Sangoma Responsive Firewall Error on FreePBX
-
Here is the complete output of the log, including the part where the log tells you to look in the same log for more info.
Starting firewall. 1463587870: Wall: 'Firewall service now starting. ' returned 0 1463587871: INTERFACE INIT: eth0 => trusted 1463587871: /sbin/iptables -N fpbxfirewall iptables: Invalid argument. Run `dmesg' for more information. 1463587871: /sbin/ip6tables -N fpbxfirewall 1463587871: /sbin/iptables -I INPUT -j fpbxfirewall 1463587871: /sbin/ip6tables -I INPUT -j fpbxfirewall 1463587871: /sbin/iptables -N fpbxfirewall iptables: Chain already exists. 1463587871: /sbin/ip6tables -N fpbxfirewall ip6tables: Chain already exists. 1463587871: /sbin/ip6tables -A fpbxfirewall -i lo -j ACCEPT 1463587871: /sbin/iptables -A fpbxfirewall -i lo -j ACCEPT 1463587871: /sbin/ip6tables -A fpbxfirewall -p tcp -m state --state RELATED,ESTABLISHED -j ACCEPT 1463587871: /sbin/iptables -A fpbxfirewall -p tcp -m state --state RELATED,ESTABLISHED -j ACCEPT 1463587871: /sbin/ip6tables -A fpbxfirewall -p udp --sport 1:1024 -m state --state RELATED,ESTABLISHED -j ACCEPT 1463587872: /sbin/iptables -A fpbxfirewall -p udp --sport 1:1024 -m state --state RELATED,ESTABLISHED -j ACCEPT 1463587872: /sbin/iptables -A fpbxfirewall -p icmp -j ACCEPT 1463587872: /sbin/ip6tables -A fpbxfirewall -p ipv6-icmp -j ACCEPT 1463587872: /sbin/iptables -A fpbxfirewall -d 255.255.255.255/32 -j ACCEPT 1463587872: /sbin/ip6tables -A fpbxfirewall -m pkttype --pkt-type multicast -j ACCEPT 1463587872: /sbin/iptables -A fpbxfirewall -m pkttype --pkt-type multicast -j ACCEPT 1463587872: /sbin/ip6tables -A fpbxfirewall -p udp -m udp --dport 67:68 --sport 67:68 -j ACCEPT 1463587872: /sbin/iptables -A fpbxfirewall -p udp -m udp --dport 67:68 --sport 67:68 -j ACCEPT 1463587872: /sbin/iptables -N fpbx-rtp 1463587872: /sbin/ip6tables -N fpbx-rtp 1463587872: /sbin/ip6tables -A fpbxfirewall -j fpbx-rtp 1463587872: /sbin/iptables -A fpbxfirewall -j fpbx-rtp 1463587872: /sbin/iptables -N fpbxblacklist 1463587872: /sbin/ip6tables -N fpbxblacklist 1463587872: /sbin/ip6tables -A fpbxfirewall -j fpbxblacklist 1463587872: /sbin/iptables -A fpbxfirewall -j fpbxblacklist 1463587872: /sbin/iptables -N fpbxsignalling 1463587872: /sbin/ip6tables -N fpbxsignalling 1463587872: /sbin/ip6tables -A fpbxfirewall -j fpbxsignalling 1463587872: /sbin/iptables -A fpbxfirewall -j fpbxsignalling 1463587872: /sbin/iptables -N fpbxsmarthosts 1463587872: /sbin/ip6tables -N fpbxsmarthosts 1463587872: /sbin/ip6tables -A fpbxfirewall -j fpbxsmarthosts 1463587872: /sbin/iptables -A fpbxfirewall -j fpbxsmarthosts 1463587872: /sbin/iptables -N fpbxregistrations 1463587872: /sbin/ip6tables -N fpbxregistrations 1463587872: /sbin/ip6tables -A fpbxfirewall -j fpbxregistrations 1463587872: /sbin/iptables -A fpbxfirewall -j fpbxregistrations 1463587872: /sbin/iptables -N fpbxnets 1463587872: /sbin/ip6tables -N fpbxnets 1463587872: /sbin/ip6tables -A fpbxfirewall -j fpbxnets 1463587872: /sbin/iptables -A fpbxfirewall -j fpbxnets 1463587872: /sbin/iptables -N fpbxhosts 1463587872: /sbin/ip6tables -N fpbxhosts 1463587872: /sbin/ip6tables -A fpbxfirewall -j fpbxhosts 1463587872: /sbin/iptables -A fpbxfirewall -j fpbxhosts 1463587872: /sbin/iptables -N fpbxinterfaces 1463587872: /sbin/ip6tables -N fpbxinterfaces 1463587872: /sbin/ip6tables -A fpbxfirewall -j fpbxinterfaces 1463587872: /sbin/iptables -A fpbxfirewall -j fpbxinterfaces 1463587872: /sbin/iptables -N fpbxreject 1463587872: /sbin/ip6tables -N fpbxreject 1463587872: /sbin/ip6tables -A fpbxfirewall -j fpbxreject 1463587872: /sbin/iptables -A fpbxfirewall -j fpbxreject 1463587872: /sbin/iptables -N fpbxrfw 1463587872: /sbin/ip6tables -N fpbxrfw 1463587872: /sbin/ip6tables -A fpbxfirewall -m mark --mark 0x2/0x2 -j fpbxrfw 1463587872: /sbin/iptables -A fpbxfirewall -m mark --mark 0x2/0x2 -j fpbxrfw 1463587872: /sbin/iptables -N fpbxlogdrop 1463587872: /sbin/ip6tables -N fpbxlogdrop 1463587872: /sbin/ip6tables -A fpbxfirewall -j fpbxlogdrop 1463587872: /sbin/iptables -A fpbxfirewall -j fpbxlogdrop 1463587872: /sbin/iptables -N zone-trusted 1463587872: /sbin/ip6tables -N zone-trusted 1463587872: /sbin/ip6tables -A zone-trusted -j ACCEPT 1463587872: /sbin/iptables -A zone-trusted -j ACCEPT 1463587872: /sbin/ip6tables -A fpbxrfw -m recent --set --name REPEAT --rsource 1463587872: /sbin/iptables -A fpbxrfw -m recent --set --name REPEAT --rsource 1463587872: /sbin/ip6tables -A fpbxrfw -m recent --set --name DISCOVERED --rsource 1463587872: /sbin/iptables -A fpbxrfw -m recent --set --name DISCOVERED --rsource 1463587872: /sbin/iptables -N fpbxattacker 1463587872: /sbin/ip6tables -N fpbxattacker 1463587872: /sbin/ip6tables -A fpbxrfw -m recent --rcheck --seconds 10 --hitcount 50 --name REPEAT --rsource -j fpbxattacker ip6tables: Invalid argument. Run `dmesg' for more information. 1463587872: /sbin/iptables -A fpbxrfw -m recent --rcheck --seconds 10 --hitcount 50 --name REPEAT --rsource -j fpbxattacker iptables: Invalid argument. Run `dmesg' for more information. 1463587872: /sbin/ip6tables -A fpbxrfw -m recent --rcheck --seconds 86400 --hitcount 1 --name ATTACKER --rsource -j fpbxattacker 1463587872: /sbin/iptables -A fpbxrfw -m recent --rcheck --seconds 86400 --hitcount 1 --name ATTACKER --rsource -j fpbxattacker 1463587872: /sbin/iptables -N fpbxshortblock 1463587872: /sbin/ip6tables -N fpbxshortblock 1463587872: /sbin/ip6tables -A fpbxrfw -m recent --rcheck --seconds 60 --hitcount 10 --name SIGNALLING --rsource -j fpbxshortblock 1463587872: /sbin/iptables -A fpbxrfw -m recent --rcheck --seconds 60 --hitcount 10 --name SIGNALLING --rsource -j fpbxshortblock 1463587872: /sbin/ip6tables -A fpbxrfw -m recent --set --name SIGNALLING --rsource 1463587872: /sbin/iptables -A fpbxrfw -m recent --set --name SIGNALLING --rsource 1463587872: /sbin/ip6tables -A fpbxrfw -m recent --rcheck --seconds 86400 --hitcount 100 --name REPEAT --rsource -j fpbxattacker ip6tables: Invalid argument. Run `dmesg' for more information. 