If you’ve installed Asterisk and FreePBX, or you’re using one of the preconfigured distributions such as Trixbox or Elastix, a good idea is to have the linux firewall, iptables, running on your system. Here’s an example of how you could set this up.
First thing to note is that it’s pretty easy to lock your self out of your server when playing around with iptables! It’s best to take a couple of simple precautions in case this happens.
These instructions should apply to CentOS/Redhat/Fedora.
1. First stop iptables automatically starting at boot by running –
2. Take a copy of your current iptables rules with –
3. Now edit /etc/sysconfig/iptables and replace the contents with –
The settings above makes the following assumptions. Hopefully you can see what to change if any are wrong for your system.
4. Write the rules away with iptables-save to makes sure everything is in the correct format –
5. Now (re)start iptables (do not enable the service at boot yet!) with –
* If you do get locked out at this point for some reason at least you only have to get your server rebooted. iptables will not start automatically on reboot. It can get a lot more complicated to fix if iptables is set to auto start!
6. Test everything is working ok. You can see your iptables rules by running –
7. Once you’re happy you can enable iptables at start up with –
I should stress again that you do this at your own risk. If you don’t have console access to the server it might be worth checking with your provider what the procedure is if you lock youself out (and if it will cost you anything to get them to fix it!)
Also, iptables is already installed on sysadminman VPSs – you do not need to install it yourself