Re: [asterisk-users] OpenVox A400P01 vs Digium TDM401B
Gordon Henderson wrote: Other than the price (nearly £150 difference), is there any particular reason not to pick an OpenVox A400-based solution for my UK Asterisk needs? None whatsoever. I think the new digium cards are better at interrupt sharing, but if that's not an issue for you, then go for it. I've installed many OpenVox cards. Use Oslec too - works a treat. Excellent, ta for that. I don't think interrupts will be a problem, this will be the only PCI card in the system... Caller ID is the only thing the AX-100P gave me hassle with; does the A400 handle it any better? Remembering that UK CLID is presented between 1st 2nd rings, using V22.bis tones IIRC. I currently use a Pace modem (which has UK CLID capability built in) to capture CLID info... Any thoughts much appreciated, I think you're wrong about UK caller ID.. There is a line polarity reversal, then caller ID is transmitted, then the line rings. You're right, I'd forgotten the polarity reversal; that's what stumpst he AX-100P card, which simply doesn't register the initial reversal. I thought CLID came after the 1st ring, though? I'll check next time I'm on-site with the Asterisk box... You'll need a patch for Zaptel to make it work reliably - same problem with both Digium TDM400 and OpenVox A400 cards too. (ie. it's a driver issue) Look for zaptel-ring.diff if stuck, email me and I'll email my copy. I think I already have it patched with every UK CLID patch I could find... From the time before I gave up getting the AX100P to work. But thanks for the offer anyway! Cheers, Ade. ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Is there a public blacklist of hackers' IPaddresses?
This brings up a side issue. Banks on the Internet have had to provide a sort of insurance that allows the customer to be protected if someone hacks in to his or her account. ITSP will need to think carefully about having a similar policy that protects people from an attack to the provider, no? What do those of you who sell these services thing about liability? Has anyone come up with a statement on this? /r ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
[asterisk-users] IAX problem through intermediate asterisk box
I'm having a problem with IAX running through an intermediate asterisk box. Perhaps a small diagram will explain the situation better: *A --- [cloud (public internet)] --- *B [cloud (private network)]--- *C Asterisk server's A, B, and C, are all connected together with IAX All asterisk servers are 1.6.0.6 Server A and B are geographically close, but connected over the public internet. Server B and C are geographically far, but connected over a private network. (the latency between A and B, and B and C are roughly equal) Each server has at least 1 phone hanging off of it, with A and C having most of the phones (B only has a couple). A's extensions are all 1XXX, B's are 2XXX, and C's are 3XXX Phoning from A to B (or vice versa) works well, as does phoning from B to C (and vice versa). Calls can be placed for an indefinite amount of time and everything works great. The problem arises when phoning from A through B to C (or vice versa). For the first small amount of time (which can vary on a call to call basis, and lasts from 0 seconds to 3 minutes or so) everything is fine. After this, the audio in both directions gets garbled, and starts arriving in spurts. Once this happens, it continues forever. The audio never returns to normal no matter how long you wait. A to B uses IAX with trunking. B to C is not using trunking (dahdi_dummy is not working well on C for some reason - the module loads, but no /dev/dahdi is ever created). The same behavior happens when A to B is not using trunking either. Usually only 1 call is being placed at a time. An interesting thing happens when 2 testcalls are in progress at the same time though. If there's a call from A to B, and a call from A to C is made, once the call from A to C becomes garbled, so does the A to B call. When the A to C call is ended, the A to B call clears up. Ending the A to B call first does not improve the A to C call. The dialplans are setup so each server passes all non-local extensions to it's neighbor. Hence, for A, the relevant part of the dialplan is exten = _2XXX,1,Verbose(1|Extension 2xxx) exten = _2XXX,n,Dial(IAX2/asterisk_B/${EXTEN}) exten = _2XXX,n,Hangup() exten = _3XXX,1,Verbose(1|Extension 3xxx) exten = _3xxx,n,Dial(IAX2/asterisk_B/${EXTEN}) exten = _3xxx,n,Hangup() For B: exten = _1XXX,1,NoOp() exten = _1XXX,n,Dial(IAX2/asterisk_A/${EXTEN}) exten = _1XXX,n,Hangup() exten = _3xxx,1,NoOp() exten = _3xxx,n,Dial(IAX2/asterisk_C/${EXTEN}) exten = _3xxx,n,Hangup() For C: exten = _2XXX,1,Verbose(1|Extension 2xxx) exten = _2XXX,n,Dial(IAX2/asterisk_B/${EXTEN}) exten = _2XXX,n,Hangup() exten = _1XXX,1,Verbose(1|Extension 1xxx) exten = _1XXX,n,Dial(IAX2/asterisk_B/${EXTEN}) exten = _1XXX,n,Hangup() Is this the proper way to set such a configuration up? Is there a better way to call from A through B to C that would work better? Anyone else experience total audio breakup after a while with a similar arrangement? Why does it work initially for up to about 3 minutes, then completely fall apart? Thanks, Andrew ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Create separate Voice Recording System..
Hi Steve Totaro is this run beside on server? or run on every agent? can u explaint how it work ? and can this be integrated with recording database build in asterisk. Thanks. On Wed, Mar 25, 2009 at 8:09 PM, Steve Totaro stot...@totarotechnologies.com wrote: I have had great luck with OrecX, port mirroring, just make sure your switch can handle the PPS rating (bandwidth is rarely a problem. Thanks, Steve Totaro On Wed, Mar 25, 2009 at 5:38 AM, joko pitoyo joko.pit...@gmail.com wrote: Deal All Asterisk Expert If this possible to Create Voice Recording System Beside Main Asterisk PBX?, so Call be handle by 1 Server and Recording by other server. 1. How to accomplish. Thanks. ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- Thanks, Steve Totaro +18887771888 (Toll Free) +12409381212 (Cell) +12024369784 (Skype) ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Skype TO SIP (Was SIP to Skype)
I noticed a quote from you at GigOM: Even if this is complete vaporware at least their heart is in the right direction. Last year they announced Skype for Asterisk which is still not yet released and it’s unclear what the pricing will be. Skype For SIP is similar in that it is not yet available and pricing details are murky but both are steps in the right direction. Om uses a title to his post that is something like Michael Robertson says SIP for 'Skype is vaporware' Is that what you were saying? Or did you mean even if it were vaporware? I've emailed you separately about something else. /r ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Is there a public blacklist of hackers' IPaddresses?
On Wed, 25 Mar 2009, Zeeshan Zakaria wrote: Thanks Gordon for your suggestions and advices. I changed the passwords same day, and was monitoring my system very closely. I also use a non standard port for SSH, and also plan to move my SIP port to a non standard one too in future. At this time things are ok, but I know that this problem is growing very fast, and hackers are after VoIP servers because they can do so much with them. I had to present a seminar few weeks ago on VoIP Security Threats, and while doing my own research, I was shocked to know how hackers are misusing VoIP technology. We definitely need to come up with some really good and effective solutions against these threats. There are other more advanced things you can do with iptables which I've been looking at - but the esence is to count/time new connections to a particular service from each IP address and if more connections per unit of time happen, then apply a temporary block for a bigger period of time. This works for ssh when you know there are only a small number of people who might connect in, but for SIP, you need to check the timings carefully, although one thing I've had issues with is Snom phones which seem to be overly enthusiastic when the end-user has the wrong password in them - they keep trying to register 2 or 3 times a second )-: Gordon -- Zeeshan A Zakaria On Tue, Mar 24, 2009 at 2:01 PM, Roderick A. Anderson raand...@cyber-office.net wrote: Wilton Helm wrote: If life were only that simple. A lot of hacking passes through unsuspecting intermediary computers, precisely to hide their tracks, not to mention IP spoofing. People have offered for sale access to 10,000 computers to use for propagating mischief. That's a lot of IPs to block! I got hacked about six months ago. They came in through SSH and figured out roots password, which was a concatenation of two English words. I presume they did a dictionary search. I used to get hit very hard with these type of attacks (hundreds to thousands per day) on 25-30 servers until I added some iptables rules to REJECT the offending IP for 5 minutes after three unsuccessful attempts in 60 seconds. The attacks typically have dropped to less than five per day. This means those that need access don't need to make _odd_ changes to standard programs' setting and the rules do allow a whitelisting of specific IPs. \\||/ Rod -- Then they changed the password, replaced some key files and launched a denial of service attack against somebody (including compiling the program on my machine)! I traced the IP address to a Comcast customer in Indiana or something and notified Comcast, but haven't heard anything. Probably their customer never even knew it happened--it was probably a hijacked situation. Prior to that I had been logging hundreds of robotic attacks a day that were unsuccessful! I re-installed everything and changed my SSH to a non-standard port and used a more robust password. I haven't had a single hack attempt the four months since. For my purposes, I don't really need SSH on a standard port. That made all the difference in the world. Two areas that have had large hacker presences in the past: Russia and China. A lot of E-Mail spam originates in those two areas, also. I've considered blocking the entire host domain for any provider generating spam from those regions, as I have no legitimate business need to correspond with people in those regions in general. However, I suspect it might block messages from a few users on this list, and I know it would block at least one user from another list I am on. Wilton ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Ebay's SIP for Skype
Guillermo Salas M. a écrit : El mié, 25-03-2009 a las 19:09 +0100, Administrator TOOTAI escribió: Can be used to receive calls from skype? Yes Great,and how? Have you any link to read? http://www.gizmo5.com/pc/opensky/ -- Daniel ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
[asterisk-users] TDMoE in any way related to I-TDM
Hello all, recently i stumbled upon the I-TDM standard, e.g. see here http://www.picmg.org/v2internal/news2005.htm SFP.1, also known as I-TDM (Internal TDM), is a companion protocol specification to SFP.0 that is optimized for TDM traffic over high-speed fabrics such as 1 and 10 Gigabit Ethernet (PICMG 3.1), Advanced Switching (PICMG 3.4), Infiniband (PICMG 3.2), etc. SFP.1 and SFP.0 together provide a complete encapsulation for TDM over Ethernet. and wondered if it possible to connect an Asterisk with TDMoE to an I-TDM Device. I know, it is a long shot, but stranger things have happened ;-) Kind regards, -- Tobias Wolf ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] sip.conf outboundproxy
So, does anyone ever used outboundproxy in sip.conf with success? Does it only send OUTBOUND calls via the proxy and not also internal extension calls via that proxy? Best Regards, Ricardo. ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Is there a public blacklist of hackers' IPaddresses?
randulo wrote: This brings up a side issue. Banks on the Internet have had to provide a sort of insurance that allows the customer to be protected if someone hacks in to his or her account. ITSP will need to think carefully about having a similar policy that protects people from an attack to the provider, no? What do those of you who sell these services thing about liability? Has anyone come up with a statement on this? /r The customer IS protected because it's excellent marketing for the bank or credit card provider. If someone steals my card number and racks up a bunch of charges, I'm often not liable for those charges (dependent, of course, on bank policy). However, the seller who was duped into selling those items because the bank approved the charges on the card? They're simply out of luck. They're charged any relevant charge-back fees AND are out any fees for services or product losses they may have incurred. The bank still gets its money. In the end, SOMEone has to pay. As an end-point ITSP, I can assure you, it would be us who's assessed the requisite charges. If someone uses a fraudulent card, we're required to pay. If someone uses a three letter password on his account, and it's hacked into and uses to rack up charges, we have to pay. In the purely virtual sense, as we're often selling to people we've never met via the Internet, it becomes difficult to say with any certainty if the person who logged into the account and used up the account's money is a hacker or just the account holder who doesn't want to own up to the charges. It puts us in a difficult position. Obviously, in some cases, this becomes more obvious. If the account holder is in the UK and the calls come in from China or Nigeria or Turkey or some such, it would be more likely to be suspect and if the account holder challenged the charges, we might be more liable to work with him or her. However, for the most part, we require a certain 'strength' of password to be used, and we rely on safeguards and monitors on the site itself to try and avoid brute force hacks. With no evidence for a brute force attempt or some other security failure on our side, we're somewhat at the mercy of logic to assume that calls from a customer's premises using a customer's account actually came from the customer, and I think we might be hard pressed to simply ignore said charges. If the security failure is clearly ours, though, I don't think it would be at all reasonable to expect the customer to accept responsibility. I'd be especially wary of a company that blamed the customer for its own security failings. -- Neil Fusillo CEO Infinideas, inc. http://www.ideasip.com ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Is there a public blacklist of hackers' IPaddresses?
On Thu, Mar 26, 2009 at 1:32 PM, SIP s...@arcdiv.com wrote: As an end-point ITSP, I can assure you, it would be us who's assessed the requisite charges. If someone uses a fraudulent card, we're required to pay. If someone uses a three letter password on his account, and it's hacked into and uses to rack up charges, we have to pay. Neil, It hadn't occurred to me when writing it, but obviously there are situations that don't match the banking paradigm. For example, suppose I run my own asterisk, I have a contract with a company like yours and you have my banking info with an authorization to top up. If the fraud is someone on the banking end (hacked my card details for example) that's covered by the bank. But if they brute force hacked my asterisk install because the extension, the username and the secret are all '2005' and then make $100k worth of calls, people like lawyers and judges won't easily see that it's the asterisk install that's responsible, not your company or even the bank. I wonder what steps can be taken legally right now to make responsibilities clearer to the legal world? I once had a guy break in to my house and call his girlfriend in Mexico about 50 times in two weeks. When I called Pacific Bell, the operator placed a call to the number, the woman (stupidly!) admitted, yes I know Luis, he calls me all the time and even though the operator heard this, PB still refused to exempt those charges and go after the guy. I closed my PB account and opened a new one under a variation of my name. /r ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] sip.conf outboundproxy
Ricardo Carvalho wrote: Does it only send OUTBOUND calls via the proxy and not also internal extension calls via that proxy? As has already been posted in your other threads about this subject, Asterisk has no concept of an 'outbound' call at all. In that sense, the name of this option in sip.conf is incorrect, it should just be 'proxy'. If you tell Asterisk to use a SIP proxy for sending out SIP requests, it will send all requests to that proxy, regardless of whether that request might be involved in a call that you classify as 'internal'. To Asterisk, a SIP call is a SIP call; there is no 'internal', 'external', 'outbound', 'inbound', at least not in the sense of 'inside my PBX' or 'outside my PBX'. -- Kevin P. Fleming Digium, Inc. | Director of Software Technologies 445 Jan Davis Drive NW - Huntsville, AL 35806 - USA skype: kpfleming | jabber: kpflem...@digium.com Check us out at www.digium.com www.asterisk.org ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
[asterisk-users] nat problem in reinvite..
Hello i am making some tests with reninvite function.. It is not directly related to asterisk but it would be nice to hear some ideas too. My setting is like that PhoneA on local area with asterisk with real ip.. Phone B is behind nat on a adsl connection. Asterisk ---Local Area-IPTables---Internet---ADSLModem with Nat---PhoneB PhoneA It is basicly my config.. SO, when i call from PhoneA to PhoneB everything seems fine...But when i call from phoneb to phonea(with reinvite for sure) I can hear phoneb but..i cant receive any voice on phonea. When i examine the iptables logs, i figure out that RTP is trying to be sent with private ip of phoneb in second situation..(i mean with 192.168.x.x) Except this, if i disable reinvite i have no problems regarding to nat... So i am suspicious about dsl modem maybe.. or sip client on phoneb side.. but i tried different phones...including x-lite (Even it has a autodetect global ip option) but no solution so far... Any ideas?? ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Is there a public blacklist of hackers' IPaddresses?
randulo wrote: On Thu, Mar 26, 2009 at 1:32 PM, SIP s...@arcdiv.com wrote: As an end-point ITSP, I can assure you, it would be us who's assessed the requisite charges. If someone uses a fraudulent card, we're required to pay. If someone uses a three letter password on his account, and it's hacked into and uses to rack up charges, we have to pay. Neil, It hadn't occurred to me when writing it, but obviously there are situations that don't match the banking paradigm. For example, suppose I run my own asterisk, I have a contract with a company like yours and you have my banking info with an authorization to top up. If the fraud is someone on the banking end (hacked my card details for example) that's covered by the bank. But if they brute force hacked my asterisk install because the extension, the username and the secret are all '2005' and then make $100k worth of calls, people like lawyers and judges won't easily see that it's the asterisk install that's responsible, not your company or even the bank. I wonder what steps can be taken legally right now to make responsibilities clearer to the legal world? I once had a guy break in to my house and call his girlfriend in Mexico about 50 times in two weeks. When I called Pacific Bell, the operator placed a call to the number, the woman (stupidly!) admitted, yes I know Luis, he calls me all the time and even though the operator heard this, PB still refused to exempt those charges and go after the guy. I closed my PB account and opened a new one under a variation of my name. /r Indeed, the old method of this sort of fraud involved a lineman's handset or a phone modified with alligator clips to attach to the NID outside the home of someone not in town, thereby being able to call long distance on someone else's bill. I've heard of NO cases in which the phone company accepted liability for those charges, even if they forgot to lock the NID itself. For all intents and purposes, it's a telco-installed back door into your system with poor overall security. The problem with getting the legal system to understand whose responsibility this is is a difficult one. Politics and an overall lack of good, unbiased information has always affected legislation and, as such, jurisprudence. Politicians neither know nor tend to care about the finer points of technology and how it may be used. They rely on advisors to tell them the bullet-point version of any issue before they make a snap decision on whether it's expedient to back it legislatively. These advisors are either lobbyists, PACs, or advised by such, and all of them have an agenda. I can assure you that the agenda of the home or home business with Asterisk is not heard. Ever. This leaves a judge to make a decision should it come to court, and it could go either way, but it would be a messy and expensive battle, and the decision of the judge would be tempered by what's written into the law, which right now is hardly kept up to date for modern technologies. In a situation like ours, we'd be dealing with legal systems in a variety of countries, which would make things even more complex. I think step one in this sort of fight is, and has always been, having a true political voice that can be heard above the din of established special-interest groups. The VON Coalition was an idea like this, but it's an incredibly exclusive membership -- designed for companies making hundreds of millions if not billions a year in revenue. With minimum annual dues of $10,000 or more, it's quite reasonable as a semi-democratic organisation for business making $500,000,000 a year. For smaller companies, it's laughable. And so, the voices heard are the ones which were heard before -- the ATTs, the British Telecoms, the Comcasts, and the Verizons of the world. It becomes just another avenue to get the same political point across. A second opinion that's guaranteed to be the same as the first, as it were. And so, in answer to your question, I don't think there ARE necessarily steps that can be taken right now to ensure that there's a rational approach to the resolution of such an issue of fraud. Barring some sort of major legal precedent, it's going to be anyone's guess how the verdict comes out in the end. -- Neil Fusillo CEO Infinideas, inc. http://www.ideasip.com ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] help - How to send hangup command to call in progress.
