Thank you all for your comments, now trying to figure out what we can do about those.
Eda On Tue, Apr 12, 2011 at 4:12 PM, Michael Scheidell < [email protected]> wrote: > On 4/12/11 8:57 AM, Gerald Drouillard wrote: > > On 4/12/2011 7:46 AM, Eda Ercan wrote: > > Hi all, > > Regarding this http://track.sipfoundry.org/browse/XX-5197 issue to create > a framework for managing iptables rules, a UI will be added to the patch > attached to this issue. I've added a UI mockup to the issue. Can you have a > look at this mockup and give me feedback if this makes sense? > > In Firewall rules tab, the rules will be displayed with an option to > enable/disable them. > In Custom rules tab, there will be the ability to add new rules and modify > the existing ones. However not all the rules will be included in this tab - > such as SIP port which can be configured from SipXproxy service, if this > port is modified from that page, firewall will be updated by the system. > > How does this sound? > > Some rules have to be dynamic in a way that programs like fail2ban operate. > A couple of thing that I would like to see easier for the masses that are > important would be: > > - "401 Unauthorized" IP cut off after X amounts of attempts. > - "Login Failed" IP cut off after X amounts of attempts in registration > or logging in via the web. > > You need to be able to whitelist your private network in some cases. > > access to one of several siphack ip reputation lists., mostly rsync'd cidr > lists. > ability to feed BACK to public siphack ip reputation lists if the sipv type > user agents hit you. > > > -- > Michael Scheidell, CTO > o: 561-999-5000 > d: 561-948-2259 > ISN: 1259*1300 > > *| *SECNAP Network Security Corporation > > - Best Intrusion Prevention Product, Networks Product Guide > - Certified SNORT Integrator > - Hot Company Award, World Executive Alliance > - Best in Email Security, 2010 Network Products Guide > - King of Spam Filters, SC Magazine > > > ------------------------------ > > This email has been scanned and certified safe by SpammerTrap®. > For Information please see http://www.secnap.com/products/spammertrap/ > ------------------------------ > > > _______________________________________________ > sipx-users mailing list > [email protected] > List Archive: http://list.sipfoundry.org/archive/sipx-users/ >
_______________________________________________ sipx-users mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-users/
