[ansible-project] Understanding relationship between -K & become vs ansible_ssh_user & ansible_ssh_pass

[Michelle Dupuis]

I am creating a simple playbook to add the current user's public key onto 
the remote host. My playbook fails with error "Failed to connect to the 
host via ssh: Permission denied".

I am running the playbook as non-root, and I can succesfully ssh to the 
remote host as root. I run the following script with -K and enter the 
become password when prompted.

---
  - name: Simple test 1
hosts: all
gather_facts: no
vars:
  username : "root"
  pubkey : "{{ lookup('file','{{ ansible_env.HOME }}/.ssh/id_rsa.pub') 
}}" 
tasks:
  - name: Confirm this user has a public key file
delegate_to: 127.0.0.1
stat:
  path: '~/.ssh/id_rsa.pub'
register: stat_result
  - name: Simple test 2
hosts: all
become: true
become_user: root
tasks:
  - name: Abort if this user has no public key file
fail: msg="You are missing your public key file"
when: not stat_result.stat.exists
  - name: Add public key for this user to remote host
authorized_key: >
  user = {{ username }} 
  key = {{ pubkey }}
  state = present
  - name: Print all available facts
ansible.builtin.debug:
  var: ansible_facts
The output from running task 3 with -vvv and -K is below:

 ESTABLISH SSH CONNECTION FOR USER: None
 SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s 
-o KbdInteractiveAuthentication=no -o 
PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey 
-o PasswordAuthentication=no -o ConnectTimeout=10 -o 
ControlPath=/home/admin/.ansible/cp/bf945a50fe somehost.com '/bin/sh -c 
'"'"'echo ~ && sleep 0'"'"''
 (255, '', 'Permission denied 
(publickey,gssapi-keyex,gssapi-with-mic,password).\r\n')
fatal: [somehost.com]: UNREACHABLE! => {
"changed": false, 
"msg": "Failed to connect to the host via ssh: Permission denied 
(publickey,gssapi-keyex,gssapi-with-mic,password).", 
"unreachable": true
}

Notice authorized_key seems to run as user None (despite telling task 3 to 
become root). Only by setting ansible_ssh_user and ansible_ssh_pass in the 
ansible hosts file can I get authorized_key to work. Why?

I'm confused!
1. Shouldn't the -K parameter cause ansible to use the password I enter for 
ssh authentication?
2. Shouldn't the become: true cause the authorize_key to login to the 
remote host as root?
3. Can someone explain the relationship between 'become' & '-K' and 
ansible_ssh_user & ansible_ssh_pass (set in the hosts file)

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/35bb9ca6-2dc2-4c72-8635-b1ca667bfdb7n%40googlegroups.com.

[ansible-project] Understanding relationship between -K & become vs ansible_ssh_user & ansible_ssh_pass

[Michelle Dupuis]

I am creating a simple playbook to add the current user's public key onto 
the remote host. My playbook fails with error "Failed to connect to the 
host via ssh: Permission denied".

I am running the playbook as non-root, and I can successfully ssh to the 
remote host as root. I run the following script with -K and enter the 
become password when prompted.

--- - name: Simple test 1 hosts: all gather_facts: no vars: username : 
"root" pubkey : "{{ lookup('file','{{ ansible_env.HOME }}/.ssh/id_rsa.pub') 
}}" tasks: - name: Confirm this user has a public key file delegate_to: 
127.0.0.1 stat: path: '~/.ssh/id_rsa.pub' register: stat_result - name: 
Simple test 2 hosts: all become: true become_user: root tasks: - name: 
Abort if this user has no public key file fail: msg="You are missing your 
public key file" when: not stat_result.stat.exists - name: Add public key 
for this user to remote host authorized_key: > user = {{ username }} key = 
{{ pubkey }} state = present - name: Print all available facts 
ansible.builtin.debug: var: ansible_facts


The output from running task 3 with -vvv and -K is below:

 ESTABLISH SSH CONNECTION FOR USER: None  SSH: 
EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o 
KbdInteractiveAuthentication=no -o 
PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey 
-o PasswordAuthentication=no -o ConnectTimeout=10 -o 
ControlPath=/home/admin/.ansible/cp/bf945a50fe somehost.com '/bin/sh -c 
'"'"'echo ~ && sleep 0'"'"''  (255, '', 'Permission denied 
(publickey,gssapi-keyex,gssapi-with-mic,password).\r\n') fatal: 
[somehost.com]: UNREACHABLE! => { "changed": false, "msg": "Failed to 
connect to the host via ssh: Permission denied 
(publickey,gssapi-keyex,gssapi-with-mic,password).", "unreachable": true }


Notice authorized_key seems to run as user None (despite telling task 3 to 
become root). Only by setting ansible_ssh_user and ansible_ssh_pass in the 
ansible hosts file can I get authorized_key to work. Why?

   - Shouldn't the -K parameter cause ansible to use the password I enter 
   for ssh authentication?
   - Shouldn't the become: true cause the authorize_key to login to the 
   remote host as root?

My playbook also succeeds WITHOUT the -K parameter, so I must be 
misunderstanding how BECOME works. Can someone explain the relationship 
between 'become' & '-K' and ansible_ssh_user & ansible_ssh_pass (set in the 
hosts file)

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/798b23f3-57b2-4ffe-bec9-3f3f42a27e63n%40googlegroups.com.

[asterisk-users] Interpreting pjsip.conf

[Michelle Dupuis]

I am looking at the pjsip.conf file shipped with asterisk, and trying to 
understand it.  For example, there are 3 transport-X sections as noted below.  
Does this mean I could uncomment all 3?  Must I uncomment 1?  Is the -X portion 
of [transport-X] arbitrary?


; Basic UDP transport
;
;[transport-udp]
;type=transport
;protocol=udp;udp,tcp,tls,ws,wss
;bind=0.0.0.0

; UDP transport behind NAT
;
;[transport-udp-nat]
;type=transport
;protocol=udp
;bind=0.0.0.0
;localnet=192.0.2.0/24
;external_media_address=203.0.113.1
;external_signaling_address=203.0.113.1

; Basic IPv6 UDP transport
;
;[transport-udp-ipv6]
;type=transport
;protocol=udp
;bind=::



-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --

Check out the new Asterisk community forum at: https://community.asterisk.org/

New to Asterisk? Start here:
  https://wiki.asterisk.org/wiki/display/AST/Getting+Started

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-biz] Need help with one-way audio

[Michelle Dupuis]

Hi Don - you are welcome to call Telium for assistance:

[logo-75x75]

telium
T: (519) 266-4357 x270
E: mdup...@telium.ca
W: www.telium.ca




Confidentiality Warning: This message and any attachments are intended only for 
the use of the intended recipient(s), are confidential, and may be privileged. 
If you are not the intended recipient, you are hereby notified that any review, 
retransmission, conversion to hard copy, copying, circulation or other use of 
this message and any attachments is strictly prohibited. If you are not the 
intended recipient, please notify the sender immediately by return e-mail, and 
delete this message and any attachments from your system. Thank you!

Information confidentielle: Le présent message, ainsi que tout fichier qui y 
est joint, est envoyé à l'intention exclusive de son ou de ses destinataires; 
il est de nature confidentielle et peut constituer une information privilégiée. 
Nous avertissons toute personne autre que le destinataire prévu que tout 
examen, réacheminement, impression, copie, distribution ou toute autre 
utilisation de ce message et tout document joint est strictement interdit. Si 
vous n'êtes pas le destinataire prévu, veuillez en aviser immédiatement 
l'expéditeur par retour de courriel et supprimer ce message et tout document 
joint de votre système. Merci!





From: asterisk-biz-boun...@lists.digium.com 
[mailto:asterisk-biz-boun...@lists.digium.com] On Behalf Of Don Kelly
Sent: Tuesday, June 13, 2017 10:28 AM
To: Asterisk Business List 
Subject: [asterisk-biz] Need help with one-way audio

Is someone available right now that's really good at diagnosing one-way audio 
issues?

I've just moved an Ethernet-connected (carrier is in next room) SIP trunk from 
one Asterisk box to another. The box it came from is down-I can't see what the 
configuration was-but we know it was working.

--Don

Don Kelly
6512 276-4838

-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --

asterisk-biz mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-biz

Re: [Assp-user] assp, the end

[Michelle Dupuis]

Just another opinion - but I too have been stuck on ASSP problems, posted 
questions, and never got answers.  I've learned to live with the problems and 
just have to weigh the benefits of a broken ASSP installation vs no ASSp 
installation.

I understand the OP's concerns, and understand why he would pull the plug on 
his ASSP installations...

-Original Message-
From: Andrew Porter [mailto:a...@defsdoor.org] 
Sent: Friday, June 17, 2016 4:45 AM
To: ASSP User list
Subject: Re: [Assp-user] assp, the end

Sounds like your problems are elsewhere.  I've never had to reconfirm my 
subscription, never had any complaints about the help people here give - 
out of their own good will - and I've ran multiple ASSP instances for 
donkeys years now without any but minor concerns.

At least no one tied you down and forced you to use this completely free 
software.






--
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are 
consuming the most bandwidth. Provides multi-vendor support for NetFlow, 
J-Flow, sFlow and other flows. Make informed decisions using capacity planning
reports. http://sdm.link/zohomanageengine
___
Assp-user mailing list
Assp-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-user


--
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are 
consuming the most bandwidth. Provides multi-vendor support for NetFlow, 
J-Flow, sFlow and other flows. Make informed decisions using capacity planning
reports. http://sdm.link/zohomanageengine
___
Assp-user mailing list
Assp-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-user

[asterisk-users] Pass variable to voicemail script

[Michelle Dupuis]

I have a custom voicemail script which reformats and forwards the attached 
voicemail wav file to the recipient.


I would like to make use of a channel variable in my script; is there a way to 
pass a channel variable to this voicemail script?
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

[asterisk-users] Ast under CentOS 7 - slice messages

[Michelle Dupuis]

I'm building a CentOS 7 Asterisk and find my system log full of messages like 
this:


Mar  5 17:07:01 pbx2 systemd: Started Session 823 of user asterisk.
Mar  5 17:07:01 pbx2 systemd: Starting Session 823 of user asterisk.
Mar  5 17:07:11 pbx2 systemd: Removed slice user-1001.slice.
Mar  5 17:07:11 pbx2 systemd: Stopping user-1001.slice.?


Does anyone know what this means?
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

[asterisk-users] Ast 13 always uses slin internally?

[Michelle Dupuis]

I've ported an Asterisk 10 installation to Asterisk 13, and I've noticed that 
whenever Asterisk plays my audio files it uses the slin format.  I have not 
converted ANY of my audio files, which means asterisk must be converting my wav 
files to slin on the fly.


Is this the new standard for Asterisk?  Should I convert my audio files to slin 
format to reduce CPU load?
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] Asterisk how to setup alarm too many outgoing calls from same user

[Michelle Dupuis]

I don't think you can do this natively within Asterisk, but take a look at 
SecAst (from http://www.telium.cahttp://www.telium.ca/  ).  There is a free 
edition you can download right from the web site.


SecAst will monitor the rate at which a user/device places calls to detect 
potential fraud.  (I assume that is what you are trying to achieve).  It also 
checks for suspicious dialed digits/patterns, geographic location of the caller 
based on IP, etc...it may be overkill if this is just a small home system 
though.



 Forwarded Message 
Subject:[asterisk-users] Asterisk how to setup alarm too many outgoing 
calls from same user
Date:   Mon, 06 Jul 2015 07:27:43 -0700
From:   Motty Cruz motty.c...@gmail.com
Reply-To:   Asterisk Users Mailing List - Non-Commercial Discussion 
asterisk-users@lists.digium.com
To: Asterisk Users Mailing List - Non-Commercial Discussion 
asterisk-users@lists.digium.com



Hello,
I would like to setup a mechanism to trigger an alarm if user is deal
too many numbers within a very short period of time. Safeguard against
users hacked accounts.

can someone help?

Thanks,

--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
  http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
  http://lists.digium.com/mailman/listinfo/asterisk-users



-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] Branch based on call volume

[Michelle Dupuis]

?I meant how many calls are in progress on a particular trunk.  (Sorry - I 
didn't even think of the other interpretation).



From: asterisk-users-boun...@lists.digium.com 
asterisk-users-boun...@lists.digium.com on behalf of Matt Riddell 
li...@venturevoip.com
Sent: Sunday, June 28, 2015 9:26 AM
To: Asterisk Users List
Subject: Re: [asterisk-users] Branch based on call volume

On 27Jun, 2015, at 15:34, Michelle Dupuis 
mdup...@ocg.camailto:mdup...@ocg.ca wrote:

Is there a simple way to get call volume from a particular trunk within the 
dialplan (for conditional branching)?

Do you mean large number of calls or how loud the call is?

--
Cheers,

Matt Riddell
___

http://www.venturevoip.com/news.php (Daily Asterisk News)
http://www.venturevoip.com/pabx_on_disk.php (PABX on a Disk)
http://www.venturevoip.com/exchange.php (Full ITSP Solution)
http://www.venturevoip.com/cc.php (Call Centre Solutions)
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

[asterisk-users] Branch based on call volume

[Michelle Dupuis]

Is there a simple way to get call volume from a particular trunk within the 
dialplan (for conditional branching)?


I suspect we will have to build an AGI script but I'm hoping something new in 
Asterisk 13

-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] small pbx for the office [it was: small homebrew pbx]

[Michelle Dupuis]

I think you are mixing up answers and general advice.  FreePBX was intended to 
get you over the dialplan creation hurdle (the biggest challenge for people new 
to Asterisk).

In regards to the LinkSys they are compatible and you do find them in 
enterprises, but admins are trying to get rid of adapters/converters so if 
possible you may wish to invest in SIP devices directly instead of an adapter.

-M-


From: asterisk-users-boun...@lists.digium.com 
asterisk-users-boun...@lists.digium.com on behalf of lu...@sulweb.org 
lu...@sulweb.org
Sent: Wednesday, June 17, 2015 9:07 AM
To: Asterisk Users List
Subject: Re: [asterisk-users] small pbx for the office [it was: small homebrew 
pbx]

Lukasz Sokol wrote:
 but have you considered a web-managed config-builder such as FreePBX?
 Instead of building your dialplan from scratch ?

I've never used FreePBX, but, after having looked at its website, I
think I have a general understanding of what it can do. What I don't
understand is how FreePBX answers my question about the Linksys SPA3102
being good for a mission critical solution or not.



--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] asterisk google contacts

[Michelle Dupuis]

Take a look at the smartCID script available from 
www.telium.cahttp://www.telium.ca/?


It does a web based CID lookup on incoming calls, you can at least use that as 
a starting point for development...




From: asterisk-users-boun...@lists.digium.com 
asterisk-users-boun...@lists.digium.com on behalf of tux john a...@null.net
Sent: Thursday, June 11, 2015 9:32 AM
To: Asterisk Users List
Cc: Asterisk Users List
Subject: Re: [asterisk-users] asterisk  google contacts

I am afraid i do not know how to write that.

Sent: Thursday, June 11, 2015 at 2:05 PM
From: A J Stiles asterisk_l...@earthshod.co.uk
To: Asterisk Users Mailing List - Non-Commercial Discussion 
asterisk-users@lists.digium.com
Subject: Re: [asterisk-users] asterisk  google contacts
On Thursday 11 Jun 2015, tux john wrote:
 Hello everyone. i am running an asterisk server and i would like to have
 the contacts from google. so every inbound call with fetch the caller ID
 from google contacts and present it to my screen.

This is really three problems, as follows:

(1) Accessing the Google Contacts API to retrieve someone's details based on
their phone number.
(2) Passing the incoming caller's number to an AGI script.
(3) Displaying the details retrieved from Google on your screen.


Presuming you already know how to write a program to look up a Google
contact's details from their phone number, you just need to turn that into an
AGI script. Then, in your dialplan, pass the incoming number to that script.

If you want Asterisk itself to have anything to do with the Google data, you
will have to return them by setting channel variables within the script. Or
if you are going to use some external means to pass the data to the user, then
you can have your script fork itself, detach and return straight away.


--
AJS

Note: Originating address only accepts e-mail from list! If replying off-
list, change address to asterisk1list at earthshod dot co dot uk .

--
_
-- Bandwidth and Colocation Provided by 
http://www.api-digital.comhttp://www.api-digital.com/ --
New to Asterisk? Join us for a live introductory webinar every Thurs:
http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] Am I cracked?

[Michelle Dupuis]

I'm guessing this is a small/home system?  I suggest you install SecAst from 
this site: www.telium.ca   It's free for small office / home office and will 
deal with these types of attacks and more.  It can also block users based on 
their Geographic location (based on the phone number it attempted to dial I 
suspect this is middle east), look for suspicious dialing patterns, etc.

If you still have allow guest enabled, then you should also follow the 
'securing asterisk' steps from this site: 
http://www.voip-info.org/wiki/view/Asterisk+security

You're definitely under attack (based on the 0123456 ID) so be sure to take 
preventative steps to avoid a $50k phone bill..


From: asterisk-users-boun...@lists.digium.com 
asterisk-users-boun...@lists.digium.com on behalf of Luca Bertoncello 
lucab...@lucabert.de
Sent: Monday, June 8, 2015 3:46 PM
To: Asterisk Users List
Subject: [asterisk-users] Am I cracked?

Hi list!

Very strange...
I ran the Asterisk CLI for other tasks, and suddenly I got this message:

  == Using SIP RTP CoS mark 5
-- Executing [000972592603325@default:1] 
Verbose(SIP/192.168.20.120-002a, 2,PROXY Call from 0123456 to 
000972592603325) in new stack
  == PROXY Call from 0123456 to 000972592603325
-- Executing [000972592603325@default:2] Set(SIP/192.168.20.120-002a, 
CHANNEL(musicclass)=default) in new stack
-- Executing [000972592603325@default:3] 
GotoIf(SIP/192.168.20.120-002a, 0?dialluca) in new stack
-- Executing [000972592603325@default:4] 
GotoIf(SIP/192.168.20.120-002a, 0?dialfax) in new stack
-- Executing [000972592603325@default:5] 
GotoIf(SIP/192.168.20.120-002a, 0?dialanika) in new stack
-- Executing [000972592603325@default:6] 
Dial(SIP/192.168.20.120-002a, SIP/pbxluca/000972592603325,,R) in new 
stack
[Jun  8 21:42:50] WARNING[18981]: app_dial.c:2345 dial_exec_full: Unable to 
create channel of type 'SIP' (cause 20 - Subscriber absent)
  == Everyone is busy/congested at this time (1:0/0/1)
-- Executing [000972592603325@default:7] 
Hangup(SIP/192.168.20.120-002a, ) in new stack
  == Spawn extension (default, 000972592603325, 7) exited non-zero on 
'SIP/192.168.20.120-002a'
[Jun  8 21:43:22] WARNING[16633]: chan_sip.c:3830 retrans_pkt: Retransmission 
timeout reached on transmission 8dc31ca4e660a0408450715638784d86 for seqno 1 
(Critical Response) -- See 
https://wiki.asterisk.org/wiki/display/AST/SIP+Retransmissions
Packet timed out after 32001ms with no response

At the time no phone try to call...
On my Firewall I see a SIP packet coming from an IP in Palestine...
Am I cracked? I think I disabled all guest access. How can I check if my
Asterisk allows guest to originate calls?

Thanks
Luca Bertoncello
(lucab...@lucabert.de)

--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

[asterisk-users] Results of security honeypot experiment - scraping for IP's/credentials ?

[Michelle Dupuis]

The results of a security experiment were published this week, in which an 
Asterisk PBX was set out in the wild to see who would attack it and how:


http://www.telium.ca/?honeypot1


What I find particularly interesting is that people/bots are scraping support 
websites looking for valid IP's of PBX's, and valid credentials!


A good reminder to everyone on this list to not publish the IP of their PBX's, 
or even account names (in postings) as they will be quickly targeted

-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] Anonymous SIP calls

[Michelle Dupuis]

To answer your first question, what you refer to as the PSTN is also quite 
dangerous.  There is a lot of fraud going on over analog lines - usually 
hackers try to find an outside line by calling in to a PBX and trying lots of 
digits.  or, in some cases fooling a naive user to forward them to an outside 
line (claiming to be Bell), etc.  As for VoIP, even a beginner can try 10 
PBX's with 10 dialout codes in a matter of hours.  So because it's easier 
it becomes more popular.  (There was a an article in the Globe and Mail a few 
years ago about this - one Toronto company lost a lot of money because someone 
called in saying it was Bell Canada and their receptionist forward the 
technician to a diagnostic number...which was 9X and surprise they got an 
outside line).  Since' you're in Hamilton I figure this might ring a bell...:)

A lot of the value from what you refer to as the PSTN is really just a bridging 
point, and a massive directory (i.e. phone numbers).  But their role is 
changing and someday they may be little more than the equivalent of root DNS 
servers.  But for now they are still the major interconnect for ITSP's to 
legacy/TDM customers.

As for security and using fail2ban, I hope you read this:
http://forums.asterisk.org/viewtopic.php?p=159984
Fail2ban is not really security...but it's certainly better than nothing.

What you might be missing is that VoIP is the wild west of fraud.  It's easy, 
and there are lots of holes in SIP, Asterisk, FreePBX, etc!  Do a search on 
FreePBX security flaws and you'll find that hackers discovered a massive hole 
last summer exposing systems to toll fraud.  This is big business for hackers 
and a single breach can earn them $10,000 to $100,000 (or more) -not bad for 1 
day of work, and you the SIP customer are on the hook for that bill.  Major 
ITSP are not likely to forgive your bill just because you got hacked.  It's 
your responsibility to secure your system.  And if you haven't you might get a 
whopper of a bill.

There are working groups, industry groups, etc. dedicated to VoIP security.  
They exist for a reason - this is a HUGE problem.  It's easy to get over 
confident and a mistep in security can cost you your job and your company a 
small fortune.



From: James B. Byrne byrn...@harte-lyne.ca
Sent: Friday, March 27, 2015 4:03 PM
To: Michelle Dupuis
Cc: Asterisk Users List; byrn...@harte-lyne.ca
Subject: RE: [asterisk-users] Anonymous SIP calls

On Thu, March 26, 2015 22:29, Michelle Dupuis wrote:
 You have to consider whether you really want anonymous calls, or you
 just want to enable SIP calls from trusted companies/partners.  The
 latter means setting up routes to these companies and (ideally)
 registration between peers.


This is what I am trying to get a handle on.  It seemed to me that the
promise of VOIP was essentially that one could use the Internet as a
replacement for the PSTN directly, providing that ones callers/callees
were also directly connected via VOIP.  SIP providers I had considered
a necessary transition to act as gateways between PSTN dialing and
VOIP until VOIP replaced PSTN virtually entirely if not completely.