I am guessing that your dialplan has a dial command to actually do the dialing. What we do is pass a variable, like dial-timeout, and then use ${dial-timeout} as the time out in the dial command. -- Jim Dickenson mailto:dicken...@cfmc.com CfMC http://www.cfmc.com/ From: Singh Saimbhi singh.saim...@palm.com Reply-To: Asterisk Users Mailing List - Non-Commercial Discussion asterisk-users@lists.digium.com Date: Wed, 25 Mar 2009 21:28:26 -0700 To: Asterisk Users Mailing List - Non-Commercial Discussion asterisk-users@lists.digium.com Conversation: [asterisk-users] help - How to send hangup command to call in progress. Subject: Re: [asterisk-users] help - How to send hangup command to call in progress. Hello Andy, I am using Net::Telnet to setup a session and using Manger API to call out: $session-print(h2s( Action = Originate, Extension = s, Context= $options{context}, Channel= $options{channel}/$number, MaxRetries = $options{maxretries}, RetryTime = $options{retrytime}, WaitTime = $options{waittime}, Priority = 1, Variable = callduration=$options{callduration}, AbsoluteTimeout = 2, )); Now, for some reason the WaitTime out is not working as expected. No matter what number I put it in it keeps on ringing on the other side. So, I was think of some how capture the current call session from asterisk and send the hangup as you suggested. I want to end the call in a given time length since we are doing some stress testing. Call time starts after we run the script and ends it should end after specific time lets, say 25sec later. Thanks, Singh -Original Message- From: asterisk-users-boun...@lists.digium.com [mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of Andy Kuo Sent: Wednesday, March 25, 2009 9:06 PM To: Asterisk Users Mailing List - Non-Commercial Discussion Subject: Re: [asterisk-users] help - How to send hangup command to call in progress. Hi Singh, Have you tried soft hangup? Andy On Wed, Mar 25, 2009 at 4:38 PM, Singh Saimbhi singh.saim...@palm.com wrote: Hi, I want to send hangup command to the call which was logged in earlier via cli. Lets say to '5aec0e7207b24c8e1bdb511a460f7...@callcentric.com Basically I want to hang up the call when ever I want but from the script. Thanks, Singh ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] ITSP's no longer supporting IAX?
Dr. Michael J. Chudobiak wrote: The choice of router/NAT is critical though. Unlimitel recommended the SnapGear 560 to me, and it eliminated all the issues I was having with IAX going through my Sonicwall devices. I've had nothing but issues with sonicwalls on both the IAX2 and SIP side of things. At this point I simply refuse to work with customers who have problems with their network if they are fronting it with a sonicwall. It's a waste of the customers time and money, and seems to be an insurmountable obstacle. So I'm not surprised replacing it fixed your issue :) -- Leif Madsen. http://www.leifmadsen.com http://www.oreilly.com/catalog/asterisk ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
[asterisk-users] show pri usage
Hi, I would like to know how to see which channels are used in my PRI E1 link from Asterisk to another locally-connected commercial PBX. If I run dahdi show channels, I can see the used channels in the second column extension but only if it's an incoming call (ie. legacy PBX to Asterisk). If I dial from an Asterisk extension to an extension in the other PBX, dahdi show channels does not show me which channel it's using (there is nothing in the extension column). show channels does show SIP to ZAP usage but it's not that clear. My goal is to simply record the PRI channel usage through time (like a 10 minute cron script that polls PRI link status/usage). Maybe I could simply do something like: asterisk -rx show channels | grep -c -i zap to get the number of zap/dahdi channels in use. Any ideas? Thanks, Vieri ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] sip.conf outboundproxy
Thanks Kevin. Although it doesn't fit my needs, thanks for the explanation. I guess I'll really have to combine Asterisk with OpenSer to do what I want. Ricardo. On Thu, Mar 26, 2009 at 1:07 PM, Kevin P. Fleming kpflem...@digium.comwrote: Ricardo Carvalho wrote: Does it only send OUTBOUND calls via the proxy and not also internal extension calls via that proxy? As has already been posted in your other threads about this subject, Asterisk has no concept of an 'outbound' call at all. In that sense, the name of this option in sip.conf is incorrect, it should just be 'proxy'. If you tell Asterisk to use a SIP proxy for sending out SIP requests, it will send all requests to that proxy, regardless of whether that request might be involved in a call that you classify as 'internal'. To Asterisk, a SIP call is a SIP call; there is no 'internal', 'external', 'outbound', 'inbound', at least not in the sense of 'inside my PBX' or 'outside my PBX'. -- Kevin P. Fleming Digium, Inc. | Director of Software Technologies 445 Jan Davis Drive NW - Huntsville, AL 35806 - USA skype: kpfleming | jabber: kpflem...@digium.com Check us out at www.digium.com www.asterisk.org ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Is there a public blacklist of hackers' IPaddresses?
On Thu, Mar 26, 2009 at 2:38 PM, SIP s...@arcdiv.com wrote: And so, in answer to your question, I don't think there ARE necessarily steps that can be taken right now to ensure that there's a rational approach to the resolution of such an issue of fraud. Barring some sort of major legal precedent, it's going to be anyone's guess how the verdict comes out in the end. Hence the need for all of us, everywhere to step up measures to prevent as much as possible, the unlawful use of a system. Maybe some kind of (optional modular) monitor or engine could be built for the asterisk platform to at least send alerts when it deduces suspicious activity? r ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] New CentOS 5 repo: dahdi, asterisk, freepbx RPMs
Hi, Axel. Axel Thimm wrote: How about merging in your changes/improvements/new packages with ATrpms (and automatically later into rpmrepo.org)? That way we won't have further fragmentation and a larger user base to test bits (which will be distributed in stable, testing etc repos). Of course I'd love to contribute my changes to ATrpms. Some of the small changes I made, such as adding OSLEC to the DAHDI RPMs, might be nice for ATrpms users. I'll whip up some patches against the ATrpms sources. My problem with ATrpms, though, is that the RPMs make use of many custom macros that make them unbuildable outside the ATrpms environment. I understand that might be necessary for RPMs like DAHDI that build kernel modules for several versions of several distros, where vanilla specfile code would get hairy. (I think we had this discussion a couple of years ago on the ATrpms ML.) Since I don't have to worry about multiple versions of multiple distros in my environment, I prefer to use vanilla specfile that will rebuild on anyone's CentOS 5 system. John ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Is there a public blacklist of hackers' IPaddresses?
Yes, i agree with this !.. People are stupid and or stressed like hell , jumping head first in crap and then forgetting about what they just said or done. They Google some crap question copy/paste the first result dialplan/sip.conf stanza etc.. and assume it will work.. lolIt's open source aint'it ? it should be easy as building cities with legos.../lol So then comes in the problems, instead of understanding the core of the problem at hand, they jump to quick answers and solutions, which of course are usually 90% wrong... Google is not an encyclopaedia.. it's an archive of everyone's thoughts, and notes. So now you got extension 123 pass 123 context default, where context default - include demo... include ld, include International... Every hacker out there has the tools to check for those, and of course when the server answers with invalid password instead of something else, it gives them a hint that 123 is in fact an extension.. they won't BRUTE force anything, there's so many open SIP boxes out there, it's scary... It's a vicious circle, people don't learn , so apps like trixbox etc make it easier for them , which in turns opens up the problems.. Then again are we asking MR smith to learn networking security fundamentals ? programming habbits , etc ? This is a tool that was made for developers by developers, went mainstream , making cash , and now it's a commercial swiss army knife with no crowd control. I really like the default #REMOVE ME in some apps to make something work.. as i am too really used to start the damn app without even looking at most of it. But once you get hit.. you will get hit hard, and then comes the learning... Seems that's the society these days. Contacttel Support -Original Message- From: asterisk-users-boun...@lists.digium.com [mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of randulo Sent: March-26-09 9:03 AM To: Asterisk Users Mailing List - Non-Commercial Discussion Subject: Re: [asterisk-users] Is there a public blacklist of hackers' IPaddresses? On Thu, Mar 26, 2009 at 1:32 PM, SIP s...@arcdiv.com wrote: As an end-point ITSP, I can assure you, it would be us who's assessed the requisite charges. If someone uses a fraudulent card, we're required to pay. If someone uses a three letter password on his account, and it's hacked into and uses to rack up charges, we have to pay. Neil, It hadn't occurred to me when writing it, but obviously there are situations that don't match the banking paradigm. For example, suppose I run my own asterisk, I have a contract with a company like yours and you have my banking info with an authorization to top up. If the fraud is someone on the banking end (hacked my card details for example) that's covered by the bank. But if they brute force hacked my asterisk install because the extension, the username and the secret are all '2005' and then make $100k worth of calls, people like lawyers and judges won't easily see that it's the asterisk install that's responsible, not your company or even the bank. I wonder what steps can be taken legally right now to make responsibilities clearer to the legal world? I once had a guy break in to my house and call his girlfriend in Mexico about 50 times in two weeks. When I called Pacific Bell, the operator placed a call to the number, the woman (stupidly!) admitted, yes I know Luis, he calls me all the time and even though the operator heard this, PB still refused to exempt those charges and go after the guy. I closed my PB account and opened a new one under a variation of my name. /r ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] OT: Accountless, free, skinnable, browser based SIP client wanted
What about Yahoo messenger? It seems that the PC to PC talk might do the trick. -Original Message- From: asterisk-users-boun...@lists.digium.com [mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of Steve Edwards Sent: Wednesday, March 25, 2009 5:47 PM To: Asterisk Users Mailing List - Non-Commercial Discussion Subject: Re: [asterisk-users] OT: Accountless, free, skinnable, browser based SIP client wanted On Wed, 25 Mar 2009, Steve Edwards wrote: I have a client that wants to put a phone on their web page for customers to call them via their Asterisk server. ) A keypad is needed to enter credit card details. ) Speed dial buttons like Tech Support, Sales, etc. are a requirement. Actually, passing the SIP address in the HTTP link would work with a bit of arm twisting. ) Free is preferred, but not a requirement. ) SIP is preferred, but IAX may also work. ) Cross platform is preferred, but Windows is the primary user base. ) They want it done yesterday. ) The destination has to be their Asterisk server. ) How can you have the browser place the call? Can you invoke Gizmocall and pass a SIP address? ) How does this get me past the customer having to enter login details? Can you invoke Gizmocall and pass login details? On Wed, 25 Mar 2009, Danny Nicholas wrote: I'm thinking a PERL solution, because that's the primary thing I do. You would take the input from the webpage, pass it to an AGI that opened a new web window to make the call and pass the connection back to your original window. I'm not seeing this... The customer clicks on a link on a web page which includes a SIP address in the HTTP request and the web server invokes a CGI (not AGI) that spews HTML back to the customer's browser to pass what connection where? Another thought on that thread; could you make the window a softphone and have asterisk call that extension? If I had a browser based softphone that doesn't require my client's customer to create an account somewhere... Any suggestions that meet the above criteria? Thanks in advance, Steve Edwards sedwa...@sedwards.com Voice: +1-760-468-3867 PST Newline Fax: +1-760-731-3000 ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Is there a public blacklist of hackers' IPaddresses?
randulo wrote: On Thu, Mar 26, 2009 at 2:38 PM, SIP s...@arcdiv.com wrote: And so, in answer to your question, I don't think there ARE necessarily steps that can be taken right now to ensure that there's a rational approach to the resolution of such an issue of fraud. Barring some sort of major legal precedent, it's going to be anyone's guess how the verdict comes out in the end. Hence the need for all of us, everywhere to step up measures to prevent as much as possible, the unlawful use of a system. Maybe some kind of (optional modular) monitor or engine could be built for the asterisk platform to at least send alerts when it deduces suspicious activity? r There are generally two approaches to this. Neither is necessarily 'correct,' but one is considerably less unwise. The first approach is the current approach: build software with little thought to how it will be secured, opting for all the work of securing the product once it's been implemented to come down to a requirement for the deployer to both know and, more importantly, understand good security practices. This has a value for enthusiasts because many of them will be running the service just in a home network or test environment, and it lets them get things up and running without worrying about all the little issues that might get in the way of a quickly-deployed system. It's essentially like choosing 'install everything' on a linux install and opting to have no firewall. It's wonderfully easy to deploy and there are no weird rules getting in the way of using the system immediately. It's also a really REALLY (I can't stress how strongly enough) bad idea if you're building a product that is deployed by more than just enthusiasts and will ever be in any remote way tied to someone's finances (including, but not limited to, telephone access charges, bandwidth fees, etc). The second approach is to build the product to be as secure as it can possibly be right out of the box, and require those deploying it to essentially remove levels of security in order to get things working in a particular environment. This also requires a certain knowledge of security practices, and it relies on those deploying the product to understand that the errors they may be seeing on deployment are likely to do with security feature X or Y. This takes time and a lot of work, because every component of the system has to be hardened and tested to ensure a seamless security model throughout without worries about incompatibilities in the basic security model between modules of a complex system. It also makes the system harder to deploy out of the box because it requires tailoring for the specific environment not just to handle a different user base, but also simply to work. I think there's a lot of push back on this sort of model for something like Asterisk because people feel that security should be this nebulous thing that exists 'somewhere else.' But in reality, security starts with the software itself and works outward. Just as you can't build a stable house on an unstable foundation, any weak link in the security chain is an invitation to disrupt the entire system with an exploit. And the weak link in MANY systems when it comes to security is the knowledge of the person deploying it. I believe a certain level of high grade security should certainly be built into Asterisk, and that it should have an overall security model, as well as documentation discussing the security of the system and the parameters that accompany it. Not only would this alleviate the concerns of many people deploying, but it would be excellent marketing. Have you seen the number of cars that advertise their side-impact air bags, safety rating, and other such features? Nothing will keep a person from killing himself in a car if he chooses not to wear a seatbelt and drive unsafely in heavy traffic. But if he's in a car without seatbelts? Or with a horrible crash test rating? Chances are he may end up getting hurt anyway. Even if he makes sure he drives carefully. -- Neil Fusillo CEO Infinideas, inc. http://www.ideasip.com ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] New CentOS 5 repo: dahdi, asterisk, freepbx RPMs
Hi, On Thu, Mar 26, 2009 at 10:35:32PM +0800, John Morris wrote: Hi, Axel. Axel Thimm wrote: How about merging in your changes/improvements/new packages with ATrpms (and automatically later into rpmrepo.org)? That way we won't have further fragmentation and a larger user base to test bits (which will be distributed in stable, testing etc repos). Of course I'd love to contribute my changes to ATrpms. Some of the small changes I made, such as adding OSLEC to the DAHDI RPMs, might be nice for ATrpms users. I'll whip up some patches against the ATrpms sources. My problem with ATrpms, though, is that the RPMs make use of many custom macros that make them unbuildable outside the ATrpms environment. I understand that might be necessary for RPMs like DAHDI that build kernel modules for several versions of several distros, where vanilla specfile code would get hairy. (I think we had this discussion a couple of years ago on the ATrpms ML.) Since I don't have to worry about multiple versions of multiple distros in my environment, I prefer to use vanilla specfile that will rebuild on anyone's CentOS 5 system. Actually all you need these days is to install atrpms-rpm-config. This will provide all that may be neccessary. The most prominent part of the environment is to support multiple kernels, not mulitple distros. Of course using distro-neutral macros helps keeping the same specfile/src.rpm across the distros. -- Axel.Thimm at ATrpms.net pgp94Mbri3a9I.pgp Description: PGP signature ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
[asterisk-users] Provisioning GXP 2000
I've done some googling and searched voip-info but I'm not able to find a good answer about how to provision the GXP 2000. Based on questions I've asked before it seems like a lot of people are using the grandstream phones so I figure provisioning can't be that hard. Is everyone using the web interface for *every* phone? Or is there a better, more automatic, way? TIA!!! Thanks, David Ruggles CCNA MCSE (NT) CNA A+ Network EngineerSafe Data, Inc. (910) 285-7200 da...@safedatausa.com ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Is there a public blacklist of hackers' IPaddresses?
On Thu, Mar 26, 2009 at 4:19 PM, SIP s...@arcdiv.com wrote: The first approach is the current approach: build software with little thought to how it will be secured, opting for all the work of securing What about SIP itself? Does it provide enough crypto to be solid? Or is that handled only by the layer above it? /r ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Provisioning GXP 2000
David Ruggles wrote: I've done some googling and searched voip-info but I'm not able to find a good answer about how to provision the GXP 2000. Based on questions I've asked before it seems like a lot of people are using the grandstream phones so I figure provisioning can't be that hard. Is everyone using the web interface for *every* phone? Or is there a better, more automatic, way? I just use the web interface, and note that it only works when you have connected networks, either local or on a vpn. There is an endpoint manager in trixbox that will find devices but only on the local lan pretty much. I generally configure the phones how I want at my desk, and then give them to whoever they are for and they plug them in remotely someplace and they work as per setup. My setup is a mix of grandstreams and other zap and sip devices, but I can imagine doing updates on hundreds of phones would need to be more automated. Not sure if this exists or not but since its only form posts to configure the phone, something that wrote out files, from a database and used wget or curl to dump them into a phone would be pretty useful, but only if the phones http is accessible from the server, and only if you had a lot with similar configurations you could template. TIA!!! Thanks, David Ruggles CCNA MCSE (NT) CNA A+ Network Engineer Safe Data, Inc. (910) 285-7200da...@safedatausa.com ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Is there a public blacklist of hackers' IPaddresses?
Gordon wrote: There are other more advanced things you can do with iptables which I've been looking at - but the esence is to count/time new connections to a particular service from each IP address and if more connections per unit of time happen, then apply a temporary block for a bigger period of time. This works for ssh when you know there are only a small number of people who might connect in, but for SIP, you need to check the timings carefully, although one thing I've had issues with is Snom phones which seem to be overly enthusiastic when the end-user has the wrong password in them - they keep trying to register 2 or 3 times a second )-: I few years ago I noticed and quickly became annoyed by the volume of dictionary attacks on my home server. No one broke in, but the logs were becoming useless. Since installing it my logs are once again readable, and I have a nice long list of naughty addresses in my iptables DROP table. I found a package called sshdfilter that can add and remove iptables rules based on a number of conditions- 1. Invalid username - block immediately 2. Valid username w/invalid password - block after x attempts It supports white-listing so that a slip of the finger does not lock you out from a trusted host. The setup is fairly simple and system load is minimal. The package works by parsing syslog messages, and it appears that it could be extended to cover VoIP attacks, as long as the system is logging failed authentication attempts. Dan ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
[asterisk-users] Sisky to connect Skype to Asterisk
Dear all, I've read some news about Sisky (http://www.yeastar.com/Products/SiSkyEE.asp), a service to interconnect Skype clients with SIP clients. Does anybody test Sisky and can tell me about his experience ??? (Sisky runs on Windows because Skype and its API are more stable on this OS). Regards, Alejandro ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Is there a public blacklist of hackers' IP addresses?
