALL_inbound.agi
[Aug 27 16:27:55] -- <SIP/xxxxxxxxx-00000007> Playing 'sip-silence.gsm' (escape_digits=) (sample_offset 0) (language 'en')
[Aug 27 16:27:57] -- Started music on hold, class 'default', on channel 'SIP/xxxxxxxxx-00000007'
[Aug 27 16:27:57] > 0x7f63240f46b0 -- Strict RTP switching to RTP target address 8x.9x.xx.xx:13774 as source
[Aug 27 16:27:58] > 0x7f63240f46b0 -- Strict RTP learning complete - Locking on source address 8x.9x.xx.xx:13774
[Aug 27 16:28:00] -- Stopped music on hold on SIP/xxxxxxxxx-00000007
[Aug 27 16:29:18] -- Called 8600051@default
[Aug 27 16:29:18] -- Executing [8600051@default:1] MeetMe("Local/8600051@default-0000000d;2", "8600051,F") in new stack
[Aug 27 16:29:18] -- Local/8600051@default-0000000d;1 answered
[Aug 27 16:29:18] -- Executing [355xxxxxx@default:1] AGI("Local/8600051@default-0000000d;1", "agi://127.0.0.1:4577/call_log") in new stack
[Aug 27 16:29:18] -- AGI Script Executing Application: (EXEC) Options: (Set(_CAMPCUST=DAFCAMP1))
[Aug 27 16:29:18] -- AGI Script Executing Application: (EXEC) Options: (Set(_CAMPDTO=60))
[Aug 27 16:29:18] == Manager 'sendcron' logged on from 127.0.0.1
[Aug 27 16:29:18] -- <Local/8600051@default-0000000d;1>AGI Script agi://127.0.0.1:4577/call_log completed, returning 0
[Aug 27 16:29:18] -- Executing [355xxxxxx@default:2] Dial("Local/8600051@default-0000000d;1", "SIP/xxxxxxxx/355xxxxxx,60,tTorR") in new stack
[Aug 27 16:29:18] -- Called 58600051@default
[Aug 27 16:29:18] -- Executing [58600051@default:1] MeetMe("Local/58600051@default-0000000e;2", "8600051,Fmq") in new stack
[Aug 27 16:29:18] -- Local/58600051@default-0000000e;1 answered
[Aug 27 16:29:18] -- Executing [8309@default:1] Answer("Local/58600051@default-0000000e;1", "") in new stack
[Aug 27 16:29:18] -- Executing [8309@default:2] Monitor("Local/58600051@default-0000000e;1", "wav,20240827-162918_355xxxxxx") in new stack
[Aug 27 16:29:18] -- Executing [8309@default:3] Wait("Local/58600051@default-0000000e;1", "3600") in new stack
[Aug 27 16:29:18] == Using SIP RTP CoS mark 5
[Aug 27 16:29:18] -- Called SIP/xxxxxxxxxx/355xxxxxxxx
[Aug 27 16:29:19] == Manager 'sendcron' logged off from 127.0.0.1
[Aug 27 16:29:19] == Manager 'sendcron' logged off from 127.0.0.1
[Aug 27 16:29:20] > 0x7f6364014f90 -- Strict RTP learning after remote address set to: 8x.9x.xx.xx:1xxx2
[Aug 27 16:29:20] -- SIP/xxxxxxxxx-00000008 is making progress passing it to Local/8600051@default-0000000d;1
[Aug 27 16:29:20] -- Dial Tiemout Reset on channel SIP/xxxxxxxxxxx-00000008 due to PROGRESS message.
[Aug 27 16:29:24] -- SIP/xxxxxxxx-00000008 answered Local/8600051@default-0000000d;1
[Aug 27 16:29:24] -- Channel SIP/xxxxxxxxxxx-00000008 joined 'simple_bridge' basic-bridge <0a614673-a1b2-4f38-897b-de6c04535656>
[Aug 27 16:29:24] -- Channel Local/8600051@default-0000000d;1 joined 'simple_bridge' basic-bridge <0a614673-a1b2-4f38-897b-de6c04535656>
[Aug 27 16:29:24] > 0x7f6364014f90 -- Strict RTP switching to RTP target address 8x.9x.xx.xx:1xxx2 as source
[Aug 27 16:29:25] > 0x7f6364014f90 -- Strict RTP learning complete - Locking on source address 8x.9x.xx.xx:1xxx2
@reboot /usr/bin/VB-firewall --voipbl --noblack --quiet
0 */6 * * * /usr/bin/VB-firewall --voipbl --noblack --quiet
### Renew SSL certificate every sunday at midnight
0 0 * * 0 /usr/share/vicibox-ssl/acme-renew.sh
# Example crontab entries for managing ViciWhite and Dynamic Portal
@reboot /usr/bin/VB-firewall --white --dynamic --quiet
* * * * * /usr/bin/VB-firewall --white --dynamic --quiet
vicibox11:~ #
Users browsing this forum: Google [Bot], mflorell and 54 guests