That is why we are on Asterisk.  We had to replace our old keyed
system and the thought was that we might as well get ready for VOIP
even if we planned to stay on PSTN for the foreseeable future.

However, the overwhelming evidence I find is that one simply does not
employ VOIP in the same way that PSTN works.  Actually, I have put
that backwards.  What I have discovered is that the most commonly
recommended method is to switch from a Telco to A SIP provider and
continue in a manner similar to the former set-up.  External calls all
have to travel through a third party provider.

One does not accept incoming VOIP calls from just everyone,
apparently.  One only accepts VOIP calls from known correspondents.  I
am not clear why this is so other than vague warnings respecting
(admittedly real and serious) security issues.

Even limiting VOIP to known correspondents one is ultimately trusting
that they themselves are secured sufficiently to prevent unauthorised
access to your systems through theirs.  And that seems a bit of a
stretch by way of rationalisation to me.

Also I do not understand is why the same issues do not exist from
incoming calls via PSTN.

I somewhat understand the process of getting devices to register and
authenticate to obtain access to our outgoing routes.   What is it
about incoming SIP calls destined to our internal users that make
those calls so dangerous?  Why cannot incoming anonymous SIP calls not
be treated exactly as incoming PSTN calls (other than PSTN have to go
though DAHDI to turn them into digital VOIP calls). What is it that
prevents them from being blocked from gatewaying through to our PSTN
lines?

Please forgive my abysmal ignorance on this matter.  Perhaps I have
been down in the weeds too long getting our internal FreePBX

Re: [asterisk-users] Anonymous SIP calls

[Michelle Dupuis]

You have to consider whether you really want anonymous calls, or you just 
want to enable SIP calls from trusted companies/partners.  The latter means 
setting up routes to these companies and (ideally) registration between peers.

If you really want anonymous calls, then you will have to setup your dialplan 
with a guest/anonymous context for the calls to drop into.  Once they arrive in 
that context you can route them anywhere else in your dialplan based on rules 
you setup.  To help understand how this works, set verbose up to 10 in the 
Asterisk CLI and then call into your PBX using a SIP phone (without 
registration) .  You'll quickly see how it works.

The bigger concern here is security.  Hackers will have a field day with an 
unsecured SIP connection.  You will want to add some security on and around 
your Asterisk server.  Take a look at  
http://www.voip-info.org/wiki/view/Asterisk+security  for suggestions.

To be conservative, assume someone WILL find a hole in your dialplan and 
attempt to commit fraud (i.e. rack up charges on your phone system). You will 
want to add security to your asterisk server which detects this fraud and 
disconnects the callers.  There's a great video of an Astricon attendee 
explaining how callers racked up $100,000 in charges in one weekend.


From: asterisk-users-boun...@lists.digium.com 
asterisk-users-boun...@lists.digium.com on behalf of James B. Byrne 
byrn...@harte-lyne.ca
Sent: Thursday, March 26, 2015 9:24 PM
To: Asterisk Users List
Subject: [asterisk-users] Anonymous SIP calls

We have a FreePBX-12 / Asterisk-12 setup that supports about 24
extensions, most internal Snom870s but six or so external (Jitsi-2.8).
 we use TLS and SRTP everywhere on our side of the fence.  The server
host is a dedicated atom(tm) box using the FreePBX distro (CentOS-6.x)
and is up-to-date.  Registrations require very long random passwords
and registrable devices are further restricted by netblock filters.
We have the usual firewall and fail2ban intrusion prevention and
detection set-ups in place.

Our connection to the rest of the world is via PSTN.

We do our own DNS, both forward and reverse.  We have NAPTR and SRV
RRs for SIP and SIPS.

That is the environment.  Now for the questions.

Can I safely configure FreePBX/Asterisk to allow people to call us
directly via SIP?  In other words, sip://someth...@harte-lyne.ca would
reach us and ring internally as if someone had called our main office
number via PSTN.  Does it make sense to do so?

I am not talking about routing our main number through a SIP trunk
provider.  We will remain on PSTN for the foreseeable future.  But I
am curious as to whether or not it it worthwhile to allow others who
have the capability to simply call us via SIP rather than over PSTN.
And if we do allow it what are the caveats and how does one actually
configure Asterisk to do it?

I have read a number of blogs, sections of the Definitive Asterisk
book and mailing list archived posts respecting anonymous SIP calls.
But I have to say these leave me rather more confused than informed.
Virtually all sources advise against accepting any anonymous incoming
SIP calls whatsoever.  The few that do not absolutely advise against
do not give much guidance in how to handle incoming calls. And
frankly, I have only a dim idea how an incoming SIP call should be
handled from a theoretical point of view.

Any guidance would be welcome.


--
***  E-Mail is NOT a SECURE channel  ***
James B. Byrnemailto:byrn...@harte-lyne.ca
Harte  Lyne Limited  http://www.harte-lyne.ca
9 Brockley Drive  vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada  L8E 3C3


--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] Asterisk API

[Michelle Dupuis]

As you've probably discovered, most of the API toolkits are half baked and 
poorly maintained.  The Java interface is not great for performance and is 
suffering from the above too.

From our experience (including customer specific and commercial apps)  using 
the AMI directly is the best way to go.  Next you also have to develop in a 
language suitable to the throughput needs of whatever you are building.  If 
you need performance, I'd recommend developing in C++ and building your own 
AMI interface to suit your needs.  (If you use boost or Qt then it will speed 
your development time).

This topic might step on troll territory (which  is best) so feel free to 
email me off list if you want more info.
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

[asterisk-users] When are /proc/dahdi files created

[Michelle Dupuis]

Can someone tell me when the /proc/dahdi files are created for spans?  Are they 
created when asterisk starts (or the asterisk init script) - if not what script 
creates them?
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] Investigating international calls fraud

[Michelle Dupuis]

Do you have DISA setup?  We're seeing lots of attackers running scripts that 
send digits until they strike a DISA, misconfigured mailbox, etc.  (Assuming it 
wasn't a stupid employee forwarding an inbound call to a 9xxx number etc).

Have a look at SecAst (www.generationd.com) - it detects callers sending too 
many digits, monitors digit dialing speeds, etc. to help identify and block 
these types of attacks.  The free version is better than nothing (but if you've 
already suffered one $25k attack then you probably don't mind spending a bit of 
money).  Or have a look at http://www.voip-info.org/wiki/view/Asterisk+security 
for other ideas.

There were some (at least one) critical FreePBX weaknesses discovered this 
summer (you'll find them if you google).  Even if you don't expose the 
management interface to the internet, don't trust FreePBX security alone.

-MD-

My opinions expressed are my own and do not necessarily reflect those of my 
employer.  However, as an employee of Generation D Systems my opinions are 
probably biased.




From: asterisk-users-boun...@lists.digium.com 
asterisk-users-boun...@lists.digium.com on behalf of Administrator TOOTAI 
ad...@tootai.net
Sent: Wednesday, January 28, 2015 5:07 PM
To: Asterisk Users List
Subject: Re: [asterisk-users] Investigating international calls fraud

Le 28/01/2015 22:03, Steven McCann a écrit :
 Hello,

Hi


 I'm investigating a situation where there was a hundreds of minutes of
 calls from an internal SIP extension to an 855 number in Cambodia,
 resulting in a crazy ($25,000+) bill from the phone company. I'm
 investigating, but can anyone provide some feedback on what's happened
 here? I'm investigating how this happened as well as what types of
 arrangements can be made with the phone company (CenturyLink in Texas).

 Some details:
 * PBX is located in Texas
 * Phone carrier is CenturyLink
 * FreePBX distro running asterisk 1.8.14
 * source SIP extension is Mitel 5212, firmware 08.00.00.04, default
 admin password (argh!). Phone is used by many different people.

 More PBX setting details:
 * inbound SIP traffic is not allowed through the firewall
 * internal network is not accessed by many
 * FreePBX web interface

 *Questions I have at this moment:*
 1) how were the calls placed? Was the Mitel SIP phone hacked somehow?
 Asterisk PBX?

Check your logs. In the full log with verbosity 3 you can follow how
calls were treated. Also the CDR should give you informations like the
extension(s) who placed those calls

[...]

--
Daniel

--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

[asterisk-users] Best way to get dahdi status

[Michelle Dupuis]

I'm creating an app that needs to read the status of all dahdi spans and 
channels, etc.  (whatever is needed to tell a user the state of their DAHDI 
connections).


What is the best way to do that?  I see dahdi-tools available from the command 
line, asterisk CLI commands, and AMI commands.  What is the best way to get the 
status at a detail level?


-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] SEMI OFF-TOPIC - Fail2ban

[Michelle Dupuis]

I'd suggest taking a look at the free edition of SecAst (www.generationd.com).  
It handles these messages perfectly (and can also use AMI security events) - so 
you don't need to constantly be updating fail2ban rules.  It's a drop in 
replacement for fail2ban.  

-M-

P.S.  My opinions are my own and do not necessarily represent those of my 
employer.  As an employee of Generation D System you can bet my opinions are 
biased though!

From: asterisk-users-boun...@lists.digium.com 
asterisk-users-boun...@lists.digium.com on behalf of ricky gutierrez 
xserverli...@gmail.com
Sent: Friday, January 9, 2015 3:02 PM
To: Asterisk Users List
Subject: Re: [asterisk-users] SEMI OFF-TOPIC - Fail2ban

2015-01-09 3:53 GMT-06:00 Stefan Gofferje li...@home.gofferje.net:

 Do you really want to detect ChallengeSent? That should occur also on
 legitimate login processes...


Hi , strange thing is that I still have not this asterisk in
production and I see many attempts Connection.

Now keep in mind that when a connection of authentication is
successful the message changes and is not exactly what you mention:

## SecurityEvent=SuccessfulAuth,EventTV=1420832883-140932,

I think this type of connection attempts messages with my asterisk
that fail2ban  not detected.

I'm no expert, but the log not lie ;)

regardss
--
rickygm

http://gnuforever.homelinux.com

--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

[asterisk-users] Reset calls processed counter

[Michelle Dupuis]

When I issue the CLI command 'core show calls' I see how many calls have been 
processed by Asterisk since it started; eg:

0 active calls
198 calls processed

Is there a way to reset the calls processed counter without having to shutdown 
and restart asterisk?
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] PBX hacked: why hundred of calls to the same number ?

[Michelle Dupuis]

There are lots of ways to solve this, and NOT to solve this.  Don't start 
adding lots of rules to iptables (or deep per packet inspection requirements) 
as this will hurt capacity...and it doesn't really solve the problem


Take a look at

http://www.voip-info.org/wiki/view/Asterisk+security


If you are running a small system I recommend trying the free version of 
SecAst.  If you're running a larger PBX, the SecAst GeoIP blocking (deny/allow 
by country/city/etc) will remove 99% of the attacks.


Take a good look at the page above for options...free/paid, software/hardware


Michelle


*All opinions are my own, and do not represent my employer.  Since I'm employed 
by GenerationD, you can

bet that my opinions are biased :)



From: asterisk-users-boun...@lists.digium.com 
asterisk-users-boun...@lists.digium.com on behalf of Rainer Piper 
rainer.pi...@soho-piper.de
Sent: Friday, October 3, 2014 2:15 PM
To: Asterisk Users List
Subject: Re: [asterisk-users] PBX hacked: why hundred of calls to the same 
number ?

Hi Chris,

yes ... it is boring ...
I stop posting ...
;-)


Am 03.10.2014 um 20:11 schrieb Chris Bagnall:
On 3/10/14 6:52 pm, Rainer Piper wrote:
the attacking server changed the destination Number  at 18:53  CEST  and
he is still blocked ... LOL
972597438354  callto:00972597438354callto:00972597438354

It's pretty much an everyday occurrence for any internet-connected SIP system 
these days...

Oct  3 19:46:20 server /sbin/kamailio[3977]: NOTICE: script: blocking
IP 62.210.149.136 sipcli/v1.8 rm=INVITE aU=null rU=100972597438354

Many of these attacks come from fairly easily recognised user-agent strings, so 
if you fancy doing a bit of packet inspection with your firewall, you can block 
many of these before they get as far as your SIP server(s) themselves.

For example, the sipcli scans you listed above can be blocked fairly easily 
with:
iptables -A INPUT -p udp --dport 5060 -m string --algo bm --string sipcli -j 
DROP

(obviously there are overheads to string searching UDP/5060 packets that you'll 
want to consider, and the above won't work if you're using sipcli legitimately 
anywhere on your network)

Kind regards,

Chris


--
Rainer Piper
Integration engineer
Koeslinstr. 56
53123 BONN
GERMANY
Phone: +49 228 97167161
P2P: sip:rai...@sip.soho-piper.de:5072 (pjsip-test)
XMPP: rai...@xmpp.soho-piper.demailto:rai...@xmpp.soho-piper.de
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] Asterisk secure fine tune - stop attack

[Michelle Dupuis]

You can also take a look at SecAst (www.generationd.com).The free version 
is a drop-in replacement for fail2ban but also add a lot more intelligence (and 
no need to update regex's etc). There's also geographic IP fencing so you can 
block attacks by country / region / city etc., only allow access by geography, 
etc.  And a whole lot more (including detection of breached but valid 
credentials to halt ongoing fraud, etc)


-=M=-


The opinions above are my own, and don't necessarily represent those of my 
employer.  Since I'm employed by Generation D however you can bet that I have a 
serious bias :)



From: asterisk-users-boun...@lists.digium.com 
asterisk-users-boun...@lists.digium.com on behalf of Eric Wieling 
ewiel...@nyigc.com
Sent: Thursday, September 4, 2014 11:58 AM
To: Asterisk Users List
Subject: Re: [asterisk-users] Asterisk secure fine tune - stop attack

If we don't need to allow access from outside the USA we block access from all 
non-ARIN IP addresses by using iptables.   This takes care of at least 80% of 
attacks.

I enabled guest access and pointed all guest calls to an IVR which auto 
disconnects the call after a while (2 min seems good) if there is no response.  
 That took care of most of the remaining attacks.

I'm considering enabling auto create peer and routing calls to the same IVR as 
above.

We also use fail2ban, but mostly for non-SIP attacks.

Before enabling any guest access be ABSOLUTELY SURE you know how to do it 
without causing security issues.

From: asterisk-users-boun...@lists.digium.com 
[mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of Hashmat Khan
Sent: Thursday, September 04, 2014 3:45 PM
To: Asterisk Users Mailing List - Non-Commercial Discussion
Subject: Re: [asterisk-users] Asterisk secure fine tune - stop attack

dont forgot to put your trusted IPs into ignoreip list while configuring 
fail2ban

its very important when a customer (may be 100+ extns) are behind NAT and only 
present single public IP

Rgds
Hash


Date: Thu, 4 Sep 2014 08:42:11 -0700
From: motty.c...@gmail.commailto:motty.c...@gmail.com
To: asterisk-users@lists.digium.commailto:asterisk-users@lists.digium.com
Subject: Re: [asterisk-users] Asterisk secure fine tune - stop attack
Hi A J,
believe me, I wish i do as you suggested, however I have a few extensions 
outside the office with dynamic IPs, so that is not a possibility. Thanks for 
your suggestions, I will try fail2ban. I don't know how complicated is to 
implement that on production server.

Thanks,
-Motty

On Thu, Sep 4, 2014 at 8:19 AM, A J Stiles 
asterisk_l...@earthshod.co.ukmailto:asterisk_l...@earthshod.co.uk wrote:
On Thursday 04 Sep 2014, motty cruz wrote:
 Hi All,
 I see this kind of attack on our Asterisk Server, do you know how to block
 that IP?
Instead of blocking unwanted IPs, you should be permitting only wanted IPs.

--
AJS

Note:  Originating address only accepts e-mail from list!  If replying off-
list, change address to asterisk1list at earthshod dot co dot uk .

--
_
-- Bandwidth and Colocation Provided by 
http://www.api-digital.comhttp://www.api-digital.com/ --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users


-- _ -- 
Bandwidth and Colocation Provided by 
http://www.api-digital.comhttp://www.api-digital.com/ -- New to Asterisk? 
Join us for a live introductory webinar every Thurs: 
http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or 
update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] incoming calls fall into echo test mode

[Michelle Dupuis]

You might get a better response on the FreePBX forum.  (FreePBX adds pre-built 
dialplan elements onto standard asterisk.  This forum is more for Asterisk)

But some suggestions:

SSH to your PBX
enter the Asterisk CLI
set verbose to 10
Call into the problematic number
...and watch where the call is being misrouted in the dialplan



From: asterisk-users-boun...@lists.digium.com 
asterisk-users-boun...@lists.digium.com on behalf of Norman Molhant 
ad...@csur.ca
Sent: Saturday, July 19, 2014 10:43 AM
To: Asterisk Users List
Subject: [asterisk-users] incoming calls fall into echo test mode

Hello all,

Weird trouble here:
we have 60-some happy subscribers on a FreePBX box,
each with its own phone number, with no problem at all,
except for one (and only one) subscriber who has this
problem: his outgoing calls are ok, but when someone
dials his phone number (be it from our network or from
any other place in the world), the caller ears the
standard message signalling he has entered the echo
test mode and must dial # to exit that mode.

Most callers don't understand what's going on, then
give up and hang up without dialling #.  Very few
dial # one or more times, then those few get our
customer's phone ringing and are then able to reach
our customer.

I went through all the docs, wikis and discussions
I found on the web, without finding any data on how
to solve that problem.

I tried many things on our FreePBX box and found out
the problem seems somehow linked with the customer's
extension (or phone number), not his inbound route
(changing the latter has no effect on the problem).

Creating a new extension with another phone number
would solve the problem (I tried it and it works),
but this customer wants to keep his current phone
number and when I tried deleting his extension then
creating a new one with his current phone number,
the new extension presented the same problem as the
previous one...

Anyone knows what could cause such a problem and/or
how to solve it ?

Thanks,
Norman.
ad...@csur.ca






--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] Attack on Sip server.

[Michelle Dupuis]

If you have a small Asterisk installation install the free version of SecAst:

http://www.voip-info.org/wiki/view/SecAst+(Asterisk+Intrusion+Detection+and+Prevention)


For general Asterisk security info check this out:

http://www.voip-info.org/wiki/view/Asterisk+security


-=Michelle=-


All opinions posted are my own, and do not necessarily reflect those of my 
employer.  As an employee of GenerationD my opions are serious biased :)



From: asterisk-users-boun...@lists.digium.com 
asterisk-users-boun...@lists.digium.com on behalf of Anurag Rana 
anuragrana31...@gmail.com
Sent: Friday, June 27, 2014 10:49 AM
To: Prakash N
Cc: Asterisk Users List
Subject: Re: [asterisk-users] Attack on Sip server.

I added bot rules TCP as well as UDP.  Still not working.

How changing SIP listen port will prevent it. Please explain.

I will try fail2band.


On Fri, Jun 27, 2014 at 8:16 PM, Prakash N 
prakas...@tevatel.commailto:prakas...@tevatel.com wrote:
Hi,

Install fail2band and change sip listen port to avoid attack

With regards

N.Prakash

From: Anurag Ranamailto:anuragrana31...@gmail.com
Sent: ?27-?06-?2014 08:07 PM
To: Asterisk Users Mailing List - Non-Commercial 
Discussionmailto:asterisk-users@lists.digium.com
Subject: [asterisk-users] Attack on Sip server.


Hi All.

Someone is attacking on my SIP server.
There are lot of requests coming in and I am not able to stop it because I am 
unable to detect the IP address.
I used wireshark to capture the packets.

Although I am using very strong password for my SIP users but still is there 
any way to drop these packets and stop this attack.

I tried dropping packet after matching some string (most of the packets from 
attacker contains string 'VaxSIPUserAgent/3.1' ) but it failed. Packets are 
still flowing in.


iptables -I INPUT 1 -p tcp --dport 5060 -m string --string VaxSIPUserAgent 
--algo bm -j DROP

?Its something like this

Registration from '30 sp:30@my_public_ip:5060 failed for 
'192.168.xxx.xxx:6373' - Wrong Password?

?and there are approx 10 request per minute of this type.

Please suggest some way to stop this.?


--
Anurag Rana
http://newbie42.blogspot.in/
On the trampoline of life's experiences, Striving towards a saintly life in the 
midst of these materialistic turbulences.





--
Anurag Rana
http://newbie42.blogspot.in/
On the trampoline of life's experiences, Striving towards a saintly life in the 
midst of these materialistic turbulences.


-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

[asterisk-users] SSL/TLS weakness impact on Asterisk authentication

[Michelle Dupuis]

After reading about the  2 major SSL (and TLS?) weaknesses discovered this 
year, I was wondering how it affects asterisk.


Does the SIP authentication use TLS - or something that was recently broken?  
Is there a risk of exposing passwords?


Thanks!
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

[asterisk-users] Login by AMI ok, by AJAM fails

[Michelle Dupuis]

I have setup an Ast 11.6 host and I want to login via AJAM.  I setup 
manager.conf, http.conf described in the docs.  When I login via the AMI it 
works fine (see below), but when I login via AJAM the same credentials fail 
(see further down)

Can someone tell me how to fix this?


---

Connection closed by foreign host.
root@pbx:/tmp# telnet localhost 5038
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
Asterisk Call Manager/1.3
action: login
username: test
secret: test

Response: Success
Message: Authentication accepted

Event: FullyBooted
Privilege: system,all
Status: Fully Booted

?--
root@apbx:/tmp# curl  
http://localhost:5039/asterisk/rawman?action=loginuser=testsecret=test
[1] 15548
[2] 15549
root@pbx:/tmp# Response: Error
Message: Authentication failed
[1]-  Donecurl 
http://localhost:5039/asterisk/rawman?action=login
[2]+  Doneuser=test

-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] Login by AMI ok, by AJAM fails

[Michelle Dupuis]

You're right - but I tried username too and it fails.  I can't understand why 
AMI authenticates and AJAM fails...


From: asterisk-users-boun...@lists.digium.com 
asterisk-users-boun...@lists.digium.com on behalf of Michael L. Young 
myo...@acsacc.com
Sent: Friday, May 16, 2014 3:25 PM
To: Asterisk Users List
Subject: Re: [asterisk-users] Login by AMI ok, by AJAM fails

- Original Message -

 From: Michelle Dupuis mdup...@ocg.ca
 To: Asterisk Users List asterisk-users@lists.digium.com
 Sent: Friday, May 16, 2014 2:43:30 PM
 Subject: [asterisk-users] Login by AMI ok, by AJAM fails

 --
 root@apbx:/tmp# curl
 http://localhost:5039/asterisk/rawman?action=loginuser=testsecret=test
 [1] 15548
 [2] 15549
 root@pbx:/tmp# Response: Error
 Message: Authentication failed
 [1]- Done curl http://localhost:5039/asterisk/rawman?action=login
 [2]+ Done user=test

I believe it should be username instead of user for the query parameter.

