Hi Guys.
Recently I needed to apply adjustments to Debian 12 on VPS Ionos to successfully complete the DjangoPBX installation. Details are provided below to help anyone who needs them.
enjoy
Leave your feedback if this was helpful.
Recently I needed to apply adjustments to Debian 12 on VPS Ionos to successfully complete the DjangoPBX installation. Details are provided below to help anyone who needs them.
Context (IONOS VPS)
- Debian 12 is delivered without nftables installed
- iptables exists only for compatibility (nf_tables backend)
- The firewall is fully open by default
- For DjangoPBX / FreeSWITCH, a controlled firewall is strongly recommended
Before changing the firewall:
Ensure SSH access (critical step)
iptables -I INPUT -p tcp --dport 22 -j ACCEPT
apt purge iptables-persistent -y
Remove iptables persistence (if installed)
rm -rf /etc/iptables
apt update
Install nftables
apt install nftables -y
Main configuration file:
/etc/nftables.conf
Edit the file:
Create a base nftables firewall
nano /etc/nftables.conf
Example configuration for DjangoPBX / FreeSWITCH:
#!/usr/sbin/nft -f
flush ruleset
table inet filter {
chain input {
type filter hook input priority 0;
policy drop;
iif lo accept
ct state established,related accept
tcp dport 22 accept
tcp dport {80,443} accept
udp dport 5060 accept
tcp dport 5060 accept
udp dport 16384-32768 accept
ip protocol icmp accept
}
chain forward {
type filter hook forward priority 0;
policy drop;
}
chain output {
type filter hook output priority 0;
policy accept;
}
}
nft -f /etc/nftables.conf
Apply and test the rules
nft list ruleset
Verify:
- SSH access
- DjangoPBX web interface
- SIP registration
- RTP audio flow
systemctl enable nftables
Enable nftables at boot
systemctl start nftables
Result- Debian 12 running native nftables
- Persistent and secure firewall
- Fully compatible with DjangoPBX + FreeSWITCH
- No iptables dependency
- Ideal setup for IONOS VPS
enjoy
Leave your feedback if this was helpful.
