dbxe
/
fusionpbx-install.sh
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Iptables update (#238) 

* Update iptables.sh

Removed the rules with --string "system" as is can cause issues with legitimate SIP traffic from clients with user agents such as "3CXPhoneSystem"

* Update iptables.sh

Removed the rule --string "system" as is can cause issues with legitimate SIP traffic from clients with user agents such as "3CXPhoneSystem"
This commit is contained in:
J005 2019-06-01 05:37:49 +10:00 committed by FusionPBX
parent e0b2d6ae2e
commit 867d887596
2 changed files with 0 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
centos/resources/iptables.sh
View File

@ -24,8 +24,6 @@ iptables -A INPUT -j DROP -p udp --dport 5060:5091 -m string --string "script" -
iptables -A INPUT -j DROP -p tcp --dport 5060:5091 -m string --string "script" --algo bm --icase
iptables -A INPUT -j DROP -p udp --dport 5060:5091 -m string --string "exec." --algo bm --icase
iptables -A INPUT -j DROP -p tcp --dport 5060:5091 -m string --string "exec." --algo bm --icase
iptables -A INPUT -j DROP -p udp --dport 5060:5091 -m string --string "system" --algo bm --icase
iptables -A INPUT -j DROP -p tcp --dport 5060:5091 -m string --string "system" --algo bm --icase
iptables -A INPUT -j DROP -p udp --dport 5060:5091 -m string --string "multipart/mixed;boundary" --algo bm --icase
iptables -A INPUT -j DROP -p tcp --dport 5060:5091 -m string --string "multipart/mixed;boundary" --algo bm --icase
iptables -A INPUT -p tcp --dport 22 -j ACCEPT

2
debian/resources/iptables.sh vendored
View File

@ -24,8 +24,6 @@ iptables -A INPUT -j DROP -p udp --dport 5060:5091 -m string --string "script" -
iptables -A INPUT -j DROP -p tcp --dport 5060:5091 -m string --string "script" --algo bm --icase
iptables -A INPUT -j DROP -p udp --dport 5060:5091 -m string --string "exec." --algo bm --icase
iptables -A INPUT -j DROP -p tcp --dport 5060:5091 -m string --string "exec." --algo bm --icase
iptables -A INPUT -j DROP -p udp --dport 5060:5091 -m string --string "system" --algo bm --icase
iptables -A INPUT -j DROP -p tcp --dport 5060:5091 -m string --string "system" --algo bm --icase
iptables -A INPUT -j DROP -p udp --dport 5060:5091 -m string --string "multipart/mixed;boundary" --algo bm --icase
iptables -A INPUT -j DROP -p tcp --dport 5060:5091 -m string --string "multipart/mixed;boundary" --algo bm --icase
iptables -A INPUT -p tcp --dport 22 -j ACCEPT