Michael

--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] Login by AMI ok, by AJAM fails

[Michelle Dupuis]

In case it helps, here's the CLI output which attempting an AJAM login:

[May 16 16:03:58] DEBUG[16807]: http.c:686 handle_uri: HTTP Request URI is 
/asterisk/rawman?action=login 
[May 16 16:03:58] DEBUG[16807]: http.c:735 handle_uri: match request [rawman] 
with handler [httpstatus] len 9
[May 16 16:03:58] DEBUG[16807]: http.c:735 handle_uri: match request [rawman] 
with handler [phoneprov] len 10
[May 16 16:03:58] DEBUG[16807]: http.c:735 handle_uri: match request [rawman] 
with handler [amanager] len 9
[May 16 16:03:58] DEBUG[16807]: http.c:735 handle_uri: match request [rawman] 
with handler [arawman] len 8
[May 16 16:03:58] DEBUG[16807]: http.c:735 handle_uri: match request [rawman] 
with handler [manager] len 7
[May 16 16:03:58] DEBUG[16807]: http.c:735 handle_uri: match request [rawman] 
with handler [rawman] len 7
[May 16 16:03:58] DEBUG[16807]: manager.c:6436 generic_http_callback: HTTP 
Manager add header action: login
[May 16 16:03:58] DEBUG[16807]: manager.c:5211 process_message: Running action 
'Login'
  == HTTP Connect attempt from '127.0.0.1' unable to authenticate
[May 16 16:03:59] DEBUG[16807]: manager.c:6511 generic_http_callback: Need 
destroy, doing it now!


From: asterisk-users-boun...@lists.digium.com 
asterisk-users-boun...@lists.digium.com on behalf of Michelle Dupuis 
mdup...@ocg.ca
Sent: Friday, May 16, 2014 3:39 PM
To: Asterisk Users List
Subject: Re: [asterisk-users] Login by AMI ok, by AJAM fails

You're right - but I tried username too and it fails.  I can't understand why 
AMI authenticates and AJAM fails...


From: asterisk-users-boun...@lists.digium.com 
asterisk-users-boun...@lists.digium.com on behalf of Michael L. Young 
myo...@acsacc.com
Sent: Friday, May 16, 2014 3:25 PM
To: Asterisk Users List
Subject: Re: [asterisk-users] Login by AMI ok, by AJAM fails

- Original Message -

 From: Michelle Dupuis mdup...@ocg.ca
 To: Asterisk Users List asterisk-users@lists.digium.com
 Sent: Friday, May 16, 2014 2:43:30 PM
 Subject: [asterisk-users] Login by AMI ok, by AJAM fails

 --
 root@apbx:/tmp# curl
 http://localhost:5039/asterisk/rawman?action=loginuser=testsecret=test
 [1] 15548
 [2] 15549
 root@pbx:/tmp# Response: Error
 Message: Authentication failed
 [1]- Done curl http://localhost:5039/asterisk/rawman?action=login
 [2]+ Done user=test

I believe it should be username instead of user for the query parameter.

Michael

--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] Login by AMI ok, by AJAM fails

[Michelle Dupuis]

I've done all of that (and I set the AJAM to listen to 5039).  What mistakes do 
you see?

From: asterisk-users-boun...@lists.digium.com 
asterisk-users-boun...@lists.digium.com on behalf of Michael L. Young 
myo...@acsacc.com
Sent: Friday, May 16, 2014 4:16 PM
To: Asterisk Users List
Subject: Re: [asterisk-users] Login by AMI ok, by AJAM fails

- Original Message -
 From: Michelle Dupuis mdup...@ocg.ca
 To: Asterisk Users List asterisk-users@lists.digium.com
 Sent: Friday, May 16, 2014 3:39:35 PM
 Subject: Re: [asterisk-users] Login by AMI ok, by AJAM fails

 You're right - but I tried username too and it fails.  I can't
 understand why AMI authenticates and AJAM fails...


Have you taken a look at the Wiki yet?

https://wiki.asterisk.org/wiki/display/AST/Allow+Manager+Access+via+HTTP

In looking at that, I see some mistakes in what you are trying to do.  Please 
take a look at that and give it a try.

Michael

--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] Login by AMI ok, by AJAM fails

[Michelle Dupuis]

actually rawman and manager are very different, and you don't need cookies just 
to test login.  However, I found the problem: I forgot quotes around the curl 
command.

Thanks!
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] Asterisk 1.8.22

[Michelle Dupuis]

Another alternative is SecAst (Asterisk intrusion detection system).  Grab the 
free version from www.generationd.comhttp://www.generationd.com/?


It does everything fail2ban does, plus you have the option of blocking IP's 
based on geograhic origin, detecting suspicious call patterns, etc.


-=M=-

All opinions posted are my own. But as an employee of GenerationD System my 
views are undoubtedly biased :)



From: asterisk-users-boun...@lists.digium.com 
asterisk-users-boun...@lists.digium.com on behalf of motty cruz 
motty.c...@gmail.com
Sent: Monday, May 12, 2014 5:43 PM
To: Asterisk Users List
Subject: [asterisk-users] Asterisk 1.8.22

Hello,
recently I have seen spike in attacks on my asterisk server, this is what I get 
on the LCD of my phone: 201@76.220.5.205mailto:201@76.220.5.205

or calls from 1000 sip1000@76.2230.5.205mailto:1000@76.2230.5.205,

have any idea on how to stop this calls?

Thanks,
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

[Assp-test] crash on max files limit (when using DB)

[Michelle Dupuis]

I'm running ASSP 2.4.1 (14097), and once a week I find my assp crashed due to 
too many files open.  I have the system limit set to 30 files.  At the tail 
of the assp log I see the following errors:

rker_2] Error: Worker_2 accept to client failed 
IO::Socket::INET=GLOB(0x7f762ec3d060) (timeout: 2 s) : Too many open files
rker_2] Error: Worker_2 accept to client failed 
IO::Socket::INET=GLOB(0x7f762df08438) (timeout: 2 s) : Too many open files
rker_2] Error: Worker_2 accept to client failed 
IO::Socket::INET=GLOB(0x7f762cc2d0b0) (timeout: 2 s) : Too many open files
rker_2] Error: Worker_2 accept to client failed 
IO::Socket::INET=GLOB(0x7f762ea01888) (timeout: 2 s) : Too many open files
rker_2] Error: Worker_2 accept to client failed 
IO::Socket::INET=GLOB(0x7f762ed0ed58) (timeout: 2 s) : Too many open files

What makes this even stranger, is that I'm using DB instead of files!  (See 
below)  Why is assp using so many files?  (There is a one warning below about 
spamdb incompatability but when I run rebuild no errors appear).

Apr-11-14 09:30:12 [init] Try using mysql database assp for selected tables
Apr-11-14 09:30:12 [init] Using table whitelist   in mysql Database 
assp instead of file /usr/local/assp/whitelist
Apr-11-14 09:30:12 [init] Using table persblack   in mysql Database 
assp instead of file /usr/local/assp/persblack
Apr-11-14 09:30:12 [init] Using table redlist in mysql Database 
assp instead of file /usr/local/assp/redlist
Apr-11-14 09:30:12 [init] Using table delaydb in mysql Database 
assp instead of file /usr/local/assp/delaydb
Apr-11-14 09:30:12 [init] Using table delaywhitedbin mysql Database 
assp instead of file /usr/local/assp/delaydb.white
Apr-11-14 09:30:12 [init] Using table PBWhite in mysql Database 
assp instead of file /usr/local/assp/pb/pbdb.white.db
Apr-11-14 09:30:12 [init] Using table PBBlack in mysql Database 
assp instead of file /usr/local/assp/pb/pbdb.black.db
Apr-11-14 09:30:12 [init] Using table RBLCachein mysql Database 
assp instead of file /usr/local/assp/pb/pbdb.rbl.db
Apr-11-14 09:30:12 [init] Using table URIBLCache  in mysql Database 
assp instead of file /usr/local/assp/pb/pbdb.uribl.db
Apr-11-14 09:30:12 [init] Using table PTRCachein mysql Database 
assp instead of file /usr/local/assp/pb/pbdb.ptr.db
Apr-11-14 09:30:12 [init] Using table MXACachein mysql Database 
assp instead of file /usr/local/assp/pb/pbdb.mxa.db
Apr-11-14 09:30:12 [init] Using table RWLCachein mysql Database 
assp instead of file /usr/local/assp/pb/pbdb.rwl.db
Apr-11-14 09:30:12 [init] Using table SPFCachein mysql Database 
assp instead of file /usr/local/assp/pb/pbdb.spf.db
Apr-11-14 09:30:12 [init] Using table SBCache in mysql Database 
assp instead of file /usr/local/assp/pb/pbdb.sb.db
Apr-11-14 09:30:12 [init] Using table PBTrap  in mysql Database 
assp instead of file /usr/local/assp/pb/pbdb.trap.db
Apr-11-14 09:30:12 [init] Using table DKIMCache   in mysql Database 
assp instead of file /usr/local/assp/pb/pbdb.dkim.db
Apr-11-14 09:30:12 [init] Using table BATVTag in mysql Database 
assp instead of file /usr/local/assp/pb/pbdb.batv.db
Apr-11-14 09:30:12 [init] Using table BackDNS in mysql Database 
assp instead of file /usr/local/assp/pb/pbdb.back.db
Apr-11-14 09:30:12 [init] Using table spamdb  in mysql Database 
assp instead of file /usr/local/assp/spamdb
Apr-11-14 09:30:12 [init] Using table spamdbhelo  in mysql Database 
assp instead of file /usr/local/assp/spamdb.helo
Apr-11-14 09:30:12 [init] Using table hmmdb   in mysql Database 
assp instead of file /usr/local/assp/HMMdb
Apr-11-14 09:30:12 [init] Using table ldaplistin mysql Database 
assp instead of file /usr/local/assp/ldaplist
Apr-11-14 09:30:12 [init] Using table AdminUsers  in mysql Database 
assp instead of file /usr/local/assp/adminusers
Apr-11-14 09:30:12 [init] Using table AdminUsersRight in mysql Database 
assp instead of file /usr/local/assp/adminusers.right
Apr-11-14 09:30:12 [init] Warning: the current Spamdb is possibly incompatible 
to this version of ASSP. Please run a rebuildspamdb. current: 
2_14034_5.018002_UAX#29_WordStem1.23 - required: 
2_14094_5.018002_UAX#29_WordStem1.23
Apr-11-14 09:30:12 [init] Info: saving Stats in file asspstats.sav?

--
Put Bad Developers to Shame
Dominate Development with Jenkins Continuous Integration
Continuously Automate Build, Test  Deployment 
Start a new project now. Try Jenkins in the cloud.
http://p.sf.net/sfu/13600_Cloudbees
___
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test

[Assp-test] Despite DB: setting still writing files to spam folder

[Michelle Dupuis]

I'm running ASSP version 2.4.1(14097)? and have DB: set for all files/caches.  
I see the assp database is created, as well as other tables.


However, while ASSP is running I still see new message files being created in 
the spam folder.  Why?  ASSP has been restarted many times and I startup I see 
this:


Apr-11-14 09:30:12 [init] Try using mysql database assp for selected tables
Apr-11-14 09:30:12 [init] Using table whitelist   in mysql Database 
assp instead of file /usr/local/assp/whitelist
Apr-11-14 09:30:12 [init] Using table persblack   in mysql Database 
assp instead of file /usr/local/assp/persblack
Apr-11-14 09:30:12 [init] Using table redlist in mysql Database 
assp instead of file /usr/local/assp/redlist
Apr-11-14 09:30:12 [init] Using table delaydb in mysql Database 
assp instead of file /usr/local/assp/delaydb
Apr-11-14 09:30:12 [init] Using table delaywhitedbin mysql Database 
assp instead of file /usr/local/assp/delaydb.white
Apr-11-14 09:30:12 [init] Using table PBWhite in mysql Database 
assp instead of file /usr/local/assp/pb/pbdb.white.db
Apr-11-14 09:30:12 [init] Using table PBBlack in mysql Database 
assp instead of file /usr/local/assp/pb/pbdb.black.db
Apr-11-14 09:30:12 [init] Using table RBLCachein mysql Database 
assp instead of file /usr/local/assp/pb/pbdb.rbl.db
Apr-11-14 09:30:12 [init] Using table URIBLCache  in mysql Database 
assp instead of file /usr/local/assp/pb/pbdb.uribl.db
Apr-11-14 09:30:12 [init] Using table PTRCachein mysql Database 
assp instead of file /usr/local/assp/pb/pbdb.ptr.db
Apr-11-14 09:30:12 [init] Using table MXACachein mysql Database 
assp instead of file /usr/local/assp/pb/pbdb.mxa.db
Apr-11-14 09:30:12 [init] Using table RWLCachein mysql Database 
assp instead of file /usr/local/assp/pb/pbdb.rwl.db
Apr-11-14 09:30:12 [init] Using table SPFCachein mysql Database 
assp instead of file /usr/local/assp/pb/pbdb.spf.db
Apr-11-14 09:30:12 [init] Using table SBCache in mysql Database 
assp instead of file /usr/local/assp/pb/pbdb.sb.db
Apr-11-14 09:30:12 [init] Using table PBTrap  in mysql Database 
assp instead of file /usr/local/assp/pb/pbdb.trap.db
Apr-11-14 09:30:12 [init] Using table DKIMCache   in mysql Database 
assp instead of file /usr/local/assp/pb/pbdb.dkim.db
Apr-11-14 09:30:12 [init] Using table BATVTag in mysql Database 
assp instead of file /usr/local/assp/pb/pbdb.batv.db
Apr-11-14 09:30:12 [init] Using table BackDNS in mysql Database 
assp instead of file /usr/local/assp/pb/pbdb.back.db
Apr-11-14 09:30:12 [init] Using table spamdb  in mysql Database 
assp instead of file /usr/local/assp/spamdb
Apr-11-14 09:30:12 [init] Using table spamdbhelo  in mysql Database 
assp instead of file /usr/local/assp/spamdb.helo
Apr-11-14 09:30:12 [init] Using table hmmdb   in mysql Database 
assp instead of file /usr/local/assp/HMMdb
Apr-11-14 09:30:12 [init] Using table ldaplistin mysql Database 
assp instead of file /usr/local/assp/ldaplist
Apr-11-14 09:30:12 [init] Using table AdminUsers  in mysql Database 
assp instead of file /usr/local/assp/adminusers
Apr-11-14 09:30:12 [init] Using table AdminUsersRight in mysql Database 
assp instead of file /usr/local/assp/adminusers.right
Apr-11-14 09:30:12 [init] Warning: the current Spamdb is possibly incompatible 
to this version of ASSP. Please run a rebuildspamdb. current: 
2_14034_5.018002_UAX#29_WordStem1.23 - required: 
2_14094_5.018002_UAX#29_WordStem1.23
Apr-11-14 09:30:12 [init] Info: saving Stats in file asspstats.sav?

--
Put Bad Developers to Shame
Dominate Development with Jenkins Continuous Integration
Continuously Automate Build, Test  Deployment 
Start a new project now. Try Jenkins in the cloud.
http://p.sf.net/sfu/13600_Cloudbees
___
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test

Re: [asterisk-users] Asterisk Call Redirection

[Michelle Dupuis]

These are at completely different levels of the ISO stack...question is making 
sense to me.

(What does it mean to divert a call to a serial port).  Do you mean route a 
call over a link that is ppp/dialup and connected to another endpoint on the 
other side of that link?

If so you would have to configure your serial port/link to be on demand, allow 
the OS to bring up the link, making the route available, and then allowing 
Asterisk to bridge the call to an IP on a subnet on the other side of that link.

So your focus should perhaps be:
- Setting up on demand link
- Configuring Asterisk (if possible) to try the connection to the endpoint long 
enough for the link to come up.

Hope I understood right...

From: asterisk-users-boun...@lists.digium.com 
asterisk-users-boun...@lists.digium.com on behalf of Tim ad...@securesec.com
Sent: Saturday, April 5, 2014 3:16 PM
To: Asterisk Users List
Subject: [asterisk-users] Asterisk Call Redirection

Hi Guys,

I am able to divert a incoming phone call from asterisk to a sip
softphone. Is it possible to redirect a call to a serial port? If so how
would I do it? I don't mind a brief explanation. There is a ppp/dialup
server listening on serial port.

Thanks,

Tim

--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] Asterisk 1.6

[Michelle Dupuis]

Take a look a SecAst from www.generationd.comhttp://www.generationd.com/


It does everything fail2ban does and more, including blocking users by 
geography (we exclude all of Asia and Africa), detection of break-in patterns 
(even if someone guessed your un/pw), detect changes in dial rates, etc.


Grab the free version - its a BIG step up from fail2ban.


-=Michelle=-?

All opions posted are my person ones.  And personnally I like generationd 
products because I work for them :)



From: asterisk-users-boun...@lists.digium.com 
asterisk-users-boun...@lists.digium.com on behalf of motty cruz 
motty.c...@gmail.com
Sent: Friday, April 4, 2014 10:00 AM
To: Asterisk Users List
Subject: [asterisk-users] Asterisk 1.6

Hello All, my asterisk server is constantly under attack

[Apr  4 06:56:00] NOTICE[21745]: chan_sip.c:25673 handle_request_register: 
Registration from '4941 sip:4941@public_ip' failed for 
'194.100.46.132[X]194.100.46.132:56714' - Wrong password
[Apr  4 06:56:00] NOTICE[21745]: chan_sip.c:25673 handle_request_register: 
Registration from '4941 sip:4941@public_ip' failed for 
'194.100.46.132[X]194.100.46.132:56714' - Wrong password
[Apr  4 06:56:00] NOTICE[21745]: chan_sip.c:25673 handle_request_register: 
Registration from '4941 sip:4941@public_ip' failed for 
'194.100.46.132[X]194.100.46.132:56714' - Wrong password
[Apr  4 06:56:00] NOTICE[21745]: chan_sip.c:25673 handle_request_register: 
Registration from '4941 sip:4941@public_ip' failed for 
'194.100.46.132[X]194.100.46.132:56714' - Wrong password
[Apr  4 06:56:00] NOTICE[21745]: chan_sip.c:25673 handle_request_register: 
Registration from '4941 sip:4941@public_ip' failed for 
'194.100.46.132[X]194.100.46.132:56714' - Wrong password

is there a way to reject their registration after a three consecutive tries?

Thanks,
Call
Send SMS
Add to Skype
You'll need Skype CreditFree via Skype
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] Asterisk 1.6

[Michelle Dupuis]

What you are saying is only open source software is safe?  You have just 
excluded most software in use in the business world.

We have installed Norton antivirus on all of our workstation; I don't think 
Symantec will ever release the source code (since that would also show 
attackers how to get around it).  Using the same logic releasing SecAst source 
would also seem foolish (and make it impossible for any commercial enterprise 
to sell software).

I understand your point of view, and if your preference is to only use open 
source software that's great.  However, that doesn't mean precompiled software 
is inherently dangerous or malevolent. 

-=Michelle=-

From: asterisk-users-boun...@lists.digium.com 
asterisk-users-boun...@lists.digium.com on behalf of A J Stiles 
asterisk_l...@earthshod.co.uk
Sent: Friday, April 4, 2014 10:38 AM
To: Asterisk Users List
Subject: Re: [asterisk-users] Asterisk 1.6

On Friday 04 Apr 2014, Michelle Dupuis wrote:
 Take a look a SecAst from www.generationd.comhttp://www.generationd.com/

 It does everything fail2ban does and more, including blocking users by
 geography (we exclude all of Asia and Africa), detection of break-in
 patterns (even if someone guessed your un/pw), detect changes in dial
 rates, etc.

 Grab the free version - its a BIG step up from fail2ban.

That link points towards a precompiled binary, which could have literally
*anything* lurking in it.  I politely advise you to back away slowly, and
break into a run when you think you are out of sight.

Precompiled binaries without Source Code should be treated like a bottle of
glowing green liquid labelled drink me, or an offer to come and look at some
puppies.  No reputable software supplier would object to showing you what is
on the inside.

--
AJS

Note:  Originating address only accepts e-mail from list!  If replying off-
list, change address to asterisk1list at earthshod dot co dot uk .

--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] Asterisk 1.6

[Michelle Dupuis]

If you know your users are all from with your country, or state, or even city, 
you could restrict geographic access in your secast.conf file like this:


ruledefault=deny

ruleexceptions=NA:CA:Ontario:|NA:US:Michigan:Detroit|::Ohio:|NA

The above would:
- By default deny all source IP's anywhere in the world
- Let in only source IP's from:
1. North America (continent), Canada (country), Ontario (region)
2. North America (continent), USA (country), Michigan (region), Detroit (city)
3. Any region called 'Ohio' anywhere in the world (not sure why you would do 
that but fun example)
4. Anywhere in North America

So you can open up your system based solely on where you know your real users 
are located.


-=Michelle=-



From: asterisk-users-boun...@lists.digium.com 
asterisk-users-boun...@lists.digium.com on behalf of motty cruz 
motty.c...@gmail.com
Sent: Friday, April 4, 2014 11:15 AM
To: Asterisk Users List
Subject: Re: [asterisk-users] Asterisk 1.6

Hello Ishfaq, outside users usually travel around the country and connect from 
different network, so it won't be possible to lock it down to specific IP.

Thanks for your support.


On Fri, Apr 4, 2014 at 8:03 AM, Ishfaq Malik 
i...@pack-net.co.ukmailto:i...@pack-net.co.uk wrote:



On 4 April 2014 15:22, motty cruz 
motty.c...@gmail.commailto:motty.c...@gmail.com wrote:
thank you all for your support. I am using Linux, I only have about 7 users 
outside our home network. I will learn fail2ban and will use it accordingly.

again Thanks for your support.



Do the 7 users outside of your home network always connect from the same IP 
addresses? If so, you can just lock down your SIP port to those 7 IPs 
explicitly in your IPTables configuration.

Another option would be to change which port you're running SIP on.


--

Ishfaq Malik
Department: VOIP Support
Company: Packnet Limited
t: +44 (0)845 004 4994tel:%2B44%20%280%29845%20004%204994
f: +44 (0)161 660 9825tel:%2B44%20%280%29161%20660%209825
e: i...@pack-net.co.ukmailto:i...@pack-net.co.uk
w: http://www.pack-net.co.ukhttp://www.pack-net.co.uk/

Registered Address: PACKNET LIMITED, Duplex 2, Ducie House
37 Ducie Street
Manchester, M1 2JW
COMPANY REG NO. 04920552


--
_
-- Bandwidth and Colocation Provided by 
http://www.api-digital.comhttp://www.api-digital.com/ --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

[asterisk-users] Commercial vs Users list (was Asterisk 1.6)

[Michelle Dupuis]

IMHO: If you're announcing a product, selling a product, etc. it belongs on the 
commercial list.  If you're asking/answering questions about Asterisk and the 
ecosystem I think you can mention commercial products too.  (We don't want to 
pretend they don't exist, and then steer users to only non-commercial products 
that might not solve their need)


So if someone asks about a GUI for asterisk,  I think we can safely talk about 
Asterisk NOW, SwitchVOX, etc. (even though these are commercial and expensive 
products).  If Digium wanted to announce a new feature for Asterisk NOW, it 
would belong on the commercial list.


Hope I didn't step into a troll trap


-=M=-
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

[asterisk-users] Best zwave controller for MH

[Michelle Dupuis]

I (canadian) store has a deal on for the vera lite controller:


http://www.tigerdirect.ca/applications/searchtools/item-Details.asp?EdpNo=8930107sku=VEP-STARTER1


but this looks different than the vera lite green  white:


http://www.amazon.com/Mi-Casa-Verde-VeraLite-Controller/dp/B007005364/ref=cm_cr_pr_product_top?


and maybe there are more zwave controllers.  Can someone (who is actually 
running Zwave+MH) comment on what the best model of controller to buy is?
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] Best zwave controller for MH

[Michelle Dupuis]

?oops...wrong list :)


From: asterisk-users-boun...@lists.digium.com 
asterisk-users-boun...@lists.digium.com on behalf of Michelle Dupuis 
mdup...@ocg.ca
Sent: Friday, March 28, 2014 5:43 PM
To: Asterisk Users List
Subject: [asterisk-users] Best zwave controller for MH


I (canadian) store has a deal on for the vera lite controller:


http://www.tigerdirect.ca/applications/searchtools/item-Details.asp?EdpNo=8930107sku=VEP-STARTER1


but this looks different than the vera lite green  white:


http://www.amazon.com/Mi-Casa-Verde-VeraLite-Controller/dp/B007005364/ref=cm_cr_pr_product_top?


and maybe there are more zwave controllers.  Can someone (who is actually 
running Zwave+MH) comment on what the best model of controller to buy is?
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] Security log format / content

[Michelle Dupuis]

Why does the failed authentication place the number dialed, instead of the 
username used, in the account field?

Any way to distinguish a failed dial attempt from a failed register attempt 
using just the security log?  (I couldn't see how looking at the log)


From: asterisk-users-boun...@lists.digium.com 
asterisk-users-boun...@lists.digium.com on behalf of Michael L. Young 
myo...@acsacc.com
Sent: Thursday, March 27, 2014 2:42 PM
To: Asterisk Users List
Subject: Re: [asterisk-users] Security log format / content

- Original Message -

 From: Michelle Dupuis mdup...@ocg.ca
 To: Asterisk Users List asterisk-users@lists.digium.com
 Sent: Thursday, March 27, 2014 12:55:21 AM
 Subject: [asterisk-users] Security log format / content

 I've noticed that the Asterisk (v11) security log captures attempts
 do dial without first authenticating, and places the number dialed
 into the accountid field.

 I'm trying to distinguish between failed attempts to register and
 attempts to dial without registering, but the security log treats
 them identically (using the accountid field for either the username
 or number dialed). I have noticed that the eventversion field is set
 to 2 for failed dial attempts, and 1 otherwise.

 Is this coincidence? Or can I rely on the eventversion=2 in the
 future to distinguish these two event types? (I've looked here:
 https://wiki.asterisk.org/wiki/display/AST/Security+Log+File+Format
 but it doesn't really help)

The eventversion field is just a way to distinguish different versions of the 
same event.  Between Asterisk 10 and 11, that particular event's logging output 
changed requiring a bump up in the version.  It should not be used to 
distinguish different events.

What do you mean by eventversion field is set to 2 for failed dial attempts, 
and 1 otherwise?  What is the event?  I have a feeling those are two different 
events.

You are correct about the events looking identical whether it is a failed 
registration or a failed dial attempt.  From the standpoint of Asterisk, an 
attempt was made to either register or place a call but the credentials failed. 
 Therefore, an InvalidPassword event is logged.

When an authorized device successfully places a call, you will only have a 
ChallengeSent entry in your log.

If an attempt to place a call is made and it does not respond back with the 
right credentials to the challenge sent to Asterisk, then you will have a 
ChallengeSent entry with a subsequent InvalidPassword.  You should be able 
to connect the two events based on the fields in those events.

If a successful attempt to register is made, you will have a ChallengeSent 
with a subsequent SuccessfulAuth.  If it is not successful, then you will 
have a ChallengeSent with a subsequent InvalidPassword.  Again, there 
should be enough information present with the other fields to help connect the 
events together.

The security events in Asterisk are designed to present the events.  It does 
not determine anything else for you.  You have to create a consumer of those 
events that can attempt to connect the dots for you.  Hopefully we are 
providing enough information for the consumer to do whatever you would like the 
consumer to do with the information.

I hope that helps.

Michael

--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

[asterisk-users] Numbers hackers call

[Michelle Dupuis]

I see a lot of attempts by hackers to call 00972595301123? or 011972595115207? 
or variations but that same 972595 is often present.


Can someone break down that dial string with an explanation?  The 011 look like 
an overseas call (from Americas), while the 972595XX is unclear...
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] Numbers hackers call

[Michelle Dupuis]

If this is to 972 area code then the next digits should be 0X or 0XX but they 
are not.  This differs from what I found documented for that area code - I 
thought someone from the region might add to the discussion.  Not sure if this 
reflected a premium service etc.  (But someone jumped in with an explanation)


I'm guessing you have nothing to add to the discussion?



From: asterisk-users-boun...@lists.digium.com 
asterisk-users-boun...@lists.digium.com on behalf of Steven Howes 
steve-li...@geekinter.net
Sent: Wednesday, March 26, 2014 12:13 PM
To: Asterisk Users List
Subject: Re: [asterisk-users] Numbers hackers call

On 26 Mar 2014, at 15:05, Michelle Dupuis 
mdup...@ocg.camailto:mdup...@ocg.ca wrote:

I see a lot of attempts by hackers to call 00972595301123? or 011972595115207? 
or variations but that same 972595 is often present.

Can someone break down that dial string with an explanation?  The 011 look like 
an overseas call (from Americas), while the 972595XX is unclear...

It's an international call to +972595XX, tried with the 00, 001 and no 
prefix What is confusing?

Steve
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

[asterisk-users] Security log format / content

[Michelle Dupuis]

I've noticed that the Asterisk (v11) security log captures attempts do dial 
without first authenticating, and places the number dialed into the accountid 
field.


I'm trying to distinguish between failed attempts to register and attempts to 
dial without registering, but the security log treats them identically (using 
the accountid field for either the username or number dialed).  I have noticed 
that the eventversion field is set to 2 for failed dial attempts, and 1 
otherwise.


Is this coincidence?  Or can I rely on the eventversion=2 in the future to 
distinguish these two event types?  (I've looked here: 
https://wiki.asterisk.org/wiki/display/AST/Security+Log+File+Format? but it 
doesn't really help)
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] Replying to Posts

[Michelle Dupuis]

After each line of text, please also dip the corner of your keyboard into your 
ink well to ensure your writing can been seen.


Calling something natural because it used to be that way isn't always correct.


-MD-


P.S. Notice how little we see PS in posts...now that we can also edit our own 
posts before clicking send.  Again, just because it used to be doesn't make it 
right...


P.P.S.  This sounds like a fun debate that will go nowhere...




From: asterisk-users-boun...@lists.digium.com 
asterisk-users-boun...@lists.digium.com on behalf of Matt Hoskins 
matt.hosk...@npgco.com
Sent: Thursday, March 13, 2014 2:46 PM
To: Asterisk Users List
Subject: Re: [asterisk-users] Replying to Posts


From: asterisk-users-boun...@lists.digium.com 
[mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of Terry Brummell
Sent: Thursday, March 13, 2014 1:44 PM
To: Asterisk Users Mailing List - Non-Commercial Discussion; 
rwhee...@artifact-software.com
Subject: Re: [asterisk-users] Replying to Posts






From: 
asterisk-users-boun...@lists.digium.commailto:asterisk-users-boun...@lists.digium.com
 [asterisk-users-boun...@lists.digium.com] on behalf of Eric Wieling 
[ewiel...@nyigc.com]
Sent: Thursday, March 13, 2014 2:27 PM
To: Asterisk Users Mailing List - Non-Commercial Discussion; 
rwhee...@artifact-software.commailto:rwhee...@artifact-software.com
Subject: Re: [asterisk-users] Replying to Posts
-Original Message-
From: 
asterisk-users-boun...@lists.digium.commailto:asterisk-users-boun...@lists.digium.com
 [mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of Steve Edwards
Sent: Thursday, March 13, 2014 1:39 PM
To: rwhee...@artifact-software.commailto:rwhee...@artifact-software.com; 
Asterisk Users Mailing List - Non-Commercial Discussion
Subject: Re: [asterisk-users] Replying to Posts

On Thu, 13 Mar 2014, Ron Wheeler wrote:

 -1
 Prefer top posting.

Your preferences are in conflict with the mailing list rules 
(http://www.asterisk.org/community/discuss), specifically #5.

It has to be all one way or the other. This is an English language list.
Thus, the natural expectation is top to bottom, left to right, answers follow 
questions.

If Digium does not like my top posting then they can remove me from the mailing 
list.  Your battle is already lost unless Outlook is banned from the mailing 
list.

This is an example of why I top post.   Who wrote what?



--
_
-- Bandwidth and Colocation Provided by 
http://www.api-digital.comhttp://www.api-digital.com/ --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users
Ditto, bottom posting is from the 90's.  We've passed that era.







Spam 
http://spamaway.npgco.com/canit/b.php?i=01LB6IUVim=74a497f24a89t=20140313c=s
 Not 
spamhttp://spamaway.npgco.com/canit/b.php?i=01LB6IUVim=74a497f24a89t=20140313c=n
Forget previous 
votehttp://spamaway.npgco.com/canit/b.php?i=01LB6IUVim=74a497f24a89t=20140313c=f
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] High Availability with Asterisk

[Michelle Dupuis]

Some food for thought:

If you use DRBD, then you will mirror corruption from one system to another.  
You also cannot selectively pick files in a folder to mirror (you will mirror a 
lot!)  As well, DRBD struggles as peers are set further apart (latency) or 
number of changes increases.

A lot of HA tools don't look deeper into Asterisk to see if/how it has failed 
(they only detected catastrophic failures).  What happens when the Asterisk 
process is alive but no longer bridging calls?

If asterisk/host processes mess up an consume huge amounts of system resources, 
most HA tools cannot respond.

As a biased recommendation, take a look at HAAst at www.generationd.com  It 
takes care of moving a shared IP between hosts as well as other features.

Michelle


(I work for Generationd :)



From: asterisk-users-boun...@lists.digium.com 
asterisk-users-boun...@lists.digium.com on behalf of Thorolf Godawa 
nos...@godawa.de
Sent: Thursday, March 6, 2014 10:21 AM
To: Asterisk Users List
Subject: [asterisk-users] High Availability with Asterisk

Hi everybody,

what are the current options to get an Asterisk-system high available?


Using two servers as active/passive with DRBD, Pacemaker/Corosync works
very good, there are no quality issues of the voice quality, even not on
high loaded servers and no problems with a lot of small packages.

But for this you need two systems for every Asterisk-system, what is not
economic in any way.


Using (para-)virtualization with Xen could be an other option, on
systems with low load this works reliable, but what happens on systems
with high load? Are there any issues known about problems with the
realtime, packet loss etc. because it runs in a VM?

The idea would be having a HA-cluster of two servers with Xen, each of
them runs one instance of an Asterisk-system in a single VM and on a
failure the VM will be restarted on the other node.

This might result in a much higher load on this node, because is runs
two VMs, but for a short period, until the other node comes back again,
it might be tolerable.


Are there other options running two Asterisk-instances parallel on one
system, each binded on it's own IP, maybe s.th. with chroot or similar?


Thanks a lot,
--

kind regards,

Thorolf

--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

[asterisk-users] Asterisk intrusion detection/prevention, georgaphic IP banning, etc. (new software)

[Michelle Dupuis]

I'm looking for some beta testers to provide feedback on an Asterisk intrusion 
detection  prevention program we're releasing soon.

As a quick overview, the program provides:
- banning based on geographic location of source IP (Continent, country, 
region, city, etc)
- detection and banning based on channels in use by a user
- detection and banning based on rate of dialing
- detection and banning based on common intrusion patterns
- exclusion of banning based on ip masks (so you don't ban your own users)
- exclusion of users/peers, etc
- monitors dials, registratoins, call volumes, activities, etc. through AMI
- and of course everything fail2ban does (and more, on steroids)
- and more

What I'm looking for in beta testers
- Must run Red Hat 6 or Ubuntu 12 (LTS), both x86_64 (this is a precompiled 
binary for obvious reasons - the pattern detection algorithm will not be 
released or described in detail)
- Must run Asterisk 1.4 through 11 (not tested against Asterisk 12 yet, but if 
your're curious maybe we add 1 beta user for this)
- Must be technical savvy (to provide us with usefull feedback)
- Ideally allow us SSH access to your test box if you find a problem
- Must capture Asterisk  system logs if you detect a problem, and send them to 
us with details.
- Speak english well enough to describe problem
- You (or your clients) run high volume Asterisk systems.
- People with ideas!  We want your suggestions and feedback...

I'm looking for users with different Asterisk versions, high call volumes, and 
ideally who are getting lots of attacks.  You can run this in PARALLEL to 
fail2ban if you want (for comfort) but this product includes all fail2ban 
functionilty (and more, on steroids).  The program is finishing alpha testing 
(no memory leaks, won't crash your system, etc) - so should be safe (with 
regular beta disclaimer of course).  It's written entirely in C and C++ so it 
does not consume a lot of system resources.

For you, you can keep and run the software as is, forever, etc (no timebombs 
etc), and you get to steer the product features to meet you (or your customers) 
needs.  While this product targets call centers, ITSP's etc. there will also be 
a free home/non-commercial version.   You would be testing free software, with 
all features, no limitations, etc.

If you are interested and fit the criteria above, please contact me off  list.

Many thanks!
Michelle

P.S.  The non-commercial free version will be under beta test, and there is no 
payment for being a beta tester (I want to ensure this post follows the rules 
for the asterisk-users-list).  Thanks.

-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] Telco with multipe SIP servers

[Michelle Dupuis]

Markus,

We are developing an Asterisk intrusion detection  prevention tool which will 
allow you to limit connections by geographic region 
(continent/country/region/city), and include/exclude IP subnets, etc.

If you are interested let me know off-list (we're looking for beta testers!).  

Michelle


From: asterisk-users-boun...@lists.digium.com 
[asterisk-users-boun...@lists.digium.com] On Behalf Of Markus Reschke 
[madi...@theca-tabellaria.de]
Sent: Sunday, February 02, 2014 9:42 AM
To: Asterisk Users List
Subject: [asterisk-users] Telco with multipe SIP servers

Hi!

My telco is Deutsche Telekom and they got about 30 SIP servers right now.
Currently I've set up a template for incoming calls in sip.conf and added
each SIP server by it's IP address like this:

[DTAG-in-1](DTAG-in-template)
host=217.0.16.103

...

[DTAG-in-30](DTAG-in-template)
host=217.0.20.99

I've done that to improve security and to be able to assign all calls
coming in via Deutsche Telekom to a dedicated dialplan context.
Unfortunately this approach is not scalable and it's a PITA to maintain a
list of server IP addresses since Deutsche Telekom will get more SIP
servers in the future. They've started to migrate the classic POTS/ISDN
network to VoIP, the goal is get it done by 2016. Customers with DSL get
VoIP directly, i.e. they need SIP phones or a SIP PBX, and customers with
a phone line only are converted by the MSAN. And they don't provide an
official list of the SIP servers :-( By some reverse engineering I found
out that all SIP servers are within a specific subnet. Is there any way to
match peers by subnet(s) instead of FQDNs or single IP addresses? If not,
it would be a feature really needed to be able to cope with telcos running
multiple or tons of SIP servers.

cu, Markus
--
/ Markus Reschke \ / madi...@theca-tabellaria.de \ / FidoNet 2:240/1661 \
\/ \ / \/

--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [Assp-test] fixes in assp 2.3.4 build 14025

[Michelle Dupuis]

Where can we download the new version?  The  latest version on the website is: 
ASSP_2.3.3_13335_install.zip 

(Which is crashing multiple times per day and driving me crazy)


From: Thomas Eckardt [thomas.ecka...@thockar.com]
Sent: Saturday, January 25, 2014 5:23 AM
To: ASSP development mailing list
Subject: [Assp-test] fixes in assp 2.3.4 build 14025

Hi all,

fixed in assp 2.3.4 build 14025:


- Reduces the memory fragmentation dramaticaly, which solves several
memory leakings. After some hours of work
  the memory usage of the Perl/assp process should stay around a stabil
level.

  The following configuration scenarios are affected:

  - HMM and Bayesian check is used
  - Groups are used and very frequently reloaded
  - very frequently configuration reload


changed:

- 'GroupsReloadEvery' is now only used, if the 'exec:' or 'ldap:' options
are used in any group definition.
  This does not affect the reload of the groups file if it was changed. In
this case all groups are reloaded.


Thomas


DISCLAIMER:
***
This email and any files transmitted with it may be confidential, legally
privileged and protected in law and are intended solely for the use of the

individual to whom it is addressed.
This email was multiple times scanned for viruses. There should be no
known virus in this email!
***
--
CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments  Everything In Between.
Get a Quote or Start a Free Trial Today. 
http://pubads.g.doubleclick.net/gampad/clk?id=119420431iu=/4140/ostg.clktrk
___
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test

[Assp-test] Constant crashes

[Michelle Dupuis]

About a month ago I moved to the latest ASSP 2 code, and also switched to MySQL 
databases for all records.  About a week ago ASSP started crashing once a day, 
now it's a few times a day.

I've included the perl dump below in case that helps...but can someone help me 
resolve this?  I have no idea where to begin (I don't know perl 
unfortuinately)...

p - next: Sat Jan 25 13:30:50 2014 terminated
=== Backtrace: =
/lib64/libc.so.6(__fortify_fail+0x37)[0x37a9d01d47]
/lib64/libc.so.6(__fortify_fail+0x0)[0x37a9d01d10]
/usr/lib64/perl5/CORE/libperl.so[0x3aad310635]
/usr/lib64/perl5/CORE/libperl.so(Perl_to_utf8_fold+0x22)[0x3aad310662]
/usr/lib64/perl5/CORE/libperl.so(Perl_ibcmp_utf8+0x1f4)[0x3aad3108f4]
/usr/lib64/perl5/CORE/libperl.so[0x3aad30433f]
/usr/lib64/perl5/CORE/libperl.so(Perl_regexec_flags+0xfd5)[0x3aad30cb65]
/usr/lib64/perl5/CORE/libperl.so(Perl_pp_match+0x2ed)[0x3aad2aaf3d]
/usr/lib64/perl5/CORE/libperl.so(Perl_runops_standard+0x16)[0x3aad2a4b06]
/usr/lib64/perl5/CORE/libperl.so(Perl_call_sv+0x4cf)[0x3aad24c5df]
/usr/local/lib64/perl5/auto/threads/threads.so(+0x69f9)[0x7ff6f63799f9]
/lib64/libpthread.so.0[0x37aa007851]
/lib64/libc.so.6(clone+0x6d)[0x37a9ce811d]
=== Memory map: 
--
CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments  Everything In Between.
Get a Quote or Start a Free Trial Today. 
http://pubads.g.doubleclick.net/gampad/clk?id=119420431iu=/4140/ostg.clktrk
___
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test

Re: [asterisk-users] AMI eventmask question

[Michelle Dupuis]

That's an interesting link - I didn't know you could set a per user eventfilter 
in the conf file

However, I'm hoping to do this in the AMI connection for more flexibility.  
Upon login, you can specify the event mask to restrict the type of events sent 
over the AMI connection.  Looking through the Asterisk code I think Newchannel 
falls under the 'call' event flag...but it would be nice to restrict this even 
further (since lots of events fall under 'call').

From: asterisk-users-boun...@lists.digium.com 
[asterisk-users-boun...@lists.digium.com] On Behalf Of Daniel Jenkins 
[dan.jenkin...@gmail.com]
Sent: Thursday, January 23, 2014 9:03 AM
To: Asterisk Users List
Subject: Re: [asterisk-users] AMI eventmask question



On Thu, Jan 23, 2014 at 3:25 AM, Michelle Dupuis 
mdup...@ocg.camailto:mdup...@ocg.ca wrote:

Hi

I'm creating an AMI client and I only want to get newchannel events (as well as 
responses to any actions I initiate).  What would I set the eventmask to to 
only get the newchannel events?

Are you talking about the event filter in manager.conf?

Using event filters you can say if you want to receive an event or not, 
specific to the event, instead of the classification of system/call etc

Take a look at the event filters in this blog post and you'll see what I mean,

http://hungrygeek.holidayextras.co.uk/2012/05/14/elastix-apply-configuration-changes-problem/



For anyone else looking...is there a table somewhere online that maps events to 
their eventmask categories?  I checked the asterisk wiki and voip-info but 
can't find this...


Dan



-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] AMI eventmask question

[Michelle Dupuis]

Thanks - I've been through that doc before and couldn't find the info needed, 
which is why I went to the source code eventually.

All events are grouped, and each group is given a name/flag like 'system', 
'call', etc.  The docs just don't say which events are in which group/flag.

Perhaps something Digium could add at some point :)

From: asterisk-users-boun...@lists.digium.com 
[asterisk-users-boun...@lists.digium.com] On Behalf Of Daniel Jenkins 
[dan.jenkin...@gmail.com]
Sent: Thursday, January 23, 2014 10:25 AM
To: Asterisk Users List
Subject: Re: [asterisk-users] AMI eventmask question




On Thu, Jan 23, 2014 at 3:06 PM, Michelle Dupuis 
mdup...@ocg.camailto:mdup...@ocg.ca wrote:
That's an interesting link - I didn't know you could set a per user eventfilter 
in the conf file

However, I'm hoping to do this in the AMI connection for more flexibility.  
Upon login, you can specify the event mask to restrict the type of events sent 
over the AMI connection.  Looking through the Asterisk code I think Newchannel 
falls under the 'call' event flag...but it would be nice to restrict this even 
further (since lots of events fall under 'call').

Ah, I remember what you're talking about now

https://wiki.asterisk.org/wiki/display/AST/Asterisk+12+ManagerAction_Events

That's the link to the Asterisk 12 AMI docs, the specs changed in 12 and some 
events are different but it's the best docs available for the AMI in my opinion 
- the specs didn't change much at all.

So in answer to your question, using EventMask, I don't think this is possible 
as EventMask only works with those blocks of permissions, like call and 
security. If you wanted to only get the one event type then you'd need to do 
that in manager.conf - I may be wrong on that, I haven't looked at the source 
code or anything but from what the docs say, and the docs are generated from 
the source code now, you can only specifiy those larger blocks,

Hope I've helped,

Dan



From: 
asterisk-users-boun...@lists.digium.commailto:asterisk-users-boun...@lists.digium.com
 
[asterisk-users-boun...@lists.digium.commailto:asterisk-users-boun...@lists.digium.com]
 On Behalf Of Daniel Jenkins 
[dan.jenkin...@gmail.commailto:dan.jenkin...@gmail.com]
Sent: Thursday, January 23, 2014 9:03 AM
To: Asterisk Users List
Subject: Re: [asterisk-users] AMI eventmask question



On Thu, Jan 23, 2014 at 3:25 AM, Michelle Dupuis 
mdup...@ocg.camailto:mdup...@ocg.ca wrote:

Hi

I'm creating an AMI client and I only want to get newchannel events (as well as 
responses to any actions I initiate).  What would I set the eventmask to to 
only get the newchannel events?

Are you talking about the event filter in manager.conf?

Using event filters you can say if you want to receive an event or not, 
specific to the event, instead of the classification of system/call etc

Take a look at the event filters in this blog post and you'll see what I mean,

http://hungrygeek.holidayextras.co.uk/2012/05/14/elastix-apply-configuration-changes-problem/



For anyone else looking...is there a table somewhere online that maps events to 
their eventmask categories?  I checked the asterisk wiki and voip-info but 
can't find this...


Dan




--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] core show channels truncates channel names?

[Michelle Dupuis]

Thanks that's perfect!

I would use the AMI but I have to run against Asterisk 1.4 and the ami command 
'coreshowchannels' didn't appear until Asterisk 1.6


From: asterisk-users-boun...@lists.digium.com 
[asterisk-users-boun...@lists.digium.com] On Behalf Of Richard Mudgett 
[rmudg...@digium.com]
Sent: Tuesday, January 21, 2014 6:12 PM
To: Asterisk Users List
Subject: Re: [asterisk-users] core show channels truncates channel names?




On Tue, Jan 21, 2014 at 3:39 PM, Michelle Dupuis 
mdup...@ocg.camailto:mdup...@ocg.ca wrote:
When I issue a 'core show channels' command I notice that long usernames (and 
channel number) are truncated.  For example, if the username is 
FONEMITEL1234567890 for a trunk, then it will show

SIP
Privilege: Command
Channel  Location State   Application(Data)
IAX2/FONEMITEL123456 1296197222@entryhomemailto:1296197222@entryhome Ringing 
AppDial((Outgoing Line))
SIP/200-093e4998s@macro-dialexternalmailto:s@macro-dialexternal Ring  
  Dial(IAX2/FONEMITEL1234567890/
2 active channels
1 active call
How can I get the full username of all active channels?  (I realize I can use 
the AMI but trying to avoid that)

Note that the above output is generated on an Ast 1.4 system

Use core show channels concise.  It was intended for script querying of the 
channels.
However, you really should AMI actions where possible as they are not likely to 
change
from version to version where CLI commands can and do change.

Richard

-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

[asterisk-users] type=peer vs type=user (depricated?)

[Michelle Dupuis]

I'm looking at setting type=peer vs type=user (in both IAX and SIP conf 
entries), and I found a comment attributed to digium 
(http://www.voip-info.org/wiki/view/Asterisk+SIP+user+vs+peer) in 2005 that 
type=user is depricated and that we should only use type=peer

Is that still correct?  Will type=user be phased out, and should even new 
installs of older asterisk versions (eg: 1.6) use type=peer only?

Are people still using type=user for phone sets?  (and type=peer for 
upstream/trunks only)
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

[asterisk-users] AMI eventmask question

[Michelle Dupuis]

I'm creating an AMI client and I only want to get newchannel events (as well as 
responses to any actions I initiate).  What would I set the eventmask to to 
only get the newchannel events?

For anyone else looking...is there a table somewhere online that maps events to 
their eventmask categories?  I checked the asterisk wiki and voip-info but 
can't find this...
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

[Assp-test] 2.3.3 keeps crashing

[Michelle Dupuis]

I saw yesterday that someone else had the same problem.  I managed to capture a 
traceback (below) - hopefully that helps diagnose the problems.

# *** stack smashing detected ***: /usr/bin/perl /usr/local/assp/assp.pl 
MainLoop - next: Tue Jan 21 18:23:15 2014 terminated
=== Backtrace: =
/lib64/libc.so.6(__fortify_fail+0x37)[0x37a9d01d47]
/lib64/libc.so.6(__fortify_fail+0x0)[0x37a9d01d10]
/usr/lib64/perl5/CORE/libperl.so[0x3aad310635]
/usr/lib64/perl5/CORE/libperl.so(Perl_to_utf8_fold+0x22)[0x3aad310662]
/usr/lib64/perl5/CORE/libperl.so(Perl_ibcmp_utf8+0x1f4)[0x3aad3108f4]
/usr/lib64/perl5/CORE/libperl.so[0x3aad30433f]
/usr/lib64/perl5/CORE/libperl.so(Perl_regexec_flags+0xfd5)[0x3aad30cb65]
/usr/lib64/perl5/CORE/libperl.so(Perl_pp_match+0x2ed)[0x3aad2aaf3d]
/usr/lib64/perl5/CORE/libperl.so(Perl_runops_standard+0x16)[0x3aad2a4b06]
/usr/lib64/perl5/CORE/libperl.so(Perl_call_sv+0x4cf)[0x3aad24c5df]
/usr/local/lib64/perl5/auto/threads/threads.so(+0x69f9)[0x7f0f567c79f9]
/lib64/libpthread.so.0[0x37aa007851]
/lib64/libc.so.6(clone+0x6d)[0x37a9ce811d]
=== Memory map: 
0040-00402000 r-xp  08:02 402554 
/usr/bin/perl
00601000-00603000 rw-p 1000 08:02 402554 
/usr/bin/perl
01dff000-178db000 rw-p  00:00 0  [heap]
3495c0-3495c16000 r-xp  08:02 1438858
/lib64/libnsl-2.12.so
3495c16000-3495e15000 ---p 00016000 08:02 1438858
/lib64/libnsl-2.12.so
3495e15000-3495e16000 r--p 00015000 08:02 1438858
/lib64/libnsl-2.12.so
3495e16000-3495e17000 rw-p 00016000 08:02 1438858
/lib64/libnsl-2.12.so
3495e17000-3495e19000 rw-p  00:00 0
37a940-37a942 r-xp  08:02 1438424
/lib64/ld-2.12.so
37a961f000-37a962 r--p 0001f000 08:02 1438424
/lib64/ld-2.12.so
37a962-37a9621000 rw-p 0002 08:02 1438424
/lib64/ld-2.12.so
37a9621000-37a9622000 rw-p  00:00 0
37a980-37a9802000 r-xp  08:02 1438457
/lib64/libdl-2.12.so
37a9802000-37a9a02000 ---p 2000 08:02 1438457
/lib64/libdl-2.12.so
37a9a02000-37a9a03000 r--p 2000 08:02 1438457
/lib64/libdl-2.12.so
37a9a03000-37a9a04000 rw-p 3000 08:02 1438457
/lib64/libdl-2.12.so
37a9c0-37a9d89000 r-xp  08:02 1438425
/lib64/libc-2.12.so
37a9d89000-37a9f89000 ---p 00189000 08:02 1438425
/lib64/libc-2.12.so
37a9f89000-37a9f8d000 r--p 00189000 08:02 1438425
/lib64/libc-2.12.so
37a9f8d000-37a9f8e000 rw-p 0018d000 08:02 1438425
/lib64/libc-2.12.so
37a9f8e000-37a9f93000 rw-p  00:00 0
37aa00-37aa017000 r-xp  08:02 1438453
/lib64/libpthread-2.12.so
37aa017000-37aa217000 ---p 00017000 08:02 1438453
/lib64/libpthread-2.12.so
37aa217000-37aa218000 r--p 00017000 08:02 1438453
/lib64/libpthread-2.12.so
37aa218000-37aa219000 rw-p 00018000 08:02 1438453
/lib64/libpthread-2.12.so
37aa219000-37aa21d000 rw-p  00:00 0
37aa80-37aa883000 r-xp  08:02 1438542
/lib64/libm-2.12.so
37aa883000-37aaa82000 ---p 00083000 08:02 1438542
/lib64/libm-2.12.so
37aaa82000-37aaa83000 r--p 00082000 08:02 1438542
/lib64/libm-2.12.so
37aaa83000-37aaa84000 rw-p 00083000 08:02 1438542
/lib64/libm-2.12.so
37aac0-37aac07000 r-xp  08:02 1438456
/lib64/librt-2.12.so
37aac07000-37aae06000 ---p 7000 08:02 1438456
/lib64/librt-2.12.so
37aae06000-37aae07000 r--p 6000 08:02 1438456
/lib64/librt-2.12.so
37aae07000-37aae08000 rw-p 7000 08:02 1438456
/lib64/librt-2.12.so
37ab00-37ab01d000 r-xp  08:02 1438610
/lib64/libselinux.so.1 (deleted)
37ab01d000-37ab21c000 ---p 0001d000 08:02 1438610
/lib64/libselinux.so.1 (deleted)
37ab21c000-37ab21d000 r--p 0001c000 08:02 1438610
/lib64/libselinux.so.1 (deleted)
37ab21d000-37ab21e000 rw-p 0001d000 08:02 1438610
/lib64/libselinux.so.1 (deleted)
37ab21e000-37ab21f000 rw-p  00:00 0
37ab80-37ab816000 r-xp  08:02 1438697
/lib64/libresolv-2.12.so
37ab816000-37aba16000 ---p 00016000 08:02 1438697
/lib64/libresolv-2.12.so
37aba16000-37aba17000 r--p 00016000 08:02 1438697
/lib64/libresolv-2.12.so
37aba17000-37aba18000 rw-p 00017000 08:02 1438697
/lib64/libresolv-2.12.so
37aba18000-37aba1a000 

[asterisk-users] AMI version to Asterisk version mapping

[Michelle Dupuis]

Is there a mapping of AMI versions to Asterisk versions?

eg:
AMI 1.0 = Ast 1.4
AMI 1.1 = Ast 1.6

etc...
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

[asterisk-users] core show channels truncates channel names?

[Michelle Dupuis]

When I issue a 'core show channels' command I notice that long usernames (and 
channel number) are truncated.  For example, if the username is 
FONEMITEL1234567890 for a trunk, then it will show

SIP
Privilege: Command
Channel  Location State   Application(Data)
IAX2/FONEMITEL123456 1296197222@entryhomemailto:1296197222@entryhome Ringing 
AppDial((Outgoing Line))
SIP/200-093e4998s@macro-dialexternalmailto:s@macro-dialexternal Ring  
  Dial(IAX2/FONEMITEL1234567890/
2 active channels
1 active call
How can I get the full username of all active channels?  (I realize I can use 
the AMI but trying to avoid that)

Note that the above output is generated on an Ast 1.4 system
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

[Assp-test] stack smashing detected

[Michelle Dupuis]

I recently upgraded to the latest version of assp, and upgraded my perl as well 
(due to assp shutting down at night).  Now I seem to get a more sever crash - 
coinciding with running the rebuildspamdb.

Can someone help with how to fix?  I downloaded only the latest assp.pl  (do I 
need to download/install all of the latest files with it?)...not sure how to 
proceed


*** stack smashing detected ***: /usr/bin/perl /usr/local/assp/assp.pl MainLoop 
- next: Fri Dec 27 11:07:40 2013 terminated
=== Backtrace: =
/lib64/libc.so.6(__fortify_fail+0x37)[0x37a9d01d47]
/lib64/libc.so.6(__fortify_fail+0x0)[0x37a9d01d10]
/usr/lib64/perl5/CORE/libperl.so[0x3aad310635]
/usr/lib64/perl5/CORE/libperl.so(Perl_to_utf8_fold+0x22)[0x3aad310662]
/usr/lib64/perl5/CORE/libperl.so(Perl_ibcmp_utf8+0x1f4)[0x3aad3108f4]
/usr/lib64/perl5/CORE/libperl.so[0x3aad30433f]
/usr/lib64/perl5/CORE/libperl.so(Perl_regexec_flags+0xfd5)[0x3aad30cb65]
/usr/lib64/perl5/CORE/libperl.so(Perl_pp_match+0x2ed)[0x3aad2aaf3d]
/usr/lib64/perl5/CORE/libperl.so(Perl_runops_standard+0x16)[0x3aad2a4b06]
/usr/lib64/perl5/CORE/libperl.so(Perl_call_sv+0x4cf)[0x3aad24c5df]
/usr/local/lib64/perl5/auto/threads/threads.so(+0x69f9)[0x7f2ea904d9f9]
/lib64/libpthread.so.0[0x37aa007851]
/lib64/libc.so.6(clone+0x6d)[0x37a9ce811d]
=== Memory map: 
0040-00402000 r-xp  08:02 402554 
/usr/bin/perl
00601000-00603000 rw-p 1000 08:02 402554 
/usr/bin/perl
00bc7000-252bb000 rw-p  00:00 0  [heap]
3495c0-3495c16000 r-xp  08:02 1438858
/lib64/libnsl-2.12.so
3495c16000-3495e15000 ---p 00016000 08:02 1438858
/lib64/libnsl-2.12.so
3495e15000-3495e16000 r--p 00015000 08:02 1438858
/lib64/libnsl-2.12.so
3495e16000-3495e17000 rw-p 00016000 08:02 1438858
/lib64/libnsl-2.12.so
3495e17000-3495e19000 rw-p  00:00 0
37a940-37a942 r-xp  08:02 1438424
/lib64/ld-2.12.so
37a961f000-37a962 r--p 0001f000 08:02 1438424
/lib64/ld-2.12.so
37a962-37a9621000 rw-p 0002 08:02 1438424
/lib64/ld-2.12.so
37a9621000-37a9622000 rw-p  00:00 0
37a980-37a9802000 r-xp  08:02 1438457
/lib64/libdl-2.12.so
37a9802000-37a9a02000 ---p 2000 08:02 1438457
/lib64/libdl-2.12.so
37a9a02000-37a9a03000 r--p 2000 08:02 1438457
/lib64/libdl-2.12.so
37a9a03000-37a9a04000 rw-p 3000 08:02 1438457
/lib64/libdl-2.12.so
37a9c0-37a9d89000 r-xp  08:02 1438425
/lib64/libc-2.12.so
37a9d89000-37a9f89000 ---p 00189000 08:02 1438425
/lib64/libc-2.12.so
37a9f89000-37a9f8d000 r--p 00189000 08:02 1438425
/lib64/libc-2.12.so
37a9f8d000-37a9f8e000 rw-p 0018d000 08:02 1438425
/lib64/libc-2.12.so
37a9f8e000-37a9f93000 rw-p  00:00 0
37aa00-37aa017000 r-xp  08:02 1438453
/lib64/libpthread-2.12.so
37aa017000-37aa217000 ---p 00017000 08:02 1438453
/lib64/libpthread-2.12.so
37aa217000-37aa218000 r--p 00017000 08:02 1438453
/lib64/libpthread-2.12.so
37aa218000-37aa219000 rw-p 00018000 08:02 1438453
/lib64/libpthread-2.12.so
37aa219000-37aa21d000 rw-p  00:00 0
37aa80-37aa883000 r-xp  08:02 1438542
/lib64/libm-2.12.so
37aa883000-37aaa82000 ---p 00083000 08:02 1438542
/lib64/libm-2.12.so
37aaa82000-37aaa83000 r--p 00082000 08:02 1438542
/lib64/libm-2.12.so
37aaa83000-37aaa84000 rw-p 00083000 08:02 1438542
/lib64/libm-2.12.so
37aac0-37aac07000 r-xp  08:02 1438456
/lib64/librt-2.12.so
37aac07000-37aae06000 ---p 7000 08:02 1438456
/lib64/librt-2.12.so
37aae06000-37aae07000 r--p 6000 08:02 1438456
/lib64/librt-2.12.so
37aae07000-37aae08000 rw-p 7000 08:02 1438456
/lib64/librt-2.12.so
37ab00-37ab01d000 r-xp  08:02 1438610
/lib64/libselinux.so.1
37ab01d000-37ab21c000 ---p 0001d000 08:02 1438610
/lib64/libselinux.so.1
37ab21c000-37ab21d000 r--p 0001c000 08:02 1438610
/lib64/libselinux.so.1
37ab21d000-37ab21e000 rw-p 0001d000 08:02 1438610
/lib64/libselinux.so.1
37ab21e000-37ab21f000 rw-p  00:00 0
37ab80-37ab816000 r-xp  08:02 1438697
/lib64/libresolv-2.12.so
37ab816000-37aba16000 ---p 00016000 08:02 1438697
/lib64/libresolv-2.12.so
37aba16000-37aba17000 r--p 00016000 

[Assp-test] Does ASSP generate a 550 response?

[Michelle Dupuis]

Does ASSP ever generate 550 responses to foreign mail systems sending in mail?  
Or only the mail host behind ASSP?   (I have exchange 2007 sitting behind ASSP 
in case it matters)

The reason I'm asking is that I see the occasional 550's in my ASSP log as 
shown below.  I've disguised the domain and username in the log below, but they 
are valid, and on my domain.  Other mail to this same user usually comes in 
fine.

Can someone tell me the source of this 550 ?  This is really messing up 
upstream MTA's and I need to stop this behaviour quickly.

THANKS!


Dec-23-13 11:03:07 m1-14587-30487 [Worker_1] 64.182.103.22 
me...@fpbroadcast.commailto:me...@fpbroadcast.com info: found message size 
announcement: 25.96 kBy
Dec-23-13 11:03:07 m1-14587-30487 [Worker_1] 64.182.103.22 
me...@fpbroadcast.commailto:me...@fpbroadcast.com [SMTP Error] 550 mailbox 
for myusern...@mydomain.camailto:myusern...@mydomain.ca is
Dec-23-13 11:03:07 m1-14587-30487 [Worker_1] [PersonalBlack] 64.182.103.22 
me...@fpbroadcast.commailto:me...@fpbroadcast.com to: 
myusern...@mydomain.camailto:myusern...@mydomain.ca [spam found] (
--
Rapidly troubleshoot problems before they affect your business. Most IT 
organizations don't have a clear picture of how application performance 
affects their revenue. With AppDynamics, you get 100% visibility into your 
Java,.NET,  PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro!
http://pubads.g.doubleclick.net/gampad/clk?id=84349831iu=/4140/ostg.clktrk
___
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test

Re: [Assp-test] Does ASSP generate a 550 response?

[Michelle Dupuis]

My paste chopped off a few chars, the error in the log is mailbox is 
unavailable.  (in case that helps)


From: Michelle Dupuis
Sent: Monday, December 23, 2013 5:05 PM
To: assp-test@lists.sourceforge.net
Subject: Does ASSP generate a 550 response?

Does ASSP ever generate 550 responses to foreign mail systems sending in mail?  
Or only the mail host behind ASSP?   (I have exchange 2007 sitting behind ASSP 
in case it matters)

The reason I'm asking is that I see the occasional 550's in my ASSP log as 
shown below.  I've disguised the domain and username in the log below, but they 
are valid, and on my domain.  Other mail to this same user usually comes in 
fine.

Can someone tell me the source of this 550 ?  This is really messing up 
upstream MTA's and I need to stop this behaviour quickly.

THANKS!


Dec-23-13 11:03:07 m1-14587-30487 [Worker_1] 64.182.103.22 
me...@fpbroadcast.commailto:me...@fpbroadcast.com info: found message size 
announcement: 25.96 kBy
Dec-23-13 11:03:07 m1-14587-30487 [Worker_1] 64.182.103.22 
me...@fpbroadcast.commailto:me...@fpbroadcast.com [SMTP Error] 550 mailbox 
for myusern...@mydomain.camailto:myusern...@mydomain.ca is
Dec-23-13 11:03:07 m1-14587-30487 [Worker_1] [PersonalBlack] 64.182.103.22 
me...@fpbroadcast.commailto:me...@fpbroadcast.com to: 
myusern...@mydomain.camailto:myusern...@mydomain.ca [spam found] (
--
Rapidly troubleshoot problems before they affect your business. Most IT 
organizations don't have a clear picture of how application performance 
affects their revenue. With AppDynamics, you get 100% visibility into your 
Java,.NET,  PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro!
http://pubads.g.doubleclick.net/gampad/clk?id=84349831iu=/4140/ostg.clktrk
___
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test

Re: [asterisk-users] IAX2 bridge failing

[Michelle Dupuis]

No - but this is a new setup so I can't say it worked before...it just isn't 
working from the start.

I've found the call setup works and once bridged there is one way audio (to the 
ATA, none from the ATA).  And the the connection drops after 30 secs approx 
because something on the path (or endpoint) realizes something is wrong...


From: asterisk-users-boun...@lists.digium.com 
[asterisk-users-boun...@lists.digium.com] On Behalf Of Steven Davis 
[stda...@multiservice.com]
Sent: Sunday, December 15, 2013 12:41 AM
To: Asterisk Users List
Subject: Re: [asterisk-users] IAX2 bridge failing

Did you change your network switch recently?  Some Digium IAX ATAs do not 
behave well with Cisco equipment.


On Sat, Dec 14, 2013 at 10:26 PM, Michelle Dupuis 
mdup...@ocg.camailto:mdup...@ocg.ca wrote:
meant to say restart didn't help either..


