[asterisk-users] Asterisk Crashes - Segmentation Fault
Hello Team, I was looking for audio conferencing solution where i got Web-meetme. I had installed Asterisk 1.6.2.9 on Centos 5.4. Its perfecting working fine. I tried using Meetme even meetme app is working perfectly fine. I installed Webmeetme 4.0 and integrated with my asterisk. When i try to dial the conference number it take me to an IVR wherein it asks for the conference number. The time i provide the conference number, asterisk crashes giving segmentation fault. I have been trying to google up and checked lot of forums but didnt get any solution for this yet. Kernel version -- 2.6.18-194.3.1.el5PAE -- Thanks & Regards Manmohan Singh Jandu -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] GURUs - How to monitor all MySQL actions on an Asterisk/FreePBX server?
On Thu, 8 Jul 2010, bruce bruce wrote: > Thanks for the input. Tailing the mysql log file doesn't show me > anything even though FreePBX does right to the asterisk table. I think > log is more for errors and unexpected shutdowns etcand not queries. > In the my.cnf file there is no configuration to higher or lower the > verbose to show queries. Any other method of checking queries coming > through? Maybe FreePBX uses MySQL direct sockets and its different? Googling "mysql query log" brings up: http://dev.mysql.com/doc/refman/5.1/en/query-log.html as the first hit. -- Thanks in advance, - Steve Edwards sedwa...@sedwards.com Voice: +1-760-468-3867 PST Newline Fax: +1-760-731-3000 -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Communication IAX2 >SIP>IAX2
2010/7/8 Kyle Kienapfel > On Wed, Jul 7, 2010 at 10:34 AM, Adil Zaaraoui > wrote: > > Dear list. > > > > Is it possible to use both IAX2 and SIP protocole during a dial? > > > > Illustration: > > > > I have peer A communicate with my Asterisk using IAX2 protocole. > > I have peer B communicate with my Asterisk using SIP protocole. > > > > A and B are both registred to the same Asterisk. > > > > So is it possible that peer A communicate with peer B and vice versa? > > > > if yes how can i achieve that? > > > > Best regards > > > yes it is possible, all you have to to is use the Dial application according to what technology your peer is using, and asterisk do the translation for you automatically: exten = XXX,1,Dial(IAX2/A,20,) and exten = XXX,1,Dial(SIP/B,20,) you can also use one Dial that try to reach this extension using both technologies. exten = XXX,1,Dial(IAX2/A&SIP/A,,) (or if A=555 for ex: exten = 555,Dial(IAX2/${EXTEN}&SIP/${EXTEN},,) you can find this and more on the future of telephony book. Good luck!! -- Abdullah -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] GURUs - How to monitor all MySQL actions on an Asterisk/FreePBX server?
Thanks for the input. Tailing the mysql log file doesn't show me anything even though FreePBX does right to the asterisk table. I think log is more for errors and unexpected shutdowns etcand not queries. In the my.cnf file there is no configuration to higher or lower the verbose to show queries. Any other method of checking queries coming through? Maybe FreePBX uses MySQL direct sockets and its different? Thanks, Bruce On Wed, Jul 7, 2010 at 9:50 PM, Zeeshan Zakaria wrote: > On a separate terminal, you can do something like 'tail -f > /var/log/mysqld.log' or whatever the name of the mysql log file is. > > Zeeshan A Zakaria > > -- > www.ilovetovoip.com > > On 2010-07-07 9:43 PM, "Carlos Chavez" wrote: > > *On Wed, 7 Jul 2010 19:19:28 -0400, bruce bruce wrote* > > > Hi Guys, > > > > This is something related and yet un-related to Asterisk. I have a > FreePBX/Asterisk... > It is called the mysql query log. Mysql can create a log of all queries it > receives. When using Freepbx Asterisk has no knowledge that Mysql is > involved (only for CDR) so Asterisk does not send anything configuration > related to Mysql. > > -- > Carlos Chavez > Director de Tecnología > Telecomunicaciones Abiertas de México S.A. de C.V. > Tel: +52-55-91169161 Ext 2001 > > -- > _ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > New to Asterisk? Join us for a live introductory webinar every Thurs: > http://www.asterisk.org/hello > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users > > > -- > _ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > New to Asterisk? Join us for a live introductory webinar every Thurs: > http://www.asterisk.org/hello > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users > -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Communication IAX2 >SIP>IAX2
On Wed, Jul 7, 2010 at 10:34 AM, Adil Zaaraoui wrote: > Dear list. > > Is it possible to use both IAX2 and SIP protocole during a dial? > > Illustration: > > I have peer A communicate with my Asterisk using IAX2 protocole. > I have peer B communicate with my Asterisk using SIP protocole. > > A and B are both registred to the same Asterisk. > > So is it possible that peer A communicate with peer B and vice versa? > > if yes how can i achieve that? > > Best regards > > > -- > _ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > New to Asterisk? Join us for a live introductory webinar every Thurs: > http://www.asterisk.org/hello > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users > Have you ran in to some troubles just doing Dial(SIP/peerb)? -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] How to secure Configuration files
Thanks community for sharing your thoughts. @ Faisal Hanif- Both of the solutions you suggested seems equally good for me let me look into it how can i do that. @Stiles This has nothing to do with mean spirited. If an individual is using an open source technology then it don't means that he developed some thing using that technology , then his work also becomes open source ? @Steve >Won't "show dialplan," "sip show [peers|users]," etc. and a bit of >scripting undo most of this "security." You are right after taking all the measures at the end there will be no security :P >Seriously, if your business depends on obfuscation instead of technical >prowess and killer customer support, you don't have a business. I understand what you mean. These all things will be there. Regarding security it was just a thought in my mind i shared with you all people. @Kevin P Fleming Thanks for clearing the things. @ all others thanks for sharing your thoughts I am not going to modify any Asterisk source code for security (because this trade-off is expensive) Cheers On Thu, Jul 8, 2010 at 1:44 AM, Kevin P. Fleming wrote: > On 07/07/2010 03:33 PM, Tilghman Lesher wrote: > > On Wednesday 07 July 2010 14:58:05 Kevin P. Fleming wrote: > >> On 07/07/2010 10:52 AM, Tilghman Lesher wrote: > >>> On Wednesday 07 July 2010 05:24:10 A J Stiles wrote: > On Tuesday 06 Jul 2010, ABBAS SHAKEEL wrote: > > Hello Community, > > > > . I am facing an issue of security i.e. We deploy > > servers to client end. Now i dont want the client to see my > > configuration files (Of course copy and distribute or replicate the > > logic with out permission). [ 1 paragraph omitted ] > > Is there a way that the configuration files get encrypted or some > thing > > else so that some one who have system access can not copy the > > configuration files data or look into that files. > > Well! It's a good job Mark Spencer was never so mean-spirited, > otherwise you would never have been *given* the power of Asterisk. > >>> > >>> In addition, depending upon how you do this, it may be a serious > >>> violation of the license under which Asterisk was distributed to you > and > >>> under which you are required to distribute Asterisk to others. If you > >>> are looking for a legitimate way to do this, you'd have to obtain a > >>> commercial license from Digium. > >> > >> That statement will likely lead to yet more confusion about how the GPL > >> applies to Asterisk and distribution of Asterisk... without a specific > >> example of how a violation could occur, users will tend to interpret > >> such statements in the broadest possible terms, which does harm to their > >> understanding of how they can use and distribute Asterisk. > > > > Correct, which is why I used the word 'may'. The only way to > sufficiently > > protect the configuration files would be to alter Asterisk and then > refuse > > to provide the altered source to those to whom he provided the binary. > > That would be a violation of the GPL. The only method I can see to get > > around this would be to obtain Asterisk under a non-GPL license. > > It would have been helpful if you had included that example then, > instead of posting such a broad statement that will likely lead to > misinterpretations when it is read from the list archives (and posted on > wikis, and other places). When the 'may' qualifier represents a very > small subset of the possible routes the user might take to achieve their > goal (even if it is the only one to provide any significant level of > security), the generalization will naturally be assumed by readers to > cover many more routes than it actually does... and we have direct > experience that users often can and do believe that the GPLv2 does > somehow control the distribution of their configuration files. In > situations like this, context is everything, and it's much easier to > narrow the context of such a statement when it is written, than after it > has been posted and repeated. > > -- > Kevin P. Fleming > Digium, Inc. | Director of Software Technologies > 445 Jan Davis Drive NW - Huntsville, AL 35806 - USA > skype: kpfleming | jabber: kflem...@digium.com > Check us out at www.digium.com & www.asterisk.org > > -- > _ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > New to Asterisk? Join us for a live introductory webinar every Thurs: > http://www.asterisk.org/hello > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users > -- Best Regards Shakeel Abbas -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello aster
Re: [asterisk-users] GURUs - How to monitor all MySQL actions on an Asterisk/FreePBX server?
