Home Forums SecAst (Security for Asterisk) General firewalld support Reply To: firewalld support

Telium Support Group
Moderator
Post count: 263

Yes. Many people don’t realize ‘firewalld’ is not really a firewall, so much as it is a group of functions which apply iptables rules to the local system. (It offers nothing beyond iptables rules). You can tell SecAst to continue to work with iptables directly, or, you can tell SecAst to treat firewalld as an external firewall and use the firewalld event handler provided by Telium.

However, we generally recommend that you block traffic at a real firewall, and not at the PBX. Support for local iptables is offered primarily for SOHO users or people experimenting with Asterisk. By the time a PBX is ready for production you should let SecAst block IP’s at the firewall.

We include sample event handlers, for example the Mikrotik firewall interface. If you use this event handler as a sample you should be able to interface with almost any firewall. If you need help getting your own firewall event handler working just contact support. Once your firewall event handler is complete please consider donating it to the collection of scripts included with SecAst.