On Mon, Mar 23, 2009 at 9:11 PM, Zeeshan Zakaria zisha...@gmail.com wrote: I was wondering if somebody maintains a list of these IP addresses which everybody can block in their firewalls. And is there a place I can publish these IP addresses? Are you familiar with denyhosts or blockhosts? Denyhosts is mostly used with ssh, but I think the same concept could be used with asterisk. -- Heath Roberts htrobe...@gmail.com ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Provisioning GXP 2000
Grandstream does have a FTP/HTTP provisioning scheme. Note the Grandstream address in the provision areas on the phone web page. When bought from some sources, the unit mac number can be registered to you in a Grandstream server, so when the unit is plugged in it will be redirected to your provisioning server. Or, you can do it your self on first setup. Then the unit will look to your servers for set up info. There are programs that take setup info, pack it into tight data and put it in a file using the mac address as the file name. You put those on your provisioning server, and the phone will provision itself. Thus, if you want to change something on a phone or ATA, changing it in the file will accomplish the change when the unit is rebooted, or when the programmed update period comes up. We have done all that, but in practice and with software revisions, we lost the magic touch and program phones by hand for now. Cary Fitch -Original Message- From: asterisk-users-boun...@lists.digium.com [mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of David Ruggles Sent: Thursday, March 26, 2009 10:41 AM To: 'Asterisk Users Mailing List - Non-Commercial Discussion' Subject: [asterisk-users] Provisioning GXP 2000 I've done some googling and searched voip-info but I'm not able to find a good answer about how to provision the GXP 2000. Based on questions I've asked before it seems like a lot of people are using the grandstream phones so I figure provisioning can't be that hard. Is everyone using the web interface for *every* phone? Or is there a better, more automatic, way? TIA!!! Thanks, David Ruggles CCNA MCSE (NT) CNA A+ Network EngineerSafe Data, Inc. (910) 285-7200 da...@safedatausa.com ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Provisioning GXP 2000
On 11:41, Thu 26 Mar 09, David Ruggles wrote: I've done some googling and searched voip-info but I'm not able to find a good answer about how to provision the GXP 2000. Based on questions I've asked before it seems like a lot of people are using the grandstream phones so I figure provisioning can't be that hard. Is everyone using the web interface for *every* phone? Or is there a better, more automatic, way? Checkout http://www.grandstream.com/configurationtool.html -- Michiel van Baak mich...@vanbaak.eu http://michiel.vanbaak.eu GnuPG key: http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x71C946BD Why is it drug addicts and computer aficionados are both called users? ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] New CentOS 5 repo: dahdi, asterisk, freepbx RPMs
Hi, On Thu, Mar 26, 2009 at 12:35:45AM +0800, John Morris wrote: Dear list, I've set up an RPM repository with several asterisk-related RPMs that I think contain some improvements upon what are already out there. The first goal is to be able to build an Asterisk + FreePBX system on CentOS 5 with the EPEL repo enabled; in our environment, where all our systems are under configuration management, either an appliance-type solution or a manual configure/make/make install process is undesirable. The FreePBX RPM is the biggest improvement; this RPM can be meaningfully manipulated with rpm -e/-V, installs with all the latest updates, and has some other basic bits you'd expect (but that no other FreePBX RPM seems to provide). This is written from scratch. The DAHDI SRPMs can build kernel module RPMs against any installed kernel-devel RPM, and also build OSLEC modules. The Asterisk RPM is provided for completeness, and is lightly customized to work better with the FreePBX RPM. These RPMs are modified versions of the ATrpms packages (Thanks, Axel). The packages appear (at first glance) to be rather well-built. However they do manifest a common issue: patching cruft. Here is part of dahdi-linux.spec: %patch2 -p1 -b .diet cd ../.. perl -pi -e's,mknod,:,' Makefile grep -rl '#include linux/config.h' . | xargs perl -pi -e's,#include linux/config.h,/* #include linux/config.h */,' perl -pi -e's,^always,#always,' drivers/dahdi/xpp/Kbuild Patch2 is: --- kernel/xpp/xbus-core.c.diet 2007-03-01 20:50:34.0 +0100 +++ kernel/xpp/xbus-core.c 2007-04-26 10:55:47.0 +0200 @@ -160,7 +161,7 @@ * a bit earlier (2.6.18). If you use such a kernel, Change the * following test from 2,6,19 to 2,6,18. */ -#if LINUX_VERSION_CODE KERNEL_VERSION(2,6,19) +#if LINUX_VERSION_CODE KERNEL_VERSION(2,6,18) #defineI_PRIVATE(inode)((inode)-u.generic_ip) #else #defineI_PRIVATE(inode)((inode)-i_private) 1. For some versions of Fedora (and maybe also Centos 5.2?) the respective code has been backported. It is only used in some debugging code. It's all inside '#ifdef XPP_DEBUGFS' . Originally that one was defined if the debugfs was available. Later on it was simply dropped by default. The patch lives on. 2. Next we have patching out of mknod, instead of using 'DYNFS=yes'. 3. Third line patches all the lines with linux/config.h in the tree: This seems necessary: $ grep -r linux/config.h drivers/dahdi/ drivers/dahdi/datamods/hdlc_generic.c:#include linux/config.h drivers/dahdi/datamods/syncppp.c:#include linux/config.h drivers/dahdi/wct4xxp/vpm450m.c:#include linux/config.h drivers/dahdi/dahdi_config.h:#include linux/config.h But let's look again: $ grep -r -C 1 linux/config.h drivers/dahdi/ drivers/dahdi/datamods/hdlc_generic.c- drivers/dahdi/datamods/hdlc_generic.c:#include linux/config.h drivers/dahdi/datamods/hdlc_generic.c-#include linux/module.h -- drivers/dahdi/datamods/syncppp.c- drivers/dahdi/datamods/syncppp.c:#include linux/config.h drivers/dahdi/datamods/syncppp.c-#include linux/module.h -- drivers/dahdi/wct4xxp/vpm450m.c-#if LINUX_VERSION_CODE KERNEL_VERSION(2,6,18) drivers/dahdi/wct4xxp/vpm450m.c:#include linux/config.h drivers/dahdi/wct4xxp/vpm450m.c-#else -- drivers/dahdi/dahdi_config.h-#if LINUX_VERSION_CODE KERNEL_VERSION(2,6,18) drivers/dahdi/dahdi_config.h:#include linux/config.h drivers/dahdi/dahdi_config.h-#else The PPP stuff has not been patched (anybody uses it?). The kernel stuff has been fixed. 4. Next we have a patch that disables a build-time test in the xpp directory. That test has failed at some point. This was indeed one of the cases where a test failed but won't fail at run-time. However, this was fixed at 2.1.0.3: http://bugs.digium.com/view.php?id=13832 Do I expect you all packagers to know the internals of a package? To know that some code is now no longer built at all? Surely no. This is why you should report such issues upstream. As a rule: every patch that you have is a potential bug. It should carry an explanation. One good explanation is a reference to a bug tracker issue. If a bug is not reported upstream, how will it be solved? The DYNFS thing is still something I'm not happy with. I think that almost all users of DAHDI now use udev. Hence using anything else should be the exception. Not to mention udev works well out of the box: with most systems device files will now be generated correctly even without udev rules, and the udev rules are only needed to set permissions. I'd like to see this default changed on the next version of DAHDI. But having packages just patch the problem away and not even monitor an open bug about it, means they'll miss this change. Another bad form of laziness is patching with perl scripts instead of proper patches. A perl script is less likely to break. But this is the reason why you should (actively) have to
Re: [asterisk-users] show pri usage
On Thu, 2009-03-26 at 07:19 -0700, Vieri wrote: Maybe I could simply do something like: asterisk -rx show channels | grep -c -i zap to get the number of zap/dahdi channels in use. I was actually using a command similar to that up until a few months ago. /usr/sbin/asterisk -rx 'show channels' | grep '^Zap/[1-9]-\| ^Zap/1[0-9]-\|^Zap/2[0-3]-' | wc -l That command counted the number of lines that started with one of the first 23 Zap channels Now, I'm using phpagi to monitor from another server. This script polls both in and out usage on those 23 zap channels where $data1 is In and $data2 is Out. ?php $data1=0; $data2=0; require_once('/opt/checkers/lib/asterisk/phpagi-asmanager.php'); $asm = new AGI_AsteriskManager('/opt/checkers/lib/asterisk/phpagi.conf'); if($asm-connect()) { $asm-events('off'); $channels = $asm-command(show channels concise); $channels = $channels['data']; $channelRows = explode(\n,$channels); while($row=array_shift($channelRows)){ $rowDetails=explode('!',$row); if(substr($rowDetails[0],0,3) == 'Zap'){ $zapChannel=substr($rowDetails[0],4,(strpos($rowDetails[0],'-')-4)); if($zapChannel24){ if(substr($rowDetails[7],0,1) == '9') $data2++; else $data1++; } } } $asm-disconnect(); } echo $data1!$data2; ? ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Provisioning GXP 2000
On Thu, 26 Mar 2009, David Ruggles wrote: I've done some googling and searched voip-info but I'm not able to find a good answer about how to provision the GXP 2000. Based on questions I've asked before it seems like a lot of people are using the grandstream phones so I figure provisioning can't be that hard. Is everyone using the web interface for *every* phone? Or is there a better, more automatic, way? Grandstream do have their own Java based tool, but I've found it a bit of a hassle. There is another tool written in Perl to configure them via their web interface though - called gsutil. http://www.pkts.ca/gsutil.shtml I've added the things neccessary to support the later versions of software for the grandstreams - my versions at http://unicorn.drogon.net/gsutil What I do is program one up manually, then get a dump via gsutil, then put that into all the others, then manually go through them, changing the username passwords. One of these days I'll finish the automation to extract the usenrname password out of my PBX, but ... Gordon ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] ITSP's no longer supporting IAX?
On Wednesday 25 March 2009 19:20:00 Steve Totaro wrote: On Wed, Mar 25, 2009 at 2:56 PM, Tilghman Lesher wrote: On Wednesday 25 March 2009 10:45:59 Cary Fitch wrote: It was probably Voice pulse that suggested we not use IAX, and we are getting an IAX error at this time on another connection where we do use it. The error is: [Mar 25 05:46:16] WARNING[5102]: chan_iax2.c:1056 __send_lagrq: I was supposed to send a LAGRQ with callno 9779, but no such call exists (and I cannot remove lagid, either) Which looks like an internal error. I have been wondering where to report this error. :-) It isn't killing us but I would like to see it go away. It should be gone in the latest release. Do both sides have to be using the latest release? Has this been the same bug since many years ago, or a new moving target that has been hit? Just use SIP and save yourself the pain. If you like, I can order up a similar warning in SIP. The warning is actually fairly safe to ignore, but it bugs the crap out of some people (and then we can similarly argue Just use IAX2 and save yourself the pain). -- Tilghman ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] show pri usage
On Thu, 26 Mar 2009, Vieri wrote: I would like to know how to see which channels are used in my PRI E1 link from Asterisk to another locally-connected commercial PBX. My goal is to simply record the PRI channel usage through time (like a 10 minute cron script that polls PRI link status/usage). Maybe I could simply do something like: asterisk -rx show channels | grep -c -i zap to get the number of zap/dahdi channels in use. I do it with a shell script run every minute on each server and then I store the count and the HOSTNAME in the database. (Now that my AMI skills are a bit better, I'd probably do it in PHP and AMI...) Then I have a php script that creates a web page showing the maximum channels in use with a row for each host and a column for each hour of the day. Thanks in advance, Steve Edwards sedwa...@sedwards.com Voice: +1-760-468-3867 PST Newline Fax: +1-760-731-3000 ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] show pri usage
--- On Thu, 3/26/09, Bob Pierce pier...@westmancom.com wrote: Now, I'm using phpagi to monitor from another server. This script polls both in and out usage on those 23 zap channels where $data1 is In and $data2 is Out. Thanks for sharing your script. I see you're using show channels. So does this mean that {zap,dahdi} show channels is not as useful as show channels? Is it intended that zap show channels does not show busy channels if it's an outgoing call? I'm asking this because maye my config is wrong somewhere and that's why nothing shows up in the extension column except for incoming calls (maybe something to do with caller id detection). If you place an outgoing call, say, from a SIP extension through the PRI, does a zap show channels actually show that call? Thanks again, Vieri ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
[asterisk-users] Voicemail Problem
I have a problem with the current trunk code for 1.6.0 as it relates to voicemail. I had the same problem in a previous trunk version as well so I just updated myself to current code - Asterisk SVN-branch-1.6.0-r184281M I have voicemail using ODBC storage. When a new voicemail message is left and the system is, I am guessing, trying to generate the email notification it core dumps. Here is what was on the console: [2009-03-26 10:20:04.814] -- Saving message as is [2009-03-26 10:20:04.815] -- IAX2/jcd1server-5810 Playing 'vm-msgsaved.gsm' (language 'en') [2009-03-26 10:20:06.757] == Parsing '/var/spool/asterisk/voicemail/ourvm/108/INBOX/msg0001.txt': [2009-03-26 10:20:06.757] == Found The message is saved in the database as I can retrieve the voicemail from the phone. It just seems there is some problem with email notification. Has anyone seen this problem as well? -- Jim Dickenson mailto:dicken...@cfmc.com CfMC http://www.cfmc.com/ ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] ITSP's no longer supporting IAX?
On Thu, Mar 26, 2009 at 1:01 PM, Tilghman Lesher tilgh...@mail.jeffandtilghman.com wrote: On Wednesday 25 March 2009 19:20:00 Steve Totaro wrote: On Wed, Mar 25, 2009 at 2:56 PM, Tilghman Lesher wrote: On Wednesday 25 March 2009 10:45:59 Cary Fitch wrote: It was probably Voice pulse that suggested we not use IAX, and we are getting an IAX error at this time on another connection where we do use it. The error is: [Mar 25 05:46:16] WARNING[5102]: chan_iax2.c:1056 __send_lagrq: I was supposed to send a LAGRQ with callno 9779, but no such call exists (and I cannot remove lagid, either) Which looks like an internal error. I have been wondering where to report this error. :-) It isn't killing us but I would like to see it go away. It should be gone in the latest release. Do both sides have to be using the latest release? Has this been the same bug since many years ago, or a new moving target that has been hit? Just use SIP and save yourself the pain. If you like, I can order up a similar warning in SIP. The warning is actually fairly safe to ignore, but it bugs the crap out of some people (and then we can similarly argue Just use IAX2 and save yourself the pain). Yes, please do. I would like. I understand you are a developer and you want IAX2 to be great. That is your job, but the fact is that it is not and has caused audio and security problems for YEARS in EVERY release. It should bug you and everyone at Digium that waves the IAX2 flag. While Asterisk's implementation of the SIP RFC is far from compliant, it generally Just Works not matter what version you are using. -- Tilghman -- Thanks, Steve Totaro +18887771888 (Toll Free) +12409381212 (Cell) +12024369784 (Skype) ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Is there a public blacklist of hackers' IPaddresses?
randulo wrote: On Thu, Mar 26, 2009 at 4:19 PM, SIP s...@arcdiv.com wrote: The first approach is the current approach: build software with little thought to how it will be secured, opting for all the work of securing What about SIP itself? Does it provide enough crypto to be solid? Or is that handled only by the layer above it? /r ___ SIP CAN be reasonably secure, but it suffers from some inherent issues in the protocol for which things like TLS and the like were developed. It's still comparatively new, and it's a draft that I think needs some work. But it also suffers from an increasing amount of competition from upstarts that are trying to muddy the field somewhat (IAX, Jingle, etc.) and position themselves as the 'new' and 'better' way to address communication. This detracts from a unified methodology -- even if only somewhat. SIP is, for all intents and purposes, as secure as vanilla SMTP email. In fact, SIP was designed to closely resemble a combination of SMTP and HTTP to make it easy to implement and process. However, like both SMTP and HTTP, I think what SIP needs is a solid roll out of a secure layer over and above the MD5 hashes commonly used to pass passwords -- but that isn't really necessary to secure the protocol from password-sniffing ne'er-do-wells who are out to steal your accounts. SIP was written in such a way that the hashes it sends for passwords could, with only a trivial rewrite of the server code, be SHA1 instead of MD5 -- which would increase security to the level that, currently, it would be far more trouble than it's worth to even bother to attempt to crack. For keeping people out of your paid accounts, this would make SIP quite secure. The only issue most people have with SIP at the moment is that, if you're sniffing the network, you can read the SIP messages themselves, even if you can't crack the passwords, so even with SRTP or some other form of RTP encryption to protect the voice, your basic privacy is still at risk. But to protect money? I think SIP is perfectly fine even without TLS. It just needs a change in commonly-used password hashing to alleviate the concerns people have with the breakability of MD5. -- Neil Fusillo CEO Infinideas, inc. http://www.ideasip.com ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Provisioning GXP 2000
My preferred method is to use my own TFTP server. This makes changes to accounts/phones very fast and easy. The whole process takes me about 5 minutes to deploy an entirely new phone. 1) I modified the Grandstream template to contain my own information. This is a simple TXT document and can be edited in your favorite editor. I once counted that I am down to 8 lines in my template that need adjusting for a new user. 2) I open the above mentioned template and change the appropriate lines for the users phone and then save it to a directory utilizing a naming convention of EXTENSION-USERNAME.txt (this allows me ease of changing if ever required). 3) Then I use the Grandstream config generator to compile that into a bin file in the appropriate tftp directory. 4) Then (first time phone is ever used, not required on a redeploy) I log into the web interface on the phone and change 1 line that tells the phone where to find the config file. 5) Reboot the phone and all done. Hope this helps. -Original Message- From: asterisk-users-boun...@lists.digium.com [mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of David Ruggles Sent: Thursday, March 26, 2009 11:41 AM To: 'Asterisk Users Mailing List - Non-Commercial Discussion' Subject: [asterisk-users] Provisioning GXP 2000 I've done some googling and searched voip-info but I'm not able to find a good answer about how to provision the GXP 2000. Based on questions I've asked before it seems like a lot of people are using the grandstream phones so I figure provisioning can't be that hard. Is everyone using the web interface for *every* phone? Or is there a better, more automatic, way? TIA!!! Thanks, David Ruggles CCNA MCSE (NT) CNA A+ Network EngineerSafe Data, Inc. (910) 285-7200 da...@safedatausa.com ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
[asterisk-users] PRI dropping #2
Hey, I wrote yesterday about PRI dropping, which turned out to just be a regular reset of unused B-channels. This time there's a real issue. As noted earlier I have an ISDN-30 connection, a Digium TE-121 with VPMADT032 echo cancellation. These are my configurations files: == /etc/zaptel.conf loadzone=dk defaultzone=dk span=1,1,0,css,hdb3,crc4 bchan=1-15 dchan=16 bchan=17-31 == == /etc/asterisk/zapata.conf [channels] switchtype=euroisdn usecallerid=yes group=1 signalling=pri_cpe context=incoming channel=1-15 channel=17-31 == The Asterisk console has this (repeating for every channel): [Mar 26 18:39:19] WARNING[3772]: chan_zap.c:6685 handle_init_event: Detected alarm on channel 1: Red Alarm [Mar 26 18:39:19] WARNING[3772]: chan_zap.c:1471 zt_disable_ec: Unable to disable echo cancellation on channel 1 [Mar 26 18:39:19] WARNING[3772]: chan_zap.c:6685 handle_init_event: Detected alarm on channel 2: Red Alarm [Mar 26 18:39:19] WARNING[3772]: chan_zap.c:1471 zt_disable_ec: Unable to disable echo cancellation on channel 2 ... ... [Mar 26 18:39:19] NOTICE[3771]: chan_zap.c:8486 pri_dchannel: PRI got event: Alarm (4) on Primary D-channel of span 1 [Mar 26 18:39:19] WARNING[3771]: chan_zap.c:2401 pri_find_dchan: No D-channels available! Using Primary channel 16 as D-channel anyway! [Mar 26 18:39:24] NOTICE[3771]: chan_zap.c:8486 pri_dchannel: PRI got event: No more alarm (5) on Primary D-channel of span 1 [Mar 26 18:39:24] NOTICE[3772]: chan_zap.c:6678 handle_init_event: Alarm cleared on channel 1 [Mar 26 18:39:24] NOTICE[3772]: chan_zap.c:6678 handle_init_event: Alarm cleared on channel 2 ... ... See the full output at http://sprunge.us/cdFf I enabled PRI debugging for span 1, which gives this: q921.c:709 q921_reset: q921_state now is Q921_LINK_CONNECTION_RELEASED Sending Set Asynchronous Balanced Mode Extended q921.c:150 q921_send_sabme: q921_state now is Q921_AWAITING_ESTABLISH -- Got UA from network peer Link up. q921.c:709 q921_reset: q921_state now is Q921_LINK_CONNECTION_RELEASED q921.c:664 q921_dchannel_up: q921_state now is Q921_LINK_CONNECTION_ESTABLISHED q931.c:2755 q931_restart: call 32768 on channel 1 enters state 62 (Restart) Protocol Discriminator: Q.931 (8) len=13 Call Ref: len= 2 (reference 0/0x0) (Originator) Message type: RESTART (70) [18 03 a9 83 81] Channel ID (len= 5) [ Ext: 1 IntID: Implicit PRI Spare: 0 Exclusive Dchan: 0 ChanSel: Reserved Ext: 1 Coding: 0 Number Specified Channel Type: 3 Ext: 1 Channel: 1 ] [79 01 80] Restart Indentifier (len= 3) [ Ext: 1 Spare: 0 Resetting Indicated Channel (0) ] Protocol Discriminator: Q.931 (8) len=13 Call Ref: len= 2 (reference 0/0x0) (Terminator) Message type: RESTART ACKNOWLEDGE (78) [18 03 a1 83 81] Channel ID (len= 5) [ Ext: 1 IntID: Implicit PRI Spare: 0 Preferred Dchan: 0 ChanSel: Reserved Ext: 1 Coding: 0 Number Specified Channel Type: 3 Ext: 1 Channel: 1 ] [79 01 80] Restart Indentifier (len= 3) [ Ext: 1 Spare: 0 Resetting Indicated Channel (0) ] -- Processing IE 24 (cs0, Channel Identification) -- Processing IE 121 (cs0, Restart Indicator) q931.c:3581 q931_receive: call 32768 on channel 1 enters state 0 (Null) q931.c:2755 q931_restart: call 32768 on channel 2 enters state 62 (Restart) Protocol Discriminator: Q.931 (8) len=13 Call Ref: len= 2 (reference 0/0x0) (Originator) Message type: RESTART (70) [18 03 a9 83 82] Channel ID (len= 5) [ Ext: 1 IntID: Implicit PRI Spare: 0 Exclusive Dchan: 0 ChanSel: Reserved Ext: 1 Coding: 0 Number Specified Channel Type: 3 Ext: 1 Channel: 2 ] [79 01 80] Restart Indentifier (len= 3) [ Ext: 1 Spare: 0 Resetting Indicated Channel (0) ] Protocol Discriminator: Q.931 (8) len=13 Call Ref: len= 2 (reference 0/0x0) (Terminator) Message type: RESTART ACKNOWLEDGE (78) [18 03 a1 83 82] Channel ID (len= 5) [ Ext: 1 IntID: Implicit PRI Spare: 0 Preferred Dchan: 0 ChanSel: Reserved Ext: 1 Coding: 0 Number Specified Channel Type: 3 Ext: 1 Channel: 2 ] [79 01 80] Restart Indentifier (len= 3) [ Ext: 1 Spare: 0 Resetting Indicated Channel (0) ] -- Processing IE 24 (cs0, Channel Identification) -- Processing IE 121 (cs0, Restart Indicator) Again, full output at http://sprunge.us/EcTA I even tried swapping the card with a spare TE121 I have. Exactly same error, so I don't think it's an hardware issue. I also have had two different telco guys out, both said the connection was fine, but one mentioned something about me being out of 'stroke'/sync - they're running at a 2048Mb frequency, I was some 20 below. He didn't explain too good. Any help appreciated. ___ -- Bandwidth and Colocation Provided by
Re: [asterisk-users] Is there a public blacklist of hackers' IPaddresses?
http://www.google.com/search?q=asterisk+brute+force+prevention http://etel.wiki.oreilly.com/wiki/index.php/Asterisk_Brute_Force_Prevention =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ J. Oquendo SGFA, SGFE, C|EH, CNDA, CHFI, OSCP Enough research will tend to support your conclusions. - Arthur Bloch A conclusion is the place where you got tired of thinking - Arthur Bloch 227C 5D35 7DCB 0893 95AA 4771 1DCE 1FD1 5CCD 6B5E http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x5CCD6B5E ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Is there a public blacklist of hackers'IPaddresses?
Interesting thread. I am not doing this commercially, so I don't know all of the issues at stake. My initial reaction was, what problem? But, subsequent posts have clarified that some. I do see some mitigating factors though, particularly re the banking model. First, telecom providers aren't generally dealing with large amounts of material susceptible to identity theft the way many other businesses are, nor are hackers generally looking there for such. The main potential loss I am aware of, and that has been discussed here is provided services. The impact of that depends on the model a particular company is working on. The worst case is a re-seller who has to explicitly pay for each minute used/billed. Other providers are paying for bandwidth, but that is more nebulous. Sure, a provider makes money by selling minutes. But the guy in China that hacked his way in isn't going to buy minutes of his hacking is denied, so there is no loss of potential revenue, only loss of available bandwidth. If that bandwidth is significant it should raise an alarm, which one would hope would cast light on the leak and cause it to be discovered, rather than the available bandwidth increased. If the loss is not significant enough to draw attention to itself it may well be a minor cost of doing business. The OP mentioned insurance. I'm not sure, at least in many cases, if the amount of potential hard cash liability exposure is sufficient to warrant insuring. If someone is getting hacked to the tune of 10% of their bandwidth or revenue, and doesn't have any way of noticing the problem, they probably aren't qualified to be running such an operation. One relevant example from the banking industry. About once a year I get a call from one of my credit card providers wanting to know if I indeed made such and such a purchase at such an such a location. Their potential exposure is very large and they do continuous, fine tuned profiling. They know I don't live in Australia and if they start getting charged from companies in Australia, they want to know why! They have it a bit easier, because they have more information to work with, but there are certainly things that can be profiled. Most users are going to originate from one or a small number of IPs. Some may originate from every Starbucks in the state, but that's a recognizable pattern. Fortunately most hackers don't know that profile and won't necessarily steal the account information of someone who has a profile like they do. Also, they tend to call their girlfriend in Mexico 50 times in two weeks, which is hugely different that the real user does. If nothing else, identity thieves (this is a form of identity theft) tend to use the stolen identity as much as possible before it gets discovered and stopped. That alone is a major profile difference from a typical user. Wilton ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Early Media
On Wed, 2009-03-25 at 08:34 -0500, Danny Nicholas wrote: YMMV, but you might try this Exten = s,1,background(background_song) Exten = s,n,Answer() ;start billing This is not correct. Background() automatically answers the call if it hasn't been answered already. The way to accomplish the task the original poster asked is to use the m option to the Dial() application. -- Jared Smith Training Manager Digium, Inc. ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Is there a public blacklist of hackers'IPaddresses?
On Thu, 26 Mar 2009, Wilton Helm wrote: My initial reaction was, what problem? But, subsequent posts have clarified that some. I haven't read all of this thread so please ignore if already discussed... What about hacking into your Asterisk box and placing outbound T1 calls to a premium priced off-shore number? You end up with massive telco bills for the next 3 months as the charges settle and find their way back to you. Can you challenge the charges? Can the telco put you out of business until the issue is resolved? Thanks in advance, Steve Edwards sedwa...@sedwards.com Voice: +1-760-468-3867 PST Newline Fax: +1-760-731-3000 ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Is there a public blacklist of hackers' IP addresses?
I highly recommend http://www.dshield.org. A large community submits their logs to dshield on a regular basis (most do it hourly). dshield then makes aggregate information available, including worst offenders, etc. You can also query for the number of reported attacks originating from a given IP address. http://www.threatstop.com/ is a commercial service that aggregates threat info from dshield and other services to produce a list of IP subnets to block. I used them during their beta period, but when they launched, the pricing was a bit high for a 'home' user. Also useful: the geoip netfilter module in xtables-addons (http://xtables-addons.sourceforge.net/) for linux distributions. This allows you to write firewall rules that depend on the country of the originating IP address. Great way to cut out a lot of SSH attempts from countries you don't reside in (like a lot of cruft I get from China, Russia and the Netherlands). fail2ban is a good tool for monitoring logged security violations and banning IPs based on repeat offenders. If I remember correctly it's a little more broad in the logs it reacts to than sshdfilter is (mentioned in another post). Either one is much better than nothing :) Using geoip in your netfilter rules will drastically reduce the number of attacks, so they make a good combo. A more advanced technique is to set up a 'firewall' virtual machine on your machine that handles your public IP address(es). Use a stripped down 'firewall' distribution with only the binaries it needs to be a firewall (no dev tools, perl, python, etc.). Run a few proxies for the few services that mush be exposed (e.g. SMTP), and filter those heavily too (e.g. by using geoip mentioned above). Even if that virtual machine is compromised, there's no interesting info available and little to damage (plus it's easy to restore from a backup image kept on the host). I've just started setting up something like this using KVM (kernel virtual machine), running an instance of OpenWRT. Paul Zeeshan Zakaria wrote: Hi, In last one week I have seen two servers of our organization successfully hacked and some other under attack from some other IP addresses. We would block one IP address on our firewall and after a few hours, they would start getting hits from some another IP address. When I checked them on whois.net http://whois.net, they all were from Amsterdam. Surprisingly, I once had similar attack in the past and it was also from an Amsterdam IP address. And they all blong to one same organization. Seems like somebody in Amsterdam is really active in trying to hack asterisk servers around the world. I was wondering if somebody maintains a list of these IP addresses which everybody can block in their firewalls. And is there a place I can publish these IP addresses? Thanks -- Zeeshan A Zakaria ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Early Media
Is this correct for all versions, or does it start at 1.4 or 1.6? I did put a YMMV on the comment, so my answer was not to be taken as fact. -Original Message- From: asterisk-users-boun...@lists.digium.com [mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of Jared Smith Sent: Thursday, March 26, 2009 1:29 PM To: Asterisk Users Mailing List - Non-Commercial Discussion Subject: Re: [asterisk-users] Early Media On Wed, 2009-03-25 at 08:34 -0500, Danny Nicholas wrote: YMMV, but you might try this Exten = s,1,background(background_song) Exten = s,n,Answer() ;start billing This is not correct. Background() automatically answers the call if it hasn't been answered already. The way to accomplish the task the original poster asked is to use the m option to the Dial() application. -- Jared Smith Training Manager Digium, Inc. ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
[asterisk-users] Asterisk multi-cpu
Hi, I know somebody is going to give me the link to the wiki hardware pages, but I can't find the answer there. I'd like to know if, for an Asterisk only system (nothing else of note running on it), I get a real gain from having 2 CPUs. Does the amount of traffic/SIP registrations/codec translation possible doubles with 2 CPUs? (each quad core E5420 to be precise)? Does it increase by 50%? It is only a marginal increase, or none at all? I wish I could test it myself, but I haven't bought the hardware yet and this will help me decide what I am buying. Regards, Mike ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] PRI dropping #2
From http://www.voip-info.org/wiki/view/E1: RED: Loss of signal (LOS): The equipment shall assume loss of signal when the incoming signal amplitude is, for a time duration of at least 1 ms, more than 20 dB below the nominal amplitude. The equipment shall react within 12 ms by issuing AIS. This sounds like what is happening, and is in order with what one of the technicians said - I was about 20 dB below their amplitude, theirs being 2048. Does this make *any* sense? 2009/3/26 Harry Vangberg ha...@vangberg.name: Hey, I wrote yesterday about PRI dropping, which turned out to just be a regular reset of unused B-channels. This time there's a real issue. As noted earlier I have an ISDN-30 connection, a Digium TE-121 with VPMADT032 echo cancellation. These are my configurations files: == /etc/zaptel.conf loadzone=dk defaultzone=dk span=1,1,0,css,hdb3,crc4 bchan=1-15 dchan=16 bchan=17-31 == == /etc/asterisk/zapata.conf [channels] switchtype=euroisdn usecallerid=yes group=1 signalling=pri_cpe context=incoming channel=1-15 channel=17-31 == The Asterisk console has this (repeating for every channel): [Mar 26 18:39:19] WARNING[3772]: chan_zap.c:6685 handle_init_event: Detected alarm on channel 1: Red Alarm [Mar 26 18:39:19] WARNING[3772]: chan_zap.c:1471 zt_disable_ec: Unable to disable echo cancellation on channel 1 [Mar 26 18:39:19] WARNING[3772]: chan_zap.c:6685 handle_init_event: Detected alarm on channel 2: Red Alarm [Mar 26 18:39:19] WARNING[3772]: chan_zap.c:1471 zt_disable_ec: Unable to disable echo cancellation on channel 2 ... ... [Mar 26 18:39:19] NOTICE[3771]: chan_zap.c:8486 pri_dchannel: PRI got event: Alarm (4) on Primary D-channel of span 1 [Mar 26 18:39:19] WARNING[3771]: chan_zap.c:2401 pri_find_dchan: No D-channels available! Using Primary channel 16 as D-channel anyway! [Mar 26 18:39:24] NOTICE[3771]: chan_zap.c:8486 pri_dchannel: PRI got event: No more alarm (5) on Primary D-channel of span 1 [Mar 26 18:39:24] NOTICE[3772]: chan_zap.c:6678 handle_init_event: Alarm cleared on channel 1 [Mar 26 18:39:24] NOTICE[3772]: chan_zap.c:6678 handle_init_event: Alarm cleared on channel 2 ... ... See the full output at http://sprunge.us/cdFf I enabled PRI debugging for span 1, which gives this: q921.c:709 q921_reset: q921_state now is Q921_LINK_CONNECTION_RELEASED Sending Set Asynchronous Balanced Mode Extended q921.c:150 q921_send_sabme: q921_state now is Q921_AWAITING_ESTABLISH -- Got UA from network peer Link up. q921.c:709 q921_reset: q921_state now is Q921_LINK_CONNECTION_RELEASED q921.c:664 q921_dchannel_up: q921_state now is Q921_LINK_CONNECTION_ESTABLISHED q931.c:2755 q931_restart: call 32768 on channel 1 enters state 62 (Restart) Protocol Discriminator: Q.931 (8) len=13 Call Ref: len= 2 (reference 0/0x0) (Originator) Message type: RESTART (70) [18 03 a9 83 81] Channel ID (len= 5) [ Ext: 1 IntID: Implicit PRI Spare: 0 Exclusive Dchan: 0 ChanSel: Reserved Ext: 1 Coding: 0 Number Specified Channel Type: 3 Ext: 1 Channel: 1 ] [79 01 80] Restart Indentifier (len= 3) [ Ext: 1 Spare: 0 Resetting Indicated Channel (0) ] Protocol Discriminator: Q.931 (8) len=13 Call Ref: len= 2 (reference 0/0x0) (Terminator) Message type: RESTART ACKNOWLEDGE (78) [18 03 a1 83 81] Channel ID (len= 5) [ Ext: 1 IntID: Implicit PRI Spare: 0 Preferred Dchan: 0 ChanSel: Reserved Ext: 1 Coding: 0 Number Specified Channel Type: 3 Ext: 1 Channel: 1 ] [79 01 80] Restart Indentifier (len= 3) [ Ext: 1 Spare: 0 Resetting Indicated Channel (0) ] -- Processing IE 24 (cs0, Channel Identification) -- Processing IE 121 (cs0, Restart Indicator) q931.c:3581 q931_receive: call 32768 on channel 1 enters state 0 (Null) q931.c:2755 q931_restart: call 32768 on channel 2 enters state 62 (Restart) Protocol Discriminator: Q.931 (8) len=13 Call Ref: len= 2 (reference 0/0x0) (Originator) Message type: RESTART (70) [18 03 a9 83 82] Channel ID (len= 5) [ Ext: 1 IntID: Implicit PRI Spare: 0 Exclusive Dchan: 0 ChanSel: Reserved Ext: 1 Coding: 0 Number Specified Channel Type: 3 Ext: 1 Channel: 2 ] [79 01 80] Restart Indentifier (len= 3) [ Ext: 1 Spare: 0 Resetting Indicated Channel (0) ] Protocol Discriminator: Q.931 (8) len=13 Call Ref: len= 2 (reference 0/0x0) (Terminator) Message type: RESTART ACKNOWLEDGE (78) [18 03 a1 83 82] Channel ID (len= 5) [ Ext: 1 IntID: Implicit PRI Spare: 0 Preferred Dchan: 0 ChanSel: Reserved Ext: 1 Coding: 0 Number Specified Channel Type: 3 Ext: 1 Channel: 2 ] [79 01 80] Restart Indentifier (len= 3) [ Ext: 1 Spare: 0 Resetting Indicated Channel (0) ] -- Processing IE 24
Re: [asterisk-users] Is there a public blacklist of hackers' IPaddresses?