On a separate terminal, you can do something like 'tail -f /var/log/mysqld.log' or whatever the name of the mysql log file is. Zeeshan A Zakaria -- www.ilovetovoip.com On 2010-07-07 9:43 PM, "Carlos Chavez" wrote: *On Wed, 7 Jul 2010 19:19:28 -0400, bruce bruce wrote* > Hi Guys, > > This is something related and yet un-related to Asterisk. I have a FreePBX/Asterisk... It is called the mysql query log. Mysql can create a log of all queries it receives. When using Freepbx Asterisk has no knowledge that Mysql is involved (only for CDR) so Asterisk does not send anything configuration related to Mysql. -- Carlos Chavez Director de Tecnología Telecomunicaciones Abiertas de México S.A. de C.V. Tel: +52-55-91169161 Ext 2001 -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] GURUs - How to monitor all MySQL actions on an Asterisk/FreePBX server?
On Wed, 7 Jul 2010 19:19:28 -0400, bruce bruce wrote > Hi Guys, > > This is something related and yet un-related to Asterisk. I have a > FreePBX/Asterisk server running and I want to trace everything that FreePBX > does to MySQL. Is there a verbose CLI to MySQL that I can pull up on terminal > and make configuration change to FreePBX and see it in real-time on the > terminal as to what is added to which MySQL table and where? > > Thanks It is called the mysql query log. Mysql can create a log of all queries it receives. When using Freepbx Asterisk has no knowledge that Mysql is involved (only for CDR) so Asterisk does not send anything configuration related to Mysql. -- Carlos Chavez Director de Tecnología Telecomunicaciones Abiertas de México S.A. de C.V. Tel: +52-55-91169161 Ext 2001 -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
[asterisk-users] GURUs - How to monitor all MySQL actions on an Asterisk/FreePBX server?
Hi Guys, This is something related and yet un-related to Asterisk. I have a FreePBX/Asterisk server running and I want to trace everything that FreePBX does to MySQL. Is there a verbose CLI to MySQL that I can pull up on terminal and make configuration change to FreePBX and see it in real-time on the terminal as to what is added to which MySQL table and where? Thanks -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] How to secure Configuration files
On 07/07/2010 03:33 PM, Tilghman Lesher wrote: > On Wednesday 07 July 2010 14:58:05 Kevin P. Fleming wrote: >> On 07/07/2010 10:52 AM, Tilghman Lesher wrote: >>> On Wednesday 07 July 2010 05:24:10 A J Stiles wrote: On Tuesday 06 Jul 2010, ABBAS SHAKEEL wrote: > Hello Community, > > . I am facing an issue of security i.e. We deploy > servers to client end. Now i dont want the client to see my > configuration files (Of course copy and distribute or replicate the > logic with out permission). [ 1 paragraph omitted ] > Is there a way that the configuration files get encrypted or some thing > else so that some one who have system access can not copy the > configuration files data or look into that files. Well! It's a good job Mark Spencer was never so mean-spirited, otherwise you would never have been *given* the power of Asterisk. >>> >>> In addition, depending upon how you do this, it may be a serious >>> violation of the license under which Asterisk was distributed to you and >>> under which you are required to distribute Asterisk to others. If you >>> are looking for a legitimate way to do this, you'd have to obtain a >>> commercial license from Digium. >> >> That statement will likely lead to yet more confusion about how the GPL >> applies to Asterisk and distribution of Asterisk... without a specific >> example of how a violation could occur, users will tend to interpret >> such statements in the broadest possible terms, which does harm to their >> understanding of how they can use and distribute Asterisk. > > Correct, which is why I used the word 'may'. The only way to sufficiently > protect the configuration files would be to alter Asterisk and then refuse > to provide the altered source to those to whom he provided the binary. > That would be a violation of the GPL. The only method I can see to get > around this would be to obtain Asterisk under a non-GPL license. It would have been helpful if you had included that example then, instead of posting such a broad statement that will likely lead to misinterpretations when it is read from the list archives (and posted on wikis, and other places). When the 'may' qualifier represents a very small subset of the possible routes the user might take to achieve their goal (even if it is the only one to provide any significant level of security), the generalization will naturally be assumed by readers to cover many more routes than it actually does... and we have direct experience that users often can and do believe that the GPLv2 does somehow control the distribution of their configuration files. In situations like this, context is everything, and it's much easier to narrow the context of such a statement when it is written, than after it has been posted and repeated. -- Kevin P. Fleming Digium, Inc. | Director of Software Technologies 445 Jan Davis Drive NW - Huntsville, AL 35806 - USA skype: kpfleming | jabber: kflem...@digium.com Check us out at www.digium.com & www.asterisk.org -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] How to secure Configuration files
On Wednesday 07 July 2010 14:58:05 Kevin P. Fleming wrote: > On 07/07/2010 10:52 AM, Tilghman Lesher wrote: > > On Wednesday 07 July 2010 05:24:10 A J Stiles wrote: > >> On Tuesday 06 Jul 2010, ABBAS SHAKEEL wrote: > >>> Hello Community, > >>> > >>> . I am facing an issue of security i.e. We deploy > >>> servers to client end. Now i dont want the client to see my > >>> configuration files (Of course copy and distribute or replicate the > >>> logic with out permission). [ 1 paragraph omitted ] > >>> Is there a way that the configuration files get encrypted or some thing > >>> else so that some one who have system access can not copy the > >>> configuration files data or look into that files. > >> > >> Well! It's a good job Mark Spencer was never so mean-spirited, > >> otherwise you would never have been *given* the power of Asterisk. > > > > In addition, depending upon how you do this, it may be a serious > > violation of the license under which Asterisk was distributed to you and > > under which you are required to distribute Asterisk to others. If you > > are looking for a legitimate way to do this, you'd have to obtain a > > commercial license from Digium. > > That statement will likely lead to yet more confusion about how the GPL > applies to Asterisk and distribution of Asterisk... without a specific > example of how a violation could occur, users will tend to interpret > such statements in the broadest possible terms, which does harm to their > understanding of how they can use and distribute Asterisk. Correct, which is why I used the word 'may'. The only way to sufficiently protect the configuration files would be to alter Asterisk and then refuse to provide the altered source to those to whom he provided the binary. That would be a violation of the GPL. The only method I can see to get around this would be to obtain Asterisk under a non-GPL license. > Since the poster's question was specifically about configuration files, > I see no connection between protecting them and any possible violation > of the GPLv2 license on Asterisk, except for the unlikely scenario of > the poster deciding to modify Asterisk to decrypt files as it reads > them... and even then, the license violation would only occur if they > failed to provide their customers the modified Asterisk code; keeping > the decryption keys private would not violate the GPLv2 at all. The only effective means to avoid the configuration files being read would be to change the Asterisk source, since at the present time, the only way to get a configuration file into Asterisk is for it to be rendered in plaintext at the time the file loaded. At that point, the file can just as easily be read by a third party viewer. > How does obtaining a commercial license from Digium provide the poster a > 'legitimate' way to secure his configuration files? By not requiring the poster to distribute his modified source with his binaries and encrypted configuration files. -- Tilghman Lesher Digium, Inc. | Senior Software Developer twitter: Corydon76 | IRC: Corydon76-dig (Freenode) Check us out at: www.digium.com & www.asterisk.org -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] How to secure Configuration files
On Wed, 7 Jul 2010, Danny Nicholas wrote: > Ok. I've been reading this thread all day; This seems (to me) to be the > "Best of Both worlds" solution - enable the #exec option in > asterisk.conf and have each .conf call a compiled C program to populate > the actual content. This protects the OP's work to the degree allowed > and lets the next guy have a starting point when the bus hits him. The "BOBW" is to provide real value to continuing the relationship, not holding your customer hostage. -- Thanks in advance, - Steve Edwards sedwa...@sedwards.com Voice: +1-760-468-3867 PST Newline Fax: +1-760-731-3000 -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Conditional "includes" in iax.conf
