jissphilip
commented
5 months ago firewall-17.0.1.14
Closed icciaaron closed 3 months ago
jissphilip
commented
5 months ago firewall-17.0.1.14
ramarajan222
commented
5 months ago Hi @icciaaron Can you try will the latest firewall (17.0.1.14) module and let us know the status. thanks.
icciaaron
commented
5 months ago BAM! Works great. Thank you for your work in the development of the new installer.
icciaaron
commented
5 months ago There is still an issue.
After reboot, I noticed that I received the new interface detected ens5 again...
When I went into the firewall config, the interface was there but listed as "trusted"...
I tried to switch back to the "default firewall (internet zone)", but the interface always refreshes as "trusted" and will not keep my settings.
icciaaron
commented
5 months ago Also, FYI, I updated some modules since the ticket was first published:
+-------------------+-----------+-----------------------------------+-------------+-----------+
| Module | Version | Status | License | Signature |
+-------------------+-----------+-----------------------------------+-------------+-----------+
| amd | 17.0.1 | Enabled | GPLv3+ | Sangoma |
| announcement | 17.0.2.1 | Enabled | GPLv3+ | Sangoma |
| areminder | 17.0.3.9 | Enabled | Commercial | Sangoma |
| arimanager | 17.0.1 | Enabled | GPLv3+ | Sangoma |
| asterisk-cli | 17.0.2 | Enabled | GPLv3+ | Sangoma |
| asteriskinfo | 17.0.1 | Enabled | GPLv3+ | Sangoma |
| backup | 17.0.5.13 | Enabled | GPLv3+ | Sangoma |
| blacklist | 17.0.1.2 | Enabled | GPLv3+ | Sangoma |
| broadcast | 17.0.1.6 | Enabled | Commercial | Sangoma |
| builtin | | Enabled | | Unsigned |
| bulkhandler | 17.0.4 | Enabled | GPLv3+ | Sangoma |
| calendar | 17.0.4.6 | Enabled | GPLv3+ | Sangoma |
| callback | 17.0.2.1 | Enabled | GPLv3+ | Sangoma |
| callerid | 17.0.1 | Enabled | Commercial | Sangoma |
| callforward | 17.0.1.3 | Enabled | AGPLv3+ | Sangoma |
| calllimit | 17.0.1.2 | Enabled | Commercial | Sangoma |
| callrecording | 17.0.3.6 | Enabled | AGPLv3+ | Sangoma |
| callwaiting | 17.0.3.2 | Enabled | GPLv3+ | Sangoma |
| cdr | 17.0.4.13 | Enabled | GPLv3+ | Sangoma |
| cel | 17.0.2.7 | Enabled | GPLv3+ | Sangoma |
| certman | 17.0.3.7 | Enabled | AGPLv3+ | Sangoma |
| cidlookup | 17.0.1.1 | Enabled | GPLv3+ | Sangoma |
| conferences | 17.0.3.1 | Enabled | GPLv3+ | Sangoma |
| conferencespro | 17.0.1.6 | Enabled | Commercial | Sangoma |
| configedit | 17.0.1.1 | Enabled | AGPLv3+ | Sangoma |
| contactmanager | 17.0.5.6 | Enabled | GPLv3+ | Sangoma |
| core | 17.0.9.29 | Enabled | GPLv3+ | Sangoma |
| cos | 17.0.1.1 | Enabled | Commercial | Sangoma |
| customappsreg | 17.0.1 | Enabled | GPLv3+ | Sangoma |
| dashboard | 17.0.4.2 | Enabled | AGPLv3+ | Sangoma |
| daynight | 17.0.1.1 | Enabled | GPLv3+ | Sangoma |
| directory | | Not Installed (Locally available) | GPLv3+ | Sangoma |
| donotdisturb | 17.0.2.1 | Enabled | GPLv3+ | Sangoma |
| endpoint | 17.0.1.47 | Enabled | Commercial | Sangoma |
| extensionroutes | 17.0.1 | Enabled | Commercial | Sangoma |
| extensionsettings | 16.0.5 | Enabled | GPLv3+ | Sangoma |
| fax | 17.0.3.2 | Enabled | GPLv3+ | Sangoma |
| faxpro | 17.0.1.14 | Enabled | Commercial | Sangoma |
| featurecodeadmin | 17.0.2 | Enabled | GPLv3+ | Sangoma |
| filestore | 17.0.2.9 | Enabled | AGPLv3 | Sangoma |
| findmefollow | 17.0.4.5 | Enabled | GPLv3+ | Sangoma |
| firewall | 17.0.1.14 | Enabled | AGPLv3+ | Sangoma |
| framework | 17.0.15.8 | Enabled | GPLv2+ | Sangoma |
| hotelwakeup | 17.0.1.5 | Enabled | GPLv2 | Sangoma |
| infoservices | 17.0.1 | Enabled | GPLv2+ | Sangoma |
