The firewall used on modern SARK PBX is a freely available firewall called ‘shorewall’. It also uses an automatic intrusion detection system which blocks IP addresses on the fly.
This system can sometimes block things you don’t want blocking – the most common one is a password typed into a SIP phone incorrectly getting blocked out.
There are a few simple commands that can be used to check for and fix this. These need to be ran from the SARK command line. So you can either ssh/putty into it or connect a monitor & keyboard (sark850+ only).
To check the list of IP addresses that have been auto-blocked:
shorewall show dynamic
To unblock an IP:
shorewall allow xxx.xxx.xxx.xxx
Replacing the xs with the IP to unblock.
Also if you want to actually manually block an IP yourself then you can do:
shorewall drop xxx.xxx.xxx.xxx
Note: some early sark200s had a slightly different firewall configuration. In case the above doesn’t work and you’ve had your sark200 since the early days, this should work to unblock an IP:
iptables -D fail2ban-ASTERISK -s xxx.xxx.xxx.xxx -j DROP