On Wed, 7 Jul 2010, Scott Stingel wrote: > For maintenance purposes, if possible I'd like to use the same iax.conf > file in several different asterisk systems. However, on one of the > systems only, I would like to include an IAX "register" command to > another external system. > > Within iax.conf or other configuration files (other than > extensions.conf), is there a way of determining what system I'm running > on, and include a particular configuration item conditionally? I guess > what I'm asking is there a way to conditionally "include" lines in a > configuration depending on the value of some linux environment variable? I ran into this a couple of years ago. I looked at several "preprocessors" like gcc, sed, m4 and others I've since forgotten. I settled on: http://mxr.mozilla.org/mozilla-central/source/config/preprocessor.pl It's been "deprecated" in favor of a Python script, but it still works fine. It allows you to do "includes" and token substitutions. I cobble it all up in my makefile so I just type "make config" to make all of the configuration files needed on each host. A "source" config file looks like this iax.conf.pre snippet: #if HOSTNAME!=example ; calls from example [general](+) register= @HOSTNAME@:@PASSWORD@@example.vtpv.privatebilling.com #endif [example] context = start host= dynamic qualify = yes secret = example trunk = yes type= friend username= example ; (end of /etc/asterisk/@PROJECT@/iax.conf) And then the makefile entry looks like: config: # /etc/asterisk/ for FILE in\ asterisk.conf\ extensions.ael\ extensions.conf\ iax.conf\ iaxprov.conf\ logger.conf\ manager.conf\ meetme.conf\ modules.conf\ musiconhold.conf\ rtp.conf\ sip.conf\ ;\ do\ preprocessor.pl -E -I preprocessor.pre $$FILE.pre\ >/etc/asterisk/${PROJECT}/$$FILE;\ chmod u=rw,g=r,o=r /etc/asterisk/${PROJECT}/$$FILE;\ done sudo /etc/init.d/asterisk reload This has been a big time saver for me. I only have to maintain a single set of configuration files and any changes can be automagically rolled out and applied to all of the hosts using "make rsync; make remote-config." In addition to the files in /etc/asteris/, I use this method to maintain: /etc/hosts /etc/init.d/asterisk /etc/sysconfig/iptables /scripts/* (project specific scripts) /usr/local/etc/openser/dispatcher.list /var/spool/cron/* ~/.my.cnf across multiple projects and many hosts. -- Thanks in advance, - Steve Edwards sedwa...@sedwards.com Voice: +1-760-468-3867 PST Newline Fax: +1-760-731-3000 -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] SPA8000 outbound CID problem
Hi, >On 24 June 2010 19:54, Mark G. Thomas <[1]m...@misty.com> wrote: > > Hi, > I'm trying to configure a Linksys/Cisco SPA8000 talking SIP to > both a local Asterisk server and also with a trunk directly to > a VOIP provider. Everything works great, except I'm having a problem > setting the outbound caller ID to a value different from the > SIP username/authname. Perhaps my wording above was unclear. My Asterisk server sends RPID to the VOIP provider just fine. I am having problems getting the SPA8000 to send RPID to the VOIP provider. I realize this is a SPA8000 problem and not an Asterisk problem, but since many people use Asterisk in conjunction with ATA devices like the SPA8000, I was hoping someone here would have either a solution or suggestions. As per below, I can see from my Asterisk server that the SPA8000 is sending a configurable SIP username/authname, and that's being treated as the CID. Since the SPA8000 is at a different office from the Asterisk server, I need to get the SPA8000 RPID directly to the VOIP provider working, I don't want to have to route all the calls through Asterisk to fix the outbound caller ID. > The SPA8000 has SIP setting for Display Name, User ID, Password, > and Auth ID, as well as a "Use Auth ID" checkbox. It's running 6.1.3 > firmware, which looks to be the latest, and supports SIP trunking, > though > even if I don't use trunking, I have the same obstacle if I > configure it > per-line instead of per-trunk. > Inbound CID works fine. When VOIP calls come in via the provider or > Asterisk, the SPA generates CID on it's analog ports. > > The problem is that the outbound caller ID number seems to come from > the SIP "User ID" setting, which is also the SIP authentication > name. > If I instead put the SIP account id into the "Auth ID" field and > check > the "Use Auth ID" box, Asterisk reports: > Registration from 'John Smith <[2]sip:jsm...@our.sip.gateway.com>' > failed for > '1.2.3.4' - Username/auth name mismatch. > Sure, I can overide the CID number on our Asterisk server, but I > don't > have that ability with the VOIP provider's Asterisk server. The > outbound > caller ID always looks like "John Smith " instead of > "John Smith <211212>" no matter how I try to set these fields. > I take it the SIP username and auth name need to match, so that > leaves me > with the question of how to configure a CID number that doesn't > necessarily > match the SIP user/auth name. Is this a limitation of this device, > or > is there some other option I'm overlooking? > Mark On Fri, Jun 25, 2010 at 08:25:02AM +0100, dotnetdub wrote: >Ask your upstream provider if they support remote party ID. IF they do >you can set sendrpid=yes in your sip.conf and set your outbound CID on >an extension or trunk level. >HTH I am not having a problem with Asterisk sending RPID. I know the upstream provider is honoring it, because it works fine with calls from the Asterisk server to the VOIP provider. sendrpid=yes in sip.conf works fine, and the VOIP provider honors it, sending the desired CID on dialed calls. The SPA8000 has no sendrpid=yes or similar named setting. I can't figure out how to get the SPA8000 to send a configured RPID for outbound SIP VOIP calls. Mark -- Mark G. Thomas (m...@misty.com) Web: http://mgtinternet.com/ Tel: +1-215-512-0112 US: 877-512-0112 -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] How to secure Configuration files
-Original Message- From: asterisk-users-boun...@lists.digium.com [mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of Kevin P. Fleming Sent: Wednesday, July 07, 2010 2:58 PM To: asterisk-users@lists.digium.com Subject: Re: [asterisk-users] How to secure Configuration files On 07/07/2010 10:52 AM, Tilghman Lesher wrote: > On Wednesday 07 July 2010 05:24:10 A J Stiles wrote: >> On Tuesday 06 Jul 2010, ABBAS SHAKEEL wrote: >>> Hello Community, >>> >>> . I am facing an issue of security i.e. We deploy >>> servers to client end. Now i dont want the client to see my configuration >>> files (Of course copy and distribute or replicate the logic with out >>> permission). [ 1 paragraph omitted ] >>> Is there a way that the configuration files get encrypted or some thing >>> else so that some one who have system access can not copy the >>> configuration files data or look into that files. >> >> Well! It's a good job Mark Spencer was never so mean-spirited, otherwise >> you would never have been *given* the power of Asterisk. > > In addition, depending upon how you do this, it may be a serious violation of > the license under which Asterisk was distributed to you and under which you > are required to distribute Asterisk to others. If you are looking for a > legitimate way to do this, you'd have to obtain a commercial license from > Digium. That statement will likely lead to yet more confusion about how the GPL applies to Asterisk and distribution of Asterisk... without a specific example of how a violation could occur, users will tend to interpret such statements in the broadest possible terms, which does harm to their understanding of how they can use and distribute Asterisk. Since the poster's question was specifically about configuration files, I see no connection between protecting them and any possible violation of the GPLv2 license on Asterisk, except for the unlikely scenario of the poster deciding to modify Asterisk to decrypt files as it reads them... and even then, the license violation would only occur if they failed to provide their customers the modified Asterisk code; keeping the decryption keys private would not violate the GPLv2 at all. How does obtaining a commercial license from Digium provide the poster a 'legitimate' way to secure his configuration files? -- Kevin P. Fleming Digium, Inc. | Director of Software Technologies 445 Jan Davis Drive NW - Huntsville, AL 35806 - USA skype: kpfleming | jabber: kflem...@digium.com Check us out at www.digium.com & www.asterisk.org -- -- Ok. I've been reading this thread all day; This seems (to me) to be the "Best of Both worlds" solution - enable the #exec option in asterisk.conf and have each .conf call a compiled C program to populate the actual content. This protects the OP's work to the degree allowed and lets the next guy have a starting point when the bus hits him. _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] How to secure Configuration files
On 07/07/2010 10:52 AM, Tilghman Lesher wrote: > On Wednesday 07 July 2010 05:24:10 A J Stiles wrote: >> On Tuesday 06 Jul 2010, ABBAS SHAKEEL wrote: >>> Hello Community, >>> >>> . I am facing an issue of security i.e. We deploy >>> servers to client end. Now i dont want the client to see my configuration >>> files (Of course copy and distribute or replicate the logic with out >>> permission). [ 1 paragraph omitted ] >>> Is there a way that the configuration files get encrypted or some thing >>> else so that some one who have system access can not copy the >>> configuration files data or look into that files. >> >> Well! It's a good job Mark Spencer was never so mean-spirited, otherwise >> you would never have been *given* the power of Asterisk. > > In addition, depending upon how you do this, it may be a serious violation of > the license under which Asterisk was distributed to you and under which you > are required to distribute Asterisk to others. If you are looking for a > legitimate way to do this, you'd have to obtain a commercial license from > Digium. That statement will likely lead to yet more confusion about how the GPL applies to Asterisk and distribution of Asterisk... without a specific example of how a violation could occur, users will tend to interpret such statements in the broadest possible terms, which does harm to their understanding of how they can use and distribute Asterisk. Since the poster's question was specifically about configuration files, I see no connection between protecting them and any possible violation of the GPLv2 license on Asterisk, except for the unlikely scenario of the poster deciding to modify Asterisk to decrypt files as it reads them... and even then, the license violation would only occur if they failed to provide their customers the modified Asterisk code; keeping the decryption keys private would not violate the GPLv2 at all. How does obtaining a commercial license from Digium provide the poster a 'legitimate' way to secure his configuration files? -- Kevin P. Fleming Digium, Inc. | Director of Software Technologies 445 Jan Davis Drive NW - Huntsville, AL 35806 - USA skype: kpfleming | jabber: kflem...@digium.com Check us out at www.digium.com & www.asterisk.org -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] How to secure Configuration files