On 27/03/2009 3:32 a.m., randulo wrote: On Thu, Mar 26, 2009 at 2:38 PM, SIPs...@arcdiv.com wrote: And so, in answer to your question, I don't think there ARE necessarily steps that can be taken right now to ensure that there's a rational approach to the resolution of such an issue of fraud. Barring some sort of major legal precedent, it's going to be anyone's guess how the verdict comes out in the end. Hence the need for all of us, everywhere to step up measures to prevent as much as possible, the unlawful use of a system. Maybe some kind of (optional modular) monitor or engine could be built for the asterisk platform to at least send alerts when it deduces suspicious activity? There are a few options we use here. 1. Snort with SIP rules - detects brute forces, floods etc - just a notification 2. fail2ban - blocks hosts who attack at the iptables level 3. exception reporting - our billing sends SMS messages if a customer uses a lot more than their average spend - i.e. if they normally spend $10 a month and they have just spent $20 in ten minutes then an SMS is sent - while this isn't conclusive, it does warn you that something might be going on. -- Kind Regards, Matt Riddell Director ___ http://www.venturevoip.com (Great new VoIP end to end solution) http://www.venturevoip.com/news.php (Daily Asterisk News - html) http://www.venturevoip.com/newrssfeed.php (Daily Asterisk News - rss) ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
[asterisk-users] Fwd: PRI dropping #2
That didn't come through, at least not to the archives, so trying again: From http://www.voip-info.org/wiki/view/E1: RED: Loss of signal (LOS): The equipment shall assume loss of signal when the incoming signal amplitude is, for a time duration of at least 1 ms, more than 20 dB below the nominal amplitude. The equipment shall react within 12 ms by issuing AIS. This sounds like what is happening, and is in order with what one of the technicians said - I was about 20 dB below their amplitude, theirs being 2048. Does this make *any* sense? 2009/3/26 Harry Vangberg ha...@vangberg.name: Hey, I wrote yesterday about PRI dropping, which turned out to just be a regular reset of unused B-channels. This time there's a real issue. As noted earlier I have an ISDN-30 connection, a Digium TE-121 with VPMADT032 echo cancellation. These are my configurations files: == /etc/zaptel.conf loadzone=dk defaultzone=dk span=1,1,0,css,hdb3,crc4 bchan=1-15 dchan=16 bchan=17-31 == == /etc/asterisk/zapata.conf [channels] switchtype=euroisdn usecallerid=yes group=1 signalling=pri_cpe context=incoming channel=1-15 channel=17-31 == The Asterisk console has this (repeating for every channel): [Mar 26 18:39:19] WARNING[3772]: chan_zap.c:6685 handle_init_event: Detected alarm on channel 1: Red Alarm [Mar 26 18:39:19] WARNING[3772]: chan_zap.c:1471 zt_disable_ec: Unable to disable echo cancellation on channel 1 [Mar 26 18:39:19] WARNING[3772]: chan_zap.c:6685 handle_init_event: Detected alarm on channel 2: Red Alarm [Mar 26 18:39:19] WARNING[3772]: chan_zap.c:1471 zt_disable_ec: Unable to disable echo cancellation on channel 2 ... ... [Mar 26 18:39:19] NOTICE[3771]: chan_zap.c:8486 pri_dchannel: PRI got event: Alarm (4) on Primary D-channel of span 1 [Mar 26 18:39:19] WARNING[3771]: chan_zap.c:2401 pri_find_dchan: No D-channels available! Using Primary channel 16 as D-channel anyway! [Mar 26 18:39:24] NOTICE[3771]: chan_zap.c:8486 pri_dchannel: PRI got event: No more alarm (5) on Primary D-channel of span 1 [Mar 26 18:39:24] NOTICE[3772]: chan_zap.c:6678 handle_init_event: Alarm cleared on channel 1 [Mar 26 18:39:24] NOTICE[3772]: chan_zap.c:6678 handle_init_event: Alarm cleared on channel 2 ... ... See the full output at http://sprunge.us/cdFf I enabled PRI debugging for span 1, which gives this: q921.c:709 q921_reset: q921_state now is Q921_LINK_CONNECTION_RELEASED Sending Set Asynchronous Balanced Mode Extended q921.c:150 q921_send_sabme: q921_state now is Q921_AWAITING_ESTABLISH -- Got UA from network peer Link up. q921.c:709 q921_reset: q921_state now is Q921_LINK_CONNECTION_RELEASED q921.c:664 q921_dchannel_up: q921_state now is Q921_LINK_CONNECTION_ESTABLISHED q931.c:2755 q931_restart: call 32768 on channel 1 enters state 62 (Restart) Protocol Discriminator: Q.931 (8) len=13 Call Ref: len= 2 (reference 0/0x0) (Originator) Message type: RESTART (70) [18 03 a9 83 81] Channel ID (len= 5) [ Ext: 1 IntID: Implicit PRI Spare: 0 Exclusive Dchan: 0 ChanSel: Reserved Ext: 1 Coding: 0 Number Specified Channel Type: 3 Ext: 1 Channel: 1 ] [79 01 80] Restart Indentifier (len= 3) [ Ext: 1 Spare: 0 Resetting Indicated Channel (0) ] Protocol Discriminator: Q.931 (8) len=13 Call Ref: len= 2 (reference 0/0x0) (Terminator) Message type: RESTART ACKNOWLEDGE (78) [18 03 a1 83 81] Channel ID (len= 5) [ Ext: 1 IntID: Implicit PRI Spare: 0 Preferred Dchan: 0 ChanSel: Reserved Ext: 1 Coding: 0 Number Specified Channel Type: 3 Ext: 1 Channel: 1 ] [79 01 80] Restart Indentifier (len= 3) [ Ext: 1 Spare: 0 Resetting Indicated Channel (0) ] -- Processing IE 24 (cs0, Channel Identification) -- Processing IE 121 (cs0, Restart Indicator) q931.c:3581 q931_receive: call 32768 on channel 1 enters state 0 (Null) q931.c:2755 q931_restart: call 32768 on channel 2 enters state 62 (Restart) Protocol Discriminator: Q.931 (8) len=13 Call Ref: len= 2 (reference 0/0x0) (Originator) Message type: RESTART (70) [18 03 a9 83 82] Channel ID (len= 5) [ Ext: 1 IntID: Implicit PRI Spare: 0 Exclusive Dchan: 0 ChanSel: Reserved Ext: 1 Coding: 0 Number Specified Channel Type: 3 Ext: 1 Channel: 2 ] [79 01 80] Restart Indentifier (len= 3) [ Ext: 1 Spare: 0 Resetting Indicated Channel (0) ] Protocol Discriminator: Q.931 (8) len=13 Call Ref: len= 2 (reference 0/0x0) (Terminator) Message type: RESTART ACKNOWLEDGE (78) [18 03 a1 83 82] Channel ID (len= 5) [ Ext: 1 IntID: Implicit PRI Spare: 0 Preferred Dchan: 0 ChanSel: Reserved Ext: 1 Coding: 0 Number Specified Channel Type: 3 Ext: 1 Channel: 2 ] [79 01 80] Restart Indentifier (len= 3) [
Re: [asterisk-users] PRI dropping #2
Okay. Trying third time, sorry for that, might just be my mail client, anyways, from voip-info.org: RED: Loss of signal (LOS): The equipment shall assume loss of signal when the incoming signal amplitude is, for a time duration of at least 1 ms, more than 20 dB below the nominal amplitude. The equipment shall react within 12 ms by issuing AIS. This sounds like what is happening, and is in order with what one of the technicians said - I was about 20 dB below their amplitude, theirs being 2048. Does this make *any* sense? 2009/3/26 Harry Vangberg ha...@vangberg.name: Hey, I wrote yesterday about PRI dropping, which turned out to just be a regular reset of unused B-channels. This time there's a real issue. As noted earlier I have an ISDN-30 connection, a Digium TE-121 with VPMADT032 echo cancellation. These are my configurations files: == /etc/zaptel.conf loadzone=dk defaultzone=dk span=1,1,0,css,hdb3,crc4 bchan=1-15 dchan=16 bchan=17-31 == == /etc/asterisk/zapata.conf [channels] switchtype=euroisdn usecallerid=yes group=1 signalling=pri_cpe context=incoming channel=1-15 channel=17-31 == The Asterisk console has this (repeating for every channel): [Mar 26 18:39:19] WARNING[3772]: chan_zap.c:6685 handle_init_event: Detected alarm on channel 1: Red Alarm [Mar 26 18:39:19] WARNING[3772]: chan_zap.c:1471 zt_disable_ec: Unable to disable echo cancellation on channel 1 [Mar 26 18:39:19] WARNING[3772]: chan_zap.c:6685 handle_init_event: Detected alarm on channel 2: Red Alarm [Mar 26 18:39:19] WARNING[3772]: chan_zap.c:1471 zt_disable_ec: Unable to disable echo cancellation on channel 2 ... ... [Mar 26 18:39:19] NOTICE[3771]: chan_zap.c:8486 pri_dchannel: PRI got event: Alarm (4) on Primary D-channel of span 1 [Mar 26 18:39:19] WARNING[3771]: chan_zap.c:2401 pri_find_dchan: No D-channels available! Using Primary channel 16 as D-channel anyway! [Mar 26 18:39:24] NOTICE[3771]: chan_zap.c:8486 pri_dchannel: PRI got event: No more alarm (5) on Primary D-channel of span 1 [Mar 26 18:39:24] NOTICE[3772]: chan_zap.c:6678 handle_init_event: Alarm cleared on channel 1 [Mar 26 18:39:24] NOTICE[3772]: chan_zap.c:6678 handle_init_event: Alarm cleared on channel 2 ... ... See the full output at http://sprunge.us/cdFf I enabled PRI debugging for span 1, which gives this: q921.c:709 q921_reset: q921_state now is Q921_LINK_CONNECTION_RELEASED Sending Set Asynchronous Balanced Mode Extended q921.c:150 q921_send_sabme: q921_state now is Q921_AWAITING_ESTABLISH -- Got UA from network peer Link up. q921.c:709 q921_reset: q921_state now is Q921_LINK_CONNECTION_RELEASED q921.c:664 q921_dchannel_up: q921_state now is Q921_LINK_CONNECTION_ESTABLISHED q931.c:2755 q931_restart: call 32768 on channel 1 enters state 62 (Restart) Protocol Discriminator: Q.931 (8) len=13 Call Ref: len= 2 (reference 0/0x0) (Originator) Message type: RESTART (70) [18 03 a9 83 81] Channel ID (len= 5) [ Ext: 1 IntID: Implicit PRI Spare: 0 Exclusive Dchan: 0 ChanSel: Reserved Ext: 1 Coding: 0 Number Specified Channel Type: 3 Ext: 1 Channel: 1 ] [79 01 80] Restart Indentifier (len= 3) [ Ext: 1 Spare: 0 Resetting Indicated Channel (0) ] Protocol Discriminator: Q.931 (8) len=13 Call Ref: len= 2 (reference 0/0x0) (Terminator) Message type: RESTART ACKNOWLEDGE (78) [18 03 a1 83 81] Channel ID (len= 5) [ Ext: 1 IntID: Implicit PRI Spare: 0 Preferred Dchan: 0 ChanSel: Reserved Ext: 1 Coding: 0 Number Specified Channel Type: 3 Ext: 1 Channel: 1 ] [79 01 80] Restart Indentifier (len= 3) [ Ext: 1 Spare: 0 Resetting Indicated Channel (0) ] -- Processing IE 24 (cs0, Channel Identification) -- Processing IE 121 (cs0, Restart Indicator) q931.c:3581 q931_receive: call 32768 on channel 1 enters state 0 (Null) q931.c:2755 q931_restart: call 32768 on channel 2 enters state 62 (Restart) Protocol Discriminator: Q.931 (8) len=13 Call Ref: len= 2 (reference 0/0x0) (Originator) Message type: RESTART (70) [18 03 a9 83 82] Channel ID (len= 5) [ Ext: 1 IntID: Implicit PRI Spare: 0 Exclusive Dchan: 0 ChanSel: Reserved Ext: 1 Coding: 0 Number Specified Channel Type: 3 Ext: 1 Channel: 2 ] [79 01 80] Restart Indentifier (len= 3) [ Ext: 1 Spare: 0 Resetting Indicated Channel (0) ] Protocol Discriminator: Q.931 (8) len=13 Call Ref: len= 2 (reference 0/0x0) (Terminator) Message type: RESTART ACKNOWLEDGE (78) [18 03 a1 83 82] Channel ID (len= 5) [ Ext: 1 IntID: Implicit PRI Spare: 0 Preferred Dchan: 0 ChanSel: Reserved Ext: 1 Coding: 0 Number Specified Channel Type: 3 Ext: 1 Channel: 2 ] [79 01 80] Restart Indentifier (len= 3) [ Ext: 1 Spare: 0
Re: [asterisk-users] Create separate Voice Recording System..
On 26/03/2009 10:15 p.m., joko pitoyo wrote: Hi Steve Totaro is this run beside on server? or run on every agent? can u explaint how it work ? and can this be integrated with recording database build in asterisk. Server side - normally on a different server sniffing packets and recording calls. -- Kind Regards, Matt Riddell Director ___ http://www.venturevoip.com (Great new VoIP end to end solution) http://www.venturevoip.com/news.php (Daily Asterisk News - html) http://www.venturevoip.com/newrssfeed.php (Daily Asterisk News - rss) ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] PRI dropping #2
Harry, Chill on the duplicate posts. Sometimes the listserv takes time to forward the message. -Dave -Original Message- From: asterisk-users-boun...@lists.digium.com [mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of Harry Vangberg Sent: Thursday, March 26, 2009 3:25 PM To: Asterisk Users Mailing List - Non-Commercial Discussion Subject: Re: [asterisk-users] PRI dropping #2 Okay. Trying third time, sorry for that, might just be my mail client, anyways, from voip-info.org: RED: Loss of signal (LOS): The equipment shall assume loss of signal when the incoming signal amplitude is, for a time duration of at least 1 ms, more than 20 dB below the nominal amplitude. The equipment shall react within 12 ms by issuing AIS. This sounds like what is happening, and is in order with what one of the technicians said - I was about 20 dB below their amplitude, theirs being 2048. Does this make *any* sense? 2009/3/26 Harry Vangberg ha...@vangberg.name: Hey, I wrote yesterday about PRI dropping, which turned out to just be a regular reset of unused B-channels. This time there's a real issue. As noted earlier I have an ISDN-30 connection, a Digium TE-121 with VPMADT032 echo cancellation. These are my configurations files: == /etc/zaptel.conf loadzone=dk defaultzone=dk span=1,1,0,css,hdb3,crc4 bchan=1-15 dchan=16 bchan=17-31 == == /etc/asterisk/zapata.conf [channels] switchtype=euroisdn usecallerid=yes group=1 signalling=pri_cpe context=incoming channel=1-15 channel=17-31 == The Asterisk console has this (repeating for every channel): [Mar 26 18:39:19] WARNING[3772]: chan_zap.c:6685 handle_init_event: Detected alarm on channel 1: Red Alarm [Mar 26 18:39:19] WARNING[3772]: chan_zap.c:1471 zt_disable_ec: Unable to disable echo cancellation on channel 1 [Mar 26 18:39:19] WARNING[3772]: chan_zap.c:6685 handle_init_event: Detected alarm on channel 2: Red Alarm [Mar 26 18:39:19] WARNING[3772]: chan_zap.c:1471 zt_disable_ec: Unable to disable echo cancellation on channel 2 ... ... [Mar 26 18:39:19] NOTICE[3771]: chan_zap.c:8486 pri_dchannel: PRI got event: Alarm (4) on Primary D-channel of span 1 [Mar 26 18:39:19] WARNING[3771]: chan_zap.c:2401 pri_find_dchan: No D-channels available! Using Primary channel 16 as D-channel anyway! [Mar 26 18:39:24] NOTICE[3771]: chan_zap.c:8486 pri_dchannel: PRI got event: No more alarm (5) on Primary D-channel of span 1 [Mar 26 18:39:24] NOTICE[3772]: chan_zap.c:6678 handle_init_event: Alarm cleared on channel 1 [Mar 26 18:39:24] NOTICE[3772]: chan_zap.c:6678 handle_init_event: Alarm cleared on channel 2 ... ... See the full output at http://sprunge.us/cdFf I enabled PRI debugging for span 1, which gives this: q921.c:709 q921_reset: q921_state now is Q921_LINK_CONNECTION_RELEASED Sending Set Asynchronous Balanced Mode Extended q921.c:150 q921_send_sabme: q921_state now is Q921_AWAITING_ESTABLISH -- Got UA from network peer Link up. q921.c:709 q921_reset: q921_state now is Q921_LINK_CONNECTION_RELEASED q921.c:664 q921_dchannel_up: q921_state now is Q921_LINK_CONNECTION_ESTABLISHED q931.c:2755 q931_restart: call 32768 on channel 1 enters state 62 (Restart) Protocol Discriminator: Q.931 (8) len=13 Call Ref: len= 2 (reference 0/0x0) (Originator) Message type: RESTART (70) [18 03 a9 83 81] Channel ID (len= 5) [ Ext: 1 IntID: Implicit PRI Spare: 0 Exclusive Dchan: 0 ChanSel: Reserved Ext: 1 Coding: 0 Number Specified Channel Type: 3 Ext: 1 Channel: 1 ] [79 01 80] Restart Indentifier (len= 3) [ Ext: 1 Spare: 0 Resetting Indicated Channel (0) ] Protocol Discriminator: Q.931 (8) len=13 Call Ref: len= 2 (reference 0/0x0) (Terminator) Message type: RESTART ACKNOWLEDGE (78) [18 03 a1 83 81] Channel ID (len= 5) [ Ext: 1 IntID: Implicit PRI Spare: 0 Preferred Dchan: 0 ChanSel: Reserved Ext: 1 Coding: 0 Number Specified Channel Type: 3 Ext: 1 Channel: 1 ] [79 01 80] Restart Indentifier (len= 3) [ Ext: 1 Spare: 0 Resetting Indicated Channel (0) ] -- Processing IE 24 (cs0, Channel Identification) -- Processing IE 121 (cs0, Restart Indicator) q931.c:3581 q931_receive: call 32768 on channel 1 enters state 0 (Null) q931.c:2755 q931_restart: call 32768 on channel 2 enters state 62 (Restart) Protocol Discriminator: Q.931 (8) len=13 Call Ref: len= 2 (reference 0/0x0) (Originator) Message type: RESTART (70) [18 03 a9 83 82] Channel ID (len= 5) [ Ext: 1 IntID: Implicit PRI Spare: 0 Exclusive Dchan: 0 ChanSel: Reserved Ext: 1 Coding: 0 Number Specified Channel Type: 3 Ext: 1 Channel: 2 ] [79 01 80] Restart Indentifier (len= 3) [ Ext: 1 Spare: 0 Resetting Indicated Channel (0) ] Protocol Discriminator: Q.931 (8) len=13 Call Ref: len= 2
[asterisk-users] out of the box or do it your self?
hi i want to ask for your opinion what is better for a call center 100 current calls and other 200 current calls make the server step by step or use a auto install cd like asterisk now, druid elastix ? and why? Thanks David -- (\__/) (='.'=)This is Bunny. Copy and paste bunny into your ()_()signature to help him gain world domination. ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Is there a public blacklist of hackers' IPaddresses?
SIP was written in such a way that the hashes it sends for passwords could, with only a trivial rewrite of the server code, be SHA1 instead of MD5 -- which would increase security to the level that, currently, it would be far more trouble than it's worth to even bother to attempt to crack. I strongly doubt that the known weaknesses in the MD5 hash are the weak point in SIP account security. Weak passwords are almost certainly much more of a problem. Performing a dictionary attack is going to be a lot faster than attempting a brute-force mathematical attack against MD5... and switching from MD5 to SHA-1 provides no significant defense against dictionary attacks. The only good way to keep passwords secure against dictionary attacks, is to make sure that the passwords aren't guessable by that means... no common words, no names, no simple permutations or birthdates or anything like that. Use a decent random-number generator and number-to-character conversion algorithm to generate SIP passwords that are sufficiently long and very dtr8fbwf_==...@\.-+!n$ and you'll be well defended. ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] out of the box or do it your self?
On Thu, 26 Mar 2009, David fire wrote: i want to ask for your opinion what is better for a call center 100 current calls and other 200 current calls make the server step by step or use a auto install cd like asterisk now, druid elastix ? and why? idontunderstandyourquestionbutithinkcaseandpuctuationmayhelp If you are asking for an opinion on whether to use an all-in-one package or build up from scratch -- it depends. If you need all the cruft on the disc, install it. It may be a prerequisite to be supported. If you don't need all the cruft or support, no. You should do a minimal server (no X) install. Meaning, de-select everything in the distro. Then, build up your installation based on your actual needs. You will end up with a more efficient and secure system that is easier and faster to maintain -- and as a bonus, you will gain an understanding into what's actually going on in your box. Thanks in advance, Steve Edwards sedwa...@sedwards.com Voice: +1-760-468-3867 PST Newline Fax: +1-760-731-3000 ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] out of the box or do it your self?
