Re: [asterisk-users] Capture Media IP in CDR (CDR)
+1000 to Matt point. Many many talented developers who can assist in customizing your needs. On Mon, 2013-10-14 at 19:55 +0530, Mitul Limbani wrote: > Nailed it to the point Matt +1 on.this entire philosophy of open > source. > > Mitul > > > On Oct 14, 2013 7:19 PM, "Matthew Jordan" wrote: > > > > > > > On Sun, Oct 13, 2013 at 2:06 PM, CDR > wrote: > > > > > > > I need Digium to store this IP in the CDR. I will be > honest with the > government and let them know that my tool is incapable > of saving lives > or safeguarding our national security because nobody > thought about > this. > PD: I am not paying for a patch, since this is huge > burden on a small > company like mine, with a single employee, and also > because the whole > world will enjoy the benefit. It is not fair that I > would have to hire > somebody to patch Asterisk. > I appeal to Digium to patch Asterisk. > > > > I won't comment any further on the technical aspects of what > you are looking for; others have already pointed out how > various portions of SIP messages can be stored in CDRs and how > these portions of the SIP messages are (a) actually of more > use than the media IP address in the SDP and (b) meet the > requirements being levied by your use case. > > > That aside, I do think it is important to note here that > Asterisk does not, by default, have a warranty. This is > clearly enumerated in sections 10 and 11 of the GPLv2 license > included with Asterisk [1]: > > >NO WARRANTY > > > 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS > NO WARRANTY > FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. > EXCEPT WHEN > OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER > PARTIES > PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, > EITHER EXPRESSED > OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED > WARRANTIES OF > MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE > ENTIRE RISK AS > TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. > SHOULD THE > PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY > SERVICING, > REPAIR OR CORRECTION. > > > 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED > TO IN WRITING > WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY > AND/OR > REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU > FOR DAMAGES, > INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL > DAMAGES ARISING > OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT > NOT LIMITED > TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES > SUSTAINED BY > YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE > WITH ANY OTHER > PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED > OF THE > POSSIBILITY OF SUCH DAMAGES. > > > END OF TERMS AND CONDITIONS > > > As you are using software licensed free of charge under the > GPLv2, there is no obligation by anyone in the community or at > Digium to provide you with a patch. If you require assistance, > there are many avenues you can choose to pursue to gain such > assistance. Just as you profit by running Asterisk, others > profit by customizing and supporting the Asterisk project. > Asterisk is lucky to have many such talented developers who > can assist you with such a development effort. If you really > require this functionality, I highly suggest that you look to > hire said developers to help you with this feature request > [2]. > > > [1] http://svn.asterisk.org/svn/asterisk/branches/11/COPYING > > > [2] https://wiki.asterisk.org/wiki/display/AST/Asterisk+Bug > +Bounties > > > Matt > > > > -- > > Matthew Jordan > > Digium, Inc. | Engineering Manager > 445 Jan Davis Drive NW - Huntsville, AL 35806 - USA > Check us out at: http://digium.com & http://asterisk.org > > > -- > _
Re: [asterisk-users] Capture Media IP in CDR (CDR)
Nailed it to the point Matt +1 on.this entire philosophy of open source. Mitul On Oct 14, 2013 7:19 PM, "Matthew Jordan" wrote: > > > > On Sun, Oct 13, 2013 at 2:06 PM, CDR wrote: > > > > >> I need Digium to store this IP in the CDR. I will be honest with the >> government and let them know that my tool is incapable of saving lives >> or safeguarding our national security because nobody thought about >> this. >> PD: I am not paying for a patch, since this is huge burden on a small >> company like mine, with a single employee, and also because the whole >> world will enjoy the benefit. It is not fair that I would have to hire >> somebody to patch Asterisk. >> I appeal to Digium to patch Asterisk. >> > > I won't comment any further on the technical aspects of what you are > looking for; others have already pointed out how various portions of SIP > messages can be stored in CDRs and how these portions of the SIP messages > are (a) actually of more use than the media IP address in the SDP and (b) > meet the requirements being levied by your use case. > > That aside, I do think it is important to note here that Asterisk does > not, by default, have a warranty. This is clearly enumerated in sections 10 > and 11 of the GPLv2 license included with Asterisk [1]: > > NO WARRANTY > > 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY > FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN > OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES > PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED > OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF > MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS > TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE > PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, > REPAIR OR