| ivr | 17.0.4 | Enabled | GPLv3+ | Sangoma |
| languages | 17.0.1 | Enabled | GPLv3+ | Sangoma |
| logfiles | 17.0.2 | Enabled | GPLv3+ | Sangoma |
| manager | 17.0.3 | Enabled | GPLv2+ | Sangoma |
| miscapps | 17.0.3 | Enabled | GPLv3+ | Sangoma |
| miscdests | 17.0.1.1 | Enabled | GPLv3+ | Sangoma |
| music | 17.0.4 | Enabled | GPLv3+ | Sangoma |
| oembranding | 17.0.1.2 | Enabled | Commercial | Sangoma |
| paging | 17.0.3 | Enabled | GPLv3+ | Sangoma |
| pagingpro | 17.0.1.5 | Enabled | Commercial | Sangoma |
| parking | 17.0.2 | Enabled | GPLv3+ | Sangoma |
| parkpro | 17.0.1.3 | Enabled | Commercial | Sangoma |
| pbxmfa | 17.0.2 | Enabled | Commercial+ | Sangoma |
| pinsets | 17.0.3 | Enabled | GPLv3+ | Sangoma |
| pinsetspro | 17.0.2 | Enabled | Commercial | Sangoma |
| pm2 | 17.0.3.1 | Enabled | AGPLv3+ | Sangoma |
| presencestate | 17.0.2.1 | Enabled | GPLv3+ | Sangoma |
| printextensions | 17.0.1.2 | Enabled | GPLv3+ | Sangoma |
| queueprio | 17.0.1.4 | Enabled | GPLv3+ | Sangoma |
| queues | 17.0.1.6 | Enabled | GPLv2+ | Sangoma |
| queuestats | 17.0.1.6 | Enabled | Commercial | Sangoma |
| qxact_reports | 17.0.2 | Enabled | Commercial | Sangoma |
| recording_report | 17.0.3.6 | Enabled | Commercial | Sangoma |
| recordings | 17.0.2.2 | Enabled | GPLv3+ | Sangoma |
| restapps | 17.0.1.12 | Enabled | Commercial | Sangoma |
| ringgroups | 17.0.2.4 | Enabled | GPLv3+ | Sangoma |
| sangomaconnect | 17.0.1.20 | Enabled | Commercial | Sangoma |
| sangomartapi | 17.0.1.11 | Enabled | Commercial | Sangoma |
| setcid | 17.0.1.2 | Enabled | GPLv3+ | Sangoma |
| sipsettings | 17.0.6.3 | Enabled | AGPLv3+ | Sangoma |
| sipstation | 17.0.3.3 | Enabled | Commercial | Sangoma |
| sms | 17.0.1.7 | Enabled | Commercial | Sangoma |
| smsplus | 17.0.2 | Enabled | Commercial | Sangoma |
| soundlang | 17.0.4 | Enabled | GPLv3+ | Sangoma |
| sysadmin | 17.0.1.49 | Enabled | Commercial | Sangoma |
| timeconditions | 17.0.1.13 | Enabled | GPLv3+ | Sangoma |
| tts | 17.0.1.1 | Enabled | GPLv3+ | Sangoma |
| ttsengines | 17.0.1 | Enabled | AGPLv3 | Sangoma |
| ucp | 17.0.4.13 | Enabled | AGPLv3+ | Sangoma |
| userman | 17.0.6.16 | Enabled | AGPLv3+ | Sangoma |
| vmblast | 17.0.1 | Enabled | GPLv3+ | Sangoma |
| vmnotify | 17.0.1.5 | Enabled | Commercial | Sangoma |
| voicemail | 17.0.5.14 | Enabled | GPLv3+ | Sangoma |
| voicemail_report | 17.0.1.1 | Enabled | Commercial | Sangoma |
| vqplus | 17.0.1.13 | Enabled | Commercial | Sangoma |
| weakpasswords | 17.0.1 | Enabled | GPLv3+ | Sangoma |
| webrtc | 17.0.2.1 | Enabled | GPLv3+ | Sangoma |
+-------------------+-----------+-----------------------------------+-------------+-----------+HI @icciaaron
Could you share the output of this command
/sbin/ip -o addr
icciaaron
commented
5 months ago /sbin/ip -o addr
1: lo inet 127.0.0.1/8 scope host lo\ valid_lft forever preferred_lft forever
2: ens5 inet 172.22.33.189/24 metric 100 brd 172.22.33.255 scope global dynamic ens5\ valid_lft 3392sec preferred_lft 3392sec
2: ens5 inet6 2600:1f16:b9f:2403:xxxx:ab40:5cae:xxxx/128 scope global dynamic noprefixroute \ valid_lft 391sec preferred_lft 81sec
2: ens5 inet6 fe80::4e3:a2ff:fe29:7157/64 scope link \ valid_lft forever preferred_lft forever
3: tun0 inet 10.34.12.1/24 scope global tun0\ valid_lft forever preferred_lft forever
kguptasangoma
commented
4 months ago Please refer to https://github.com/FreePBX/issue-tracker/issues/127 where if the system is NOT using "networkd" then Freepbx can be used to configure the networks otherwise let user to manage the network configurations via networkd utility.
