1. FreePBX
2. firewall
3. source strings
4. review

%s is a web-based call management solution.

%s is not configured correctly.

<strong>Important Warning!</strong> If you are in a hosted environment (for example, AWS) and you enable this, you may be inadvertently allowing other hosted clients unrestricted access to your machine! Please use common sense to make sure that you are only allowing known trusted networks.

A 'Trusted' interface means that <strong>no filtering</strong> will be applied to any traffic arriving at that interface. Newly discovered interfaces are set to this zone so they can be configured correctly without interfering with existing traffic.

A network interface that is assigned to the 'Trusted' zone has been detected. This is a misconfiguration. To ensure your system is protected from attacks, please change the default zone of interface '%s'.

A new, unconfigured, network interface has been detected. Please assign interface '%s' to a zone.

About Zones

Add Host

Add Network

Add New

Add the hostname or IP specified to the Trusted Zone

Add to 'zone' the IDs provided.

Add to Trusted

Added

Advanced

Advanced Settings

After an endpoint is registered, the source of that endpoint is %s permission to use UCP, if UCP is enabled.

All Tunnel Interfaces are automatically set to Local

All blacklisted entries.

All entries in zone '%s':

All interfaces must be assigned to a default zone. Any traffic received by this interface, unless overridden in Networks, will have access to the services available to this zone.

All network connections are accepted. No firewalling is done on this interface.

Allows <strong>temporary</strong> Internet zone access to the LetsEncrypt acme-challenge folder during an active certificate update request.

An error has occurred!

Any changes you make will be saved, but will not take effect until the firewall is started.

Any hosts in this section have been classified as an attacker. All traffic from them will be ignored until they cease attempting to contact the server for more than 24 hours.

Any hosts in this section have been rate limited, because they have sent too much data to this machine without successfully registering.

Any incoming network packets are rejected. Note that this zone still accepts RTP traffic, but no other ports are listening by default. You rarely want to use this.

Any name

Any traffic arriving at eth0 from 203.55.66.88 (or any other undefined host or network) will only have access to services available to the 'Internet' zone, as that has been set to be the default zone for traffic arriving at that interface.

As this machine has recently been rebooted, the firewall is <strong>temporarily</strong> running in Safe Mode, with no rules applied.

As you are connecting from an IPv6 network it is <strong>highly recommended</strong> to add this network, as IPv6 security extensions may unexpectedly change your IP address.

Assigned Zone

At the completion of this wizard, the firewall will be automatically enabled.

Attempting to add '%s' to Blacklist ...

Attempting to add '%s' to Zone '%s' ...

Attempting to remove %s from '%s' Zone ...

Automatically configure Asterisk IP Settings?

Below is a list of clients that have successfully registered and been validated by Responsive Firewall.

Blacklist

Blocked Attackers

Blocked Hosts

Both (TCP and UDP)

By sending a Reject packet, the attacker knows that they have discovered a machine. By dropping the packet silently, no response is sent to the attacker, and they may move on to a different target.

CHANSIP is not available on this machine

CHAN_SIP Protocol

Can not Disable Firewall

Cancel

Command to run (see --help)

Connectivity