On 4/12/2011 7:46 AM, Eda Ercan wrote:
Hi all,
Regarding this http://track.sipfoundry.org/browse/XX-5197 issue to
create a framework for managing iptables rules, a UI will be added to
the patch attached to this issue. I've added a UI mockup to the issue.
Can you have a look at this mockup and give me feedback if this makes
sense?
In Firewall rules tab, the rules will be displayed with an option to
enable/disable them.
In Custom rules tab, there will be the ability to add new rules and
modify the existing ones. However not all the rules will be included
in this tab - such as SIP port which can be configured from SipXproxy
service, if this port is modified from that page, firewall will be
updated by the system.
How does this sound?
Some rules have to be dynamic in a way that programs like fail2ban operate.
A couple of thing that I would like to see easier for the masses that
are important would be:
* "401 Unauthorized" IP cut off after X amounts of attempts.
* "Login Failed" IP cut off after X amounts of attempts in
registration or logging in via the web.
You need to be able to whitelist your private network in some cases.
--
Regards
--------------------------------------
Gerald Drouillard
Technology Architect
Drouillard& Associates, Inc.
http://www.Drouillard.biz
_______________________________________________
sipx-users mailing list
[email protected]
List Archive: http://list.sipfoundry.org/archive/sipx-users/