1463587872: /sbin/iptables -A fpbxrfw -m recent --rcheck --seconds 86400 --hitcount 100 --name REPEAT --rsource -j fpbxattacker iptables: Invalid argument. Run `dmesg' for more information. 1463587872: /sbin/ip6tables -A fpbxrfw -j ACCEPT 1463587872: /sbin/iptables -A fpbxrfw -j ACCEPT 1463587872: /sbin/ip6tables -A fpbxattacker -m recent --set --name ATTACKER --rsource 1463587872: /sbin/iptables -A fpbxattacker -m recent --set --name ATTACKER --rsource 1463587872: /sbin/ip6tables -A fpbxattacker -j LOG --log-prefix 'attacker: ' 1463587872: /sbin/iptables -A fpbxattacker -j LOG --log-prefix 'attacker: ' 1463587872: /sbin/ip6tables -A fpbxattacker -j DROP 1463587872: /sbin/iptables -A fpbxattacker -j DROP 1463587872: /sbin/ip6tables -A fpbxshortblock -m recent --set --name CLAMPED --rsource 1463587872: /sbin/iptables -A fpbxshortblock -m recent --set --name CLAMPED --rsource 1463587872: /sbin/ip6tables -A fpbxshortblock -j LOG --log-prefix 'clamped: ' 1463587872: /sbin/iptables -A fpbxshortblock -j LOG --log-prefix 'clamped: ' 1463587872: /sbin/ip6tables -A fpbxshortblock -j REJECT 1463587872: /sbin/iptables -A fpbxshortblock -j REJECT 1463587872: /sbin/ip6tables -A fpbxlogdrop -j REJECT 1463587872: /sbin/iptables -A fpbxlogdrop -j REJECT 1463587872: /sbin/iptables -N fpbxknownreg 1463587872: /sbin/ip6tables -N fpbxknownreg 1463587872: /sbin/ip6tables -A fpbxknownreg -m mark --mark 0x1/0x1 -j ACCEPT 1463587872: /sbin/iptables -A fpbxknownreg -m mark --mark 0x1/0x1 -j ACCEPT 1463587872: /sbin/iptables -N fpbxsvc-ucp 1463587872: /sbin/ip6tables -N fpbxsvc-ucp 1463587872: /sbin/ip6tables -A fpbxknownreg -j fpbxsvc-ucp 1463587872: /sbin/iptables -A fpbxknownreg -j fpbxsvc-ucp 1463587872: /sbin/iptables -N fpbxsvc-zulu 1463587872: /sbin/ip6tables -N fpbxsvc-zulu 1463587872: /sbin/ip6tables -A fpbxknownreg -j fpbxsvc-zulu 1463587872: /sbin/iptables -A fpbxknownreg -j fpbxsvc-zulu 1463587872: /sbin/ip6tables -A fpbxinterfaces -i eth0 -j zone-trusted 1463587872: /sbin/iptables -A fpbxinterfaces -i eth0 -j zone-trusted 1463587872: /sbin/iptables -A fpbxnets -s 109.98.255.68/32 -j zone-trusted 1463587872: /sbin/iptables -A fpbxnets -s 109.98.255.0/24 -j zone-trusted 1463587873: /sbin/iptables -N fpbxsvc-ssh 1463587873: /sbin/ip6tables -N fpbxsvc-ssh 1463587873: /sbin/ip6tables -F fpbxsvc-ssh 1463587873: /sbin/ip6tables -A fpbxsvc-ssh -p tcp -m tcp --dport 22 -j ACCEPT 1463587873: /sbin/iptables -F fpbxsvc-ssh 1463587873: /sbin/iptables -A fpbxsvc-ssh -p tcp -m tcp --dport 22 -j ACCEPT 1463587873: /sbin/iptables -N zone-external 1463587873: /sbin/ip6tables -N zone-external 1463587873: /sbin/ip6tables -A zone-external -j fpbxsvc-ssh 1463587873: /sbin/iptables -N zone-internal 1463587873: /sbin/ip6tables -N zone-internal 1463587873: /sbin/ip6tables -A zone-internal -j fpbxsvc-ssh 1463587873: /sbin/iptables -A zone-external -j fpbxsvc-ssh 1463587873: /sbin/iptables -A zone-internal -j fpbxsvc-ssh 1463587873: /sbin/iptables -N fpbxsvc-http 1463587873: /sbin/ip6tables -N fpbxsvc-http 1463587873: /sbin/ip6tables -F fpbxsvc-http 1463587873: /sbin/ip6tables -A fpbxsvc-http -p tcp -m tcp --dport 80 -j ACCEPT 1463587873: /sbin/iptables -F fpbxsvc-http 1463587873: /sbin/iptables -A fpbxsvc-http -p tcp -m tcp --dport 80 -j ACCEPT 1463587873: /sbin/ip6tables -A zone-internal -j fpbxsvc-http 1463587873: /sbin/iptables -A zone-internal -j fpbxsvc-http 1463587873: /sbin/iptables -N fpbxsvc-https 1463587873: /sbin/ip6tables -N fpbxsvc-https 1463587873: /sbin/ip6tables -F fpbxsvc-https 1463587873: /sbin/ip6tables -A fpbxsvc-https -p tcp -m tcp --dport 443 -j ACCEPT 1463587873: /sbin/iptables -F fpbxsvc-https 1463587873: /sbin/iptables -A fpbxsvc-https -p tcp -m tcp --dport 443 -j ACCEPT 1463587873: /sbin/ip6tables -A zone-external -j fpbxsvc-https 1463587873: /sbin/ip6tables -A zone-internal -j fpbxsvc-https 1463587873: /sbin/iptables -A zone-external -j fpbxsvc-https 1463587873: /sbin/iptables -A zone-internal -j fpbxsvc-https 1463587873: /sbin/ip6tables -F fpbxsvc-ucp 1463587873: /sbin/ip6tables -A fpbxsvc-ucp -p tcp -m tcp --dport 81 -j ACCEPT 1463587873: /sbin/ip6tables -A fpbxsvc-ucp -p tcp -m tcp --dport 8001 -j ACCEPT 1463587873: /sbin/ip6tables -A fpbxsvc-ucp -p tcp -m tcp --dport 8003 -j ACCEPT 1463587873: /sbin/iptables -F fpbxsvc-ucp 1463587873: /sbin/iptables -A fpbxsvc-ucp -p tcp -m tcp --dport 81 -j ACCEPT 1463587873: /sbin/iptables -A fpbxsvc-ucp -p tcp -m tcp --dport 8001 -j ACCEPT 1463587873: /sbin/iptables -A fpbxsvc-ucp -p tcp -m tcp --dport 8003 -j ACCEPT 1463587873: /sbin/ip6tables -A zone-external -j fpbxsvc-ucp 1463587873: /sbin/iptables -N zone-other 1463587873: /sbin/ip6tables -N zone-other 1463587873: /sbin/ip6tables -A zone-other -j fpbxsvc-ucp 1463587873: /sbin/ip6tables -A zone-internal -j fpbxsvc-ucp 1463587873: /sbin/iptables -A zone-external -j fpbxsvc-ucp 1463587873: /sbin/iptables -A zone-other -j fpbxsvc-ucp 1463587873: /sbin/iptables -A zone-internal -j fpbxsvc-ucp 1463587873: /sbin/iptables -N fpbxsvc-pjsip 1463587873: /sbin/ip6tables -N fpbxsvc-pjsip 1463587873: /sbin/ip6tables -F fpbxsvc-pjsip 1463587873: /sbin/ip6tables -A fpbxsvc-pjsip -p udp -m udp --dport 5060 -j ACCEPT 1463587873: /sbin/iptables -F fpbxsvc-pjsip 1463587873: /sbin/iptables -A fpbxsvc-pjsip -p udp -m udp --dport 5060 -j ACCEPT 1463587873: /sbin/ip6tables -A zone-external -j fpbxsvc-pjsip 1463587873: /sbin/ip6tables -A zone-other -j fpbxsvc-pjsip 1463587873: /sbin/ip6tables -A zone-internal -j fpbxsvc-pjsip 1463587873: /sbin/iptables -A zone-external -j fpbxsvc-pjsip 1463587873: /sbin/iptables -A zone-other -j fpbxsvc-pjsip 1463587873: /sbin/iptables -A zone-internal -j fpbxsvc-pjsip 1463587873: /sbin/iptables -N fpbxsvc-chansip 1463587873: /sbin/ip6tables -N fpbxsvc-chansip 1463587873: /sbin/ip6tables -F fpbxsvc-chansip 1463587873: /sbin/ip6tables -A fpbxsvc-chansip -p udp -m udp --dport 5061 -j ACCEPT 1463587873: /sbin/iptables -F fpbxsvc-chansip 1463587873: /sbin/iptables -A fpbxsvc-chansip -p udp -m