On Thu, 26 Mar 2009, David fire wrote: (\__/) (='.'=)This is Bunny. Copy and paste bunny into your ()_()signature to help him gain world domination. BTW, I won't shed a tear if you kill that effing bunny !...@#$. Thanks in advance, Steve Edwards sedwa...@sedwards.com Voice: +1-760-468-3867 PST Newline Fax: +1-760-731-3000 ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] PRI dropping #2
The first and second times were sufficient. On 26 Mar 2009, at 19:24, Harry Vangberg wrote: Okay. Trying third time, sorry for that, might just be my mail client, anyways, from voip-info.org: RED: Loss of signal (LOS): The equipment shall assume loss of signal when the incoming signal amplitude is, for a time duration of at least 1 ms, more than 20 dB below the nominal amplitude. The equipment shall react within 12 ms by issuing AIS. This sounds like what is happening, and is in order with what one of the technicians said - I was about 20 dB below their amplitude, theirs being 2048. Does this make *any* sense? 2009/3/26 Harry Vangberg ha...@vangberg.name: Hey, I wrote yesterday about PRI dropping, which turned out to just be a regular reset of unused B-channels. This time there's a real issue. As noted earlier I have an ISDN-30 connection, a Digium TE-121 with VPMADT032 echo cancellation. These are my configurations files: == /etc/zaptel.conf loadzone=dk defaultzone=dk span=1,1,0,css,hdb3,crc4 bchan=1-15 dchan=16 bchan=17-31 == == /etc/asterisk/zapata.conf [channels] switchtype=euroisdn usecallerid=yes group=1 signalling=pri_cpe context=incoming channel=1-15 channel=17-31 == The Asterisk console has this (repeating for every channel): [Mar 26 18:39:19] WARNING[3772]: chan_zap.c:6685 handle_init_event: Detected alarm on channel 1: Red Alarm [Mar 26 18:39:19] WARNING[3772]: chan_zap.c:1471 zt_disable_ec: Unable to disable echo cancellation on channel 1 [Mar 26 18:39:19] WARNING[3772]: chan_zap.c:6685 handle_init_event: Detected alarm on channel 2: Red Alarm [Mar 26 18:39:19] WARNING[3772]: chan_zap.c:1471 zt_disable_ec: Unable to disable echo cancellation on channel 2 ... ... [Mar 26 18:39:19] NOTICE[3771]: chan_zap.c:8486 pri_dchannel: PRI got event: Alarm (4) on Primary D-channel of span 1 [Mar 26 18:39:19] WARNING[3771]: chan_zap.c:2401 pri_find_dchan: No D-channels available! Using Primary channel 16 as D-channel anyway! [Mar 26 18:39:24] NOTICE[3771]: chan_zap.c:8486 pri_dchannel: PRI got event: No more alarm (5) on Primary D-channel of span 1 [Mar 26 18:39:24] NOTICE[3772]: chan_zap.c:6678 handle_init_event: Alarm cleared on channel 1 [Mar 26 18:39:24] NOTICE[3772]: chan_zap.c:6678 handle_init_event: Alarm cleared on channel 2 ... ... See the full output at http://sprunge.us/cdFf I enabled PRI debugging for span 1, which gives this: q921.c:709 q921_reset: q921_state now is Q921_LINK_CONNECTION_RELEASED Sending Set Asynchronous Balanced Mode Extended q921.c:150 q921_send_sabme: q921_state now is Q921_AWAITING_ESTABLISH -- Got UA from network peer Link up. q921.c:709 q921_reset: q921_state now is Q921_LINK_CONNECTION_RELEASED q921.c:664 q921_dchannel_up: q921_state now is Q921_LINK_CONNECTION_ESTABLISHED q931.c:2755 q931_restart: call 32768 on channel 1 enters state 62 (Restart) Protocol Discriminator: Q.931 (8) len=13 Call Ref: len= 2 (reference 0/0x0) (Originator) Message type: RESTART (70) [18 03 a9 83 81] Channel ID (len= 5) [ Ext: 1 IntID: Implicit PRI Spare: 0 Exclusive Dchan: 0 ChanSel: Reserved Ext: 1 Coding: 0 Number Specified Channel Type: 3 Ext: 1 Channel: 1 ] [79 01 80] Restart Indentifier (len= 3) [ Ext: 1 Spare: 0 Resetting Indicated Channel (0) ] Protocol Discriminator: Q.931 (8) len=13 Call Ref: len= 2 (reference 0/0x0) (Terminator) Message type: RESTART ACKNOWLEDGE (78) [18 03 a1 83 81] Channel ID (len= 5) [ Ext: 1 IntID: Implicit PRI Spare: 0 Preferred Dchan: 0 ChanSel: Reserved Ext: 1 Coding: 0 Number Specified Channel Type: 3 Ext: 1 Channel: 1 ] [79 01 80] Restart Indentifier (len= 3) [ Ext: 1 Spare: 0 Resetting Indicated Channel (0) ] -- Processing IE 24 (cs0, Channel Identification) -- Processing IE 121 (cs0, Restart Indicator) q931.c:3581 q931_receive: call 32768 on channel 1 enters state 0 (Null) q931.c:2755 q931_restart: call 32768 on channel 2 enters state 62 (Restart) Protocol Discriminator: Q.931 (8) len=13 Call Ref: len= 2 (reference 0/0x0) (Originator) Message type: RESTART (70) [18 03 a9 83 82] Channel ID (len= 5) [ Ext: 1 IntID: Implicit PRI Spare: 0 Exclusive Dchan: 0 ChanSel: Reserved Ext: 1 Coding: 0 Number Specified Channel Type: 3 Ext: 1 Channel: 2 ] [79 01 80] Restart Indentifier (len= 3) [ Ext: 1 Spare: 0 Resetting Indicated Channel (0) ] Protocol Discriminator: Q.931 (8) len=13 Call Ref: len= 2 (reference 0/0x0) (Terminator) Message type: RESTART ACKNOWLEDGE (78) [18 03 a1 83 82] Channel ID (len= 5) [ Ext: 1 IntID: Implicit PRI Spare: 0 Preferred Dchan: 0 ChanSel: Reserved Ext: 1 Coding: 0
Re: [asterisk-users] SIP trunk with 250 lines
Danny Nicholas da...@debsinc.com writes: Okay - I'm not shooting from the hip here. The driver in question is a Intel E1000 on a Poweredge 1650. If you visit the Digium site and do other googling, you will see that there is a specific issue with asterisk and this hardware/driver combination. I'm not really a fan of Dell, but I'm not dissing the whole line either. I've probably spent 1000+ hours over the last 6 months compiling and re-compiling things for Asterisk, so think what you will. Isn't this just the good old IRQ sharing problem turning up again? Newer cards and newer drivers have fixed that. /Benny ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Is there a public blacklist of hackers' IPaddresses?
Dave Platt wrote: SIP was written in such a way that the hashes it sends for passwords could, with only a trivial rewrite of the server code, be SHA1 instead of MD5 -- which would increase security to the level that, currently, it would be far more trouble than it's worth to even bother to attempt to crack. I strongly doubt that the known weaknesses in the MD5 hash are the weak point in SIP account security. Weak passwords are almost certainly much more of a problem. Performing a dictionary attack is going to be a lot faster than attempting a brute-force mathematical attack against MD5... and switching from MD5 to SHA-1 provides no significant defense against dictionary attacks. The only good way to keep passwords secure against dictionary attacks, is to make sure that the passwords aren't guessable by that means... no common words, no names, no simple permutations or birthdates or anything like that. Use a decent random-number generator and number-to-character conversion algorithm to generate SIP passwords that are sufficiently long and very dtr8fbwf_==...@\.-+!n$ and you'll be well defended. I'm referring to the weak link in the SIP protocol. Not in Asterisk's SIP accounts. The question was whether or not SIP itself was secure. -- Neil Fusillo CEO Infinideas, inc. http://www.ideasip.com ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] SIP trunk with 250 lines
No. But since I like to not be banned from this list, I won't elaborate any further. -Original Message- From: asterisk-users-boun...@lists.digium.com [mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of Benny Amorsen Sent: Thursday, March 26, 2009 4:11 PM To: asterisk-users@lists.digium.com Subject: Re: [asterisk-users] SIP trunk with 250 lines Danny Nicholas da...@debsinc.com writes: Okay - I'm not shooting from the hip here. The driver in question is a Intel E1000 on a Poweredge 1650. If you visit the Digium site and do other googling, you will see that there is a specific issue with asterisk and this hardware/driver combination. I'm not really a fan of Dell, but I'm not dissing the whole line either. I've probably spent 1000+ hours over the last 6 months compiling and re-compiling things for Asterisk, so think what you will. Isn't this just the good old IRQ sharing problem turning up again? Newer cards and newer drivers have fixed that. /Benny ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
[asterisk-users] Asterisk 1.6.0.5 no MusicHold REFER
Hi List. I have an IP Phone when I'm on a call and tightness in the Transfer button, it opens a new channel for me to make a new connection. But the extension is on hold is that mute the music without the wait. How should I proceed to solve my problem. I'm using asterisk 1.6.0.5 ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Provisioning GXP 2000
Michiel van Baak mich...@vanbaak.info writes: Checkout http://www.grandstream.com/configurationtool.html Notice that it runs with gcj! /Benny ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Sisky to connect Skype to Asterisk
2009/3/26 Alejandro Cabrera Obed aco1...@gmail.com Dear all, I've read some news about Sisky (http://www.yeastar.com/Products/SiSkyEE.asp), a service to interconnect Skype clients with SIP clients. Does anybody test Sisky and can tell me about his experience ??? (Sisky runs on Windows because Skype and its API are more stable on this OS). Regards, Alejandro ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users I have tested, the quality suffers from normal skype call, and far behind a good voip quality. ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Ebay's SIP for Skype
skip2pbx is the best i tryed, but nasty price ;) ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] PRI dropping #2
They didn't show up in the list archive. I'm terribly sorry. 2009/3/26 Steve Howes st...@geekinter.net: The first and second times were sufficient. On 26 Mar 2009, at 19:24, Harry Vangberg wrote: Okay. Trying third time, sorry for that, might just be my mail client, anyways, from voip-info.org: RED: Loss of signal (LOS): The equipment shall assume loss of signal when the incoming signal amplitude is, for a time duration of at least 1 ms, more than 20 dB below the nominal amplitude. The equipment shall react within 12 ms by issuing AIS. This sounds like what is happening, and is in order with what one of the technicians said - I was about 20 dB below their amplitude, theirs being 2048. Does this make *any* sense? 2009/3/26 Harry Vangberg ha...@vangberg.name: Hey, I wrote yesterday about PRI dropping, which turned out to just be a regular reset of unused B-channels. This time there's a real issue. As noted earlier I have an ISDN-30 connection, a Digium TE-121 with VPMADT032 echo cancellation. These are my configurations files: == /etc/zaptel.conf loadzone=dk defaultzone=dk span=1,1,0,css,hdb3,crc4 bchan=1-15 dchan=16 bchan=17-31 == == /etc/asterisk/zapata.conf [channels] switchtype=euroisdn usecallerid=yes group=1 signalling=pri_cpe context=incoming channel=1-15 channel=17-31 == The Asterisk console has this (repeating for every channel): [Mar 26 18:39:19] WARNING[3772]: chan_zap.c:6685 handle_init_event: Detected alarm on channel 1: Red Alarm [Mar 26 18:39:19] WARNING[3772]: chan_zap.c:1471 zt_disable_ec: Unable to disable echo cancellation on channel 1 [Mar 26 18:39:19] WARNING[3772]: chan_zap.c:6685 handle_init_event: Detected alarm on channel 2: Red Alarm [Mar 26 18:39:19] WARNING[3772]: chan_zap.c:1471 zt_disable_ec: Unable to disable echo cancellation on channel 2 ... ... [Mar 26 18:39:19] NOTICE[3771]: chan_zap.c:8486 pri_dchannel: PRI got event: Alarm (4) on Primary D-channel of span 1 [Mar 26 18:39:19] WARNING[3771]: chan_zap.c:2401 pri_find_dchan: No D-channels available! Using Primary channel 16 as D-channel anyway! [Mar 26 18:39:24] NOTICE[3771]: chan_zap.c:8486 pri_dchannel: PRI got event: No more alarm (5) on Primary D-channel of span 1 [Mar 26 18:39:24] NOTICE[3772]: chan_zap.c:6678 handle_init_event: Alarm cleared on channel 1 [Mar 26 18:39:24] NOTICE[3772]: chan_zap.c:6678 handle_init_event: Alarm cleared on channel 2 ... ... See the full output at http://sprunge.us/cdFf I enabled PRI debugging for span 1, which gives this: q921.c:709 q921_reset: q921_state now is Q921_LINK_CONNECTION_RELEASED Sending Set Asynchronous Balanced Mode Extended q921.c:150 q921_send_sabme: q921_state now is Q921_AWAITING_ESTABLISH -- Got UA from network peer Link up. q921.c:709 q921_reset: q921_state now is Q921_LINK_CONNECTION_RELEASED q921.c:664 q921_dchannel_up: q921_state now is Q921_LINK_CONNECTION_ESTABLISHED q931.c:2755 q931_restart: call 32768 on channel 1 enters state 62 (Restart) Protocol Discriminator: Q.931 (8) len=13 Call Ref: len= 2 (reference 0/0x0) (Originator) Message type: RESTART (70) [18 03 a9 83 81] Channel ID (len= 5) [ Ext: 1 IntID: Implicit PRI Spare: 0 Exclusive Dchan: 0 ChanSel: Reserved Ext: 1 Coding: 0 Number Specified Channel Type: 3 Ext: 1 Channel: 1 ] [79 01 80] Restart Indentifier (len= 3) [ Ext: 1 Spare: 0 Resetting Indicated Channel (0) ] Protocol Discriminator: Q.931 (8) len=13 Call Ref: len= 2 (reference 0/0x0) (Terminator) Message type: RESTART ACKNOWLEDGE (78) [18 03 a1 83 81] Channel ID (len= 5) [ Ext: 1 IntID: Implicit PRI Spare: 0 Preferred Dchan: 0 ChanSel: Reserved Ext: 1 Coding: 0 Number Specified Channel Type: 3 Ext: 1 Channel: 1 ] [79 01 80] Restart Indentifier (len= 3) [ Ext: 1 Spare: 0 Resetting Indicated Channel (0) ] -- Processing IE 24 (cs0, Channel Identification) -- Processing IE 121 (cs0, Restart Indicator) q931.c:3581 q931_receive: call 32768 on channel 1 enters state 0 (Null) q931.c:2755 q931_restart: call 32768 on channel 2 enters state 62 (Restart) Protocol Discriminator: Q.931 (8) len=13 Call Ref: len= 2 (reference 0/0x0) (Originator) Message type: RESTART (70) [18 03 a9 83 82] Channel ID (len= 5) [ Ext: 1 IntID: Implicit PRI Spare: 0 Exclusive Dchan: 0 ChanSel: Reserved Ext: 1 Coding: 0 Number Specified Channel Type: 3 Ext: 1 Channel: 2 ] [79 01 80] Restart Indentifier (len= 3) [ Ext: 1 Spare: 0 Resetting Indicated Channel (0) ] Protocol Discriminator: Q.931 (8) len=13 Call Ref: len= 2 (reference 0/0x0) (Terminator) Message type: RESTART ACKNOWLEDGE (78) [18 03 a1 83 82] Channel ID (len= 5) [ Ext: 1 IntID: Implicit PRI Spare: 0 Preferred Dchan: 0
Re: [asterisk-users] PRI dropping #2
On Thu, 2009-03-26 at 20:24 +0100, Harry Vangberg wrote: This sounds like what is happening, and is in order with what one of the technicians said - I was about 20 dB below their amplitude, theirs being 2048. Does this make *any* sense? How far is your Asterisk box from the demarcation point? If it's more than 133 feet (cable length), then you'll need to adjust the LBO setting on your span line in the DAHDI (or Zaptel) configuration file. -- Jared Smith Training Manager Digium, Inc. ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Asterisk multi-cpu
On 27/03/2009 8:06 a.m., Mike wrote: Hi, I know somebody is going to give me the link to the wiki hardware pages, but I can't find the answer there. I'd like to know if, for an Asterisk only system (nothing else of note running on it), I get a real gain from having 2 CPUs. Does the amount of traffic/SIP registrations/codec translation possible doubles with 2 CPUs? (each quad core E5420 to be precise)? Does it increase by 50%? It is only a marginal increase, or none at all? I wish I could test it myself, but I haven't bought the hardware yet and this will help me decide what I am buying. I tend to use multiple CPUs more on machines that handle multiple tasks (i.e. MySQL, Asterisk, Apache) -- Kind Regards, Matt Riddell Director ___ http://www.venturevoip.com (Great new VoIP end to end solution) http://www.venturevoip.com/news.php (Daily Asterisk News - html) http://www.venturevoip.com/newrssfeed.php (Daily Asterisk News - rss) ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] out of the box or do it your self?
