White List vs Black List

Discussion in '3CX Phone System - General' started by Bob Denny, Apr 6, 2018.

Thread Status:
Not open for further replies.
  1. Bob Denny

    Bob Denny New Member

    Joined:
    Feb 21, 2009
    Messages:
    131
    Likes Received:
    2
    Our switch is publicly visible as we call in from the road via 4G/5G mobile data (Bria SIP phones), public WiFI (yes we know the risks) etc. Meanwhile the switch busters are constantly trying to break in, resulting in a steady stream of auth and request caused blacklisting. I looked in the manual but it is unclear how the white list vs black list rules are applied. Suppose I blocked everything 0.0.0.0/0.0.0.0 with a blacklist entry, then I add white list entries for our office net and Verizon mobile data. Before I waste my time and cause problems here in the office, can someone explain how the rules are applied. Do white lists override black lists or ???
     
  2. leejor

    leejor Well-Known Member

    Joined:
    Jan 22, 2008
    Messages:
    10,462
    Likes Received:
    234
    I'm not certain that doing blanket blacklist on 3CX is the best option, or that the whitelist will override (never tried it). Generally blocking everything, BUT... is best done on a router or firewall.
     
  3. Bob Denny

    Bob Denny New Member

    Joined:
    Feb 21, 2009
    Messages:
    131
    Likes Received:
    2
    I would except the phone switch is running on Google Cloud. I have no control over any firewall etc.
     
  4. YiannisH_3CX

    YiannisH_3CX Support Team
    Staff Member 3CX Support

    Joined:
    May 10, 2016
    Messages:
    4,967
    Likes Received:
    324
  5. Bob Denny

    Bob Denny New Member

    Joined:
    Feb 21, 2009
    Messages:
    131
    Likes Received:
    2
  6. StefanW

    StefanW Head of Customer Support and Training
    Staff Member 3CX Support

    Joined:
    Jun 2, 2009
    Messages:
    1,203
    Likes Received:
    82
    yes, but in your setup do not use 3CX to do this job of filtering. It will consume to much power.
    Use the default OS firewalls (Windows Firewall or Linux IPtables) to do the job.

    To your question, white list is over blacklist.
    If set
    Block: 0.0.0.0/0
    White: 1.2.3.4/32

    Only 1.2.3.4/32 will be allowed.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. dredd0606

    Joined:
    Feb 14, 2018
    Messages:
    41
    Likes Received:
    10
    If you are running on Google Cloud, they have very robust firewall tools that you can customize to your hearts content, using the link you provided. They do not run on the VM, but rather as part of your virtual network. I greatly prefer offloading the firewall to google than using iptables on the pbx.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  8. Bob Denny

    Bob Denny New Member

    Joined:
    Feb 21, 2009
    Messages:
    131
    Likes Received:
    2
    Ah! I will look. I have been ultra busy. Right now I only have 28 blacklists.
     
Thread Status:
Not open for further replies.