udp --dport 5061 -j ACCEPT 1463587873: /sbin/ip6tables -A zone-internal -j fpbxsvc-chansip 1463587873: /sbin/iptables -A zone-internal -j fpbxsvc-chansip 1463587873: /sbin/iptables -N fpbxsvc-iax 1463587873: /sbin/ip6tables -N fpbxsvc-iax 1463587873: /sbin/ip6tables -F fpbxsvc-iax 1463587873: /sbin/ip6tables -A fpbxsvc-iax -p udp -m udp --dport 4569 -j ACCEPT 1463587873: /sbin/iptables -F fpbxsvc-iax 1463587873: /sbin/iptables -A fpbxsvc-iax -p udp -m udp --dport 4569 -j ACCEPT 1463587873: /sbin/ip6tables -A zone-internal -j fpbxsvc-iax 1463587873: /sbin/iptables -A zone-internal -j fpbxsvc-iax 1463587873: /sbin/iptables -N fpbxsvc-webrtc 1463587873: /sbin/ip6tables -N fpbxsvc-webrtc 1463587873: /sbin/ip6tables -F fpbxsvc-webrtc 1463587873: /sbin/ip6tables -A fpbxsvc-webrtc -p tcp -m tcp --dport 8088 -j ACCEPT 1463587873: /sbin/ip6tables -A fpbxsvc-webrtc -p tcp -m tcp --dport 8089 -j ACCEPT 1463587873: /sbin/iptables -F fpbxsvc-webrtc 1463587873: /sbin/iptables -A fpbxsvc-webrtc -p tcp -m tcp --dport 8088 -j ACCEPT 1463587873: /sbin/iptables -A fpbxsvc-webrtc -p tcp -m tcp --dport 8089 -j ACCEPT 1463587873: /sbin/ip6tables -A zone-external -j fpbxsvc-webrtc 1463587873: /sbin/iptables -A zone-external -j fpbxsvc-webrtc 1463587873: /sbin/iptables -N fpbxsvc-isymphony 1463587873: /sbin/ip6tables -N fpbxsvc-isymphony 1463587873: /sbin/ip6tables -F fpbxsvc-isymphony 1463587873: /sbin/ip6tables -A fpbxsvc-isymphony -p tcp -m tcp --dport 58080 -j ACCEPT 1463587873: /sbin/ip6tables -A fpbxsvc-isymphony -p tcp -m tcp --dport 55050 -j ACCEPT 1463587873: /sbin/iptables -F fpbxsvc-isymphony 1463587873: /sbin/iptables -A fpbxsvc-isymphony -p tcp -m tcp --dport 58080 -j ACCEPT 1463587873: /sbin/iptables -A fpbxsvc-isymphony -p tcp -m tcp --dport 55050 -j ACCEPT 1463587873: /sbin/ip6tables -A zone-external -j fpbxsvc-isymphony 1463587873: /sbin/ip6tables -A zone-internal -j fpbxsvc-isymphony 1463587873: /sbin/iptables -A zone-external -j fpbxsvc-isymphony 1463587873: /sbin/iptables -A zone-internal -j fpbxsvc-isymphony 1463587873: /sbin/iptables -N fpbxsvc-provis 1463587873: /sbin/ip6tables -N fpbxsvc-provis 1463587873: /sbin/ip6tables -F fpbxsvc-provis 1463587873: /sbin/ip6tables -A fpbxsvc-provis -p tcp -m tcp --dport 83 -j ACCEPT 1463587873: /sbin/iptables -F fpbxsvc-provis 1463587873: /sbin/iptables -A fpbxsvc-provis -p tcp -m tcp --dport 83 -j ACCEPT 1463587873: /sbin/ip6tables -A zone-other -j fpbxsvc-provis 1463587873: /sbin/ip6tables -A zone-internal -j fpbxsvc-provis 1463587873: /sbin/iptables -A zone-other -j fpbxsvc-provis 1463587873: /sbin/iptables -A zone-internal -j fpbxsvc-provis 1463587873: /sbin/iptables -N fpbxsvc-vpn 1463587873: /sbin/ip6tables -N fpbxsvc-vpn 1463587873: /sbin/ip6tables -F fpbxsvc-vpn 1463587873: /sbin/ip6tables -A fpbxsvc-vpn -p udp -m udp --dport 1194 -j ACCEPT 1463587873: /sbin/iptables -F fpbxsvc-vpn 1463587873: /sbin/iptables -A fpbxsvc-vpn -p udp -m udp --dport 1194 -j ACCEPT 1463587873: /sbin/ip6tables -A zone-external -j