Firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. A firewall typically establishes a barrier between a trusted network and an untrusted network, such as the Internet.
Starting from version 4.0, Sippy implemented an "IP Firewall" that you may find in the "Tools" section of the main menu.
From 2021 version IP Firewall is available under System Management - System Parameters section.
The Firewall configuration menu was added to limit access to SIP/Web/DB/SSH based on the IP address.
Example of default page:
Rules with IP addresses 0.0.0.0 and Netmask 0.0.0.0 mean ANY IP/ANY Subnet. On the screenshot you can see that by default, SIP/UDP, Web and SSH access are not restricted (this means that you may have SIP/UDP, Web, SSH access from any IP). Note, that "access from any IP" doesn't mean that any IP may login to your web interface bypassing the login credentials; it means that the login page would be visible to anyone who knows your IP address. The same applies for all other types of rules.
If a switch operator wants to restrict access (e.g globally - for every entity in the system), he needs to first add the list of trusted IPs using the Rule "Allow", then he can Deny access with a global rule using the IP address 0.0.0.0 (blocking all IPs except the list of IPs added with the Rule "Allow").
Example for Web type:
Another possible approach (less secure), is to block only the list of suspicious/fraudulent IPs. In such case, you must leave the default rule with the IP address 0.0.0.0 and the Netmask 0.0.0.0 in Allow state and add the fraudulent IP with a Deny rule.
Example for Web type:
The same approach works for all other types of rules.
Other related/useful documentations: