How to configure firewall IPTABLES on Vicidial on cloud .
If you are hosting your Vicidial on the cloud then there are big issue with illegal’s SIP registration attacks and illegal’s calls issue.
So its better to block every thingĀ allow your IPs and RTP packets . this need to be done very carefully otherwise you will lock your self.
Here I am giving an example step by step . and I hope someone can come up some good addition to secure more .
Access your server by ssh
iptables -F iptables -N SIP iptables -A INPUT -i lo -j ACCEPT iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -s X.X.X.X -p tcp --dport 22 -j ACCEPT iptables -A INPUT -s 8.8.8.8/32 -p tcp --dport 22 -j ACCEPT iptables -A INPUT -p udp --dport 5060 -j SIP iptables -A INPUT -p udp --dport 5060 -j DROP iptables -A INPUT -p udp --dport 5061 -j SIP iptables -A INPUT -p udp --dport 5061 -j DROP iptables -A INPUT -p udp --dport 10000:20000 -j ACCEPT iptables -I INPUT 1 -i ens192 -p tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -I INPUT 2 -i ens192 -p tcp --dport 443 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A SIP -s X.X.X.X/32 -j ACCEPT iptables -P INPUT DROP iptables -P FORWARD DROP iptables -P OUTPUT ACCEPT /sbin/service iptables save