fpbxsvc-vpn 1463587873: /sbin/ip6tables -A zone-other -j fpbxsvc-vpn 1463587873: /sbin/ip6tables -A zone-internal -j fpbxsvc-vpn 1463587873: /sbin/iptables -A zone-external -j fpbxsvc-vpn 1463587873: /sbin/iptables -A zone-other -j fpbxsvc-vpn 1463587873: /sbin/iptables -A zone-internal -j fpbxsvc-vpn 1463587873: /sbin/iptables -N fpbxsvc-restapps 1463587873: /sbin/ip6tables -N fpbxsvc-restapps 1463587873: /sbin/ip6tables -F fpbxsvc-restapps 1463587873: /sbin/ip6tables -A fpbxsvc-restapps -p tcp -m tcp --dport 84 -j ACCEPT 1463587873: /sbin/iptables -F fpbxsvc-restapps 1463587873: /sbin/iptables -A fpbxsvc-restapps -p tcp -m tcp --dport 84 -j ACCEPT 1463587873: /sbin/ip6tables -A zone-internal -j fpbxsvc-restapps 1463587873: /sbin/iptables -A zone-internal -j fpbxsvc-restapps 1463587873: /sbin/iptables -N fpbxsvc-xmpp 1463587873: /sbin/ip6tables -N fpbxsvc-xmpp 1463587873: /sbin/ip6tables -F fpbxsvc-xmpp 1463587873: /sbin/ip6tables -A fpbxsvc-xmpp -p tcp -m tcp --dport 5222 -j ACCEPT 1463587873: /sbin/iptables -F fpbxsvc-xmpp 1463587873: /sbin/iptables -A fpbxsvc-xmpp -p tcp -m tcp --dport 5222 -j ACCEPT 1463587873: /sbin/ip6tables -A zone-external -j fpbxsvc-xmpp 1463587873: /sbin/ip6tables -A zone-other -j fpbxsvc-xmpp 1463587873: /sbin/ip6tables -A zone-internal -j fpbxsvc-xmpp 1463587873: /sbin/iptables -A zone-external -j fpbxsvc-xmpp 1463587873: /sbin/iptables -A zone-other -j fpbxsvc-xmpp 1463587873: /sbin/iptables -A zone-internal -j fpbxsvc-xmpp 1463587873: /sbin/iptables -N fpbxsvc-ftp 1463587873: /sbin/ip6tables -N fpbxsvc-ftp 1463587873: /sbin/ip6tables -F fpbxsvc-ftp 1463587873: /sbin/ip6tables -A fpbxsvc-ftp -p tcp -m tcp --dport 21 -j ACCEPT 1463587873: /sbin/iptables -F fpbxsvc-ftp 1463587873: /sbin/iptables -A fpbxsvc-ftp -p tcp -m tcp --dport 21 -j ACCEPT 1463587873: /sbin/ip6tables -A zone-internal -j fpbxsvc-ftp 1463587873: /sbin/iptables -A zone-internal -j fpbxsvc-ftp 1463587873: /sbin/iptables -N fpbxsvc-tftp 1463587873: /sbin/ip6tables -N fpbxsvc-tftp 1463587873: /sbin/ip6tables -F fpbxsvc-tftp 1463587873: /sbin/ip6tables -A fpbxsvc-tftp -p udp -m udp --dport 69 -j ACCEPT 1463587873: /sbin/iptables -F fpbxsvc-tftp 1463587873: /sbin/iptables -A fpbxsvc-tftp -p udp -m udp --dport 69 -j ACCEPT 1463587873: /sbin/ip6tables -A zone-internal -j fpbxsvc-tftp 1463587873: /sbin/iptables -A zone-internal -j fpbxsvc-tftp 1463587873: /sbin/iptables -N fpbxsvc-nfs 1463587873: /sbin/ip6tables -N fpbxsvc-nfs 1463587873: /sbin/iptables -N rejsvc-nfs 1463587873: /sbin/ip6tables -N rejsvc-nfs 1463587873: /sbin/ip6tables -A fpbxreject -j rejsvc-nfs 1463587873: /sbin/iptables -A fpbxreject -j rejsvc-nfs 1463587873: /sbin/iptables -N fpbxsvc-smb 1463587873: /sbin/ip6tables -N fpbxsvc-smb 1463587873: /sbin/iptables -N rejsvc-smb 1463587873: /sbin/ip6tables -N rejsvc-smb 1463587873: /sbin/ip6tables -A fpbxreject -j rejsvc-smb 1463587873: /sbin/iptables -A fpbxreject -j rejsvc-smb 1463587873: /sbin/ip6tables -A fpbx-rtp -p udp -m udp --dport 10000:20000 -j