On Wed, 2010-07-07 at 09:06 -0700, Steve Edwards wrote: > On Wed, 7 Jul 2010, Faisal Hanif wrote: > > > 2nd option is by enabling execincludes=yes in asterisk.conf you can use > > #exec in any of asterisk conf file to call any external application and > > asterisk will use configuration returned by that external application > > and will treat it same as in static file. Here you again have full power > > of programming language in you hand. > > Won't "show dialplan," "sip show [peers|users]," etc. and a bit of > scripting undo most of this "security." > hence my comment that storing sensative info into a database/directory isn;t enough. Physical protection and the usual bunch of normal ssystem protection should ofcourse be seriously observed -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Conditional "includes" in iax.conf
On 7/7/2010 11:52 AM, Kevin P. Fleming wrote: > On 07/07/2010 01:46 PM, Scott Stingel wrote: > >> On 7/7/2010 11:25 AM, Danny Nicholas wrote: >> >>> -- >>> Rather than trying to determine what system you are on, just make the >>> included file be empty on all except the desired server. >>> >>> >>> >>> >> OK, thanks. I thought I might have to do it that way, which is slightly >> less desirable, as it makes the systems "different" from each other. >> > You could also enable 'execincludes' in asterisk.conf, then use #exec to > execute a small script (even just a shell script) that outputs the > desired iax.conf content for the server it is running on. That's much > easier and more effective than trying to put conditional logic and other > programming constructs into the configuration file reader. > > Ok, thanks Kevin. Something I haven't used before but will look into! -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Conditional "includes" in iax.conf
On 07/07/2010 01:46 PM, Scott Stingel wrote: > On 7/7/2010 11:25 AM, Danny Nicholas wrote: >> >> -- >> Rather than trying to determine what system you are on, just make the >> included file be empty on all except the desired server. >> >> >> > OK, thanks. I thought I might have to do it that way, which is slightly > less desirable, as it makes the systems "different" from each other. You could also enable 'execincludes' in asterisk.conf, then use #exec to execute a small script (even just a shell script) that outputs the desired iax.conf content for the server it is running on. That's much easier and more effective than trying to put conditional logic and other programming constructs into the configuration file reader. -- Kevin P. Fleming Digium, Inc. | Director of Software Technologies 445 Jan Davis Drive NW - Huntsville, AL 35806 - USA skype: kpfleming | jabber: kflem...@digium.com Check us out at www.digium.com & www.asterisk.org -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Conditional "includes" in iax.conf
You may be looking for a configuration management system. http://trac.mcs.anl.gov/projects/bcfg2 or http://www.puppetlabs.com/ ~ Andrew "lathama" Latham lath...@gmail.com * Learn more about OSS http://en.wikipedia.org/wiki/Open-source_software * Learn more about Linux http://en.wikipedia.org/wiki/Linux * Learn more about Tux http://en.wikipedia.org/wiki/Tux On Wed, Jul 7, 2010 at 2:18 PM, Scott Stingel wrote: > Hello- > > For maintenance purposes, if possible I'd like to use the same iax.conf > file in several different asterisk systems. However, on one of the > systems only, I would like to include an IAX "register" command to > another external system. > > Within iax.conf or other configuration files (other than > extensions.conf), is there a way of determining what system I'm running > on, and include a particular configuration item conditionally? I guess > what I'm asking is there a way to conditionally "include" lines in a > configuration depending on the value of some linux environment variable? > > thanks > > > > -- > _ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > New to Asterisk? Join us for a live introductory webinar every Thurs: > http://www.asterisk.org/hello > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users > -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Can't dial out through AMI
On 7/6/10 8:44 PM, "Mike Ely" wrote: > -Original Message- > From: asterisk-users-boun...@lists.digium.com on behalf of Paul Belanger > Sent: Tue 7/6/2010 5:10 PM > To: Asterisk Users Mailing List - Non-Commercial Discussion > Cc: > Subject:Re: [asterisk-users] Can't dial out through AMI > > On Tue, Jul 6, 2010 at 8:00 PM, Mike Ely wrote: >> Log attached. >> > <--- SIP read from UDP:10.10.10.16:5060 ---> > SIP/2.0 401 Unauthorized > >> context from sip.conf: >> >> [ShoreTel] >> type=peer >> qualify=yes >> port=5060 >> host=10.10.10.16 >> context=incoming >> canreinvite=no >> > Your context is not setup properly for outbound, you have no > credentials defined. > > > None needed on the ShoreTel side and as I mentioned before regular SIP users > can dial out through the Asterisk box using this trunk. Keep in mind, this is > a development system on a tightly-controlled network, and I'm trying to start > with the simplest case possible, which includes no digest auth for the trunk > connection. > Maybe I missed something here? SIP users configured within Asterisk can dial out just fine through the trunk. It's just when I try to use AMI that it fails. -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Conditional "includes" in iax.conf
On 7/7/2010 11:25 AM, Danny Nicholas wrote: > > -- > Rather than trying to determine what system you are on, just make the > included file be empty on all except the desired server. > > > OK, thanks. I thought I might have to do it that way, which is slightly less desirable, as it makes the systems "different" from each other. cheers Scott -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Conditional "includes" in iax.conf
-Original Message- From: asterisk-users-boun...@lists.digium.com [mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of Scott Stingel Sent: Wednesday, July 07, 2010 1:18 PM To: Asterisk Users Mailing List Subject: [asterisk-users] Conditional "includes" in iax.conf Hello- For maintenance purposes, if possible I'd like to use the same iax.conf file in several different asterisk systems. However, on one of the systems only, I would like to include an IAX "register" command to another external system. Within iax.conf or other configuration files (other than extensions.conf), is there a way of determining what system I'm running on, and include a particular configuration item conditionally? I guess what I'm asking is there a way to conditionally "include" lines in a configuration depending on the value of some linux environment variable? thanks -- Rather than trying to determine what system you are on, just make the included file be empty on all except the desired server. As for the "actual" answer to your question, it's not "fair" since you could be using files or a "real-time" database. -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
[asterisk-users] Conditional "includes" in iax.conf
Hello- For maintenance purposes, if possible I'd like to use the same iax.conf file in several different asterisk systems. However, on one of the systems only, I would like to include an IAX "register" command to another external system. Within iax.conf or other configuration files (other than extensions.conf), is there a way of determining what system I'm running on, and include a particular configuration item conditionally? I guess what I'm asking is there a way to conditionally "include" lines in a configuration depending on the value of some linux environment variable? thanks -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
[asterisk-users] Problems with dual FXO/FXS cards - noise
Hello all, Here is my scenario that I would like to ask for help. I have a dedicated machine, with two PCI cards (a x1600p with 6 FXO for PSTN and 6 FXS for extensions and a x800p with 8 more extensions). I have a strange background noise, and sometimes get robotic voice, even on IVR. My credit cards machines and fax won´t work either (well, credit cards just sometimes), because I believe that the noise is interfering with the communication. What I tried: * Dual Power Supply, one just for PCI Cards - no success * fxotune -i 5 ; fxotune -s * Using without any echo canceller, OSLEC, mg2, and every extension and pstn, just on pstn, without success * Compiled kernel (I am using elastix) * Tried getting out on 6 differents pstn (4 from one provider, 1 from another, and 1 using a external gsm gateway) - no success * Removed one card and use just one - without a difference * Asterisk -p * Renice asterisk to -10 * Messed with pci latency (increased the pci latency for the pci cards, but no improvements) Even if I offhook my phone, the dialtone has noises! CPU: Celeron 450 @ 2.20GHz 2 GB RAM SATA Harddisk WHAT CAN I DO? Thanks for any help! Here´s a wave from dahdi_monitor http://www.janeri.com.br/som.wav dahdi_test --- Results after 248 passes --- Best: 100.000 -- Worst: 81.913 -- Average: 99.772171, Difference: 100.224882 lspci -v output [r...