On 27/03/2009 9:35 a.m., David fire wrote: hi i want to ask for your opinion what is better for a call center 100 current calls and other 200 current calls make the server step by step or use a auto install cd like asterisk now, druid elastix ? and why? If you are doing an install for a call centre with 100-200 concurrent calls, you should have either done a lot of smaller installs or be working with someone who has. You're going to need to understand the Asterisk source code, patching and/or have a support contract with someone. If you have a call centre and 100 people are sitting at their desk doing nothing, you're going to get in a lot of trouble very quickly. While I'm not in the consulting business, you'll find many people on the Asterisk-Biz mailing list who are. -- Kind Regards, Matt Riddell Director ___ http://www.venturevoip.com (Great new VoIP end to end solution) http://www.venturevoip.com/news.php (Daily Asterisk News - html) http://www.venturevoip.com/newrssfeed.php (Daily Asterisk News - rss) ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] PRI dropping #2
It's 2 feet from the Nokia network terminal from the telco. 2009/3/26 Jared Smith jsm...@digium.com: On Thu, 2009-03-26 at 20:24 +0100, Harry Vangberg wrote: This sounds like what is happening, and is in order with what one of the technicians said - I was about 20 dB below their amplitude, theirs being 2048. Does this make *any* sense? How far is your Asterisk box from the demarcation point? If it's more than 133 feet (cable length), then you'll need to adjust the LBO setting on your span line in the DAHDI (or Zaptel) configuration file. -- Jared Smith Training Manager Digium, Inc. ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
[asterisk-users] Need to find small footprint asterisk platform
Hey all, I have a potential project which calls for a very small form-factor computer like this: http://www.marvell.com/products/embedded_processors/developer/kirkwood/sheevaplug.jsp However, I am needing an FXS port integrated into a small footprint computer. Nothing larger than a WiFi router or gateway device, but the smaller the better, and able to run Asterisk with at least a spare USB port and preferably WiFi on the system (but no necessary). Even a device that could integrate the S100U into the case would be good. Anyone know of a device like this? The AA40 is a bit much for my needs, and the cost is to high. Thanks in advance. ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Asterisk multi-cpu
On Thu, Mar 26, 2009 at 3:06 PM, Mike l...@virtutel.ca wrote: Hi, I know somebody is going to give me the link to the wiki hardware pages, but I can't find the answer there. I'd like to know if, for an Asterisk only system (nothing else of note running on it), I get a real gain from having 2 CPUs. Does the amount of traffic/SIP registrations/codec translation possible doubles with 2 CPUs? (each quad core E5420 to be precise)? Does it increase by 50%? It is only a marginal increase, or none at all? You don't say anything about your possible kind of usage, so it's difficult to provide any specific answer to your question. In general, a few things are true: * asterisk is multi-threaded * linux kernel has nice job schedulers and i/o schedulers * if you have more ram, more things will get cached in ram * if you have more cpus / cores you can do more things at once as long as they aren't all idle waiting for some resource constraint You need to run a LOT of traffic through a server if it's just straight call handling, with a minimum of disk-bound i/o or transcoding, before you're going to max out modern hardware. So just buy the best server you want to buy, but save some money for a good warranty, or buy two servers if that's cheaper than what it would cost to be down. If you want more in-depth discussions on this you probably would prefer the asterisk-ha-clustering list: http://lists.digium.com/mailman/listinfo/asterisk-ha-clustering ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] sip.conf outboundproxy
On Mar 26, 2009, at 6:07 AM, Kevin P. Fleming wrote: Ricardo Carvalho wrote: Does it only send OUTBOUND calls via the proxy and not also internal extension calls via that proxy? As has already been posted in your other threads about this subject, Asterisk has no concept of an 'outbound' call at all. In that sense, the name of this option in sip.conf is incorrect, it should just be 'proxy'. If you tell Asterisk to use a SIP proxy for sending out SIP requests, it will send all requests to that proxy, regardless of whether that request might be involved in a call that you classify as 'internal'. To Asterisk, a SIP call is a SIP call; there is no 'internal', 'external', 'outbound', 'inbound', at least not in the sense of 'inside my PBX' or 'outside my PBX'. I agree. But... (isn't there always a caveat?) Would it be so difficult to have perhaps two different proxies? One would be for any SIP messages destined for IP addresses that were not in any of the localnet= lines, and one would be for any SIP messages destined for IP addresses that were destined for IP addresses that were NOT in the localnet= lines. Of course, leaving them blank would mean that a proxy would not be used for one group or the other. This would allow creation of the concept of outside and inside at an administrative level using previously-described network definitions in sip.conf. Plus, it would dis-entangle a lot of the logic that one might otherwise have to install on the proxy to reflect certain messages back into NATted zones or otherwise complex internal structures. I have imagined several more complex situations where I'd want to have multiple proxies, each with their own network ACL trigger masks, but I'll stick with the simple case for now. :-) JT --- John Todd email:jt...@digium.com Digium, Inc. | Asterisk Open Source Community Director 445 Jan Davis Drive NW - Huntsville AL 35806 - USA direct: +1-256-428-6083 http://www.digium.com/ ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
[asterisk-users] Know who's logged in
Hi all, For those of you people that use Agents (with Agentlogin, not AgentCallbackLogin) on a call center, I have this need: when the agent logs in, a channel keeps running all the time that the agent is logged in to receive the incoming calls. How do I know which agent logged in (code)? Right now, if I query the login channel, there is no information about which agent is logged on: # asterisk -rx show channel SIP/303-b2f1c368 -- General -- Name: SIP/303-b2f1c368 Type: SIP UniqueID: 1238094839.425549 Caller ID: 303 Caller ID Name: Ext. 303 DNID Digits: 7700 State: Up (6) Rings: 0 NativeFormats: 0x2 (gsm) WriteFormat: 0x2 (gsm) ReadFormat: 0x2 (gsm) WriteTranscode: No ReadTranscode: No 1st File Descriptor: 111 Frames in: 6199 Frames out: 4847 Time to Hangup: 0 Elapsed Time: 3h29m16s Direct Bridge: none Indirect Bridge: none -- PBX -- Context: XXX Extension: X Priority: XX Call Group: 0 Pickup Group: 0 Application: AgentLogin Data: (Empty) Blocking in: ast_waitfor_nandfds Variables: AVAILSTATUS=0 AVAILORIGCHAN=SIP/303 AVAILCHAN=SIP/303-0949f890 SIPCALLID=Y2MzOTc0NmExYjVkNDNjMzhhY2I1MDMwNTk0NTJkYzQ. SIPUSERAGENT=X-Lite release 1100l stamp 47546 SIPDOMAIN=X SIPURI=sip:3...@x CDR Variables: level 1: clid=Ext. 303 303 level 1: src=303 level 1: dst=XX level 1: dcontext=XXX level 1: channel=SIP/303-b2f1c368 level 1: lastapp=AgentLogin level 1: start=2009-03-26 14:13:59 level 1: answer=2009-03-26 14:13:59 level 1: duration=0 level 1: billsec=0 level 1: disposition=ANSWERED level 1: amaflags=DOCUMENTATION level 1: uniqueid=1238094839.425549 Is there an option for Agentlogin() to set a channel variable on the login channel that contains the code of the agent that successfully logged in? If not, would this be hard to accomplish by tweaking the chan_agent.c code to do that? It would be a really nice feature. I'm using asterisk 1.4.22. Thanks for any clue on this, -- Ing. Miguel Molina Grupo de Tecnología Millenium Phone Center PBX: (+57 1)6500800 ext. 1201 Fax: (+57 1)6500816 Móvil: (+57)3138873587 ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
[asterisk-users] Know who's logged in
Hi all, For those of you people that use Agents (with Agentlogin, not AgentCallbackLogin) on a call center, I have this need: when the agent logs in, a channel keeps running all the time that the agent is logged in to receive the incoming calls. How do I know which agent logged in (code)? Right now, if I query the login channel, there is no information about which agent is logged on: # asterisk -rx show channel SIP/303-b2f1c368 -- General -- Name: SIP/303-b2f1c368 Type: SIP UniqueID: 1238094839.425549 Caller ID: 303 Caller ID Name: Ext. 303 DNID Digits: 7700 State: Up (6) Rings: 0 NativeFormats: 0x2 (gsm) WriteFormat: 0x2 (gsm) ReadFormat: 0x2 (gsm) WriteTranscode: No ReadTranscode: No 1st File Descriptor: 111 Frames in: 6199 Frames out: 4847 Time to Hangup: 0 Elapsed Time: 3h29m16s Direct Bridge: none Indirect Bridge: none -- PBX -- Context: XXX Extension: X Priority: XX Call Group: 0 Pickup Group: 0 Application: AgentLogin Data: (Empty) Blocking in: ast_waitfor_nandfds Variables: AVAILSTATUS=0 AVAILORIGCHAN=SIP/303 AVAILCHAN=SIP/303-0949f890 SIPCALLID=Y2MzOTc0NmExYjVkNDNjMzhhY2I1MDMwNTk0NTJkYzQ. SIPUSERAGENT=X-Lite release 1100l stamp 47546 SIPDOMAIN=X SIPURI=sip:3...@x CDR Variables: level 1: clid=Ext. 303 303 level 1: src=303 level 1: dst=XX level 1: dcontext=XXX level 1: channel=SIP/303-b2f1c368 level 1: lastapp=AgentLogin level 1: start=2009-03-26 14:13:59 level 1: answer=2009-03-26 14:13:59 level 1: duration=0 level 1: billsec=0 level 1: disposition=ANSWERED level 1: amaflags=DOCUMENTATION level 1: uniqueid=1238094839.425549 Is there an option for Agentlogin() to set a channel variable on the login channel that contains the code of the agent that successfully logged in? If not, would this be hard to accomplish by tweaking the chan_agent.c code to do that? It would be a really nice feature. I'm using asterisk 1.4.22. Thanks for any clue on this, -- Ing. Miguel Molina Grupo de Tecnología Millenium Phone Center PBX: (+57 1)6500800 ext. 1201 Fax: (+57 1)6500816 Móvil: (+57)3138873587 ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Need to find small footprint asterisk platform
what about http://www.rowetel.com/ucasterisk/ip04.html seems like what you might be after good luck Anthony Plack wrote: Hey all, I have a potential project which calls for a very small form-factor computer like this: http://www.marvell.com/products/embedded_processors/developer/kirkwood/sheevaplug.jsp However, I am needing an FXS port integrated into a small footprint computer. Nothing larger than a WiFi router or gateway device, but the smaller the better, and able to run Asterisk with at least a spare USB port and preferably WiFi on the system (but no necessary). Even a device that could integrate the S100U into the case would be good. Anyone know of a device like this? The AA40 is a bit much for my needs, and the cost is to high. Thanks in advance. ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- Robin D. Rodriguez Systems Engineer Ifbyphone, Inc. Phone: (866) 250-1663 Fax: (847) 676-6553 rrodrig...@ifbyphone.com http://www.ifbyphone.com ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Know who's logged in
Miguel Molina wrote: Hi all, For those of you people that use Agents (with Agentlogin, not AgentCallbackLogin) on a call center, I have this need: when the agent logs in, a channel keeps running all the time that the agent is logged in to receive the incoming calls. How do I know which agent logged in (code)? Right now, if I query the login channel, there is no information about which agent is logged on: # asterisk -rx show channel SIP/303-b2f1c368 -- General -- Name: SIP/303-b2f1c368 Type: SIP UniqueID: 1238094839.425549 Caller ID: 303 Caller ID Name: Ext. 303 DNID Digits: 7700 State: Up (6) Rings: 0 NativeFormats: 0x2 (gsm) WriteFormat: 0x2 (gsm) ReadFormat: 0x2 (gsm) WriteTranscode: No ReadTranscode: No 1st File Descriptor: 111 Frames in: 6199 Frames out: 4847 Time to Hangup: 0 Elapsed Time: 3h29m16s Direct Bridge: none Indirect Bridge: none -- PBX -- Context: XXX Extension: X Priority: XX Call Group: 0 Pickup Group: 0 Application: AgentLogin Data: (Empty) Blocking in: ast_waitfor_nandfds Variables: AVAILSTATUS=0 AVAILORIGCHAN=SIP/303 AVAILCHAN=SIP/303-0949f890 SIPCALLID=Y2MzOTc0NmExYjVkNDNjMzhhY2I1MDMwNTk0NTJkYzQ. SIPUSERAGENT=X-Lite release 1100l stamp 47546 SIPDOMAIN=X SIPURI=sip:3...@x CDR Variables: level 1: clid=Ext. 303 303 level 1: src=303 level 1: dst=XX level 1: dcontext=XXX level 1: channel=SIP/303-b2f1c368 level 1: lastapp=AgentLogin level 1: start=2009-03-26 14:13:59 level 1: answer=2009-03-26 14:13:59 level 1: duration=0 level 1: billsec=0 level 1: disposition=ANSWERED level 1: amaflags=DOCUMENTATION level 1: uniqueid=1238094839.425549 Is there an option for Agentlogin() to set a channel variable on the login channel that contains the code of the agent that successfully logged in? If not, would this be hard to accomplish by tweaking the chan_agent.c code to do that? It would be a really nice feature. I'm using asterisk 1.4.22. Thanks for any clue on this, There is a CLI command agent show which will list all agents. This output will show the agent's number, name, whether he/she is logged in, and moh class. Similarly, there is a command agent show online which will only list logged-in agents. Mark Michelson ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Asterisk multi-cpu
Mike wrote: Hi, I know somebody is going to give me the link to the wiki hardware pages, but I can't find the answer there. I'd like to know if, for an Asterisk only system (nothing else of note running on it), I get a real gain from having 2 CPUs. Does the amount of traffic/SIP registrations/codec translation possible doubles with 2 CPUs? (each quad core E5420 to be precise)? Does it increase by 50%? It is only a marginal increase, or none at all? I wish I could test it myself, but I haven't bought the hardware yet and this will help me decide what I am buying. Regards, Mike ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users In my experience I don't see any benefit from dual cpu's on asterisk boxes unless you are doing a lot of transcoding and generally I would suggest trying to avoid transcoding as it generally works out more cost effective in the long run than continually adding hardware. I've found chan_sip to be a limiter long before the hardware is stressed. -- Robin D. Rodriguez Systems Engineer Ifbyphone, Inc. http://www.ifbyphone.com ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Asterisk multi-cpu
Thanks that`s great info, and I've already subscribed to the HA mailing list. I understand call handling takes little CPU, but half my calls are transcoded from ulaw to g729 and vice versa. That seems to take my single CPU, dual-core 2.5Ghz machine up to ~35% CPU utilization. I imagine doubling what happens on my server would take me dangerously close to the upper limit of good call quality. Am I complete off? Mike -Original Message- From: asterisk-users-boun...@lists.digium.com [mailto:asterisk-users- boun...@lists.digium.com] On Behalf Of David Backeberg Sent: Thursday, March 26, 2009 18:40 To: Asterisk Users Mailing List - Non-Commercial Discussion Subject: Re: [asterisk-users] Asterisk multi-cpu On Thu, Mar 26, 2009 at 3:06 PM, Mike l...@virtutel.ca wrote: Hi, I know somebody is going to give me the link to the wiki hardware pages, but I can't find the answer there. I'd like to know if, for an Asterisk only system (nothing else of note running on it), I get a real gain from having 2 CPUs. Does the amount of traffic/SIP registrations/codec translation possible doubles with 2 CPUs? (each quad core E5420 to be precise)? Does it increase by 50%? It is only a marginal increase, or none at all? You don't say anything about your possible kind of usage, so it's difficult to provide any specific answer to your question. In general, a few things are true: * asterisk is multi-threaded * linux kernel has nice job schedulers and i/o schedulers * if you have more ram, more things will get cached in ram * if you have more cpus / cores you can do more things at once as long as they aren't all idle waiting for some resource constraint You need to run a LOT of traffic through a server if it's just straight call handling, with a minimum of disk-bound i/o or transcoding, before you're going to max out modern hardware. So just buy the best server you want to buy, but save some money for a good warranty, or buy two servers if that's cheaper than what it would cost to be down. If you want more in-depth discussions on this you probably would prefer the asterisk-ha-clustering list: http://lists.digium.com/mailman/listinfo/asterisk-ha-clustering ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Know who's logged in
Hello Mark Miquel , On Thu, 26 Mar 2009, Mark Michelson wrote: Miguel Molina wrote: Hi all, For those of you people that use Agents (with Agentlogin, not AgentCallbackLogin) on a call center, I have this need: when the agent logs in, a channel keeps running all the time that the agent is logged in to receive the incoming calls. How do I know which agent logged in (code)? Right now, if I query the login channel, there is no information about which agent is logged on: # asterisk -rx show channel SIP/303-b2f1c368 -- General -- Name: SIP/303-b2f1c368 Type: SIP UniqueID: 1238094839.425549 Caller ID: 303 Caller ID Name: Ext. 303 DNID Digits: 7700 State: Up (6) Rings: 0 NativeFormats: 0x2 (gsm) WriteFormat: 0x2 (gsm) ReadFormat: 0x2 (gsm) WriteTranscode: No ReadTranscode: No 1st File Descriptor: 111 Frames in: 6199 Frames out: 4847 Time to Hangup: 0 Elapsed Time: 3h29m16s Direct Bridge: none Indirect Bridge: none -- PBX -- Context: XXX Extension: X Priority: XX Call Group: 0 Pickup Group: 0 Application: AgentLogin Data: (Empty) Blocking in: ast_waitfor_nandfds Variables: AVAILSTATUS=0 AVAILORIGCHAN=SIP/303 AVAILCHAN=SIP/303-0949f890 SIPCALLID=Y2MzOTc0NmExYjVkNDNjMzhhY2I1MDMwNTk0NTJkYzQ. SIPUSERAGENT=X-Lite release 1100l stamp 47546 SIPDOMAIN=X SIPURI=sip:3...@x CDR Variables: level 1: clid=Ext. 303 303 level 1: src=303 level 1: dst=XX level 1: dcontext=XXX level 1: channel=SIP/303-b2f1c368 level 1: lastapp=AgentLogin level 1: start=2009-03-26 14:13:59 level 1: answer=2009-03-26 14:13:59 level 1: duration=0 level 1: billsec=0 level 1: disposition=ANSWERED level 1: amaflags=DOCUMENTATION level 1: uniqueid=1238094839.425549 Is there an option for Agentlogin() to set a channel variable on the login channel that contains the code of the agent that successfully logged in? If not, would this be hard to accomplish by tweaking the chan_agent.c code to do that? It would be a really nice feature. I'm using asterisk 1.4.22. Thanks for any clue on this, There is a CLI command agent show which will list all agents. This output will show the agent's number, name, whether he/she is logged in, and moh class. Similarly, there is a command agent show online which will only list logged-in agents. Mark Michelson There does not seem to be a 'agent' command in 1.4.2x . asterisk-2*CLI core show version Asterisk 1.4.21.2 built by root @ asterisk-2 on a i686 running Linux on 2009-01-07 05:57:09 UTC asterisk-2*CLI agent No such command 'agent' (type 'help agent' for other possible commands) And he mentions 1.4.22 . Now unless I've misconfigured my compile of 1.4 then ... Hopefully there is a differant command ? Tia , JimL -- +--+ | James W. Laferriere | SystemTechniques | Give me VMS | | NetworkSystem Engineer | 2133McCullam Ave | Give me Linux | | bab...@baby-dragons.com | Fairbanks, AK. 99701 | only on AXP | +--+ ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
[asterisk-users] Need help on how to programmatically call an extension test call state
I would be grateful if someone could tell me where to find the docs to get started on the following problem: A program needs to be written to place a SIP call to a certain extension on another Asterisk system, and see whether the call state ratchets up to ringing, then drop, and take action on the results. Can anyone refer me to the appropriate starting point to read up on this? Thanks. ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Asterisk multi-cpu
From your figures, it would appear that if you double the load you will be potentially starting to see problems... FYI, not sure if it's of use to you... but... The digium tc400b is a transcoder card that can offload upto 120 channels of transcoding for g729 - ulaw... It's available as PCI only, but, if that's OK, it could be an alternative to replacing your server... G729 licenses are not needed when using that card... There have been posts by some people about having multiple CPU machines but finding that asterisk's load wasn't spread over those CPUs very well... I'm not sure if they had something special happening that caused their symptoms, but, from your dual core machine you should be able to see whether or not the load is already being spread across the 2 cores OK with your workload... d 2009/3/27 Mike l...@virtutel.ca Thanks that`s great info, and I've already subscribed to the HA mailing list. I understand call handling takes little CPU, but half my calls are transcoded from ulaw to g729 and vice versa. That seems to take my single CPU, dual-core 2.5Ghz machine up to ~35% CPU utilization. I imagine doubling what happens on my server would take me dangerously close to the upper limit of good call quality. Am I complete off? Mike -Original Message- From: asterisk-users-boun...@lists.digium.com [mailto:asterisk-users- boun...@lists.digium.com] On Behalf Of David Backeberg Sent: Thursday, March 26, 2009 18:40 To: Asterisk Users Mailing List - Non-Commercial Discussion Subject: Re: [asterisk-users] Asterisk multi-cpu On Thu, Mar 26, 2009 at 3:06 PM, Mike l...@virtutel.ca wrote: Hi, I know somebody is going to give me the link to the wiki hardware pages, but I can't find the answer there. I'd like to know if, for an Asterisk only system (nothing else of note running on it), I get a real gain from having 2 CPUs. Does the amount of traffic/SIP registrations/codec translation possible doubles with 2 CPUs? (each quad core E5420 to be precise)? Does it increase by 50%? It is only a marginal increase, or none at all? You don't say anything about your possible kind of usage, so it's difficult to provide any specific answer to your question. In general, a few things are true: * asterisk is multi-threaded * linux kernel has nice job schedulers and i/o schedulers * if you have more ram, more things will get cached in ram * if you have more cpus / cores you can do more things at once as long as they aren't all idle waiting for some resource constraint You need to run a LOT of traffic through a server if it's just straight call handling, with a minimum of disk-bound i/o or transcoding, before you're going to max out modern hardware. So just buy the best server you want to buy, but save some money for a good warranty, or buy two servers if that's cheaper than what it would cost to be down. If you want more in-depth discussions on this you probably would prefer the asterisk-ha-clustering list: http://lists.digium.com/mailman/listinfo/asterisk-ha-clustering ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] IAX problem through intermediate asterisk box
So no one else has a problem routing IAX traffic through an intermediate Asterisk server? Does anyone else use Asterisk in such a configuration? On Thu, Mar 26, 2009 at 2:45 AM, Andrew Hakman andrew.hak...@gmail.com wrote: I'm having a problem with IAX running through an intermediate asterisk box. Perhaps a small diagram will explain the situation better: *A --- [cloud (public internet)] --- *B [cloud (private network)]--- *C Asterisk server's A, B, and C, are all connected together with IAX All asterisk servers are 1.6.0.6 Server A and B are geographically close, but connected over the public internet. Server B and C are geographically far, but connected over a private network. (the latency between A and B, and B and C are roughly equal) Each server has at least 1 phone hanging off of it, with A and C having most of the phones (B only has a couple). A's extensions are all 1XXX, B's are 2XXX, and C's are 3XXX Phoning from A to B (or vice versa) works well, as does phoning from B to C (and vice versa). Calls can be placed for an indefinite amount of time and everything works great. The problem arises when phoning from A through B to C (or vice versa). For the first small amount of time (which can vary on a call to call basis, and lasts from 0 seconds to 3 minutes or so) everything is fine. After this, the audio in both directions gets garbled, and starts arriving in spurts. Once this happens, it continues forever. The audio never returns to normal no matter how long you wait. A to B uses IAX with trunking. B to C is not using trunking (dahdi_dummy is not working well on C for some reason - the module loads, but no /dev/dahdi is ever created). The same behavior happens when A to B is not using trunking either. Usually only 1 call is being placed at a time. An interesting thing happens when 2 testcalls are in progress at the same time though. If there's a call from A to B, and a call from A to C is made, once the call from A to C becomes garbled, so does the A to B call. When the A to C call is ended, the A to B call clears up. Ending the A to B call first does not improve the A to C call. The dialplans are setup so each server passes all non-local extensions to it's neighbor. Hence, for A, the relevant part of the dialplan is exten = _2XXX,1,Verbose(1|Extension 2xxx) exten = _2XXX,n,Dial(IAX2/asterisk_B/${EXTEN}) exten = _2XXX,n,Hangup() exten = _3XXX,1,Verbose(1|Extension 3xxx) exten = _3xxx,n,Dial(IAX2/asterisk_B/${EXTEN}) exten = _3xxx,n,Hangup() For B: exten = _1XXX,1,NoOp() exten = _1XXX,n,Dial(IAX2/asterisk_A/${EXTEN}) exten = _1XXX,n,Hangup() exten = _3xxx,1,NoOp() exten = _3xxx,n,Dial(IAX2/asterisk_C/${EXTEN}) exten = _3xxx,n,Hangup() For C: exten = _2XXX,1,Verbose(1|Extension 2xxx) exten = _2XXX,n,Dial(IAX2/asterisk_B/${EXTEN}) exten = _2XXX,n,Hangup() exten = _1XXX,1,Verbose(1|Extension 1xxx) exten = _1XXX,n,Dial(IAX2/asterisk_B/${EXTEN}) exten = _1XXX,n,Hangup() Is this the proper way to set such a configuration up? Is there a better way to call from A through B to C that would work better? Anyone else experience total audio breakup after a while with a similar arrangement? Why does it work initially for up to about 3 minutes, then completely fall apart? Thanks, Andrew ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] out of the box or do it your self?