From: 
asterisk-users-boun...@lists.digium.commailto:asterisk-users-boun...@lists.digium.com
 
[asterisk-users-boun...@lists.digium.commailto:asterisk-users-boun...@lists.digium.com]
 On Behalf Of Michelle Dupuis [mdup...@ocg.camailto:mdup...@ocg.ca]
Sent: Saturday, December 14, 2013 11:20 PM
To: Asterisk Users List
Subject: Re: [asterisk-users] IAX2 bridge failing

Ok just restart

-Original Message-
From: 
asterisk-users-boun...@lists.digium.commailto:asterisk-users-boun...@lists.digium.com
 
[mailto:asterisk-users-boun...@lists.digium.commailto:asterisk-users-boun...@lists.digium.com]
 On Behalf Of Michelle Dupuis
Sent: Friday, December 13, 2013 11:46 AM
To: Asterisk Users List
Subject: Re: [asterisk-users] IAX2 bridge failing

I tried transfer=no, transfer=yer, and transfer=mediaonly (with a reload 
inbetween)same result

I agree it sounds like something either end is using the wrong IP/port address 
somewhere in the call (yet signalling works fine).

Anything else to suggest?  I was hoping for an externalip type setting but not 
in iax2 (at least not in 1.4.x.x) 
From: 
asterisk-users-boun...@lists.digium.commailto:asterisk-users-boun...@lists.digium.com
 
[asterisk-users-boun...@lists.digium.commailto:asterisk-users-boun...@lists.digium.com]
 On Behalf Of Joshua Colp [jc...@digium.commailto:jc...@digium.com]
Sent: Friday, December 13, 2013 11:44 AM
To: Asterisk Users List
Subject: Re: [asterisk-users] IAX2 bridge failing

Michelle Dupuis wrote:
 Some more details...I noticed that the call is bridged, and audio goes
 one way. However, the dial command still times out after 35 seconds
 (approx), and exists non-zero.
 While the channels are up, I did an core show channel xxx and found
 Blocking in:
 ast_waitfor_nandfds
 Is this a bug? Or something I can fix through config?

Hola,

Set transfer=no under the entries in iax.conf for the peers/users/friends/etc 
in question, reload, retry, and see if that changes the behavior. If it does 
then something involved may not like
IAX2 native transfers.

Cheers,

--
Joshua Colp
Digium, Inc. | Senior Software Developer
445 Jan Davis Drive NW - Huntsville, AL 35806 - USA Check us out at:  
www.digium.comhttp://www.digium.com   
www.asterisk.orghttp://www.asterisk.org

--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to 
Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users
--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to 
Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users
--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users



--
Steven Davis
VoIP Engineer
Multi Service

+1-913-663-9748 o
+1-913-871-5155 m

stda...@multiservice.commailto:stda...@multiservice.com

[http://www.multiservice.com/assets/images/logos/ms_email_no_tagline.png]http

Re: [asterisk-users] IAX2 bridge failing

[Michelle Dupuis]

Ok just restart

-Original Message-
From: asterisk-users-boun...@lists.digium.com 
[mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of Michelle Dupuis
Sent: Friday, December 13, 2013 11:46 AM
To: Asterisk Users List
Subject: Re: [asterisk-users] IAX2 bridge failing

I tried transfer=no, transfer=yer, and transfer=mediaonly (with a reload 
inbetween)same result

I agree it sounds like something either end is using the wrong IP/port address 
somewhere in the call (yet signalling works fine).

Anything else to suggest?  I was hoping for an externalip type setting but not 
in iax2 (at least not in 1.4.x.x) 
From: asterisk-users-boun...@lists.digium.com 
[asterisk-users-boun...@lists.digium.com] On Behalf Of Joshua Colp 
[jc...@digium.com]
Sent: Friday, December 13, 2013 11:44 AM
To: Asterisk Users List
Subject: Re: [asterisk-users] IAX2 bridge failing

Michelle Dupuis wrote:
 Some more details...I noticed that the call is bridged, and audio goes 
 one way. However, the dial command still times out after 35 seconds 
 (approx), and exists non-zero.
 While the channels are up, I did an core show channel xxx and found 
 Blocking in:
 ast_waitfor_nandfds
 Is this a bug? Or something I can fix through config?

Hola,

Set transfer=no under the entries in iax.conf for the peers/users/friends/etc 
in question, reload, retry, and see if that changes the behavior. If it does 
then something involved may not like
IAX2 native transfers.

Cheers,

--
Joshua Colp
Digium, Inc. | Senior Software Developer
445 Jan Davis Drive NW - Huntsville, AL 35806 - USA Check us out at:  
www.digium.com   www.asterisk.org

--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to 
Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users
--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to 
Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] IAX2 bridge failing

[Michelle Dupuis]

meant to say restart didn't help either..


From: asterisk-users-boun...@lists.digium.com 
[asterisk-users-boun...@lists.digium.com] On Behalf Of Michelle Dupuis 
[mdup...@ocg.ca]
Sent: Saturday, December 14, 2013 11:20 PM
To: Asterisk Users List
Subject: Re: [asterisk-users] IAX2 bridge failing

Ok just restart

-Original Message-
From: asterisk-users-boun...@lists.digium.com 
[mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of Michelle Dupuis
Sent: Friday, December 13, 2013 11:46 AM
To: Asterisk Users List
Subject: Re: [asterisk-users] IAX2 bridge failing

I tried transfer=no, transfer=yer, and transfer=mediaonly (with a reload 
inbetween)same result

I agree it sounds like something either end is using the wrong IP/port address 
somewhere in the call (yet signalling works fine).

Anything else to suggest?  I was hoping for an externalip type setting but not 
in iax2 (at least not in 1.4.x.x) 
From: asterisk-users-boun...@lists.digium.com 
[asterisk-users-boun...@lists.digium.com] On Behalf Of Joshua Colp 
[jc...@digium.com]
Sent: Friday, December 13, 2013 11:44 AM
To: Asterisk Users List
Subject: Re: [asterisk-users] IAX2 bridge failing

Michelle Dupuis wrote:
 Some more details...I noticed that the call is bridged, and audio goes
 one way. However, the dial command still times out after 35 seconds
 (approx), and exists non-zero.
 While the channels are up, I did an core show channel xxx and found
 Blocking in:
 ast_waitfor_nandfds
 Is this a bug? Or something I can fix through config?

Hola,

Set transfer=no under the entries in iax.conf for the peers/users/friends/etc 
in question, reload, retry, and see if that changes the behavior. If it does 
then something involved may not like
IAX2 native transfers.

Cheers,

--
Joshua Colp
Digium, Inc. | Senior Software Developer
445 Jan Davis Drive NW - Huntsville, AL 35806 - USA Check us out at:  
www.digium.com   www.asterisk.org

--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to 
Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users
--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to 
Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] IAX2 bridge failing

[Michelle Dupuis]

I tried transfer=no, transfer=yer, and transfer=mediaonly (with a reload 
inbetween)same result

I agree it sounds like something either end is using the wrong IP/port address 
somewhere in the call (yet signalling works fine).

Anything else to suggest?  I was hoping for an externalip type setting but not 
in iax2 (at least not in 1.4.x.x)

From: asterisk-users-boun...@lists.digium.com 
[asterisk-users-boun...@lists.digium.com] On Behalf Of Joshua Colp 
[jc...@digium.com]
Sent: Friday, December 13, 2013 11:44 AM
To: Asterisk Users List
Subject: Re: [asterisk-users] IAX2 bridge failing

Michelle Dupuis wrote:
 Some more details...I noticed that the call is bridged, and audio goes
 one way. However, the dial command still times out after 35 seconds
 (approx), and exists non-zero.
 While the channels are up, I did an core show channel xxx and found
 Blocking in:
 ast_waitfor_nandfds
 Is this a bug? Or something I can fix through config?

Hola,

Set transfer=no under the entries in iax.conf for the
peers/users/friends/etc in question, reload, retry, and see if that
changes the behavior. If it does then something involved may not like
IAX2 native transfers.

Cheers,

--
Joshua Colp
Digium, Inc. | Senior Software Developer
445 Jan Davis Drive NW - Huntsville, AL 35806 - USA
Check us out at:  www.digium.com   www.asterisk.org

--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] IAX2 bridge failing

[Michelle Dupuis]

Some more details...I noticed that the call is bridged, and audio goes one way. 
 However, the dial command still times out after 35 seconds (approx), and 
exists non-zero.

While the channels are up, I did an core show channel xxx and found Blocking in:
ast_waitfor_nandfds

Is this a bug?  Or something I can fix through config?


From: asterisk-users-boun...@lists.digium.com 
[asterisk-users-boun...@lists.digium.com] On Behalf Of Michelle Dupuis 
[mdup...@ocg.ca]
Sent: Thursday, December 12, 2013 5:08 PM
To: Asterisk Users List
Subject: [asterisk-users] IAX2 bridge failing

I am trying to connect an IAX ATA to an Asterisk 1.4.21.2 system.  The Asterisk 
system has been stable for years, and has no trouble bridge SIP phone sets to 
IAX trunks.

When I initiate a call from the IAX ATA, something goes wrong.One rare 
occasion it works fine, but usually there is no audio passed.  I have a snippet 
of the console below.  Notice no bridging message...not sure if that's a clue?  
The dialplan seems to execute properly, and I can watch the destination system 
which answers the call and starts playing media (monkeys) which I don't hear.

Any ideas on what is going on?  Since this is IAX in and IAX out, NAT should 
not be an issue (even through there is NAT on both sides).  Since media moves 
on the same UDP port as call setup, also proves should not be a network problem 
(I think)

Can someone point me to a solution?

Thanks!


(IP's and ISP and phone number disguised)

- Executing [s@macro-dialexternal:57] GotoIf(IAX2/S-14468, 1?dialnormal) in 
new stack
-- Goto (macro-dialexternal,s,60)
-- Executing [s@macro-dialexternal:60] Dial(IAX2/S-14468, 
IAX2/ISP123/1234567890|60|W) in new stack
-- Called ISP123/1234567890
-- Call accepted by 201.191.37.138 (format ulaw)
-- Format for call is ulaw
-- IAX2/ISP123-2261 answered IAX2/S-14468
-- Channel 'IAX2/S-14468' ready to transfer
-- Channel 'IAX2/ISP123-2261' ready to transfer
-- Hungup 'IAX2/ISP123-2261'
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

[asterisk-users] IAX2 bridge failing

[Michelle Dupuis]

I am trying to connect an IAX ATA to an Asterisk 1.4.21.2 system.  The Asterisk 
system has been stable for years, and has no trouble bridge SIP phone sets to 
IAX trunks.

When I initiate a call from the IAX ATA, something goes wrong.One rare 
occasion it works fine, but usually there is no audio passed.  I have a snippet 
of the console below.  Notice no bridging message...not sure if that's a clue?  
The dialplan seems to execute properly, and I can watch the destination system 
which answers the call and starts playing media (monkeys) which I don't hear.

Any ideas on what is going on?  Since this is IAX in and IAX out, NAT should 
not be an issue (even through there is NAT on both sides).  Since media moves 
on the same UDP port as call setup, also proves should not be a network problem 
(I think)

Can someone point me to a solution?

Thanks!


(IP's and ISP and phone number disguised)

- Executing [s@macro-dialexternal:57] GotoIf(IAX2/S-14468, 1?dialnormal) in 
new stack
-- Goto (macro-dialexternal,s,60)
-- Executing [s@macro-dialexternal:60] Dial(IAX2/S-14468, 
IAX2/ISP123/1234567890|60|W) in new stack
-- Called ISP123/1234567890
-- Call accepted by 201.191.37.138 (format ulaw)
-- Format for call is ulaw
-- IAX2/ISP123-2261 answered IAX2/S-14468
-- Channel 'IAX2/S-14468' ready to transfer
-- Channel 'IAX2/ISP123-2261' ready to transfer
-- Hungup 'IAX2/ISP123-2261'
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

[asterisk-users] AMI version vs. AST version

[Michelle Dupuis]

Is there a mapping of AMI versions to Asterisk versions somewhere?  For 
example, Asterisk 1.4 includes AMI version 1.0 (at least that's what I see when 
I connect to Ast 1.4 via telnet to the AMI port)

Also, doe the AMI version changes reflect changes to the AMI commands?  If so, 
is there also a list of what commands changed by AMI version?

Thanks
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] Disable peer from AMI

[Michelle Dupuis]

Unfortunately I do not have the ability / permission to alter the dialplan used 
for this customer.  Odd requirement I know...

From: asterisk-users-boun...@lists.digium.com 
[asterisk-users-boun...@lists.digium.com] On Behalf Of Darryl Moore 
[dar...@moores.ca]
Sent: Wednesday, October 23, 2013 6:38 AM
To: Asterisk Users List
Subject: Re: [asterisk-users] Disable peer from AMI


put it in a different context in your dial plan and use a gotoif statement to 
control the times it is allowed to dial out. you can also redirect it to a 
prerecorded message whenever someone tries to use it during the 'off' time. no 
need for anything as brutal as disabling it in sip.conf.

On 2013-10-23 12:37 AM, Michelle Dupuis 
mdup...@ocg.camailto:mdup...@ocg.ca wrote:
I need to disable/enable a peer after hours automatically, and am thinking 
about doing so via the AMI.

Is there a command to enable/disable (or perhaps delete/add) a peer via the 
AMI?  I could create code to modify sip.conf and force a reload, but that seems 
like the wrong approach...

--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

[asterisk-users] Disable peer from AMI

[Michelle Dupuis]

I need to disable/enable a peer after hours automatically, and am thinking 
about doing so via the AMI.

Is there a command to enable/disable (or perhaps delete/add) a peer via the 
AMI?  I could create code to modify sip.conf and force a reload, but that seems 
like the wrong approach...
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

[asterisk-users] What linux distro most popular for Asterisk

[Michelle Dupuis]

Is there a recent survey of that Linux distro and version people are using for 
the Asterisk installations?  I recall seeing a pie chart over a year ago (I 
think on a wiki but I can't find it again)also hoping for something more 
current.

I suspect RH5 and RH6 are most popular...but I'm looking for facts
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] Failed to authenticate user 1000sip:1000@MY_OWN_IP_ADDRESS; tag=03f82bb9

[Michelle Dupuis]

Gareth:

Did you check if your message (or security) log recorded anything during these 
attempts?  If so, can you post the content of the logs during this attack?

M

From: asterisk-users-boun...@lists.digium.com 
[asterisk-users-boun...@lists.digium.com] On Behalf Of Asghar Mohammad 
[asghar...@gmail.com]
Sent: Tuesday, October 01, 2013 11:53 AM
To: Asterisk Users List
Subject: Re: [asterisk-users] Failed to authenticate user 
1000sip:1000@MY_OWN_IP_ADDRESS; tag=03f82bb9

Hi,
Bad boys trying to guess a valid username.
in sip.conf uncomment  alwaysauthreject=yes and Asterisk always reject 1st 
invite.


On Tue, Oct 1, 2013 at 5:26 PM, Gareth Blades 
mailinglist+aster...@dns99.co.ukmailto:mailinglist+aster...@dns99.co.uk 
wrote:
On 01/10/13 15:44, gincantalupo wrote:
On Tue, Oct 1, 2013 at 5:07 AM, gincantalupo 
gincantal...@fgasoftware.commailto:gincantal...@fgasoftware.com wrote:
Hi,

I get a lot of these messages on my Asterisk CLI:

Failed to authenticate user 1000sip:1000@MY_OWN_IP_ADDRESS;tag=03f82bb9

as if my PBX machine is trying to authenticate to itself. It seems someone is 
attacking my asterisk PBX.

Is there a way to fix this problem?

in sip.conf I have guest connections permitted and have them going to the 
default context which contains :-

[default]
; all unauthenticated connection attempts from the internet come in here.
exten = _[+*#0-9].,1,NoOp(Unauthenticated call attempt - 
${SIP_HEADER(Contact)})
exten = _[+*#0-9].,n,Congestion

Then in fail2ban I have it match the following :-

failregex = Registration from .* failed for \'HOST\' - Wrong password
Unauthenticated call attempt .*\@HOST\:


--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

[asterisk-users] Registration failure event from AMI

[Michelle Dupuis]

Is it possible to detect the failure of an agent to register with Asterisk via 
the AMI ?

When I try to register with Asterisk 1.4 using an invalid password I don't see 
any event in the AMI, but see this in the messages log:

[2013-10-05 22:05:03] NOTICE[24598] chan_sip.c: Registration from 
'testsip:2...@asterisk.com' failed for '192.168.0.1' - Wrong password

Thanks

-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] Looking for Asterisk+Pacemaker+Corosync+DRBD example

[Michelle Dupuis]

Be careful with DRDB singe failing drive/corruption on one peers takes down the 
other too...

Check out haast as well (at www.generationd.com) for a commercial asterisk 
clustering solution.

Michelle
(GenerationD Systems)

From: asterisk-users-boun...@lists.digium.com 
[asterisk-users-boun...@lists.digium.com] On Behalf Of Bakko 
[asannu...@gmail.com]
Sent: Thursday, September 19, 2013 10:24 AM
To: Asterisk Users List
Subject: Re: [asterisk-users] Looking for Asterisk+Pacemaker+Corosync+DRBD 
example

Hello Edwards

you can install fedora repositories and the HeartBeat from those
repositories.

If the failover is only for two servers, this is a good solution.

In the directory list, you have to add /etc/dahdi (is you use dahdi) and
/var/spool/asterisk

Regards

El 19/09/2013 08:58, Steve Edwards escribió:
 I'm trying to setup a pair of FreePBX-4.211.64 boxes using Pacemaker,
 Corosync, and DRBD.

 All the examples I've found so far use Heartbeat, but Heartbeat is not
 in the repositories and doesn't want to compile from source.

 Does anyone have a working configuration they can share or a tutorial
 they can point me to?

 Also, what does drbdlinks bring to the party? Isn't just linking the
 'top level' directories (/etc/asterisk/, /var/lib/asterisk/,
 /var/lib/mysql, etc) sufficient?



--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users
--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] I need a second opinion on a new phone system deployment

[Michelle Dupuis]

...

For redundant/failover of Asterisk checkout HAAST at 
www.generationd.comhttp://www.generationd.com  The HAAST product sits between 
Linux and Asterisk, monitors for failures etc, and then fails over to another 
Asterisk box.  It effectively creates a low-cost cluster, moving IP's etc to 
active peer.  It runs with most Linux and Asterisk distro's, and avoids the 
issues of single point of failure. etc.

Michelle
(generationD)
--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

[Assp-test] ASSP mistakenly returning 5.1.1 user unknown ?

[Michelle Dupuis]

I'm running ASSP version 2.2.1(13020) and when my mail server (box behind assp) 
is rebooting, ASSP is supposedly responding with a 5.1.1. user unknown  
(according to the MTA upstream).

I checked the assp maillog for the time in question and I see this line:


May-21-13 20:20:53 m1-82053-139071 [Worker_1] 64.182.103.22 
fedm...@fedmail.prime-vendor.com [SMTP Error] 550 mailbox for 
u...@mydomain.commailto:u...@mydomain.com is unavailable



Does this mean ASSP is sending a 5.1.1 user unknown?  If so this is causing 
problems because the upstream MTA refuses all mail to user@mydomain .com for 4 
hours (keeps its own cache).



Is there a way to change assp's behavior?

Thanks
--
Try New Relic Now  We'll Send You this Cool Shirt
New Relic is the only SaaS-based application performance monitoring service 
that delivers powerful full stack analytics. Optimize and monitor your
browser, app,  servers with just a few lines of code. Try New Relic
and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may
___
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test

[Assp-test] Why is spam prob score 0

[Michelle Dupuis]

My ASSP uses test mode. causing the subject to be prefixed with [SPAM] which I 
catch downstream.  (in case that matters).  The problem I'm having is that mail 
with a faked from address (different from MAIL FROM) is getting through 
unmarked.

Below is an analysis of such a message.  As you can see ASSP is identifying 
from != mail from.  I have DONOSPOOFING4FROM checked, and DONOSPOOFING set to 
score.  Yet the message below was not tagged as SPAM, and scores 0.  Can 
someone explain why?

(I have linkedin.com in a whitelist, but that should not count for spoofed 
from!?)

Thanks
Michellehttps://mail.ocg.ca/owa/?ae=Itemt=IPM.Notea=New#


sender and reply addresses:
MAIL FROM: bryannaale...@sepag.ch
Sender: messages-nore...@bounce.linkedin.com 
From: passw...@linkedin.com 


recipient addresses:
RCPT TO: myn...@mydomain.ca 
To: myn...@mydomain.ca 


Feature Matching:

• Whitelist: 'messages-nore...@bounce.linkedin.com'
• 197.0.48.176 is in SPFCache: status=softfail with helo=[197.0.48.176]
• SPF-check returned OK for 197.0.48.176 - bryannaale...@sepag.ch, 
[197.0.48.176]
 • SPF: softfail (cache) ip=197.0.48.176 mailfrom=bryannaale...@sepag.ch 
helo=[197.0.48.176]
• DMARC-check returned OK
• URIBL check: 'OK'
• Not a Valid Format of HELO: '[197.0.48.176]'
• Invalid Format of HELO: 'highest match: 197.0.48 with valence: 5 - PB value 
= 5'
 • matching invalidFormatHeloRe(file:files/invalidhelo.txt[line 4]): 
'\d{1,3}[-x.]\d{1,3}[-x.]\d{1,3}'
• IP in Helo check: 'OK'
• 199.101.160.51 is in RBLCache: inserted as ok at 2013-03-08 18:07:58
• 64.182.103.22 is in RBLCache: inserted as ok at 2013-03-01 06:04:34
• RBLCheck returned OK for 197.0.48.176: DNSBL: neutral, 197.0.48.176 listed in 
l2.apews.org psbl.surriel.com
• domain sepag.ch has valid MXA record: all01.mx.genotec.ch 82.195.224.56
• 197.0.48.176 is in RWLCache: status=not listed
• 197.0.48.0 has a Griplist value of 0.8


Bayesian Analysis: - word stemming engine is used

Bad Words   Bad ProbGood Words  Good Prob
[addr] sender   0.
sender [addr]   0.
sender [addr]   0.0002
[addr] sender   0.0501
rcpt [addr] 0.9275   
ssub now0.8742   
ssub connecting 0.1345
connecting ssub 0.1546
ssub your   0.8228   
your ssub   0.8225   
[addr] sender   0.7839   
now ssub0.7759   
of your 0.7701   
of ssub 0.7677   
ssub of 0.7676   
now part0.2405
network ssub0.2610
ssub network0.2835
part ssub   0.7057   
ssub is 0.6992   
is ssub 0.6990   
ssub part   0.6983   
helo smtprandnumberdnsexit.com  0.6426   
smtprandnumberdnsexit.com rcpt  0.6293   
keep ssub   0.6012   


Bayesian Spam Probability:

combined probability:   0. - got 25 - used 60 most significant results

--
Symantec Endpoint Protection 12 positioned as A LEADER in The Forrester  
Wave(TM): Endpoint Security, Q1 2013 and remains a good choice in the  
endpoint security space. For insight on selecting the right partner to 
tackle endpoint security challenges, access the full report. 
http://p.sf.net/sfu/symantec-dev2dev
___
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test

Re: [asterisk-users] block one number in incoming calls

[Michelle Dupuis]

Check out smartCID on www.generationd.comhttp://www.generationd.com

This script allows lookup of incomming calls based on number and either Block 
(no ring), endless ring (ignore), or pass through to asterisk.  It allows 
allows rewriting of CID name based on number.  All numbers stored in a mysql 
table.  A free script.

