IPset support is introduced as of Axeos PBX version 4.1.10. The menu System/IPset allows you to control lists of IP-addresses that can be blacklisted or whitelisted. The built-in lists enable you to block or allow countries, and in addition to this we also added a list of know VoIP abusers, to help protect you against VoIP Fraud and other harmful traffic to your PBX.
Please ensure you have whitelisted your own public IP before starting to use IPsets to prevent locking yourself out.
There are 4 default definitions:
- ipv4: ipdeny
- ipv4: voipbl (VoIP Blacklist)
- ipv6: ipdeny
- sets: nl
Each definition has variants. E.g. sets:nl includes variants ‘ipv4:ipdeny:nl’ and ‘ipv6:ipdeny:nl’. There are 4 variants enabled by default: ipv4:ipdeny:nl, ipv6:ipdeny:nl, ipv4:voipbl, sets:nl. You can tell they are enabled by the green icon on the left side of each entry.
Enabled variants can be added to the firewall as either whitelisted or blacklisted by using the “add firewall rule” action and then choosing “ipset type” instead of IP address. IPsets that are in use as firewall rules can not be disabled