ACCEPT 1463587873: /sbin/ip6tables -A fpbx-rtp -p udp -m udp --dport 4000:4999 -j ACCEPT 1463587873: /sbin/iptables -A fpbx-rtp -p udp -m udp --dport 10000:20000 -j ACCEPT 1463587873: /sbin/iptables -A fpbx-rtp -p udp -m udp --dport 4000:4999 -j ACCEPT 1463587873: /sbin/iptables -A fpbxsignalling -p udp -m udp --dport 5061 -j MARK --set-xmark 0x1/0xffffffff 1463587873: /sbin/iptables -A fpbxsignalling -p udp -m udp --dport 5060 -j MARK --set-xmark 0x1/0xffffffff 1463587873: /sbin/ip6tables -A fpbxhosts -s ::1/128 -j zone-trusted 1463587873: /sbin/iptables -A fpbxhosts -s 127.0.0.1/32 -j zone-trusted rfw rule 2 not valid (Is '-m recent --rcheck --seconds 86400 --hitcount 1 --name ATTACKER --rsource -j fpbxattacker', should start with '-m recent --rcheck --seconds 10 --hitcount 50 --name REPEAT --rsource') THIS MAY BE A KERNEL ISSUE. IF THIS KEEPS OCCURRING REBOOT YOUR MACHINE URGENTLY. 1463587908: Wall: 'Firewall Rules corrupted! Restarting in 5 seconds More information available in /tmp/firewall.log ' returned 0 ERROR Unable to contact server. Is it running? PHP Warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'America/New_York' for 'EDT/-4.0/DST' instead in /var/www/html/admin/modules/sysadmin/hooks/fail2ban-generate on line 76 ERROR Unable to contact server. Is it running?
-
I should note that eth0 was not set to trusted in the interface. It was set to external.
-
Module version was 13.0.28. Looks like a number of people reporting this error with 13.0.26 from two weeks ago.
-
-
@scottalanmiller said in Sangoma Responsive Firewall Error on FreePBX:
I should note that eth0 was not set to trusted in the interface. It was set to external.
Interesting that your setting seems not applied. If there are reports of errors, I would roll it back.
I had a weird error on reboot at one point over the weekend, but everything was good after that.
The FreePBX GUI makes it easy to roll back a module at least.
Click check online in module admin and then you can see the "Previous" option in the module info that will show you the rollback buttons.
-
@scottalanmiller official issue tracker report: http://issues.freepbx.org/browse/FREEPBX-12342
-
New install, no rollbacks.
-
@scottalanmiller said in Sangoma Responsive Firewall Error on FreePBX:
New install, no rollbacks.
You can still roll it back to a prior version.
-
@scottalanmiller You did not click the "Check Online" button first. Once you do, you will have the option as stated previously.
-
@JaredBusch said in Sangoma Responsive Firewall Error on FreePBX:
@scottalanmiller official issue tracker report: http://issues.freepbx.org/browse/FREEPBX-12342
LOL, got reported as I was discovering it
-
@JaredBusch said in Sangoma Responsive Firewall Error on FreePBX:
@scottalanmiller You did not click the "Check Online" button first. Once you do, you will have the option as stated previously.
I did that, actually. Let me try again.
-
That worked (the rollback)... testing 3.0.27.1
-
Looks like that one is working, thanks.