nsinnovations/fusionpbx-install.sh
Public Access
2
0
Fork 0
forked from norman/fusionpbx-install.sh-github-mirror
Code Pull Requests Activity

Iptables update (#238)

Browse Source 
* Update iptables.sh

Removed the rules with --string "system" as is can cause issues with legitimate SIP traffic from clients with user agents such as "3CXPhoneSystem"

* Update iptables.sh

Removed the rule --string "system" as is can cause issues with legitimate SIP traffic from clients with user agents such as "3CXPhoneSystem"
This commit is contained in:
J005
2019-06-01 05:37:49 +10:00
committed by FusionPBX
parent e0b2d6ae2e
commit 867d887596
2 changed files with 0 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
centos/resources/iptables.sh
View File

@@ -24,8 +24,6 @@ iptables -A INPUT -j DROP -p udp --dport 5060:5091 -m string --string "script" -
iptables -A INPUT -j DROP -p tcp --dport 5060:5091 -m string --string "script" --algo bm --icase
iptables -A INPUT -j DROP -p udp --dport 5060:5091 -m string --string "exec." --algo bm --icase
iptables -A INPUT -j DROP -p tcp --dport 5060:5091 -m string --string "exec." --algo bm --icase
iptables -A INPUT -j DROP -p udp --dport 5060:5091 -m string --string "system" --algo bm --icase
iptables -A INPUT -j DROP -p tcp --dport 5060:5091 -m string --string "system" --algo bm --icase
iptables -A INPUT -j DROP -p udp --dport 5060:5091 -m string --string "multipart/mixed;boundary" --algo bm --icase
iptables -A INPUT -j DROP -p tcp --dport 5060:5091 -m string --string "multipart/mixed;boundary" --algo bm --icase
iptables -A INPUT -p tcp --dport 22 -j ACCEPT

2
debian/resources/iptables.sh vendored
View File

@@ -24,8 +24,6 @@ iptables -A INPUT -j DROP -p udp --dport 5060:5091 -m string --string "script" -
iptables -A INPUT -j DROP -p tcp --dport 5060:5091 -m string --string "script" --algo bm --icase
iptables -A INPUT -j DROP -p udp --dport 5060:5091 -m string --string "exec." --algo bm --icase
iptables -A INPUT -j DROP -p tcp --dport 5060:5091 -m string --string "exec." --algo bm --icase
iptables -A INPUT -j DROP -p udp --dport 5060:5091 -m string --string "system" --algo bm --icase
iptables -A INPUT -j DROP -p tcp --dport 5060:5091 -m string --string "system" --algo bm --icase
iptables -A INPUT -j DROP -p udp --dport 5060:5091 -m string --string "multipart/mixed;boundary" --algo bm --icase
iptables -A INPUT -j DROP -p tcp --dport 5060:5091 -m string --string "multipart/mixed;boundary" --algo bm --icase
iptables -A INPUT -p tcp --dport 22 -j ACCEPT