How to block outside IP addresses with firewalld on CentOS 7

There are situations were specific IP addresses or ranges may need to be blocked.  In my case I have SIP hackers trying to brute force a publicly exposed Asterisk server.  I don’t have control over the exterior gateway or firewalls between the server and public internet.  So in this case I have to specifically block access to a single host. 

From Asterisk:

[Aug 15 14:13:33] NOTICE[20986]: chan_sip.c:26214 handle_request_register: Registration from ‘”3292″ <sip:3292@>’ failed for ‘’ – Wrong password

Goals of this Post:

  • Instruct firewalld to ‘drop’ all connection attempts from a single host



Written by mattb in: Linux | Tags: , , , ,

Fedora 15, 16, 17, 18 missing system-config-network GUI – SOLVED

Recently Fedora has been a nightmare for me. Anyone that’s seen(the fairly new) GNOME 3 knows what I’m talking about.  Their design team must have dreamed up the next iteration of GNOME with only a tablet in mind.  The giant icons and dependency on keyboard shortcuts make it a must for a 7″ inch screen and a few swipes.

For daily use on desktop computers at work GNOME 3 is garbage though – everyone hates it. It’s barely better than the Windows 8 interface.  I’m sorry; yeah I went there, and I only say that because Microsoft jammed all those tiles and the desktop into the same freaking UI.  Even GNOME 3 designers missed that pit of snakes!

But happy days are here again! I have found(with some tweaking) the MATE Desktop offers a very similar but updated version of the GNOME 2 desktop I loved in Fedora 14.  One nagging problem is that I hate NetworkManager for server use.  It’s okay for laptops, but when I need to custom edit some interfaces for a Asterisk PBX or Virtual Server I want the good ol’ ‘system-config-network’ over a SSH -X session.  After a quick ‘yum install system-config-network’ I thought I was in business… only to discover that only the command line version was installed.  After a little googling I discovered a utility that could download the source package.  I rebuilt the package with ‘–with gui’ switch as suggested on a forum.  The result produced the ‘system-config-network-tui-1.6.10-1.fc18.noarch.rpm’.  I installed the packaged and the GUI works! This tutorial uses Fedora 18, but could be adapted for 15,16,17, and 19.



How to setup the Asterisk 2.0 GUI with Asterisk 1.6

Recent versions of Asterisk 1.6 are compatible with the Asterisk 2.0 GUI.  This wasn’t always the case, as the Asterisk GUI was developed for the 1.4 branch.  Although I wish Digium had gone for the LAMP model, the GUI is pretty good and getting better all the time.  However the instructions to install are difficult to find on the website.  That is, if they are there at all.  My guess is that Digium doesn’t want to make it to easy to get a free GUI.  I think this a very poor strategy, but that’s another article….  Today we will run through a quick install of asterisk and the 2.0 GUI.  A far superior option as compared to to Trixbox and FreePBX.

– Install Asterisk 1.6
– Install Asterisk 2.0 GUI



How to configure a Polycom SoundPoint IP phone for Asterisk on Fedora 10

In my opinion the best IP business phones on the market are made by Polycom. Anyone that knows anything about the VoIP Industry knows that!  High quality Polycom desk phones combined with Asterisk are a great combination of quality/price. So to that end we’re doing this lab.

Polycom employs several methods of provisioning the SIP phones.  For general configuration Sound Point IP have an excellent built web GUI,  but for multiple phones Polycom has an XML based system as well.  Every Sound Point IP can be provisioned based on MAC address.  Polycom’s provisioning method makes use of TFTP, FTP, or HTTP to deliver firmware updates and individual phone settings.

The goals of this post:

– Configure FTP server for Polycom firmware and configuration

– Configure Asterisk SIP extension

– deploy firmware and XML configuration files to Polycom SoundPoint IP 501 SIP phone



VoiceIP Solutions offers Asterisk PHP GUI for large scale deployments

VoiceIP Solutions
is a Asterisk ‘consulting & deployment’ company in Seattle Washington.  They deploy Asterisk solutions for businesses of all sizes.  From small offices to universities and call centers.  They have sites deployed all over the United States, but mostly on the West Coast.  I’ve been following them for some time; I guess they started deploying Asterisk before 1.2 was released.  I talked to one of their sales rep’s(I think his name was Liam) about the business and wondered if they had done any development work?  He told me that they had done some PHP work for managing larger installs and proceeded to direct me to one of there engineer/developers.