# Kazoo Firewall Agent
Used in conjunction with *call_shield* Kazoo application.

## Installation
### Build
- You must have go v1.20 or later installed.
- clone the repo in the usual way

```sh
cd kazoo_firewall_agent
go build
```
### Install
```sh
mkdir -p /opt/kazoo_firewall_agent
cp ./kazoo_firewall_agent /opt/kazoo_firewall_agent
cp ./kazoo_firewall_agent.service /etc/systemd/system/
cp ./kazoo_firewall_agent_config.json.sample /opt/kazoo_firewall_agent/kazoo_firewall_agent_config.json
systemctl daemon-reload
```

### Enable the Service
-> Make sure you have FirewallD installed and running.

```sh
systemctl enable kazoo_firewall_agent
systemctl start kazoo_firewall_agent
```

### Config
Specifying a `server_type` of `freeswitch` or `ephemeral` will use firewall rules that are temporary and are deleted when their cache timeout expires. Any other server type, such as `kamailio` or anything else, will NOT auto-delete records when the cache expires, and will use permanent firewall rules.

The `amqp_uri` config parameter can either be a single AMQP URI, or a comma separated list of multiple AMQP URIs (needed for `kamailio` server type with multiple Kazoo zones). Firewall agents running on Freeswitch do not need to connect to multiple Kazoo zones, only the local zone.

See the sample config file for other potentially useful configuration parameters.