Add more nftables changes and add ffmpeg for transcription.

[dwstudeman]

Finished what was needed for nftables to work, including fail2ban by using sed to change all iptables entries in jail.conf, which, upon installation, is whatever Debian gave us, so iptables entries need to be changed to nftables. Added a general section to jail.local to allow parameter changes that would be different from those in jail.conf, as well as a place to uncomment and put ipsa and subnets for fail2ban to ignore. Also changed all iptables entries in jail.local to nftables to prevent errors with fail2ban.

Also changed PHP to 8.4 as it's been 8.2 for quite some time. IONCube has long since supported PHP 8.4.

Added ffmpeg install to finish.sh as two versions of AI will not work without it.

[arsenieciprian]

Event Gurad is using iptables ?

[markjcrane]

Event Guard supports nftables in FusionPBX 5.5 release and in the master branch. This was added shortly before the FusionPBX 5.5 release.

[markjcrane]

I'm interested in adding nftables, but likely in a way that it's an option some people may want to continue to use iptables, while others will want to use nftables.

[dwstudeman]

Ok Mark. The changes I added can be in the installer. With both iptables and nftables, each can have its own jail.local file for fail2ban and have both listed on the installer to uncomment the one that the installer desires, or even have it selectable in the terminal when the installer starts.

I'm beginning to look into a way to use Fail2ban to use the word strings that iptables already has entered, but nftables will not do word strings. Overall, I like nftables better, and it's so easy to use the same rule for IPv6 and IPv4. I am seeing a lot of SIP vicious.