@pbx asterisk]# lspci -v 00:00.0 Host bridge: Intel Corporation 82G33/G31/P35/P31 Express DRAM Controller (rev 10) Subsystem: Micro-Star International Co., Ltd. Unknown device 7529 Flags: bus master, fast devsel, latency 0 Capabilities: [e0] Vendor Specific Information 00:02.0 VGA compatible controller: Intel Corporation 82G33/G31 Express Integrated Graphics Controller (rev 10) (prog-if 00 [VGA controller]) Subsystem: Micro-Star International Co., Ltd. Unknown device 7529 Flags: bus master, fast devsel, latency 0, IRQ 11 Memory at fe98 (32-bit, non-prefetchable) [size=512K] I/O ports at cc00 [size=8] Memory at d000 (32-bit, prefetchable) [size=256M] Memory at fe80 (32-bit, non-prefetchable) [size=1M] Capabilities: [90] Message Signalled Interrupts: 64bit- Queue=0/0 Enable- Capabilities: [d0] Power Management version 2 00:1c.0 PCI bridge: Intel Corporation 82801G (ICH7 Family) PCI Express Port 1 (rev 01) (prog-if 00 [Normal decode]) Flags: bus master, fast devsel, latency 0 Bus: primary=00, secondary=01, subordinate=01, sec-latency=0 Capabilities: [40] Express Root Port (Slot+) IRQ 0 Capabilities: [80] Message Signalled Interrupts: 64bit- Queue=0/0 Enable+ Capabilities: [90] #0d [] Capabilities: [a0] Power Management version 2 00:1c.1 PCI bridge: Intel Corporation 82801G (ICH7 Family) PCI Express Port 2 (rev 01) (prog-if 00 [Normal decode]) Flags: bus master, fast devsel, latency 0 Bus: primary=00, secondary=02, subordinate=02, sec-latency=0 I/O behind bridge: d000-dfff Memory behind bridge: fea0-feaf Capabilities: [40] Express Root Port (Slot+) IRQ 0 Capabilities: [80] Message Signalled Interrupts: 64bit- Queue=0/0 Enable+ Capabilities: [90] #0d [] Capabilities: [a0] Power Management version 2 00:1e.0 PCI bridge: Intel Corporation 82801 PCI Bridge (rev e1) (prog-if 01 [Subtractive decode]) Flags: bus master, fast devsel, latency 0 Bus: primary=00, secondary=03, subordinate=03, sec-latency=32 I/O behind bridge: e000-efff Memory behind bridge: feb0-febf Capabilities: [50] #0d [] 00:1f.0 ISA bridge: Intel Corporation 82801GB/GR (ICH7 Family) LPC Interface Bridge (rev 01) Subsystem: Micro-Star International Co., Ltd. Unknown device 7529 Flags: bus master, medium devsel, latency 0 Capabilities: [e0] Vendor Specific Information 00:1f.2 IDE interface: Intel Corporation 82801GB/GR/GH (ICH7 Family) SATA IDE Controller (rev 01) (prog-if 8a [Master SecP PriP]) Subsystem: Micro-Star International Co., Ltd. Unknown device 7529 Flags: bus master, 66MHz, medium devsel, latency 0, IRQ 3 I/O ports at I/O ports at I/O ports at I/O ports at I/O ports at ffa0 [size=16] Capabilities: [70] Power Management version 2 00:1f.3 SMBus: Intel Corporation 82801G (ICH7 Family) SMBus Controller (rev 01) Subsystem: Micro-Star International Co., Ltd. Unknown device 7529 Flags: medium devsel, IRQ 3 I/O ports at 0400 [size=32] 02:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8101E/RTL8102E PCI Express Fast Ethernet controller (rev 01) Subsystem: Micro-Star International Co., Ltd. Unknown device 529c Flags: bus master, fast devsel, latency 0, IRQ 81 I/O ports at d800 [size=256] Memory at feaff000 (64-bit, non-prefetchable) [size=4K] Ex
[asterisk-users] Communication IAX2 >SIP>IAX2
Dear list. Is it possible to use both IAX2 and SIP protocole during a dial? Illustration: I have peer A communicate with my Asterisk using IAX2 protocole. I have peer B communicate with my Asterisk using SIP protocole. A and B are both registred to the same Asterisk. So is it possible that peer A communicate with peer B and vice versa? if yes how can i achieve that? Best regards -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] How to secure Configuration files
On Wed, Jul 07, 2010 at 09:06:26AM -0700, Steve Edwards wrote: > On Wed, 7 Jul 2010, Faisal Hanif wrote: > > > 2nd option is by enabling execincludes=yes in asterisk.conf you can use > > #exec in any of asterisk conf file to call any external application and > > asterisk will use configuration returned by that external application > > and will treat it same as in static file. Here you again have full power > > of programming language in you hand. > > Won't "show dialplan," "sip show [peers|users]," etc. and a bit of > scripting undo most of this "security." Yeah. I was about to suggest stupid things such as '#exec rot13 mailto:tzafrir.co...@xorcom.com http://www.xorcom.com iax:gu...@local.xorcom.com/tzafrir -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] How to work Asterisk with Video Conference
On Wed, 2010-07-07 at 10:06 +0530, Hiren Mistry wrote: > Hi, > > How do I configure Asterisk as a Video Conference purpose. What package > I need to configure and what steps I need to follow to configure in > dial-plan to authenticate user. > > Regards, > Hiren Mistry > Asterisk is not a "Video Conference" solution. You can make video calls point to point but that is it. If you only need to connect two sites then you can get a video phone with an external camera input and tv output so you can get a better view but if you need three or more you need to get a dedicated solution. To configure you just need to uncomment "videosupport=yes" from sip.conf and add the video codecs to your peers. -- Telecomunicaciones Abiertas de México S.A. de C.V. Carlos Chávez Prats Director de Tecnología +52-55-91169161 ext 2001 signature.asc Description: This is a digitally signed message part -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] How to secure Configuration files
On Wed, 7 Jul 2010, Faisal Hanif wrote: > 2nd option is by enabling execincludes=yes in asterisk.conf you can use > #exec in any of asterisk conf file to call any external application and > asterisk will use configuration returned by that external application > and will treat it same as in static file. Here you again have full power > of programming language in you hand. Won't "show dialplan," "sip show [peers|users]," etc. and a bit of scripting undo most of this "security." -- Thanks in advance, - Steve Edwards sedwa...@sedwards.com Voice: +1-760-468-3867 PST Newline Fax: +1-760-731-3000 -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] How to secure Configuration files
On Wed, 7 Jul 2010, ABBAS SHAKEEL wrote: > This is a good idea if i place the configuration files in database and > database some where else.. > > Now finally according to community feedback ... > > I will use AGI at max and obfuscate the JAVA code. Place the remaining > configuration in database. > > Hans i think this will be a good trade off.. Bad Karma for??? Seriously, if your business depends on obfuscation instead of technical prowess and killer customer support, you don't have a business. Without making any claims to TP or KCS, I provide full source code on the client's hosts at all times. I want a relationship where they want to do business with me, not where they have to do business with me because I have them "over a barrel." -- Thanks in advance, - Steve Edwards sedwa...@sedwards.com Voice: +1-760-468-3867 PST Newline Fax: +1-760-731-3000 -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] How to secure Configuration files
On Wednesday 07 July 2010 05:24:10 A J Stiles wrote: > On Tuesday 06 Jul 2010, ABBAS SHAKEEL wrote: > > Hello Community, > > > > . I am facing an issue of security i.e. We deploy > > servers to client end. Now i dont want the client to see my configuration > > files (Of course copy and distribute or replicate the logic with out > > permission). [ 1 paragraph omitted ] > > Is there a way that the configuration files get encrypted or some thing > > else so that some one who have system access can not copy the > > configuration files data or look into that files. > > Well! It's a good job Mark Spencer was never so mean-spirited, otherwise > you would never have been *given* the power of Asterisk. In addition, depending upon how you do this, it may be a serious violation of the license under which Asterisk was distributed to you and under which you are required to distribute Asterisk to others. If you are looking for a legitimate way to do this, you'd have to obtain a commercial license from Digium. -- Tilghman Lesher Digium, Inc. | Senior Software Developer twitter: Corydon76 | IRC: Corydon76-dig (Freenode) Check us out at: www.digium.com & www.asterisk.org -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Y-cords - What are they ?
Try Googling "plantronics training adapter" --Don Don Kelly PCF Corp People Come First 651 842-1000 888 Don Kell(y) 651 842-1001 fax _ From: asterisk-users-boun...@lists.digium.com [mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of bruce bruce Sent: Wednesday, July 07, 2010 8:53 AM To: Asterisk Users Mailing List - Non-Commercial Discussion Subject: Re: [asterisk-users] Y-cords - What are they ? Thanks for the input guys. My client is looking for Y-cords to train people. So, set beside them take a call and let them listen on the other call. They currently use wireless Plantronic headset with Aastra phones. Can you suggest any specific vendors for Y-cords? Thanks On Tue, Jul 6, 2010 at 4:10 PM, Zeeshan Zakaria wrote: We deal with Y-cords all the time for Ethernet and BRIs. They are just normal cords, making use of the fact that both Cat5 networks and BRI ports don't use all the 8 pins, so why not use extra wires in the cable for something useful instead of wasting them. It has nothing to do with the performance, and the cables are provided by reputable manufacturers like Aculab and Sangoma, because some of their equipment have no choice but to use these cables. For example Sangoma's BRI cards use two BRI channels per one physical port, so you need one end of the cable with 8 pins and split it into two on the other end with 4 pins each. Same is the case on Ehernet ports on the Aculab's Groomer II equipment. Zeeshan A Zakaria -- www.ilovetovoip.com On 2010-07-06 4:00 PM, "Gergo Csibra" wrote: Tuesday, July 6, 2010, 8:11:46 PM, bruce wrote: > Can someone please explain what Y-cords are avail... I think Y-cords only for PSTN. Or there're Y-cords for twisted pair ethetnet too, but that not a good idea. Usualy VoIP phones includes a mini 2 port switch to use one switch port for a phone and a PC. -- Best regards, Gergomailto:csi...@gmail.com -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] This may be a problem.. Answer not working on 1.4.32 over SIP trunk..
I have two test asterisk boxes, both version 1.4.26, on which I do Answer() followed by MusicOnHold() and it works just fine. I do this all the time as this is my standard way of testing new contexts. Zeeshan A Zakaria -- www.ilovetovoip.com On 2010-07-07 4:16 AM, "Massimo Nuvoli" wrote: I found a strange thing on Asterisk 1.4.32, the same defect on 1.4.26.? I spend 4 hours to try to solve... but found only a workaround. As is easy to reproduce the problem i need to know if this is a bug or if there is some idiot configuration that i miss. Maybe also the bug is know... Scenario: Asterisk installation on ubuntu 9.04 64 bit. Trunk SIP (two different providers) On the Asterisk server there are a number of SIP clients. If i use the sip client all things ok, i made a call and everything ok. If i place the call from the server (or if i call trhu the SIP trunk the asterisk system) everytime the Answer() application seeems to NOT work. The only way to make it work is to use some other function that do the Answer in place. (call coming from the SIP trunk) If i use Answer() MusicOnHold() I hear nothing. If i use Answer() PlayBack(silence/1) MusicOnHold() or Answer() VoiceMail(1...@default) i can hear all ok (it seems that the PlayBack and the VoiceMail apps are able to Answer really...) I checked the SIP debug trace, it seems no problem on the SIP side. Thnks guys. -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] This may be a problem.. Answer not working on 1.4.32 over SIP trunk..
