Management of IP blocklist/allowlist

Link copied to clipboard

IP blocklisting is used to prevent access to your system from specific IP addresses. Previously, to block an IP address (to filter out the data packets from this IP address), it was necessary to define a set of rules via the command-line interface for a specific server).

Starting from MR105, the IP blocklist is available on the Configuration server web interface, where you can easily view and manage IP addresses. Also, if you block access from all IP addresses of a network, and you want to allow access for specific IPs from that network, e.g., the IPs required for your engineers, you can add these exceptions to the IP allowlist. The IP lists automatically apply to all PortaSwitch servers and are preserved after an update or server reinstallation.

Configure IP blocklist and allowlist

The IP addresses can be added to the IP lists one by one, or imported from an external source such as voipbl.org that gathers IP addresses from which hackers conduct malicious activities.

Benefits
  • Engineers can save time and effort when managing the lists of blocked and allowed IP addresses.
  • You can ensure a higher level of security for your system via automated blocking of numerous IP addresses imported from public sources.

Peculiarities

Link copied to clipboard
  • IP addresses can be added with a specific port and/or protocol, e.g., 7.7.7.7,udp:7777.
  • The network addresses can also be added to the IP lists. You can optionally indicate a specific port and/or protocol (e.g, 8.8.8.0/16 or 10.0.0.0/24,udp:6000).
  • These IP blocking/allowing rules take precedence over any other rule, such as SIP/DB/HTTP protections rules or any rules directly added to iptables.

On this page

Release
What's new
Admin manuals
Handbooks
Developers documentation
UI help