From 867d8875965e3a82157a46653b62716986329062 Mon Sep 17 00:00:00 2001
From: J005 <24558950+J005@users.noreply.github.com>
Date: Sat, 1 Jun 2019 05:37:49 +1000
Subject: [PATCH] Iptables update (#238)

* Update iptables.sh

Removed the rules with --string "system" as is can cause issues with legitimate SIP traffic from clients with user agents such as "3CXPhoneSystem"

* Update iptables.sh

Removed the rule --string "system" as is can cause issues with legitimate SIP traffic from clients with user agents such as "3CXPhoneSystem"
---
 centos/resources/iptables.sh | 2 --
 debian/resources/iptables.sh | 2 --
 2 files changed, 4 deletions(-)

diff --git a/centos/resources/iptables.sh b/centos/resources/iptables.sh
index 503aa1b..abad02d 100644
--- a/centos/resources/iptables.sh
+++ b/centos/resources/iptables.sh
@@ -24,8 +24,6 @@ iptables -A INPUT -j DROP -p udp --dport 5060:5091 -m string --string "script" -
 iptables -A INPUT -j DROP -p tcp --dport 5060:5091 -m string --string "script" --algo bm --icase
 iptables -A INPUT -j DROP -p udp --dport 5060:5091 -m string --string "exec." --algo bm --icase
 iptables -A INPUT -j DROP -p tcp --dport 5060:5091 -m string --string "exec." --algo bm --icase
-iptables -A INPUT -j DROP -p udp --dport 5060:5091 -m string --string "system" --algo bm --icase
-iptables -A INPUT -j DROP -p tcp --dport 5060:5091 -m string --string "system" --algo bm --icase
 iptables -A INPUT -j DROP -p udp --dport 5060:5091 -m string --string "multipart/mixed;boundary" --algo bm --icase
 iptables -A INPUT -j DROP -p tcp --dport 5060:5091 -m string --string "multipart/mixed;boundary" --algo bm --icase
 iptables -A INPUT -p tcp --dport 22 -j ACCEPT
diff --git a/debian/resources/iptables.sh b/debian/resources/iptables.sh
index 25e76b9..b4dfe0d 100755
--- a/debian/resources/iptables.sh
+++ b/debian/resources/iptables.sh
@@ -24,8 +24,6 @@ iptables -A INPUT -j DROP -p udp --dport 5060:5091 -m string --string "script" -
 iptables -A INPUT -j DROP -p tcp --dport 5060:5091 -m string --string "script" --algo bm --icase
 iptables -A INPUT -j DROP -p udp --dport 5060:5091 -m string --string "exec." --algo bm --icase
 iptables -A INPUT -j DROP -p tcp --dport 5060:5091 -m string --string "exec." --algo bm --icase
-iptables -A INPUT -j DROP -p udp --dport 5060:5091 -m string --string "system" --algo bm --icase
-iptables -A INPUT -j DROP -p tcp --dport 5060:5091 -m string --string "system" --algo bm --icase
 iptables -A INPUT -j DROP -p udp --dport 5060:5091 -m string --string "multipart/mixed;boundary" --algo bm --icase
 iptables -A INPUT -j DROP -p tcp --dport 5060:5091 -m string --string "multipart/mixed;boundary" --algo bm --icase
 iptables -A INPUT -p tcp --dport 22 -j ACCEPT