Updates to Firewall Services Not Applied

Reporting an Issue
1

Adding new ports in the Firewall Services tab of the GUI never get activated in the firewall.
vitalpbx apply-firewall doesn’t apply the new entries either.

Screenshot 2023-07-26 at 2.52.44 PM
Screenshot 2023-07-26 at 2.52.44 PM1862×336 11.6 KB

MySQL table is populated properly from the GUI:

Screenshot 2023-07-26 at 2.57.24 PM
Screenshot 2023-07-26 at 2.57.24 PM1028×642 143 KB

iptables -nL continues to list only the default services settings as shown below:

Chain IN_public_allow (1 references)
target     prot opt source               destination         
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            udp dpts:10000:20000 ctstate NEW,UNTRACKED
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpts:5060:5061 ctstate NEW,UNTRACKED
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            udp dpts:5060:5061 ctstate NEW,UNTRACKED
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:80 ctstate NEW,UNTRACKED
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:443 ctstate NEW,UNTRACKED
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:22 ctstate NEW,UNTRACKED
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            udp dpts:67:68 ctstate NEW,UNTRACKED
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:53 ctstate NEW,UNTRACKED
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            udp dpt:53 ctstate NEW,UNTRACKED
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            udp dpt:123 ctstate NEW,UNTRACKED
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            udp dpt:4569 ctstate NEW,UNTRACKED
ACCEPT     udp  --  0.0.0.0/0            224.0.0.251          udp dpt:5353 ctstate NEW,UNTRACKED
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpts:5062:5063 ctstate NEW,UNTRACKED
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            udp dpts:5062:5063 ctstate NEW,UNTRACKED
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpts:3500:3501 ctstate NEW,UNTRACKED
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:6001 ctstate NEW,UNTRACKED
2

Hello There,

On VitalPBX, you must alter two modules to allow a port or a range of ports.

Here are the steps:

  1. Add the service with the desired port or range of ports(Admin > Firewall > Services).

    Add Service
    Add Service1627×845 41.4 KB

  2. Select the service in the rules module(Admin > Firewall > Rules).

    Add Rule
    Add Rule1594×873 42.9 KB

  3. Finally, Apply Changes.

I hope this helps you to understand how the Firewall works on VitalPBX.

2 Likes