CORRECTION. > > 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING > WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR > REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, > INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING > OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED > TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY > YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER > PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE > POSSIBILITY OF SUCH DAMAGES. > > END OF TERMS AND CONDITIONS > > As you are using software licensed free of charge under the GPLv2, there > is no obligation by anyone in the community or at Digium to provide you > with a patch. If you require assistance, there are many avenues you can > choose to pursue to gain such assistance. Just as you profit by running > Asterisk, others profit by customizing and supporting the Asterisk project. > Asterisk is lucky to have many such talented developers who can assist you > with such a development effort. If you really require this functionality, I > highly suggest that you look to hire said developers to help you with this > feature request [2]. > > [1] http://svn.asterisk.org/svn/asterisk/branches/11/COPYING > > [2] https://wiki.asterisk.org/wiki/display/AST/Asterisk+Bug+Bounties > > Matt > > -- > Matthew Jordan > Digium, Inc. | Engineering Manager > 445 Jan Davis Drive NW - Huntsville, AL 35806 - USA > Check us out at: http://digium.com & http://asterisk.org > > -- > _ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > New to Asterisk? Join us for a live introductory webinar every Thurs: >http://www.asterisk.org/hello > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: >http://lists.digium.com/mailman/listinfo/asterisk-users > -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Capture Media IP in CDR (CDR)
On Sun, Oct 13, 2013 at 2:06 PM, CDR wrote: > I need Digium to store this IP in the CDR. I will be honest with the > government and let them know that my tool is incapable of saving lives > or safeguarding our national security because nobody thought about > this. > PD: I am not paying for a patch, since this is huge burden on a small > company like mine, with a single employee, and also because the whole > world will enjoy the benefit. It is not fair that I would have to hire > somebody to patch Asterisk. > I appeal to Digium to patch Asterisk. > I won't comment any further on the technical aspects of what you are looking for; others have already pointed out how various portions of SIP messages can be stored in CDRs and how these portions of the SIP messages are (a) actually of more use than the media IP address in the SDP and (b) meet the requirements being levied by your use case. That aside, I do think it is important to note here that Asterisk does not, by default, have a warranty. This is clearly enumerated in sections 10 and 11 of the GPLv2 license included with Asterisk [1]: NO WARRANTY 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS As you are using software licensed free of charge under the GPLv2, there is no obligation by anyone in the community or at Digium to provide you with a patch. If you require assistance, there are many avenues you can choose to pursue to gain such assistance. Just as you profit by running Asterisk, others profit by customizing and supporting the Asterisk project. Asterisk is lucky to have many such talented developers who can assist you with such a development effort. If you really require this functionality, I highly suggest that you look to hire said developers to help you with this feature request [2]. [1] http://svn.asterisk.org/svn/asterisk/branches/11/COPYING [2] https://wiki.asterisk.org/wiki/display/AST/Asterisk+Bug+Bounties Matt -- Matthew Jordan Digium, Inc. | Engineering Manager 445 Jan Davis Drive NW - Huntsville, AL 35806 - USA Check us out at: http://digium.com & http://asterisk.org -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Capture Media IP in CDR (CDR)
On 13/10/13 20:06, CDR wrote:
I am quite surprised about the degree of surprise in the group. A few
days ago, somebody called a school and issued a threat, through my
network. The call came from China, but of course it was US caller. The
DA wants to know where call came from. The caller ID is "Restricted"
and the chinese carrier is playing games.
How do you think it works with regular telecomms?
The police need to follow the trail. All you need to provide is that the
call came in via carrier X and they will then go onto that carrier to
see where the call originated.
My advice would be to :-
1) Add ${SIPCALLID} to your cdr records. This is the unique ID for the
sip call which can be used later.
2) Run "tcpdump -p -s 0 port 5060 -w $siptrace.pcap -C 10 -W 500"
-C is how big the dump will be and -W is how many capture files to get
before overwriting the old one. make the -C value (10 in this case) big
enough so each file lasts 15 minutes or so and the '-W' value big enough
so you keep however many days records you need.
3) Now when you get a request look in the cdr records for the callid.
Assuming for example its qwertyuiop then look at the time and pick the
pcap file covering that time range. Make sure you have the 'wireshark'
and 'ngrep' linux packages installed. Then :-
tshark -t ad -r TRACEFILE -R 'sip.Call-ID contains qwertyuiop' -w - |
ngrep -I - -W byline -t
The standard output now contains a complete sip trace and you will be
able to see all the media endpoints and exact timings.
Thats basically what we do for getting call diagnostics.