hi i had installed many systems, many of them for call centers i had always installed them from scratch compiling asterisk and writing all the config from temaplates i did my self. but i saw so many out of the box solutions and i was thinking how good they are? to make one like elastix or druid (or any one) you need to know a lot of linux and asterisk so if a guy (or a group of guys) who know a lot make a distro maybe it is good enougth... David 2009/3/26 Steve Edwards asterisk@sedwards.com On Thu, 26 Mar 2009, David fire wrote: i want to ask for your opinion what is better for a call center 100 current calls and other 200 current calls make the server step by step or use a auto install cd like asterisk now, druid elastix ? and why? idontunderstandyourquestionbutithinkcaseandpuctuationmayhelp If you are asking for an opinion on whether to use an all-in-one package or build up from scratch -- it depends. If you need all the cruft on the disc, install it. It may be a prerequisite to be supported. If you don't need all the cruft or support, no. You should do a minimal server (no X) install. Meaning, de-select everything in the distro. Then, build up your installation based on your actual needs. You will end up with a more efficient and secure system that is easier and faster to maintain -- and as a bonus, you will gain an understanding into what's actually going on in your box. Thanks in advance, Steve Edwards sedwa...@sedwards.com Voice: +1-760-468-3867 PST Newline Fax: +1-760-731-3000 ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- (\__/) (='.'=)This is Bunny. Copy and paste bunny into your ()_()signature to help him gain world domination. ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] IAX problem through intermediate asterisk box
On Fri, Mar 27, 2009 at 12:50 AM, Andrew Hakman andrew.hak...@gmail.com wrote: So no one else has a problem routing IAX traffic through an intermediate Asterisk server? Does anyone else use Asterisk in such a configuration? On Thu, Mar 26, 2009 at 2:45 AM, Andrew Hakman andrew.hak...@gmail.com wrote: I'm having a problem with IAX running through an intermediate asterisk box. Perhaps a small diagram will explain the situation better: *A --- [cloud (public internet)] --- *B [cloud (private network)]--- *C Asterisk server's A, B, and C, are all connected together with IAX All asterisk servers are 1.6.0.6 Server A and B are geographically close, but connected over the public internet. Server B and C are geographically far, but connected over a private network. (the latency between A and B, and B and C are roughly equal) Each server has at least 1 phone hanging off of it, with A and C having most of the phones (B only has a couple). A's extensions are all 1XXX, B's are 2XXX, and C's are 3XXX Phoning from A to B (or vice versa) works well, as does phoning from B to C (and vice versa). Calls can be placed for an indefinite amount of time and everything works great. The problem arises when phoning from A through B to C (or vice versa). For the first small amount of time (which can vary on a call to call basis, and lasts from 0 seconds to 3 minutes or so) everything is fine. After this, the audio in both directions gets garbled, and starts arriving in spurts. Once this happens, it continues forever. The audio never returns to normal no matter how long you wait. A to B uses IAX with trunking. B to C is not using trunking (dahdi_dummy is not working well on C for some reason - the module loads, but no /dev/dahdi is ever created). The same behavior happens when A to B is not using trunking either. Usually only 1 call is being placed at a time. An interesting thing happens when 2 testcalls are in progress at the same time though. If there's a call from A to B, and a call from A to C is made, once the call from A to C becomes garbled, so does the A to B call. When the A to C call is ended, the A to B call clears up. Ending the A to B call first does not improve the A to C call. The dialplans are setup so each server passes all non-local extensions to it's neighbor. Hence, for A, the relevant part of the dialplan is exten = _2XXX,1,Verbose(1|Extension 2xxx) exten = _2XXX,n,Dial(IAX2/asterisk_B/${EXTEN}) exten = _2XXX,n,Hangup() exten = _3XXX,1,Verbose(1|Extension 3xxx) exten = _3xxx,n,Dial(IAX2/asterisk_B/${EXTEN}) exten = _3xxx,n,Hangup() For B: exten = _1XXX,1,NoOp() exten = _1XXX,n,Dial(IAX2/asterisk_A/${EXTEN}) exten = _1XXX,n,Hangup() exten = _3xxx,1,NoOp() exten = _3xxx,n,Dial(IAX2/asterisk_C/${EXTEN}) exten = _3xxx,n,Hangup() For C: exten = _2XXX,1,Verbose(1|Extension 2xxx) exten = _2XXX,n,Dial(IAX2/asterisk_B/${EXTEN}) exten = _2XXX,n,Hangup() exten = _1XXX,1,Verbose(1|Extension 1xxx) exten = _1XXX,n,Dial(IAX2/asterisk_B/${EXTEN}) exten = _1XXX,n,Hangup() Is this the proper way to set such a configuration up? Is there a better way to call from A through B to C that would work better? Anyone else experience total audio breakup after a while with a similar arrangement? Why does it work initially for up to about 3 minutes, then completely fall apart? Thanks, Andrew ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users I have had, seen, or fixed this problem more times than I can count. Use SIP. IAX2 has been a common problem that I have fixed many many times for people over the years. OR, The latest version should fix it, which is the Digium tagline on IAX2. Please report back your results if you do use SIP. -- Thanks, Steve Totaro +18887771888 (Toll Free) +12409381212 (Cell) ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Need help on how to programmatically call an extension test call state
you can use the asterisk Manager or AMI. there is a very good java project asterisk-java but there are librarys for almost every languaje. look for Asterisk Manager and AMI www.voip-info.org is a good place to start David 2009/3/27 eric weaver ecwea...@gmail.com I would be grateful if someone could tell me where to find the docs to get started on the following problem: A program needs to be written to place a SIP call to a certain extension on another Asterisk system, and see whether the call state ratchets up to ringing, then drop, and take action on the results. Can anyone refer me to the appropriate starting point to read up on this? Thanks. ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- (\__/) (='.'=)This is Bunny. Copy and paste bunny into your ()_()signature to help him gain world domination. ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] IAX problem through intermediate asterisk box
I'll have to get some VPN's setup, but I will give it a try with SIP. Thanks for the input - you saved me building 2 more asterisk servers for testing this issue locally (rather than across 3 networks). Andrew On Thu, Mar 26, 2009 at 11:12 PM, Steve Totaro stot...@asteriskhelpdesk.com wrote: On Fri, Mar 27, 2009 at 12:50 AM, Andrew Hakman andrew.hak...@gmail.com wrote: So no one else has a problem routing IAX traffic through an intermediate Asterisk server? Does anyone else use Asterisk in such a configuration? On Thu, Mar 26, 2009 at 2:45 AM, Andrew Hakman andrew.hak...@gmail.com wrote: I'm having a problem with IAX running through an intermediate asterisk box. Perhaps a small diagram will explain the situation better: *A --- [cloud (public internet)] --- *B [cloud (private network)]--- *C Asterisk server's A, B, and C, are all connected together with IAX All asterisk servers are 1.6.0.6 Server A and B are geographically close, but connected over the public internet. Server B and C are geographically far, but connected over a private network. (the latency between A and B, and B and C are roughly equal) Each server has at least 1 phone hanging off of it, with A and C having most of the phones (B only has a couple). A's extensions are all 1XXX, B's are 2XXX, and C's are 3XXX Phoning from A to B (or vice versa) works well, as does phoning from B to C (and vice versa). Calls can be placed for an indefinite amount of time and everything works great. The problem arises when phoning from A through B to C (or vice versa). For the first small amount of time (which can vary on a call to call basis, and lasts from 0 seconds to 3 minutes or so) everything is fine. After this, the audio in both directions gets garbled, and starts arriving in spurts. Once this happens, it continues forever. The audio never returns to normal no matter how long you wait. A to B uses IAX with trunking. B to C is not using trunking (dahdi_dummy is not working well on C for some reason - the module loads, but no /dev/dahdi is ever created). The same behavior happens when A to B is not using trunking either. Usually only 1 call is being placed at a time. An interesting thing happens when 2 testcalls are in progress at the same time though. If there's a call from A to B, and a call from A to C is made, once the call from A to C becomes garbled, so does the A to B call. When the A to C call is ended, the A to B call clears up. Ending the A to B call first does not improve the A to C call. The dialplans are setup so each server passes all non-local extensions to it's neighbor. Hence, for A, the relevant part of the dialplan is exten = _2XXX,1,Verbose(1|Extension 2xxx) exten = _2XXX,n,Dial(IAX2/asterisk_B/${EXTEN}) exten = _2XXX,n,Hangup() exten = _3XXX,1,Verbose(1|Extension 3xxx) exten = _3xxx,n,Dial(IAX2/asterisk_B/${EXTEN}) exten = _3xxx,n,Hangup() For B: exten = _1XXX,1,NoOp() exten = _1XXX,n,Dial(IAX2/asterisk_A/${EXTEN}) exten = _1XXX,n,Hangup() exten = _3xxx,1,NoOp() exten = _3xxx,n,Dial(IAX2/asterisk_C/${EXTEN}) exten = _3xxx,n,Hangup() For C: exten = _2XXX,1,Verbose(1|Extension 2xxx) exten = _2XXX,n,Dial(IAX2/asterisk_B/${EXTEN}) exten = _2XXX,n,Hangup() exten = _1XXX,1,Verbose(1|Extension 1xxx) exten = _1XXX,n,Dial(IAX2/asterisk_B/${EXTEN}) exten = _1XXX,n,Hangup() Is this the proper way to set such a configuration up? Is there a better way to call from A through B to C that would work better? Anyone else experience total audio breakup after a while with a similar arrangement? Why does it work initially for up to about 3 minutes, then completely fall apart? Thanks, Andrew ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users I have had, seen, or fixed this problem more times than I can count. Use SIP. IAX2 has been a common problem that I have fixed many many times for people over the years. OR, The latest version should fix it, which is the Digium tagline on IAX2. Please report back your results if you do use SIP. -- Thanks, Steve Totaro +18887771888 (Toll Free) +12409381212 (Cell) ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] IAX problem through intermediate asterisk box
Here's my troubleshooting help -- since the problem sounds like a timing issue and part of the call is being trunked, then fix your timing problem, or remove the trunking from A and B then see if the problem goes away. On Thu, Mar 26, 2009 at 10:50 PM, Andrew Hakman andrew.hak...@gmail.comwrote: So no one else has a problem routing IAX traffic through an intermediate Asterisk server? Does anyone else use Asterisk in such a configuration? On Thu, Mar 26, 2009 at 2:45 AM, Andrew Hakman andrew.hak...@gmail.com wrote: I'm having a problem with IAX running through an intermediate asterisk box. Perhaps a small diagram will explain the situation better: *A --- [cloud (public internet)] --- *B [cloud (private network)]--- *C Asterisk server's A, B, and C, are all connected together with IAX All asterisk servers are 1.6.0.6 Server A and B are geographically close, but connected over the public internet. Server B and C are geographically far, but connected over a private network. (the latency between A and B, and B and C are roughly equal) Each server has at least 1 phone hanging off of it, with A and C having most of the phones (B only has a couple). A's extensions are all 1XXX, B's are 2XXX, and C's are 3XXX Phoning from A to B (or vice versa) works well, as does phoning from B to C (and vice versa). Calls can be placed for an indefinite amount of time and everything works great. The problem arises when phoning from A through B to C (or vice versa). For the first small amount of time (which can vary on a call to call basis, and lasts from 0 seconds to 3 minutes or so) everything is fine. After this, the audio in both directions gets garbled, and starts arriving in spurts. Once this happens, it continues forever. The audio never returns to normal no matter how long you wait. A to B uses IAX with trunking. B to C is not using trunking (dahdi_dummy is not working well on C for some reason - the module loads, but no /dev/dahdi is ever created). The same behavior happens when A to B is not using trunking either. Usually only 1 call is being placed at a time. An interesting thing happens when 2 testcalls are in progress at the same time though. If there's a call from A to B, and a call from A to C is made, once the call from A to C becomes garbled, so does the A to B call. When the A to C call is ended, the A to B call clears up. Ending the A to B call first does not improve the A to C call. The dialplans are setup so each server passes all non-local extensions to it's neighbor. Hence, for A, the relevant part of the dialplan is exten = _2XXX,1,Verbose(1|Extension 2xxx) exten = _2XXX,n,Dial(IAX2/asterisk_B/${EXTEN}) exten = _2XXX,n,Hangup() exten = _3XXX,1,Verbose(1|Extension 3xxx) exten = _3xxx,n,Dial(IAX2/asterisk_B/${EXTEN}) exten = _3xxx,n,Hangup() For B: exten = _1XXX,1,NoOp() exten = _1XXX,n,Dial(IAX2/asterisk_A/${EXTEN}) exten = _1XXX,n,Hangup() exten = _3xxx,1,NoOp() exten = _3xxx,n,Dial(IAX2/asterisk_C/${EXTEN}) exten = _3xxx,n,Hangup() For C: exten = _2XXX,1,Verbose(1|Extension 2xxx) exten = _2XXX,n,Dial(IAX2/asterisk_B/${EXTEN}) exten = _2XXX,n,Hangup() exten = _1XXX,1,Verbose(1|Extension 1xxx) exten = _1XXX,n,Dial(IAX2/asterisk_B/${EXTEN}) exten = _1XXX,n,Hangup() Is this the proper way to set such a configuration up? Is there a better way to call from A through B to C that would work better? Anyone else experience total audio breakup after a while with a similar arrangement? Why does it work initially for up to about 3 minutes, then completely fall apart? Thanks, Andrew ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] SIP Asterisk Hacked (1.6.0.6)
Y, did you have the extension logic to call to PSTN in [default] ??? If yes, then your system was not hacked... you need to read some documentation and find out the [default] context is supposed to be non-secure... if you allow routes to PSTN in [default] then you're inviting others to call out Martin On Wed, Mar 25, 2009 at 9:40 AM, David Anthony O Reilly oreil...@tcd.iewrote: Hi all I have been hacked but no idea how!!! I noticed somebody in Eastern Europe came from an American IP and tried to call loads of international numbers. Thankfully I had no credit with my VOIP out provider so the calls went nowhere. But if I had credit it would all have been used up. I noticed hundreds of calls being made from clid and src being either UNKNOWN or as ASTERISK. Here are a sample: 2009-03-24 16:47:14 asterisk asterisk asterisk 0037322483581 default SIP/66.199.242.101-09da9128 IAX2/out-1497 Dial iax2/out/0037322483581 8 6 ANSWERED 3 1237913234.1077 2009-03-24 16:47:15 Unknown Unknown Unknown 00380449536745 default SIP/66.199.242.101-09da5230 IAX2/out-516 Dial iax2/out/00380449536745 8 7 ANSWERED 3 1237913235.1081 I've reported it to the authorities and they are doing a backtrace to find the hacker, and in the meantime I have set my firewall that ONLY SIP requests from my own IP address can connect so my home phones can connect. My config is ALL NORMAL - I am careful about putting it up here in case somebody else tries a fast one on me, but what I can tell you is that my passwords are all SHA1 substrings and there is no way in hell somebody could guess them. My box was not compromised either, as I went through my message logs, my ISP also has a server firewall rule set up so that one false password and the details are logged and I'm notified as somebody also tried a dictionary attack on me. So now my system is all ruled up and I can only use it from here, if I am out and about I can't use it. Anybody have any ideas about what I can do to try and find this security hole??? I am sure it's a bug as surely nobody should have been able to log into asterisk WITHOUT a password (from what i can see!!) and make calls out leaving the source and id as UNKNOWN or ASTERISK. Thanks in advance David ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] IAX problem through intermediate asterisk box
I initially had no trunking anywhere, and had the same behavior. I thought trunking would help, but I can't figure out why the /dev/dahdi device doesn't get created on C. The dahdi tools / modules don't seem to have much error / debugging info available, or if they do, I sure can't find it anywhere obvious. Andrew On Thu, Mar 26, 2009 at 11:39 PM, Brandon B. bran...@brellsystems.com wrote: Here's my troubleshooting help -- since the problem sounds like a timing issue and part of the call is being trunked, then fix your timing problem, or remove the trunking from A and B then see if the problem goes away. On Thu, Mar 26, 2009 at 10:50 PM, Andrew Hakman andrew.hak...@gmail.com wrote: So no one else has a problem routing IAX traffic through an intermediate Asterisk server? Does anyone else use Asterisk in such a configuration? On Thu, Mar 26, 2009 at 2:45 AM, Andrew Hakman andrew.hak...@gmail.com wrote: I'm having a problem with IAX running through an intermediate asterisk box. Perhaps a small diagram will explain the situation better: *A --- [cloud (public internet)] --- *B [cloud (private network)]--- *C Asterisk server's A, B, and C, are all connected together with IAX All asterisk servers are 1.6.0.6 Server A and B are geographically close, but connected over the public internet. Server B and C are geographically far, but connected over a private network. (the latency between A and B, and B and C are roughly equal) Each server has at least 1 phone hanging off of it, with A and C having most of the phones (B only has a couple). A's extensions are all 1XXX, B's are 2XXX, and C's are 3XXX Phoning from A to B (or vice versa) works well, as does phoning from B to C (and vice versa). Calls can be placed for an indefinite amount of time and everything works great. The problem arises when phoning from A through B to C (or vice versa). For the first small amount of time (which can vary on a call to call basis, and lasts from 0 seconds to 3 minutes or so) everything is fine. After this, the audio in both directions gets garbled, and starts arriving in spurts. Once this happens, it continues forever. The audio never returns to normal no matter how long you wait. A to B uses IAX with trunking. B to C is not using trunking (dahdi_dummy is not working well on C for some reason - the module loads, but no /dev/dahdi is ever created). The same behavior happens when A to B is not using trunking either. Usually only 1 call is being placed at a time. An interesting thing happens when 2 testcalls are in progress at the same time though. If there's a call from A to B, and a call from A to C is made, once the call from A to C becomes garbled, so does the A to B call. When the A to C call is ended, the A to B call clears up. Ending the A to B call first does not improve the A to C call. The dialplans are setup so each server passes all non-local extensions to it's neighbor. Hence, for A, the relevant part of the dialplan is exten = _2XXX,1,Verbose(1|Extension 2xxx) exten = _2XXX,n,Dial(IAX2/asterisk_B/${EXTEN}) exten = _2XXX,n,Hangup() exten = _3XXX,1,Verbose(1|Extension 3xxx) exten = _3xxx,n,Dial(IAX2/asterisk_B/${EXTEN}) exten = _3xxx,n,Hangup() For B: exten = _1XXX,1,NoOp() exten = _1XXX,n,Dial(IAX2/asterisk_A/${EXTEN}) exten = _1XXX,n,Hangup() exten = _3xxx,1,NoOp() exten = _3xxx,n,Dial(IAX2/asterisk_C/${EXTEN}) exten = _3xxx,n,Hangup() For C: exten = _2XXX,1,Verbose(1|Extension 2xxx) exten = _2XXX,n,Dial(IAX2/asterisk_B/${EXTEN}) exten = _2XXX,n,Hangup() exten = _1XXX,1,Verbose(1|Extension 1xxx) exten = _1XXX,n,Dial(IAX2/asterisk_B/${EXTEN}) exten = _1XXX,n,Hangup() Is this the proper way to set such a configuration up? Is there a better way to call from A through B to C that would work better? Anyone else experience total audio breakup after a while with a similar arrangement? Why does it work initially for up to about 3 minutes, then completely fall apart? Thanks, Andrew ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users