firewalld support

Features, capabilities, and information about SecAst
Post Reply
User avatar
CRM User
Posts: 174
Joined: Sun Nov 27, 2016 3:41 pm

firewalld support

Post by CRM User » Sat Dec 17, 2016 9:30 pm

Does SecAst support firewalld (under Fedora 25)?
Account for questions transferred from CRM system
User avatar
Telium Support
Posts: 234
Joined: Sun Nov 27, 2016 3:27 pm

Re: firewalld support

Post by Telium Support » Sat Dec 17, 2016 9:36 pm

Yes. Many people don't realize 'firewalld' is not really a firewall, so much as it is a group of functions which apply iptables rules to the local system. (It offers nothing beyond iptables rules). You can tell SecAst to continue to work with iptables directly, or, you can tell SecAst to treat firewalld as an external firewall and use the firewalld event handler provided by Telium.

However, we generally recommend that you block traffic at a real firewall, and not at the PBX. Support for local iptables is offered primarily for SOHO users or people experimenting with Asterisk. By the time a PBX is ready for production you should let SecAst block IP's at the firewall.

We include sample event handlers, for example the Mikrotik firewall interface. If you use this event handler as a sample you should be able to interface with almost any firewall. If you need help getting your own firewall event handler working just contact support. Once your firewall event handler is complete please consider donating it to the collection of scripts included with SecAst.
Post Reply