--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
http://www.asterisk.org/hello
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Capture Media IP in CDR (CDR)
On 13-10-13 03:06 PM, CDR wrote: I am quite surprised about the degree of surprise in the group. A few days ago, somebody called a school and issued a threat, through my network. The call came from China, but of course it was US caller. The DA wants to know where call came from. The caller ID is "Restricted" and the chinese carrier is playing games. If I had a way to store the media IP, I would be able to pinpoint the offender in the US, or the company that touched the media last. As a result of Asterisk not having this functionality, many children are danger and this country at large is at a great peril, since Asterisk is the most widely used low-cost technology for telecommunications. I need Digium to store this IP in the CDR. I will be honest with the government and let them know that my tool is incapable of saving lives or safeguarding our national security because nobody thought about this. PD: I am not paying for a patch, since this is huge burden on a small company like mine, with a single employee, and also because the whole world will enjoy the benefit. It is not fair that I would have to hire somebody to patch Asterisk. I appeal to Digium to patch Asterisk. Don't worry about it, I'll step up and pay for the patch. No need for you to waste your profits on something this. -- Paul Belanger | PolyBeacon, Inc. Jabber: paul.belan...@polybeacon.com | IRC: pabelanger (Freenode) Github: https://github.com/pabelanger | Twitter: https://twitter.com/pabelanger -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Capture Media IP in CDR (CDR)
Hi,
I also doubt that the IP would do any good, anyway you store whatever you
want in your cdr, just Set(CDR(something)=${SIP_HEADER(Contact)}); and then
have the field something in your cdr storage
On 13 October 2013 21:25, jg wrote:
> I doubt that a media IP would really help, because there are proxies out
> there. If you need this kind of monitoring, then there are probably better
> ways to take care of this and they are independent of Asterisk.
>
> What you could do is to tap any traffic in the background, e.g. with
> tcpdump using the -G option and automatically delete the files after a
> certain period, unless there is a reason to keep the data. The pcap trace
> would contain a lot of relevant information, even if the traffic is
> encrypted (like timing data). Depending on national or local laws this
> might be even a more serious crime than threatening a school. It could
> still be justified to tap the traffic, like it is for other public
> authorities, but you would have to find out yourself whether you are or the
> school is allowed to do this.
>
> Actually, I tend to think that it is the school's task to enforce a
> specific security and surveillance concept and this also applies
> particularly to their IT structure. You are certainly not in the position
> to decide whether you should monitor anything unless it is part of your
> contract.
>
> Besides this, it is easy to store any kind of information along with
> classical CDR data. Just search for "adaptive ODBC", or read the Asterisk
> book.
>
> jg
>
>
> --
> __**__**_
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
> New to Asterisk? Join us for a live introductory webinar every Thurs:
> http://www.asterisk.org/hello
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>
> http://lists.digium.com/**mailman/listinfo/asterisk-**users
>
--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
http://www.asterisk.org/hello
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Capture Media IP in CDR (CDR)
I doubt that a media IP would really help, because there are proxies out there. If you need this kind of monitoring, then there are probably better ways to take care of this and they are independent of Asterisk. What you could do is to tap any traffic in the background, e.g. with tcpdump using the -G option and automatically delete the files after a certain period, unless there is a reason to keep the data. The pcap trace would contain a lot of relevant information, even if the traffic is encrypted (like timing data). Depending on national or local laws this might be even a more serious crime than threatening a school. It could still be justified to tap the traffic, like it is for other public authorities, but you would have to find out yourself whether you are or the school is allowed to do this. Actually, I tend to think that it is the school's task to enforce a specific security and surveillance concept and this also applies particularly to their IT structure. You are certainly not in the position to decide whether you should monitor anything unless it is part of your contract. Besides this, it is easy to store any kind of information along with classical CDR data. Just search for "adaptive ODBC", or read the Asterisk book. jg -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
[asterisk-users] Capture Media IP in CDR (CDR)
I am quite surprised about the degree of surprise in the group. A few days ago, somebody called a school and issued a threat, through my network. The call came from China, but of course it was US caller. The DA wants to know where call came from. The caller ID is "Restricted" and the chinese carrier is playing games. If I had a way to store the media IP, I would be able to pinpoint the offender in the US, or the company that touched the media last. As a result of Asterisk not having this functionality, many children are danger and this country at large is at a great peril, since Asterisk is the most widely used low-cost technology for telecommunications. I need Digium to store this IP in the CDR. I will be honest with the government and let them know that my tool is incapable of saving lives or safeguarding our national security because nobody thought about this. PD: I am not paying for a patch, since this is huge burden on a small company like mine, with a single employee, and also because the whole world will enjoy the benefit. It is not fair that I would have to hire somebody to patch Asterisk. I appeal to Digium to patch Asterisk. -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
