The XonTel PBX system comes preconfigured with a built-in iptables firewall to protect your IP phone system from unauthorized access, fraudulent calls, and various types of network attacks. It enables the creation of custom iptables rules to control the traffic sent to and received from PBX devices.
The system includes default rules that:
- Accept all internal traffic
- Accept XonTel-specific rules
- Block external traffic
- Block unauthorized ports
To manage iptables, first enable the service by checking the Enable Service option. Once enabled, you can create, delete, modify, disable, or reorder firewall rules. Be sure to click the Save button after each change; otherwise, the modifications will not take effect in the system.
Clicking Reset Rules will discard all changes and restore the firewall to the default XonTel rule set.
Add Rule
Name: Give this rule a descriptive name to help you identify it.
Description: A brief description of this rule.
Order: Priority of rule.
IP Address: The IP address format is: IP address/subnet mask, subnet mask needs to be
Written in short format.
Protocol: Select the protocol that applies to this rule, selects UDP, TCP and BOTH (UDP and TCP).
Action: Select the option that applies to this rule,
- Accept: The device will accept access to the specified address.
- Deny: The PBX will deny the connection from the specified address and will send an error message to the other side informing them that the device has denied the connection.
- Ignore: The device will ignore the connection from the specified address, drop the data directly, and do not give any feedback.
To improve the security of your PBX system, you can use Ignore actions to avoid malicious attacks to detect the server information of your device.
Enabled: Check it to enable the rule.
Protocol: Select the protocol that applies to this rule, selects UDP, TCP and BOTH (UDP and TCP).
Port: Write the ports for this rule, which can specify port groups and individual ports.
🔁 Reordering Rules
In IP tables rule management, the order of rules is critical — packets are evaluated top-down, and the first matching rule determines the action.
To reorder rules:
- Identify the rule to move.
- Use the Move icons:
- ⏫ Move to Top – Places rule at the top.
- 🔼 Move Up – Shifts rule one step higher.
- 🔽 Move Down – Shifts rule one step lower.
- ⏬ Move to Bottom – Sends rule to the end.
- Click the Submit button to apply changes.
- (Optional) Click Cancel to discard changes.