I was away from home this last week - and noticed that I could connect to my PBX (IncrediblePBX on CentOS minimal 64b) whether I'd port-knocked or not.
I wasn't super worried as IAX2 (udp 4569) is the only port forwarded in to my PBX, I'm using a 200+ char 'secret', and, as I don't have any of my DIDs on auto-renew, the most I'd lose is around $25.
But it's a puzzle, and I'd like to figure it out. I'm starting to come up to speed on iptables* today.
I generated an iptables text file with iptables-save > /etc/sysconfig/iptables. I've uploaded this file, renamed to iptables.txt (so the uploader will accept it)
The line with 4569 I take to read
append to INPUT chain, protocol UDP port 4569 ACCEPT
Which I think means 4569 is open.
Is that right?
Thanks!
*I see it's not standard on CentOS7, they have their own firewall app/service; I'm assuming Ward's script disables/hides that service and installs iptables/netfilter
I wasn't super worried as IAX2 (udp 4569) is the only port forwarded in to my PBX, I'm using a 200+ char 'secret', and, as I don't have any of my DIDs on auto-renew, the most I'd lose is around $25.
But it's a puzzle, and I'd like to figure it out. I'm starting to come up to speed on iptables* today.
I generated an iptables text file with iptables-save > /etc/sysconfig/iptables. I've uploaded this file, renamed to iptables.txt (so the uploader will accept it)
Code:
# Generated by iptables-save v1.4.21 on Sat Feb 28 11:08:44 2015
*filter
:INPUT DROP [322:115893]
# lines deleted
-A INPUT -p tcp -m tcp --dport 113 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 1723 -j ACCEPT
-A INPUT -p udp -m udp --dport 4569 -j ACCEPT
-A INPUT -p udp -m udp --dport 10000:20000 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 32976 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 4445 -j ACCEPT
-A INPUT -p udp -m udp --dport 123 -j ACCEPT
-A INPUT -p udp -m udp --dport 69 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 9022 -j ACCEPT
-A INPUT -p udp -m udp --dport 5353 -j ACCEPT
# lines deleted
The line with 4569 I take to read
append to INPUT chain, protocol UDP port 4569 ACCEPT
Which I think means 4569 is open.
Is that right?
Thanks!
*I see it's not standard on CentOS7, they have their own firewall app/service; I'm assuming Ward's script disables/hides that service and installs iptables/netfilter