Zeeshan A Zakaria -- www.ilovetovoip.com On 2010-07-07 4:16 AM, "Massimo Nuvoli" wrote: I found a strange thing on Asterisk 1.4.32, the same defect on 1.4.26.? I spend 4 hours to try to solve... but found only a workaround. As is easy to reproduce the problem i need to know if this is a bug or if there is some idiot configuration that i miss. Maybe also the bug is know... Scenario: Asterisk installation on ubuntu 9.04 64 bit. Trunk SIP (two different providers) On the Asterisk server there are a number of SIP clients. If i use the sip client all things ok, i made a call and everything ok. If i place the call from the server (or if i call trhu the SIP trunk the asterisk system) everytime the Answer() application seeems to NOT work. The only way to make it work is to use some other function that do the Answer in place. (call coming from the SIP trunk) If i use Answer() MusicOnHold() I hear nothing. If i use Answer() PlayBack(silence/1) MusicOnHold() or Answer() VoiceMail(1...@default) i can hear all ok (it seems that the PlayBack and the VoiceMail apps are able to Answer really...) I checked the SIP debug trace, it seems no problem on the SIP side. Thnks guys. -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Y-cords - What are they ?
Thanks for the input guys. My client is looking for Y-cords to train people. So, set beside them take a call and let them listen on the other call. They currently use wireless Plantronic headset with Aastra phones. Can you suggest any specific vendors for Y-cords? Thanks On Tue, Jul 6, 2010 at 4:10 PM, Zeeshan Zakaria wrote: > We deal with Y-cords all the time for Ethernet and BRIs. They are just > normal cords, making use of the fact that both Cat5 networks and BRI ports > don't use all the 8 pins, so why not use extra wires in the cable for > something useful instead of wasting them. It has nothing to do with the > performance, and the cables are provided by reputable manufacturers like > Aculab and Sangoma, because some of their equipment have no choice but to > use these cables. For example Sangoma's BRI cards use two BRI channels per > one physical port, so you need one end of the cable with 8 pins and split it > into two on the other end with 4 pins each. Same is the case on Ehernet > ports on the Aculab's Groomer II equipment. > > Zeeshan A Zakaria > > -- > www.ilovetovoip.com > > On 2010-07-06 4:00 PM, "Gergo Csibra" wrote: > > Tuesday, July 6, 2010, 8:11:46 PM, bruce wrote: > > > Can someone please explain what Y-cords are avail... > > I think Y-cords only for PSTN. Or there're Y-cords for twisted pair > ethetnet too, but that not a good idea. > > Usualy VoIP phones includes a mini 2 port switch to use one switch > port for a phone and a PC. > > -- > Best regards, > Gergomailto:csi...@gmail.com > > > -- > _ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > New to Asterisk? Join us for a live introductory webinar every Thurs: > http://www.asterisk.org/hello > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users > > > -- > _ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > New to Asterisk? Join us for a live introductory webinar every Thurs: > http://www.asterisk.org/hello > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users > -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
[asterisk-users] Caller ID on analog line
Hello, I'm new to asterisk and trying to set up a PBX that's connected to ISDN on the telecom operator side (Swisscom, Switzerland) and has analog line on the local side. I use Digium B410PF and AEX2460EF cards. Globally, everything is working well except that I can't get the CID sent to the analog phone. I tried with all combinations of options I could think of and several asterisk version (the SVN-trunk-r27331, 1.6.2.6 and 1.6.2.8). I called Swissccom (in case they knew something about that) but they couldn't help me. I also did my homework, but didn't find any solution on Asterisk wiki, mailing lists archives and Google. Here is the actual working configuration (stripped down at the minimum required) of chan_dahdi.conf (commented is the options I've played with): [channels] tonezone=30 progzone=30 internationalprefix=00 nationalprefix=0 dialplan=unknown pridialplan=unknown prilocaldialplan=unknown ;cidstart=polarity ;cidsignalling=v23 ;sendcalleridafter=0 usecallerid=yes hidecallerid=no ;mwimonitor=fsk ; group 1 is incoming swisscom isdn line signalling =bri_cpe group=1 context=incoming channel => 1-2 channel => 4-5 ;Analog channel signalling=fxo_ks group=3 context=from-inside channel=>13 Here in the dialplan (down to the minimum) : [incoming] exten => 21,1,Verbose(${CALLERID(num)}) exten => 21,n,Dial(Dahdi/g3/13) I tried to set manually the cid, but it didn't work. The Verbose display the caller id correctly but it doesn't go any further. So I must have missed something, but I don't know what and I don't know where to look. If someone can help me ... Thanks, Etienne. signature.asc Description: PGP signature -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] ISDN -> SIP
Friday, June 11, 2010, 12:27:08 AM, Tzafrir wrote: > On Fri, Jun 11, 2010 at 12:19:37AM +0200, Gergo Csibra wrote: >> Okay. There's some problems with mISDN v2: I'm unable to compile >> zaphfc, because there's no source for it. mISDN v2 works with hfcpci >> too? > Certainly there is. > It's also part of the standard dahdi-extra patch. See > http://git.tzafrir.org.il/?p=dahdi-extra.git;a=tree > http://svn.debian.org/viewsvn/pkg-voip/dahdi-linux/trunk/debian/patches/dahdi_linux_extra OK. Last time I checked (2009. dec) there wasn't :) I downloaded dahdi-extra snapshot, and dahdi from asterisk.org, untared, I have two directories: dahdi-extra dahdi-linux-complete-2.3.0.1+2.3.0 What's next? I don't understand where to start make with MODULES_EXTRA and SUBDIRS_EXTRA parameters, and how can I configure drivers... -- Best regards, Gergomailto:csi...@gmail.com -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] How to secure Configuration files
On Tuesday 06 Jul 2010, ABBAS SHAKEEL wrote: > Hello Community, > > . I am facing an issue of security i.e. We deploy > servers to client end. Now i dont want the client to see my configuration > files (Of course copy and distribute or replicate the logic with out > permission). [ 1 paragraph omitted ] > Is there a way that the configuration files get encrypted or some thing > else so that some one who have system access can not copy the configuration > files data or look into that files. Well! It's a good job Mark Spencer was never so mean-spirited, otherwise you would never have been *given* the power of Asterisk. -- AJS -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] [OpenSIPS-Users] OpenSIPS with Asterisk Backend
Hi Robert, yes, that the correct approach. On the other hand, medium / long term, the plan is to have directly in opensips the capability of checking the health of ongoing dialogs (without relying on the capabilities of the end points): 1) signalling level - like doing in-dialog pings or implement an SST endpoint 2) media level - we have 95% working an integration with rtpproxy to report media timeouts to opensips for cutting the call at signalling level also. Nevertheless, Asterisk provides good capabilities (like SST,media timeout, etc) to detect the zombie calls, so you can rely on the OpenSIPS - Asterisk symbiosis ;) Best regards, Bogdan -- Bogdan-Andrei Iancu OpenSIPS Bootcamp 20 - 24 September 2010, Frankfurt, Germany www.voice-system.ro Robert Borz wrote: > Solved this issue by setting "min_se" parameter for the SST module in > OpenSIPS to 180 and setting "session-minse=180" in Asterisk sip.conf in the > general section. > > I just should have read the error message more carefully as "422 Session > Interval Too Small." says it all... :-P > > Nevertheless, thanks a lot. :-) > > > -Ursprüngliche Nachricht- > Von: Robert Borz > Gesendet: 05.07.2010 17:10:08 > An: OpenSIPS users mailling list ,Asterisk Users > Mailing List - Non-Commercial Discussion > > Betreff: Re: [OpenSIPS-Users] [asterisk-users] OpenSIPS with Asterisk Backend > > >> Hi Bogdan, >> >> thank you for your response. In the meantime I set the dialog timeout to >> three hours, this helps a bit. ;-) >> >> I wasn't able to catch a stuck call to get the state. Maybe in the near >> future... >> >> To get rid of stuck calls as fast as possible I want to use SIP Session >> Timers. For this I upgraded the Asterisk backend to version 1.6 which >> supports this and loaded and configured the SST module in OpenSIPS. With >> almost every user agent everything seems to work as expected. >> >> But I have a Problem with "AVM FRITZ!Box Fon WLAN 7050 (UI) 14.04.33 (May 10 >> 2007)". When it receives an INVITE with "Session-Expires: 90" it just anwers >> with "422 Session Interval Too Small". At this point the whole thing doesn't >> get any further. I can't imagine that this behaviour is in accordance to the >> standard as this is the only UA I have problems with. Whatever, the UA >> hasn't any problems in placing outgoing calls... really strange. >> >> There are two options for me: >> a) Find a workaround: My idea is now not to enable SST on calls to this UA. >> I can't use the $ua scripting variable, as it contains "Asterisk PBX", which >> is absolutely right here... :-/ >> >> b) Tell the customer to get a new UA as it is already EOL. ;-) >> >> What do you think? >> >> Regards, >> Robert. >> >> Here's the SIP-Trace (without SDP): >> OpenSIPS -> Customer: >> INVITE sip:10...@xxx.xxx.xxx.124;uniq=0111AA28F74AE042C3CD6EB4C39F6 SIP/2.0. >> Record-Route: . >> Via: SIP/2.0/UDP XXX.XXX.XXX.8;branch=z9hG4bK9007.c4c6808.0. >> Via: SIP/2.0/UDP >> XXX.XXX.XXX.12:5060;received=XXX.XXX.XXX.12;branch=z9hG4bK144bb9fe;rport=5060. >> Max-Forwards: 69. >> From: ;tag=as152f5077. >> To: . >> Contact: . >> Call-ID: 24029a5240153c151015784f5736a...@xxx.xxx.xxx.12. >> CSeq: 102 INVITE. >> User-Agent: Asterisk PBX 1.6.2.6-1. >> Date: Mon, 05 Jul 2010 14:56:42 GMT. >> Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO. >> Supported: replaces, timer. >> Content-Type: application/sdp. >> Content-Length: 265. >> Session-Expires: 90. >> . >> >> >> Customer -> OpenSIPS: >> SIP/2.0 422 Session Interval Too Small. >> Via: SIP/2.0/UDP XXX.XXX.XXX.8;branch=z9hG4bK9007.c4c6808.0. >> Via: SIP/2.0/UDP >> XXX.XXX.XXX.12:5060;received=XXX.XXX.XXX.12;branch=z9hG4bK144bb9fe;rport=5060. >> From: ;tag=as152f5077. >> To: ;tag=D748EB0E786BFD44. >> Call-ID: 24029a5240153c151015784f5736a...@xxx.xxx.xxx.12. >> CSeq: 102 INVITE. >> User-Agent: AVM FRITZ!Box Fon WLAN 7050 (UI) 14.04.33 (May 10 2007). >> Content-Length: 0. >> . >> >> >> OpenSIPS -> Customer: >> ACK sip:10...@xxx.xxx.xxx.124;uniq=0111AA28F74AE042C3CD6EB4C39F6 SIP/2.0. >> Via: SIP/2.0/UDP XXX.XXX.XXX.8;branch=z9hG4bK9007.c4c6808.0. >> From: ;tag=as152f5077. >> Call-ID: 24029a5240153c151015784f5736a...@xxx.xxx.xxx.12. >> To: ;tag=D748EB0E786BFD44. >> CSeq: 102 ACK. >> Max-Forwards: 70. >> User-Agent: OpenSIPS (1.5.1-notls (x86_64/linux)). >> Content-Length: 0. >> . >> >> >> -Ursprüngliche Nachricht- >> Von: Bogdan-Andrei Iancu >> Gesendet: 20.04.2010 11:25:25 >> An: OpenSIPS users mailling list >> Betreff: Re: [asterisk-users] [OpenSIPS-Users] OpenSIPS with Asterisk Backend >> >> >>> Hi Robert, >>> >>> >>> The opensips dialog module mainly does dialog monitoring and has limited >>> capability when comes to checking dialog health (like it the call is not >>> zombie and it is really ongoing). The dialog module can just expire too >>> long calls (using a timeout for call duration). >>> >>> First of all, dealing with the cause : what is the s