Thanks
ramarajan222
commented
3 months ago The firewall interface setting issue has been fixed with the latest firewall module (17.0.1.24), please give it a try after updating to the latest version. thanks.
FreePBX Version
FreePBX 17
Issue Description
After configuring PBX17 on Debian 12 and applying the PBXact branding, I have run into this firewall issue.
"A new, unconfigured firewall exception.pdf network interface has been detected. Please assign interface 'ens5' to a zone."
When I open the firewall configuration GUI, I get an exception. "Whoops \ Exception \ ErrorException (E_DEPRECATED) Implicit conversion from float -0.9999999997671694 to int loses precision"
Is there a way to add an interface via fwconsole firewall [command]?
Finally, I am here to help, not complain. I have a fully functional SNG7 PBXact to cut back to if there are connectivity issues.
Operating Environment
framework 17.0.15.8 asterisk 21
+-------------------+-----------+-----------------------------------+-------------+-----------+ | Module | Version | Status | License | Signature | +-------------------+-----------+-----------------------------------+-------------+-----------+ | amd | 17.0.1 | Enabled | GPLv3+ | Sangoma | | announcement | 17.0.2.1 | Enabled | GPLv3+ | Sangoma | | areminder | 17.0.3.9 | Enabled | Commercial | Sangoma | | arimanager | 17.0.1 | Enabled | GPLv3+ | Sangoma | | asterisk-cli | 17.0.2 | Enabled | GPLv3+ | Sangoma | | asteriskinfo | 17.0.1 | Enabled | GPLv3+ | Sangoma | | backup | 17.0.5.13 | Enabled | GPLv3+ | Sangoma | | blacklist | 17.0.1.2 | Enabled | GPLv3+ | Sangoma | | broadcast | 17.0.1.6 | Enabled | Commercial | Sangoma | | builtin | | Enabled | | Unsigned | | bulkhandler | 17.0.4 | Enabled | GPLv3+ | Sangoma | | calendar | 17.0.4.6 | Enabled | GPLv3+ | Sangoma | | callback | 17.0.2.1 | Enabled | GPLv3+ | Sangoma | | callerid | 17.0.1 | Enabled | Commercial | Sangoma | | callforward | 17.0.1.3 | Enabled | AGPLv3+ | Sangoma | | calllimit | 17.0.1.2 | Enabled | Commercial | Sangoma | | callrecording | 17.0.3.5 | Enabled | AGPLv3+ | Sangoma | | callwaiting | 17.0.3.2 | Enabled | GPLv3+ | Sangoma | | cdr | 17.0.4.13 | Enabled | GPLv3+ | Sangoma | | cel | 17.0.2.7 | Enabled | GPLv3+ | Sangoma | | certman | 17.0.3.7 | Enabled | AGPLv3+ | Sangoma | | cidlookup | 17.0.1.1 | Enabled | GPLv3+ | Sangoma | | conferences | 17.0.3.1 | Enabled | GPLv3+ | Sangoma | | conferencespro | 17.0.1.6 | Enabled | Commercial | Sangoma | | configedit | 17.0.1.1 | Enabled | AGPLv3+ | Sangoma | | contactmanager | 17.0.5.6 | Enabled | GPLv3+ | Sangoma | | core | 17.0.9.29 | Enabled | GPLv3+ | Sangoma | | cos | 17.0.1.1 | Enabled | Commercial | Sangoma | | customappsreg | 17.0.1 | Enabled | GPLv3+ | Sangoma | | dashboard | 17.0.4.2 | Enabled | AGPLv3+ | Sangoma | | daynight | 17.0.1.1 | Enabled | GPLv3+ | Sangoma | | directory | | Not Installed (Locally available) | GPLv3+ | Sangoma | | donotdisturb | 17.0.2.1 | Enabled | GPLv3+ | Sangoma | | endpoint | 17.0.1.45 | Enabled | Commercial | Sangoma | | extensionroutes | 17.0.1 | Enabled | Commercial | Sangoma | | extensionsettings | 16.0.5 | Enabled | GPLv3+ | Sangoma | | fax | 17.0.3.2 | Enabled | GPLv3+ | Sangoma | | faxpro | 17.0.1.14 | Enabled | Commercial | Sangoma | | featurecodeadmin | 17.0.2 | Enabled | GPLv3+ | Sangoma | | filestore | 17.0.2.9 | Enabled | AGPLv3 | Sangoma | | findmefollow | 17.0.4.5 | Enabled | GPLv3+ | Sangoma | | firewall | 17.0.1.13 | Enabled | AGPLv3+ | Sangoma | | framework | 17.0.15.8 | Enabled | GPLv2+ | Sangoma | | hotelwakeup | 17.0.1.5 | Enabled | GPLv2 | Sangoma | | infoservices | 17.0.1 | Enabled | GPLv2+ | Sangoma | | ivr | 17.0.4 | Enabled | GPLv3+ | Sangoma | | languages | 17.0.1 | Enabled | GPLv3+ | Sangoma | | logfiles | 17.0.2 | Enabled | GPLv3+ | Sangoma | | manager | 17.0.3 | Enabled | GPLv2+ | Sangoma | | miscapps | 17.0.3 | Enabled | GPLv3+ | Sangoma | | miscdests | 17.0.1.1 | Enabled | GPLv3+ | Sangoma | | music | 17.0.4 | Enabled | GPLv3+ | Sangoma | | oembranding | 17.0.1.2 | Enabled | Commercial | Sangoma | | paging | 17.0.3 | Enabled | GPLv3+ | Sangoma | | pagingpro | 17.0.1.5 | Enabled | Commercial | Sangoma | | parking | 17.0.2 | Enabled | GPLv3+ | Sangoma | | parkpro | 17.0.1.3 | Enabled | Commercial | Sangoma | | pbxmfa | 17.0.2 | Enabled | Commercial+ | Sangoma | | pinsets | 17.0.3 | Enabled | GPLv3+ | Sangoma | | pinsetspro | 17.0.2 | Enabled | Commercial | Sangoma | | pm2 | 17.0.3.1 | Enabled | AGPLv3+ | Sangoma | | presencestate | 17.0.2.1 | Enabled | GPLv3+ | Sangoma | | printextensions | 17.0.1.2 | Enabled | GPLv3+ | Sangoma | | queueprio | 17.0.1.4 | Enabled | GPLv3+ | Sangoma | | queues | 17.0.1.6 | Enabled | GPLv2+ | Sangoma | | queuestats | 17.0.1.6 | Enabled | Commercial | Sangoma | | qxact_reports | 17.0.2 | Enabled | Commercial | Sangoma | | recording_report | 17.0.3.6 | Enabled | Commercial | Sangoma | | recordings | 17.0.2.2 | Enabled | GPLv3+ | Sangoma | | restapps | 17.0.1.11 | Enabled | Commercial | Sangoma | | ringgroups | 17.0.2.4 | Enabled | GPLv3+ | Sangoma | | sangomaconnect | 17.0.1.20 | Enabled | Commercial | Sangoma | | sangomartapi | 17.0.1.11 | Enabled | Commercial | Sangoma | | setcid | 17.0.1.2 | Enabled | GPLv3+ | Sangoma | | sipsettings | 17.0.6.3 | Enabled | AGPLv3+ | Sangoma | | sipstation | 17.0.3.3 | Enabled | Commercial | Sangoma | | sms | 17.0.1.7 | Enabled | Commercial | Sangoma | | smsplus | 17.0.2 | Enabled | Commercial | Sangoma | | soundlang | 17.0.4 | Enabled | GPLv3+ | Sangoma | | sysadmin | 17.0.1.46 | Enabled | Commercial | Sangoma | | timeconditions | 17.0.1.13 | Enabled | GPLv3+ | Sangoma | | tts | 17.0.1.1 | Enabled | GPLv3+ | Sangoma | | ttsengines | 17.0.1 | Enabled | AGPLv3 | Sangoma | | ucp | 17.0.4.13 | Enabled | AGPLv3+ | Sangoma | | userman | 17.0.6.16 | Enabled | AGPLv3+ | Sangoma | | vmblast | 17.0.1 | Enabled | GPLv3+ | Sangoma | | vmnotify | 17.0.1.5 | Enabled | Commercial | Sangoma | | voicemail | 17.0.5.13 | Enabled | GPLv3+ | Sangoma | | voicemail_report | 17.0.1.1 | Enabled | Commercial | Sangoma | | vqplus | 17.0.1.13 | Enabled | Commercial | Sangoma | | weakpasswords | 17.0.1 | Enabled | GPLv3+ | Sangoma | | webrtc | 17.0.2.1 | Enabled | GPLv3+ | Sangoma | +-------------------+-----------+-----------------------------------+-------------+-----------+
Relevant log output
No response