It also does reverse look of CID based on number using a variety of free web 
sites (but that's intended for experimentation only)


From: asterisk-users-boun...@lists.digium.com 
[asterisk-users-boun...@lists.digium.com] On Behalf Of Salaheddine Elharit 
[salah.elharit...@gmail.com]
Sent: Monday, January 14, 2013 10:33 AM
To: Asterisk Users List
Subject: [asterisk-users] block one number in incoming calls

Hello list

could you please help me about one question.

i have asterisk 1.4  installed, i configure the inbound call in my asterisk  
like below.

exten = 520xx,1,Dial(SIP/224, 30).

when the customer call my number (520xx) the sip phone 224 works without 
issue

my problem i have a lot of calls coming  from this number (0666xx) and i 
want to block it.

if you can give me an example please .

thanks and regards
--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] monitoring asteriks

[Michelle Dupuis]

take a look at AsteriskControl script at www.generationd.com
This is a free script that monitors, responds to IP address changes, etc. and 
restarts asterisk.

You can also use HAAST (commercial) at same site - it can check for missing 
registrations etc and restart asterisk too.

-=M=-


From: asterisk-users-boun...@lists.digium.com 
[asterisk-users-boun...@lists.digium.com] On Behalf Of Joseph 
[syscon...@gmail.com]
Sent: Thursday, November 22, 2012 4:18 PM
To: Asterisk Users List
Subject: [asterisk-users] monitoring asteriks

How can I monitor asterisk if all lines are registered etc?

I have an asterisk on a remote location and sometime they reporting problems 
that phone is not ringing, they can not dial out etc.
Usually I just restart asterisk and it solves the problem.

Is there an application that will email me if case any line looses registration 
with with asterisk?
Or any better solution!

--
Joseph

--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users
--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

[Assp-test] Becoming too complicated!

[Michelle Dupuis]

Based on my own experience and that of others (looking at the postings 
including the current MSGID discussion), I can help but wonder if ASSP 
configuration has gotten too complex.

I'm not suggesting we drop features, but maybe the who way it is configured 
needs to be rethought!?  Instead of hundres of fields to configure (in many 
categories), could we make this more pictoral?  collapsing fields that don't 
apply?

I don't have an answer, but someone has to start the conversation :)
--
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_sfd2d_oct
___
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test

[asterisk-users] Counting calls in progress from AMI

[Michelle Dupuis]

I want to track the number of calls up at any given time, through the AMI.  I 
found the Link and Unlink commands as the most likely candidates - is that the 
right way?

Also, a comment on the wiki suggests that Link may be called several times for 
a single bridge if transcoding is required.  That blows up accuracy of my count 
of course...

Ideas?
--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] Counting calls in progress from AMI

[Michelle Dupuis]

I need to do this from the AMI (not the CLI)...I don't *think* a comparable 
command exists from the AMI.

As well, I don't want to poll the system for calls so I'm hoping to trap a call 
bridged,unbridged type event.


From: asterisk-users-boun...@lists.digium.com 
[asterisk-users-boun...@lists.digium.com] On Behalf Of Danny Nicholas 
[da...@debsinc.com]
Sent: Thursday, October 18, 2012 10:59 AM
To: Asterisk Users List
Subject: Re: [asterisk-users] Counting calls in progress from AMI

The simplest way to accurately do this would be to issue command “core show 
channels verbose”

From: asterisk-users-boun...@lists.digium.com 
[mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of Michelle Dupuis
Sent: Thursday, October 18, 2012 9:58 AM
To: Asterisk Users List
Subject: [asterisk-users] Counting calls in progress from AMI

I want to track the number of calls up at any given time, through the AMI.  I 
found the Link and Unlink commands as the most likely candidates - is that the 
right way?

Also, a comment on the wiki suggests that Link may be called several times for 
a single bridge if transcoding is required.  That blows up accuracy of my count 
of course...

Ideas?
--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

[Assp-test] ASSP 2 installation question: moduleLoadErrors.txt

[Michelle Dupuis]

I'm installing ASSP 2 on a fresh new Centos 6 x64 system and am getting pretty 
far along.  However, there are 4 errors (in the moduleLoadErrors.txt file) I 
can resolve - see below.  Here's what i've done:

1. I install perl-Net-SNMP using yum, so why is error #1 there?
2. This module is not available from cpan/yum that I can see.  How do I install 
it?
3. Why is there a Win32 dependency?  I'm installing on Linux.  Do I have to 
disable this somehow?
4. I don't want virus scanning (I have Symantec AV running downstream). How do 
I disable this?

Thanks!
Michelle

1.
module NetSNMP::agent could not be loaded (see error below): check with perl 
-e use NetSNMP::agent;
Can't locate NetSNMP/agent.pm in @INC (@INC contains: /assp/lib 
/usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vend
BEGIN failed--compilation aborted at (eval 160) line 1.

2.
module ASSP_WordStem could not be loaded (see error below): check with perl -e 
use ASSP_WordStem;
Can't locate Lingua/Stem/Snowball.pm in @INC (@INC contains: /assp/lib 
/usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/per
BEGIN failed--compilation aborted at /assp/lib/ASSP_WordStem.pm line 17.
Compilation failed in require at (eval 172) line 1.
BEGIN failed--compilation aborted at (eval 172) line 1.

3.
module Win32::API::OutputDebugString could not be loaded (see error below): 
check with perl -e use Win32::API::OutputDebugString;
Can't locate Win32/API/OutputDebugString.pm in @INC (@INC contains: /assp/lib 
/usr/local/lib64/perl5 /usr/local/share/perl5 /usr/li
BEGIN failed--compilation aborted at (eval 106) line 1.

4.
module File::Scan::ClamAV could not be loaded (see error below): check with 
perl -e use File::Scan::ClamAV;
Can't locate File/Scan/ClamAV.pm in @INC (@INC contains: /assp/lib 
/usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/v
BEGIN failed--compilation aborted at (eval 42) line 1.




--
Got visibility?
Most devs has no idea what their production app looks like.
Find out how fast your code is with AppDynamics Lite.
http://ad.doubleclick.net/clk;262219671;13503038;y?
http://info.appdynamics.com/FreeJavaPerformanceDownload.html
___
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test

[Assp-test] ASSP not trapping obvious forged signatures

[Michelle Dupuis]

A month ago I upgraded ASSP 2.2.1(12137)  (and also moved to a new partition).  
Since then, my volume of spam getting through ASSP has increased considerably.  
Attached below is an example - clearly forged sender.  Why isn't ASSP trapping 
this?

I attached the analysis of the header below.  Strangely the probability is 
showing as 0.5 for a bunch of messages I tested...

I'm not sure how to fix this.  Help...

Thanks!

-

•ISP/Secondary Header:'Received: from [95.56.197.53javascript:void(0);] 
([95.56.197.53javascript:void(0);]) by smtp2.netdorm.com'
•Switched to ISP/Secondary IP: '95.56.197.53javascript:void(0);'

using enhanced Originated IP detection
•detected IP's on the mail routing way: 199.101.162.39javascript:void(0);(no 
PTR)
•detected source IP: 199.101.162.39javascript:void(0);

sender and reply addresses:
MAIL FROM: angelabrund...@manzoniconsulting.itjavascript:void(0);
Sender: messages-nore...@bounce.linkedin.comjavascript:void(0);
From: passw...@linkedin.comjavascript:void(0);


recipient addresses:
RCPT TO: myacco...@mydomain.comjavascript:void(0);
To: myacco...@mydomain.comjavascript:void(0);


Feature Matching:

• SPF-check returned OK for 95.56.197.53javascript:void(0); - 
angelabrund...@manzoniconsulting.itjavascript:void(0);, 
[95.56.197.53javascript:void(0);]
• URIBL checkhttp://mail.ocg.ca:5/#ValidateURIBL: 'OK'
• Not a Valid Format of HELOhttp://mail.ocg.ca:5/#DoValidFormatHelo: 
'[95.56.197.53javascript:void(0);]'
• Invalid Format of HELOhttp://mail.ocg.ca:5/#invalidFormatHeloRe: 
'highest match: 95.56.197 with valence: 5 - PB value = 5'
 • matching invalidFormatHeloRe(file:files/invalidhelo.txt[line 
4]javascript:void(0);): '\d{1,3}[-x.]\d{1,3}[-x.]\d{1,3}'
• IP in Helo checkhttp://mail.ocg.ca:5/#DoIPinHelo: 'OK'
• 199.101.162.39javascript:void(0); is in RBLCache: inserted as ok at 
2012-08-15 11:40:51
• 95.56.197.53javascript:void(0); is in RBLCache: inserted as not ok at 
2012-08-15 11:40:51 , listed by l2.apews.org{127.0.0.2} 
zen.spamhaus.org{127.0.0.11}
• domain manzoniconsulting.it has valid MXA record: mx1.interac.it 
212.183.164.48javascript:void(0);
• 95.56.197.0javascript:void(0); has a Griplist value of 0.8



Bayesian Analysis:

Bad Words   Bad ProbGood Words  Good Prob



Bayesian Spam Probability:

combined probability:   0.5000 - got 0 - used 60 most significant results






Received: from smtp2.netdorm.com (172.31.254.35) by mail.mydomain.com
 (172.31.254.35) with Microsoft SMTP Server id 8.1.436.0; Wed, 15 Aug 2012
 11:40:50 -0400
Received: from smtp2.netdorm.com ([67.214.161.138] helo=smtp2.netdorm.com) by
 spamfilter.mydomain.com with SMTP (2.2.1); 15 Aug 2012 11:40:49 -0400
Received: from [95.56.197.53] ([95.56.197.53]) by smtp2.netdorm.com
 (8.13.8/8.13.8) with ESMTP id q7FFf9fd022957 for 
myacco...@mydomain.commailto:myacco...@mydomain.com; Wed, 15 Aug
 2012 11:41:11 -0400
Received: from mailb-ea.linkedin.com ([199.101.162.39]) by mx1.interac.it;
  Wed, 15 Aug 2012 04:40:41 +0600
Sender: 
messages-nore...@bounce.linkedin.commailto:messages-nore...@bounce.linkedin.com
Date: Wed, 15 Aug 2012 04:40:41 +0600
From: LinkedIn Password passw...@linkedin.commailto:passw...@linkedin.com
To: myaccount myacco...@mydomain.commailto:myacco...@mydomain.com
Message-ID: 
430288651.0623442.3275882383774.javamail@ela2-app1439.prodmailto:430288651.0623442.3275882383774.javamail@ela2-app1439.prod
Subject: Re: Fwd: Better Business Bureau Complaint
MIME-Version: 1.0
Content-Type: multipart/mixed;
 boundary==_Part_4847258_8686314084.0929890424051
X-LinkedIn-Template: password_reset
X-LinkedIn-Class: ACCT-ADMIN
X-LinkedIn-fbl: s-N5P69E8AHU3GMGEJT75CSRO431MBXDC8K3EG6S-K40V2PDRHOKH9R7
X-OriginalArrivalTime: Wed, 15 Aug 2012 04:40:41 +0600 
FILETIME=[7D3A5495:E1B208E1]
X-Assp-Version: 2.2.1(12137) on spamfilter.mydomain.com
X-Assp-Received-SPF: none ip=67.214.161.138 
mailfrom=angelabrund...@manzoniconsulting.itmailto:mailfrom=angelabrund...@manzoniconsulting.it
 helo=smtp2.netdorm.com
X-Assp-Message-Score: 10 (SPF none)
X-Assp-IP-Score: 10 (SPF none)
X-Assp-Message-Score: 17 (DNSBL: neutral, 95.56.197.53 listed in
 l2.apews.org zen.spamhaus.org)
X-Assp-IP-Score: 17 (DNSBL: neutral, 95.56.197.53 listed in l2.apews.org
 zen.spamhaus.org)
X-Assp-DNSBL: neutral, 95.56.197.53 listed in (l2.apews.org-127.0.0.2;
 zen.spamhaus.org-127.0.0.11; )
X-Assp-ID: spamfilter.mydomain.com m1-45249-76011
X-Assp-Detected-RIP: 199.101.162.39, 95.56.197.53
X-Assp-Source-IP: 199.101.162.39
X-Assp-Envelope-From: 
angelabrund...@manzoniconsulting.itmailto:angelabrund...@manzoniconsulting.it
X-Assp-Intended-For: myacco...@mydomain.commailto:myacco...@mydomain.com
Return-Path: 
angelabrund...@manzoniconsulting.itmailto:angelabrund...@manzoniconsulting.it
--
Live Security Virtual 

[Assp-test] Missing DB_File wrong

[Michelle Dupuis]

I see this message during rebuild:


Aug-14-12 06:11:33 warning: 'useDB4Rebuild' is set to on, but 'BerkeleyDB' nor 
'DB_File' are available - the rebuild spamdb process uses the internal 
'orderedtie' and will possibly require more time and a large amount of memory - 
check 'OrderedTieHashTableSize'!



but I have DB_File installed.  (I'm running Activestate 64 bit on Win 2003 
Server).  Any idea why it's not working?
--
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
___
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test

Re: [Assp-test] Antwort: Missing DB_File wrong

[Michelle Dupuis]

I installed ASSP-V2 early on in it's life, and didn't think it automatically 
installed all required perl modules!  (Or I just didn't realize it).  I had to 
compile some perl modules manually to get them to install...

I confirmed that according to AS Perl, I have DB_File 1.820 installed.  
According to ASSP info page it say DB_File is *NOT* installed.  And according 
to message.txt:

Aug-14-12 10:47:35 [init] DB_File module is not installed - DB_File (Berkeley 
V1) database usage not available

I think I'll just live with it for now, and move ASSP it to a linux box when I 
have time.

From: Thomas Eckardt [thomas.ecka...@thockar.com]
Sent: Tuesday, August 14, 2012 10:03 AM
To: ASSP development mailing list
Subject: [Assp-test] Antwort:  Missing DB_File wrong

(I'm running Activestate 64 bit on Win 2003 Server).  Any idea why it's
not working?

Seems you don't read install instructions! The ASSP-V2 module installer
would have installed all required modules and if not, it would have shown
why.

Don't use a 64 Bit Perl on windows - this leads in to a mixed (64/32)
Perl, because most post installed modules are compiled for 32 Bit.
Or if you want to use a 64Bit Perl you have to compile all required
modules that contains XS code for your platfrom.

but I have DB_File installed.

check the startup log (maillog.txt) for errors and warnings
check the 'Perl Modules' section in the GUI-Infos and Stats

check this from the command line:

perl -e use DB_File; print DB_File-VERSION;

If all is Ok, you'll see something similar:

C:\Windows\system32perl -e use DB_File; print DB_File-VERSION;
1.826
C:\Windows\system32

At least - DB_File (which is BerkeleyDB V1) is 10 times slower than
BerkeleyDB (v4 or V5 engine) and module v 0.51. - and BerkeleyDB.pm is
required to build the HMM database!

IMHO - you should uninstall Perl, remove the Perl folder from the system,
install 5.12 or 5.14 32Bit , download the assp.mod.zip - unzip it in the
folder assp - change with CMD in to assp/assp.mod/install - edit the
install.cmd if required and run it.

Thomas



Von:Michelle Dupuis mdup...@ocg.ca
An: assp-test@lists.sourceforge.net
assp-test@lists.sourceforge.net,
Datum:  14.08.2012 15:32
Betreff:[Assp-test] Missing DB_File wrong



I see this message during rebuild:


Aug-14-12 06:11:33 warning: 'useDB4Rebuild' is set to on, but 'BerkeleyDB'
nor 'DB_File' are available - the rebuild spamdb process uses the internal
'orderedtie' and will possibly require more time and a large amount of
memory - check 'OrderedTieHashTableSize'!



but I have DB_File installed.  (I'm running Activestate 64 bit on Win 2003
Server).  Any idea why it's not working?
--
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
___
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test




DISCLAIMER:
***
This email and any files transmitted with it may be confidential, legally
privileged and protected in law and are intended solely for the use of the

individual to whom it is addressed.
This email was multiple times scanned for viruses. There should be no
known virus in this email!
***
--
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
___
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test

Re: [asterisk-users] Suggestion of Server Specifications for Asterisk

[Michelle Dupuis]

That's how we do it - write to a memory based (ramdisk) disk then write to HDD 
upon call completion.  We haven't tried a SSD but that may be necessary 
depending on your call volumes.


From: asterisk-users-boun...@lists.digium.com 
[asterisk-users-boun...@lists.digium.com] On Behalf Of Ryan Wagoner 
[rswago...@gmail.com]
Sent: Saturday, August 04, 2012 7:34 PM
To: Asterisk Users List
Subject: Re: [asterisk-users] Suggestion of Server Specifications for Asterisk

On Sat, Aug 4, 2012 at 1:22 PM, Shahid H 
shah...@gmail.commailto:shah...@gmail.com wrote:
Instead of buying expensive disk.. I might setup a ramdisk (about 2GB) to do 
200 calls recordings.

Once the call hangup/completed it will then move recording file to SATA HDD.

What do you think of this?




You want some form of raid for redundancy. I usually go with two 15K SAS drives 
in raid 1 or four 7.2k SATA drives in raid 10. Performance between the two 
should be similar. With drives being as cheap as they are skip raid 5.

Ryan
--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

[asterisk-users] Gigaset in the USA

[Michelle Dupuis]

Does anyone know if Gigaset is for sale in the USA?  Based on my assessment of 
phones and features, i would like to try the N300IP base along with C610H 
phones.

I can only find the handsets on ebay, no retailers in USA.  And I suspect they 
are using European frequencies.
--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

[asterisk-users] Intro to DECT vs IP

[Michelle Dupuis]

We've deoplyed a number of pure VoIP wireless (wifi  proprietary) phones,  but 
not dect.

Is there a simple overview of integrating DECT phones with Asterisk somewhere?  
I assume the DECT basestation has a multi-account SIP VoIP interface, and the 
handsets are just plain old dect?

Can you push configuration info to individual phones?  (Are they individually 
addressible / configurable through SIP) etc?

Thanks
--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] Intro to DECT vs IP

[Michelle Dupuis]

Can you really mix  match any base station with any DECT handset?

Do handsets have proprietary features which only work with their own 
basestations?  (eg: transfer between handsets)?

Can i buy a good base station and get cheap Costco Dect handsets?


From: asterisk-users-boun...@lists.digium.com 
[asterisk-users-boun...@lists.digium.com] On Behalf Of Carlos Alvarez 
[car...@televolve.com]
Sent: Friday, June 29, 2012 4:58 PM
To: Asterisk Users List
Subject: Re: [asterisk-users] Intro to DECT vs IP

On Fri, Jun 29, 2012 at 1:22 PM, Michelle Dupuis 
mdup...@ocg.camailto:mdup...@ocg.ca wrote:
We've deoplyed a number of pure VoIP wireless (wifi  proprietary) phones,  but 
not dect.

Is there a simple overview of integrating DECT phones with Asterisk somewhere?  
I assume the DECT basestation has a multi-account SIP VoIP interface, and the 
handsets are just plain old dect?

The SIP side of every DECT phone I've worked with looks/works just like any 
regular SIP phone.  Asterisk just sees a SIP endpoint.  If it's 
multi-handset/multi-account it's much like configuring a multi-line SIP phone.

Can you push configuration info to individual phones?  (Are they individually 
addressible / configurable through SIP) etc?

This is all dependent on the phone/base, but every one I've used does.  Again, 
it works just like any other SIP handset that supports a central config server.

Honestly while there's a little bit of learning to do, deploying a SIP-DECT 
solution isn't really different from other phones and you should just jump into 
it.

We are very pleased with Spectralink for larger/industrial applications and 
Panasonic for small office applications.

Devote four hours to learning and you'll be comfortable with the configs for 
either.

--
Carlos Alvarez
TelEvolve
602-889-3003


--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] Intro to DECT vs IP

[Michelle Dupuis]

I like the look of the C610H.  Is there a matching DECT base station by Gigaset?

(I can't figure this out looking at their site)

I see a C610IP but it's not clear if that base station supports multiple SIP 
accounts, multiple calls active.


From: asterisk-users-boun...@lists.digium.com 
[asterisk-users-boun...@lists.digium.com] On Behalf Of Chris Bagnall 
[aster...@lists.minotaur.cc]
Sent: Friday, June 29, 2012 6:27 PM
To: Asterisk Users List
Subject: Re: [asterisk-users] Intro to DECT vs IP

On 29/6/12 11:16 pm, Michelle Dupuis wrote:
 Can you really mix  match any base station with any DECT handset?

Yes and no.

 Do handsets have proprietary features which only work with their own 
 basestations?  (eg: transfer between handsets)?

Yes. And that's the 'no' part of my answer above - whilst they may make
 take calls, you might well lose additional functionality. Transfer
hasn't been a particular problem (in my experience, it's better to use
the native asterisk functions for this on DECT phones), but call lists
most definitely have been an issue.

 Can i buy a good base station and get cheap Costco Dect handsets?

As above, if you weren't worried about all the features, quite probably.
But reasonable Gigaset DECT handsets designed for the base aren't
exactly expensive - I think the C610H is around the 30GBP mark -
substantially less if you're ordering quantity. And I've seen older
models for substantially less - I picked up a batch of new - but old
model S450s for around 30GBP for 6.

I don't think I've seen DECT units in Costco for much less than 20 GBP.

Kind regards,

Chris
--
This email is made from 100% recycled electrons


--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users
--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] Intro to DECT vs IP

[Michelle Dupuis]

Do the C610H and C300IP use an international standard for frequencies?  I can't 
even find gigaset sold in USA/Canada...


From: asterisk-users-boun...@lists.digium.com 
[asterisk-users-boun...@lists.digium.com] On Behalf Of Chris Bagnall 
[aster...@lists.minotaur.cc]
Sent: Friday, June 29, 2012 8:22 PM
To: Asterisk Users List
Subject: Re: [asterisk-users] Intro to DECT vs IP

On 30/6/12 12:12 am, Michelle Dupuis wrote:
 I like the look of the C610H.  Is there a matching DECT base station by 
 Gigaset?

I use the N300IP. Supports 3 active SIP calls I believe - and yes, does
have multiple SIP accounts (6, if I recall correctly).