Re: [asterisk-users] How to secure Configuration files
Hi, As per my finding you can have two possible solutions to mentioned problem, 1st is to use realtime curl for all configuration. In this case asterisk will hit your configured URLs to read all configuration. You can run web-server on same or any machine and can use any CGI of Perl, PHP, C, JAVA or any other web language to response the URL. You will have full power of a programming language and you can do what you want just need coding. 2nd option is by enabling execincludes=yes in asterisk.conf you can use #exec in any of asterisk conf file to call any external application and asterisk will use configuration returned by that external application and will treat it same as in static file. Here you again have full power of programming language in you hand. Regards, Faisal Hanif On 7/7/2010 1:08 PM, Hans Witvliet wrote: On Wed, 2010-07-07 at 12:12 +0600, ABBAS SHAKEEL wrote: Thanks to Gordon and Paul for kind help. Actually we have a limitation to place the Asterisk server in client premises if the server is in there premises then this means they have full control over it. harddisk encryption seems a good option but no automated boot is big issue :( Is there some thing possible like that ? On Tue, Jul 6, 2010 at 5:21 PM, Gordon Henderson wrote: On Tue, 6 Jul 2010, ABBAS SHAKEEL wrote: > Hello Community, > > I have a question , I have been working with asterisk and developed some > successful applications. I am facing an issue of security i.e. We deploy > servers to client end. Now i dont want the client to see my configuration > files (Of course copy and distribute or replicate the logic with out > permission). > > Now the configuration files are stored in /etc/asterisk/* (Of course we can > specify a different location but at end we specify this in a configuration > file). > > Is there a way that the configuration files get encrypted or some thing else > so that some one who have system access can not copy the configuration files > data or look into that files. The simple answer is that you can't prevent anyone copying it if they have physical access. All you can do is make it hard. If you wanted to encrypt them, you'd need to alter asterisk. You could use something like trucrypt, or another whole disk encryption technology, but that'll require someone typing in a password at boot time making unattended reboots impossible. Another way which I have seen is to do away with the dialplan entirely and do it all in a single big compiled AGI C program. (Ok, you have minimal dialplan to pump everything into it, but...) and don't distribute the source to the C program... You need to work out just what it's worth to you if someone does copy it. Realistically, what's your target audience? Are your clients the sort of people likely to copy and and sell it on? For most businesses, I'd guess not. Gordon Before you embark on this way Any disk encryption is of no use as long as it remains de-crypted while the server is running... It only protects you against snooping eyes incaes your hardware is stolen (most likely: laptops, usb-media) If you want to be 100% sure against unautorized access to your data, you might want to use two factor authentication. But the fact that you have to use a smartcard/token AND a passphrase implies that you can not restart your machine/asterisk without being physically there. [I mean, you might be creating your own denial of service] If you just want to protect your asterisk-machine against prying eyes, i would suggest to put all of your config (sip, iax, dialplan) into a database (on a other machine ofcourse) and use an encrypted connection (636, ldaps) to access it. It will protect to against data-theft if your machine is stolen, But that person might still be able to access the asterisk console _before he nicks the system_ and do a "sip show peers" and obtain your info in that way So you better consider what you want to protect, against who, and at what acceptable costs Security is a tricky business. It's easy to spend vast amount of time and money and not getting any additional security ;-) hw -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] How to secure Configuration files
Thanks Hans, This is a good idea if i place the configuration files in database and database some where else.. Now finally according to community feedback ... I will use AGI at max and obfuscate the JAVA code. Place the remaining configuration in database. Hans i think this will be a good trade off.. On Wed, Jul 7, 2010 at 2:08 PM, Hans Witvliet wrote: > On Wed, 2010-07-07 at 12:12 +0600, ABBAS SHAKEEL wrote: > > Thanks to Gordon and Paul for kind help. > > > > > > Actually we have a limitation to place the Asterisk server in client > > premises if the server is in there premises then this means they have > > full control over it. > > > > > > harddisk encryption seems a good option but no automated boot is big > > issue :( > > > > > > Is there some thing possible like that ? > > > > > > > > > > > > > > > > On Tue, Jul 6, 2010 at 5:21 PM, Gordon Henderson > +aster...@drogon.net> wrote: > > > > On Tue, 6 Jul 2010, ABBAS SHAKEEL wrote: > > > > > Hello Community, > > > > > > I have a question , I have been working with asterisk and > > developed some > > > successful applications. I am facing an issue of security > > i.e. We deploy > > > servers to client end. Now i dont want the client to see my > > configuration > > > files (Of course copy and distribute or replicate the logic > > with out > > > permission). > > > > > > Now the configuration files are stored in /etc/asterisk/* > > (Of course we can > > > specify a different location but at end we specify this in a > > configuration > > > file). > > > > > > Is there a way that the configuration files get encrypted or > > some thing else > > > so that some one who have system access can not copy the > > configuration files > > > data or look into that files. > > > > > > The simple answer is that you can't prevent anyone copying it > > if they have > > physical access. > > > > All you can do is make it hard. > > > > If you wanted to encrypt them, you'd need to alter asterisk. > > > > You could use something like trucrypt, or another whole disk > > encryption > > technology, but that'll require someone typing in a password > > at boot time > > making unattended reboots impossible. > > > > Another way which I have seen is to do away with the dialplan > > entirely and > > do it all in a single big compiled AGI C program. (Ok, you > > have minimal > > dialplan to pump everything into it, but...) and don't > > distribute the > > source to the C program... > > > > You need to work out just what it's worth to you if someone > > does copy it. > > Realistically, what's your target audience? Are your clients > > the sort of > > people likely to copy and and sell it on? For most businesses, > > I'd guess > > not. > > > > Gordon > > Before you embark on this way > Any disk encryption is of no use as long as it remains de-crypted while > the server is running... > It only protects you against snooping eyes incaes your hardware is > stolen (most likely: laptops, usb-media) > > If you want to be 100% sure against unautorized access to your data, you > might want to use two factor authentication. But the fact that you have > to use a smartcard/token AND a passphrase implies that you can not > restart your machine/asterisk without being physically there. > [I mean, you might be creating your own denial of service] > > If you just want to protect your asterisk-machine against prying eyes, i > would suggest to put all of your config (sip, iax, dialplan) into a > database (on a other machine ofcourse) and use an encrypted connection > (636, ldaps) to access it. It will protect to against data-theft if your > machine is stolen, But that person might still be able to access the > asterisk console _before he nicks the system_ and do a "sip show peers" > and obtain your info in that way > > So you better consider what you want to protect, against who, and at > what acceptable costs > > Security is a tricky business. It's easy to spend vast amount of time > and money and not getting any additional security ;-) > > hw > > > -- > _ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > New to Asterisk? Join us for a live introductory webinar every Thurs: > http://www.asterisk.org/hello > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users > -- Best Regards Shakeel Abbas -- _ -- Bandwidth and Colocation Provided by http://www.a
[asterisk-users] IAX calling presentation null
Hello all, I am getting a strange behaviour of IAX protocol in an IAX trunk set up for one of our clients. the calling presentation is equal to 0 : *Calling presentation: 0x00* Wireshark presents the call as if the from (caller) is null. It does not seem that there is any config in iax.conf that fixes that. Please help fix that. Thanks. -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
[asterisk-users] This may be a problem.. Answer not working on 1.4.32 over SIP trunk..
