Jump to content
Vodia PBX forum
djanjic

Configuring Firewall in CentOS 7

Recommended Posts

Hello,

we are installing new server on CentOS 7. Currently firewall is blocking Access to the PBX from the outside. I tried adding the service to the firewall using:

sudo firewall-cmd --zone=public --add-service=pbctrl

but am getting the following error

Error: INVALID_SERVICE: pbxctrl

tried with pbx instead pbxctrl as well, same error.

Has anyone configured firewall in CentOS 7? If they have can they share their commands to allow access to PBX? Documentation doesn't have much on the topic. Thank you.

 

Dusan

Share this post


Link to post
Share on other sites

So I did enabled PBX as a service in firewall by issuing following command:

sudo firewall-cmd --zone=public --add-service=pbxctrl --permanent

and seeing that it is in there by doing:

 

sudo firewall-cmd --get-services

. We even opened http port, still no access to PBX. If we disable firewall, no problem. Are there any other ports, services we need to open to gain access?

Has any one installed PBX on CentOS 7? If they have can they share config the file with the rest of us? Thanks.

Dusan

Share this post


Link to post
Share on other sites

Also make sure none of the other services are running on port 80 / 443 on that server which might be blocking the PBX to run on that port. A quick netstat of the ports can give you more information on that. 

Share this post


Link to post
Share on other sites

Well the question is what you are getting out of firewalld. At the end of the day, it controls iptables and helps you organize the (complicated) setup. This is useful if you have a complex setup with many rules. However if you have just the PBX running on the CentOS, the setup is actually very simple - the only ports exposed are the ports controlled by the PBX and its internal SBC, which can also be considered something like a smart application firewall. (And the other port usually expired is the SSH port, but this one can be protected by the /etc/hosts.allow file.) IMHO it is okay in such simple cases to disable the firewall and just run the PBX on the network interfaces.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...