Fresh new install of Vitalpbx 4.5.0-3 onto debian 12 and the firewall does not function or start correctly. The debian 12 system is on a subnet that may not have ipv6 active.
On bootup the firewall is not running
# firewall-cmd --state
not running
# systemctl status firewalld
Dec 21 00:23:26 deb12 firewalld[162]: ERROR: Failed to load user configuration. Falling back to full stock configuration.
Dec 21 00:23:26 deb12 firewalld[162]: ERROR: INVALID_IPV: 'ipv6' is not a valid backend or is unavailable
In the vitalpbx webui Admin>Firewall>Settings when switching to enable firewall Yes and No the webgui displays error exception:
An exception has occurred
Exception: Error: INVALID_IPV: 'ipv6' is not a valid backend or is unavailable at file /usr/share/vitalpbx/www/modules/firewall_settings/firewall_settings.php on line 0
Error Trace
# File Function
1 /usr/share/vitalpbx/www/index.php:0 app\Core->run(...args);
2 /usr/share/vitalpbx/www/includes/app/Core.php:0 app\Core->_loadModule(...args);
3 /usr/share/vitalpbx/www/includes/app/Core.php:0 app\Core->loadModuleAction(...args);
4 /usr/share/vitalpbx/www/includes/app/Core.php:0 modules\firewall_settings\firewall_settings->put(...args);
I was troubleshooting this issue and found that vitalpbx is generating parts of the firewalld file at
/etc/firewalld/direct.xml
and there are 3 different lines with
ipv="ipv6"
If I comment out these entire 3 lines with ipv=“ipv6” and then restart firewalld then the firewalld service runs active without error.
<chain table="filter" ipv="ipv6" chain="vpbx_white_list"/>
<chain table="filter" ipv="ipv6" chain="vpbx_fail2ban"/>
<rule priority="4" table="filter" ipv="ipv6" chain="INPUT_direct">-j vpbx_fail2ban</rule>
How can I configure Vitalpbx to stop generating these ipv6 lines? Or is there an alternative solution that I need to configure firewalld or iptables or the network on the host differently?
Thank you
corrected formatting - mod