I found a strange thing on Asterisk 1.4.32, the same defect on 1.4.26.? I spend 4 hours to try to solve... but found only a workaround. As is easy to reproduce the problem i need to know if this is a bug or if there is some idiot configuration that i miss. Maybe also the bug is know... Scenario: Asterisk installation on ubuntu 9.04 64 bit. Trunk SIP (two different providers) On the Asterisk server there are a number of SIP clients. If i use the sip client all things ok, i made a call and everything ok. If i place the call from the server (or if i call trhu the SIP trunk the asterisk system) everytime the Answer() application seeems to NOT work. The only way to make it work is to use some other function that do the Answer in place. (call coming from the SIP trunk) If i use Answer() MusicOnHold() I hear nothing. If i use Answer() PlayBack(silence/1) MusicOnHold() or Answer() VoiceMail(1...@default) i can hear all ok (it seems that the PlayBack and the VoiceMail apps are able to Answer really...) I checked the SIP debug trace, it seems no problem on the SIP side. Thnks guys. <> signature.asc Description: OpenPGP digital signature -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] How to secure Configuration files
On Wed, 2010-07-07 at 12:12 +0600, ABBAS SHAKEEL wrote: > Thanks to Gordon and Paul for kind help. > > > Actually we have a limitation to place the Asterisk server in client > premises if the server is in there premises then this means they have > full control over it. > > > harddisk encryption seems a good option but no automated boot is big > issue :( > > > Is there some thing possible like that ? > > > > > > > > On Tue, Jul 6, 2010 at 5:21 PM, Gordon Henderson +aster...@drogon.net> wrote: > > On Tue, 6 Jul 2010, ABBAS SHAKEEL wrote: > > > Hello Community, > > > > I have a question , I have been working with asterisk and > developed some > > successful applications. I am facing an issue of security > i.e. We deploy > > servers to client end. Now i dont want the client to see my > configuration > > files (Of course copy and distribute or replicate the logic > with out > > permission). > > > > Now the configuration files are stored in /etc/asterisk/* > (Of course we can > > specify a different location but at end we specify this in a > configuration > > file). > > > > Is there a way that the configuration files get encrypted or > some thing else > > so that some one who have system access can not copy the > configuration files > > data or look into that files. > > > The simple answer is that you can't prevent anyone copying it > if they have > physical access. > > All you can do is make it hard. > > If you wanted to encrypt them, you'd need to alter asterisk. > > You could use something like trucrypt, or another whole disk > encryption > technology, but that'll require someone typing in a password > at boot time > making unattended reboots impossible. > > Another way which I have seen is to do away with the dialplan > entirely and > do it all in a single big compiled AGI C program. (Ok, you > have minimal > dialplan to pump everything into it, but...) and don't > distribute the > source to the C program... > > You need to work out just what it's worth to you if someone > does copy it. > Realistically, what's your target audience? Are your clients > the sort of > people likely to copy and and sell it on? For most businesses, > I'd guess > not. > > Gordon Before you embark on this way Any disk encryption is of no use as long as it remains de-crypted while the server is running... It only protects you against snooping eyes incaes your hardware is stolen (most likely: laptops, usb-media) If you want to be 100% sure against unautorized access to your data, you might want to use two factor authentication. But the fact that you have to use a smartcard/token AND a passphrase implies that you can not restart your machine/asterisk without being physically there. [I mean, you might be creating your own denial of service] If you just want to protect your asterisk-machine against prying eyes, i would suggest to put all of your config (sip, iax, dialplan) into a database (on a other machine ofcourse) and use an encrypted connection (636, ldaps) to access it. It will protect to against data-theft if your machine is stolen, But that person might still be able to access the asterisk console _before he nicks the system_ and do a "sip show peers" and obtain your info in that way So you better consider what you want to protect, against who, and at what acceptable costs Security is a tricky business. It's easy to spend vast amount of time and money and not getting any additional security ;-) hw -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] SIP response 482 "Loop Detected"
On Tue, Jul 6, 2010 at 11:08 AM, --[ UxBoD ]-- wrote: > - Original Message - >> - Original Message - >> > On Mon, Jul 5, 2010 at 4:20 AM, --[ UxBoD ]-- >> > wrote: >> > > >> > > - Original Message - >> > >> Hi, >> > >> >> > >> We have tried upgrading from 1.6.1.14 to 1.6.2.9 and have found >> > >> that >> > >> we are unable to URI dial our clients. We run a multi-tenant >> > >> server >> > >> and have set sip.conf to forward calls to a public context based >> > >> on >> > >> incoming domain name. This was all working before but not it is >> > >> complaining of a loop back as the source and target server are >> > >> the >> > >> same. >> > >> >> > >> Any ideas on how to overcome this problem as we dial our clients >> > >> based >> > >> on their email address. >> > > >> > > Grabbing a SIP debug I see: >> > > >> > > <--- Transmitting (no NAT) to 10.172.120.5:5060 ---> >> > > SIP/2.0 100 Trying >> > > Via: SIP/2.0/UDP >> > > 10.172.120.5:5060;branch=z9hG4bK-dadp6piblhin;received=10.172.120.5;rport=5060 >> > > From: "User A" ;tag=c3zqlidz1u >> > > To: >> > > Call-ID: 66b3314cc6d1-jxu0nhluv4zt >> > > CSeq: 2 INVITE >> > > Server: secret >> > > Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, >> > > NOTIFY, >> > > INFO >> > > Supported: replaces, timer >> > > Require: timer >> > > Session-Expires: 1800;refresher=uas >> > > Contact: >> > > Content-Length: 0 >> > > >> > > And am guessing that as the source from IP matches the Contact: >> > > address Asterisk sees that as a loop ? >> > >> > I don't know these things, but you should probably post more of a >> > SIP >> > trace. Maybe turn on full sip debug to a file for long enough to see >> > what the SIP conversation looks like that asterisk 1.6.2.9 is having >> > with itself. >> > >> >> From what I have read "hairpin" calls are not supported by asterisk; >> so am guessing something has been fixed in the 1.6.2.X branch that >> should have not worked in 1.6.1.X anyway :) While I continue the >> research have implemented using a workaround via the AstDB and the >> following changes to the uri-dial plan: >> >> exten => >> _[a-zA-Z0-9].,n,GotoIf(${DB_EXISTS(URI/${ext...@${sipdomain})}?inturi:exturi) >> exten => >> _[a-zA-Z0-9].,n(inturi),Goto(${DB(URI/${ext...@${sipdomain})}) >> exten => _[a-zA-Z0-9].,n(exturi),Macro(uridial,${ext...@${sipdomain}) >> >> This is a bit of pain as we have to make sure we update the DB when a >> new inbound URI is added; though it works and means we can stick with >> the 1.6.2.X branch. >> >> Would be interested to hear from a dev though as to whether they think >> it should work as we originally had it configured ? > > Do you think this should be raised as a issue in bugtraq or at least brought > up on the asterisk-dev mailing list ? > -- > Thanks, Phil > > -- > _ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > New to Asterisk? Join us for a live introductory webinar every Thurs: > http://www.asterisk.org/hello > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users > Turn on sip debug for everything, posting just one sip packet doesn't tell much. Knowing if asterisk is sending udp packets to itself or not is a fairly important detail. I'd go with the issue tracker -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users