Kind regards,

Chris
--
This email is made from 100% recycled electrons


--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users
--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] OOh323 log fills with : In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)

[Michelle Dupuis]

Vladimir:

Thanks for that!  Does the response mean that the fix is already in the latest 
Asterisk 1.8 ditribution?

I would prefer not to upgrade this site to 1.8 (since it requires retesting 
lots of customer code)...so a patch would be ideal.

Thanks,
Michelle

From: asterisk-users-boun...@lists.digium.com 
[asterisk-users-boun...@lists.digium.com] On Behalf Of Vladimir Mikhelson 
[v...@mikhelson.com]
Sent: Wednesday, June 06, 2012 11:18 AM
To: Asterisk Users List
Subject: Re: [asterisk-users] OOh323 log fills with : In ooEndCall call state 
is - OO_CALL_CLEAR (incoming, ooh323c_1)

Michelle,

I forwarded your message to the OOH323 maintainer / developer.  Here is his 
reply.

Vladimir, there is 1.6 asterisk which is unsupported already, you can recommend 
upgrade to 1.8 or higher version. I can produce patch for 1.6 but upgrade is 
better way

Thank you,
Vladimir




On 6/5/2012 8:58 AM, Michelle Dupuis wrote:
We have an Ast 1.6 installation which is connected to an Avaya using ooh323.  
Something is causing the log to fill with In ooEndCall call state is - 
OO_CALL_CLEAR (incoming, ooh323c_1) messages every 100ms.  This causes the log 
to grow to 300MB in just 5 minutes, which eventually overloads the box.

Looking through the ooh323 log below, I suspect this stems from the 
Error:Failed to enqueue ReleaseComplete message to outbound queue.(incoming, 
ooh323c_1) message - but we don't don't see enough H323 installations to dig 
deeper.  Can someone offer some suggested causes and resolutions?

Thanks!


-Date 06/01/12-
02:45:33:447  New connection at H225 receiver
02:45:33:447  Created a new call (incoming, ooh323c_1)
02:45:33:463  Receiving H.2250 message (incoming, ooh323c_1)
02:45:33:463  H.2250 message length is 12
02:45:33:463  Received Q.931 message: (incoming, ooh323c_1)
02:45:33:463  Received H.2250 Message = {
02:45:33:463 protocolDiscriminator = 8
02:45:33:463 callReference = 0
02:45:33:463 from = originator
02:45:33:463 messageType = 7d
02:45:33:464 Cause IE = {
02:45:33:464Q931NormalUnspecified
02:45:33:464 }
02:45:33:464  No UserUser IE found in ooDecodeUUIE
02:45:33:464  Error:Failed to decode received H.2250 message. (incoming, 
ooh323c_1)
02:45:33:464  Decoded Q931 message (incoming, ooh323c_1)
02:45:33:464  }
02:45:33:464  ERROR:Failed ooH2250Receive - Clearing call (incoming, ooh323c_1)
02:45:33:464  In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)
02:45:33:464  Building Release Complete message to send(incoming, ooh323c_1)
02:45:33:464  Built Release Complete message (incoming, ooh323c_1)
02:45:33:479  Asn1Error: -4 at ooh323c/src/encode.c:584
02:45:33:479  ERROR: UserInfo encoding failed
02:45:33:479  Error:Failed to encode uuie. (incoming, ooh323c_1)
02:45:33:479  Error:Failed to encode H225 message. (incoming, ooh323c_1)
02:45:33:479  Error:Failed to enqueue ReleaseComplete message to outbound 
queue.(incoming, ooh323c_1)
02:45:33:479  Receiving H.2250 message (incoming, ooh323c_1)
02:45:33:479  H.2250 message length is 12
02:45:33:479  Received Q.931 message: (incoming, ooh323c_1)
02:45:33:479  Received H.2250 Message = {
02:45:33:479 protocolDiscriminator = 8
02:45:33:479 callReference = 0
02:45:33:479 from = originator
02:45:33:479 messageType = 7d
02:45:33:479 Cause IE = {
02:45:33:479Q931NormalCallClearing
02:45:33:479 }
02:45:33:479  No UserUser IE found in ooDecodeUUIE
02:45:33:479  Error:Failed to decode received H.2250 message. (incoming, 
ooh323c_1)
02:45:33:479  Decoded Q931 message (incoming, ooh323c_1)
02:45:33:479  }
02:45:33:479  ERROR:Failed ooH2250Receive - Clearing call (incoming, ooh323c_1)
02:45:33:479  In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)
02:45:33:579  In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)
02:45:33:679  In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)
02:45:33:779  In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)
02:45:33:879  In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)
02:45:33:979  In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)
02:45:34:079  In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)
02:45:34:179  In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)
02:45:34:279  In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)
02:45:34:379  In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)
02:45:34:479  In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)
02:45:34:579  In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)
02:45:34:679  In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)
02:45:34:779  In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)
02:45:34:879  In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)
02:45:34:979  In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)
02

[asterisk-users] OOh323 log fills with : In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)

[Michelle Dupuis]

We have an Ast 1.6 installation which is connected to an Avaya using ooh323.  
Something is causing the log to fill with In ooEndCall call state is - 
OO_CALL_CLEAR (incoming, ooh323c_1) messages every 100ms.  This causes the log 
to grow to 300MB in just 5 minutes, which eventually overloads the box.

Looking through the ooh323 log below, I suspect this stems from the 
Error:Failed to enqueue ReleaseComplete message to outbound queue.(incoming, 
ooh323c_1) message - but we don't don't see enough H323 installations to dig 
deeper.  Can someone offer some suggested causes and resolutions?

Thanks!


-Date 06/01/12-
02:45:33:447  New connection at H225 receiver
02:45:33:447  Created a new call (incoming, ooh323c_1)
02:45:33:463  Receiving H.2250 message (incoming, ooh323c_1)
02:45:33:463  H.2250 message length is 12
02:45:33:463  Received Q.931 message: (incoming, ooh323c_1)
02:45:33:463  Received H.2250 Message = {
02:45:33:463 protocolDiscriminator = 8
02:45:33:463 callReference = 0
02:45:33:463 from = originator
02:45:33:463 messageType = 7d
02:45:33:464 Cause IE = {
02:45:33:464Q931NormalUnspecified
02:45:33:464 }
02:45:33:464  No UserUser IE found in ooDecodeUUIE
02:45:33:464  Error:Failed to decode received H.2250 message. (incoming, 
ooh323c_1)
02:45:33:464  Decoded Q931 message (incoming, ooh323c_1)
02:45:33:464  }
02:45:33:464  ERROR:Failed ooH2250Receive - Clearing call (incoming, ooh323c_1)
02:45:33:464  In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)
02:45:33:464  Building Release Complete message to send(incoming, ooh323c_1)
02:45:33:464  Built Release Complete message (incoming, ooh323c_1)
02:45:33:479  Asn1Error: -4 at ooh323c/src/encode.c:584
02:45:33:479  ERROR: UserInfo encoding failed
02:45:33:479  Error:Failed to encode uuie. (incoming, ooh323c_1)
02:45:33:479  Error:Failed to encode H225 message. (incoming, ooh323c_1)
02:45:33:479  Error:Failed to enqueue ReleaseComplete message to outbound 
queue.(incoming, ooh323c_1)
02:45:33:479  Receiving H.2250 message (incoming, ooh323c_1)
02:45:33:479  H.2250 message length is 12
02:45:33:479  Received Q.931 message: (incoming, ooh323c_1)
02:45:33:479  Received H.2250 Message = {
02:45:33:479 protocolDiscriminator = 8
02:45:33:479 callReference = 0
02:45:33:479 from = originator
02:45:33:479 messageType = 7d
02:45:33:479 Cause IE = {
02:45:33:479Q931NormalCallClearing
02:45:33:479 }
02:45:33:479  No UserUser IE found in ooDecodeUUIE
02:45:33:479  Error:Failed to decode received H.2250 message. (incoming, 
ooh323c_1)
02:45:33:479  Decoded Q931 message (incoming, ooh323c_1)
02:45:33:479  }
02:45:33:479  ERROR:Failed ooH2250Receive - Clearing call (incoming, ooh323c_1)
02:45:33:479  In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)
02:45:33:579  In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)
02:45:33:679  In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)
02:45:33:779  In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)
02:45:33:879  In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)
02:45:33:979  In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)
02:45:34:079  In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)
02:45:34:179  In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)
02:45:34:279  In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)
02:45:34:379  In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)
02:45:34:479  In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)
02:45:34:579  In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)
02:45:34:679  In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)
02:45:34:779  In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)
02:45:34:879  In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)
02:45:34:979  In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)
02:45:35:079  In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)
02:45:35:179  In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)
02:45:35:279  In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)
02:45:35:379  In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)
02:45:35:479  In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)
02:45:35:579  In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)
02:45:35:679  In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)
02:45:35:779  In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)
02:45:35:879  In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)
02:45:35:979  In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)
02:45:36:079  In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)
02:45:36:179  In ooEndCall call state is - OO_CALL_CLEAR (incoming, ooh323c_1)
02:45:36:279  In 

[asterisk-users] IAX ATA can't register

[Michelle Dupuis]

I have an ATCOM ATA that is trying to connect to an asterisk server using IAX.  
The ATA and Asterisk are on the same subnet, not firewall/nat etc.

Below is a a log excerpt, showing the REGREQ received, and then Asterisk goes 
on to send lots of REGAUTH...and this continues for a while, but the ATA is 
never registered (iax2 show peers shows not registered).

Any help would be appreciated.  It sure LOOKS like a lot of TX for very few RX 
frames...so my first guess was network related but I'm not making any progress 
with that theory

Thanks


Tx-Frame Retry[001] -- OSeqno: 003 ISeqno: 001 Type: IAX Subclass: PING
   Timestamp: 21003ms  SCall: 10027  DCall: 18442 [192.168.67.20:4569]
Tx-Frame Retry[001] -- OSeqno: 003 ISeqno: 001 Type: IAX Subclass: PING
   Timestamp: 21006ms  SCall: 14940  DCall: 18442 [192.168.67.20:4569]
Rx-Frame Retry[Yes] -- OSeqno: 000 ISeqno: 000 Type: IAX Subclass: REGREQ
   Timestamp: 3ms  SCall: 18443  DCall: 0 [192.168.67.20:4569]
   USERNAME: ALARM-ATA
   REFRESH : 60
Tx-Frame Retry[003] -- OSeqno: 000 ISeqno: 001 Type: IAX Subclass: REGAUTH
   Timestamp: 00014ms  SCall: 02267  DCall: 18443 [192.168.67.20:4569]
   AUTHMETHODS : 2
   CHALLENGE   : 121149566
   USERNAME: ALARM-ATA
Tx-Frame Retry[002] -- OSeqno: 001 ISeqno: 001 Type: IAX Subclass: LAGRQ
   Timestamp: 10013ms  SCall: 02267  DCall: 18443 [192.168.67.20:4569]
Tx-Frame Retry[001] -- OSeqno: 002 ISeqno: 001 Type: IAX Subclass: LAGRQ
   Timestamp: 20013ms  SCall: 02267  DCall: 18443 [192.168.67.20:4569]
Tx-Frame Retry[000] -- OSeqno: 003 ISeqno: 001 Type: IAX Subclass: PING
   Timestamp: 21016ms  SCall: 10572  DCall: 18443 [192.168.67.20:4569]
Tx-Frame Retry[002] -- OSeqno: 000 ISeqno: 001 Type: IAX Subclass: REGAUTH
   Timestamp: 00015ms  SCall: 14112  DCall: 18443 [192.168.67.20:4569]
   AUTHMETHODS : 2
   CHALLENGE   : 530555480
   USERNAME: ALARM-ATA
Tx-Frame Retry[001] -- OSeqno: 003 ISeqno: 001 Type: IAX Subclass: PING
   Timestamp: 21015ms  SCall: 12659  DCall: 18443 [192.168.67.20:4569]
Tx-Frame Retry[001] -- OSeqno: 001 ISeqno: 001 Type: IAX Subclass: LAGRQ
   Timestamp: 10014ms  SCall: 14112  DCall: 18443 [192.168.67.20:4569]
Tx-Frame Retry[000] -- OSeqno: 002 ISeqno: 001 Type: IAX Subclass: LAGRQ
   Timestamp: 20016ms  SCall: 00480  DCall: 18443 [192.168.67.20:4569]
Tx-Frame Retry[000] -- OSeqno: 000 ISeqno: 001 Type: IAX Subclass: REGAUTH
   Timestamp: 2ms  SCall: 05489  DCall: 18443 [192.168.67.20:4569]
   AUTHMETHODS : 2
   CHALLENGE   : 399007934
   USERNAME: ALARM-ATA
--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

[Assp-test] Still not catching falsified sender domain

[Michelle Dupuis]

I'm still trying to get settings right (and I think I'm close), but ASSP is 
failing to catch really obviously faked domains!

I put the header below, and you can see that 168-226-66-116.speedy.com.ar  is 
pretending to be usps.com.  I run my mail through netdorm (and have setup 
netdorm correctly per previous advice).  Why is ASSP not throwing out this 
message based on the obviously faked sender domain/ip ?  (I even have usps.com 
in the strictSPF file but no difference).

Thanks!


Received: from smtp2.netdorm.com (172.31.254.35) by mail.mydomain.com
 (172.31.254.35) with Microsoft SMTP Server id 8.1.436.0; Fri, 30 Mar 2012
 09:15:01 -0400
Received: from smtp2.netdorm.com ([67.214.161.138] helo=smtp2.netdorm.com) by
 spamfilter.mydomain.com with ESMTP (2.1.1); 30 Mar 2012 09:15:00 -0400
Received: from usps.com (168-226-66-116.speedy.com.ar [168.226.66.116] (may be
 forged)) by smtp2.netdorm.com (8.13.8/8.13.8) with ESMTP id q2UDExvD014961;
 Fri, 30 Mar 2012 09:15:05 -0400
Received: from [66.46.31.241] (account 
usps_shipping_servi...@usps.commailto:usps_shipping_servi...@usps.com HELO
 uxrxqlfpoztpdtk.vejgrirrwzx.info) by  (CommuniGate Pro SMTP 5.2.3) with
 ESMTPA id 274623071 for us...@mydomain.commailto:us...@mydomain.com; Fri, 30 
Mar 2012 10:14:56 -0300
From: Rudy Gould 
usps_shipping_servi...@usps.commailto:usps_shipping_servi...@usps.com
To: us...@mydomain.commailto:us...@mydomain.com, 
us...@mydomain.commailto:us...@mydomain.com
Subject: USPS postage labels order confirmation.
Date: Fri, 30 Mar 2012 10:14:56 -0300
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary==_ryqoj_39_54_73
X-Priority: 3
X-Mailer: wynuuy_29
Message-ID: 
6979509404.jvx74cpq755...@tcidqwlmahhk.zettatccivjbe.orgmailto:6979509404.jvx74cpq755...@tcidqwlmahhk.zettatccivjbe.org
X-Assp-Version: 2.1.1(11364) on spamfilter.mydomain.com
X-Assp-Re-SPFstrict: @usps.com
X-Assp-Received-SPF: softfail (cache) ip=67.214.161.138 
mailfrom=usps_shipping_servi...@usps.commailto:mailfrom=usps_shipping_servi...@usps.com
 helo=smtp2.netdorm.com
X-Assp-Message/IP-Score: 10 (SPF softfail)
X-Assp-Message/IP-Score: 17 (DNSBL: neutral, 168.226.66.116 listed in
 l2.apews.org)
X-Assp-DNSBL: neutral, 168.226.66.116 listed in (l2.apews.org-127.0.0.2; )
X-Assp-Spam-Prob: 0.49675
X-Assp-ID: spamfilter.mydomain.com m1-13300-75165
X-Assp-Detected-RIP: 66.46.31.241, 168.226.66.116
X-Assp-Source-IP: 66.46.31.241
X-Assp-Envelope-From: 
usps_shipping_servi...@usps.commailto:usps_shipping_servi...@usps.com
X-Assp-Intended-For: us...@mydomain.commailto:us...@mydomain.com
Return-Path: 
usps_shipping_servi...@usps.commailto:usps_shipping_servi...@usps.com
--
This SF email is sponsosred by:
Try Windows Azure free for 90 days Click Here 
http://p.sf.net/sfu/sfd2d-msazure
___
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test

[Assp-test] Assp bug spftestmode (was: Still not catching falsified sender domain)

[Michelle Dupuis]

Yes, (see results below) - it says SPF-CHECK returned failed, and I have 
spfTestMode turned on.

However, the subject does not have any ASSP added text (even though it should 
since it failed) and I have test mode on.

Am I interpreting the fail wrong, or could this be an ASSP bug in not adding 
the string to the subject?

Thanks!


•ISP/Secondary Header:'Received: from smtp2.netdorm.com (172.31.254.35) by 
mail.mydomain.com (172.31.254.35) with Microsoft SMTP Server id 8.1.436.0; Fri, 
30 Mar 2012 09:15:01 -0400 Received: from smtp2.netdorm.com ([67.214.161.138] 
helo=smtp2.netdorm.com) by spamfilter.mydomain.com with ESMTP (2.1.1); 30 Mar 
2012 09:15:00 -0400 Received: from usps.com (168-226-66-116.speedy.com.ar 
[168.226.66.116] (may be forged)) by smtp2.netdorm.com'
•Switched to ISP/Secondary IP: '168.226.66.116'
using enhanced Originated IP detection
•detected IP's on the mail routing way: 66.46.31.241(no PTR)
•detected source IP: 66.46.31.241
sender and reply addresses:
MAIL FROM: usps_shipping_services@usps.comrecipient addresses:
Feature Matching:
• Strict SPF RE: '@usps.com'
 • matching strictSPFRe(file:files/strictspf.txt[line 17]): '@usps.com'
• Block Strict SPF RE: '@usps.com'
 • matching blockstrictSPFRe(@usps.com): '@usps.com'
• 168.226.66.116 is in SPFCache: status=softfail with helo=smtp2.netdorm.com
• SPF-check returned FAILED for 168.226.66.116 - 
usps_shipping_servi...@usps.com, smtp2.netdorm.com
• URIBL check: 'OK'
• Valid Format of HELO: 'smtp2.netdorm.com'
• 66.46.31.241 is in RBLCache: inserted as ok at 2012-03-30 09:15:02
• 168.226.66.116 is in RBLCache: inserted as not ok at 2012-03-30 09:15:02 , 
listed by l2.apews.org{127.0.0.2}
• domain usps.com has valid MXA record: gk-e-mail.srvs.usps.gov 56.0.101.24
• 168.226.66.0 has a Griplist value of 0.8



From: Paul Farrow [a...@thefabfarrows.com]
Sent: Friday, March 30, 2012 9:56 AM
To: ASSP development mailing list
Subject: Re: [Assp-test] Still not catching falsified sender domain

Have you tried the mail analyzer provided by ASSP, it might give you a
clue as to why it is accepting it?

On Fri, 30 Mar 2012 09:30:53 -0400, Michelle Dupuis wrote:
 I'm still trying to get settings right (and I think I'm close), but
 ASSP is failing to catch really obviously faked domains!

 I put the header below, and you can see that
 168-226-66-116.speedy.com.ar  is pretending to be usps.com.  I run my
 mail through netdorm (and have setup netdorm correctly per previous
 advice).  Why is ASSP not throwing out this message based on the
 obviously faked sender domain/ip ?  (I even have usps.com in the
 strictSPF file but no difference).

 Thanks!


 Received: from smtp2.netdorm.com (172.31.254.35) by mail.mydomain.com
  (172.31.254.35) with Microsoft SMTP Server id 8.1.436.0; Fri, 30 Mar
 2012
  09:15:01 -0400
 Received: from smtp2.netdorm.com ([67.214.161.138]
 helo=smtp2.netdorm.com) by
  spamfilter.mydomain.com with ESMTP (2.1.1); 30 Mar 2012 09:15:00
 -0400
 Received: from usps.com (168-226-66-116.speedy.com.ar
 [168.226.66.116] (may be
  forged)) by smtp2.netdorm.com (8.13.8/8.13.8) with ESMTP id
 q2UDExvD014961;
  Fri, 30 Mar 2012 09:15:05 -0400
 Received: from [66.46.31.241] (account

 usps_shipping_servi...@usps.commailto:usps_shipping_servi...@usps.com
 HELO
  uxrxqlfpoztpdtk.vejgrirrwzx.info) by  (CommuniGate Pro SMTP 5.2.3)
 with
  ESMTPA id 274623071 for
 us...@mydomain.commailto:us...@mydomain.com; Fri, 30 Mar 2012
 10:14:56 -0300
 From: Rudy Gould

 usps_shipping_servi...@usps.commailto:usps_shipping_servi...@usps.com
 To: us...@mydomain.commailto:us...@mydomain.com,
 us...@mydomain.commailto:us...@mydomain.com
 Subject: USPS postage labels order confirmation.
 Date: Fri, 30 Mar 2012 10:14:56 -0300
 MIME-Version: 1.0
 Content-Type: multipart/alternative; boundary==_ryqoj_39_54_73
 X-Priority: 3
 X-Mailer: wynuuy_29
 Message-ID:

 6979509404.jvx74cpq755...@tcidqwlmahhk.zettatccivjbe.orgmailto:6979509404.jvx74cpq755...@tcidqwlmahhk.zettatccivjbe.org
 X-Assp-Version: 2.1.1(11364) on spamfilter.mydomain.com
 X-Assp-Re-SPFstrict: @usps.com
 X-Assp-Received-SPF: softfail (cache) ip=67.214.161.138

 mailfrom=usps_shipping_servi...@usps.commailto:mailfrom=usps_shipping_servi...@usps.com
  helo=smtp2.netdorm.com
 X-Assp-Message/IP-Score: 10 (SPF softfail)
 X-Assp-Message/IP-Score: 17 (DNSBL: neutral, 168.226.66.116 listed in
  l2.apews.org)
 X-Assp-DNSBL: neutral, 168.226.66.116 listed in
 (l2.apews.org-127.0.0.2; )
 X-Assp-Spam-Prob: 0.49675
 X-Assp-ID: spamfilter.mydomain.com m1-13300-75165
 X-Assp-Detected-RIP: 66.46.31.241, 168.226.66.116
 X-Assp-Source-IP: 66.46.31.241
 X-Assp-Envelope-From:

 usps_shipping_servi...@usps.commailto:usps_shipping_servi...@usps.com
 X-Assp-Intended-For: us...@mydomain.commailto:us...@mydomain.com
 Return-Path:

 usps_shipping_servi...@usps.commailto:usps_shipping_servi...@usps.com