Asterisk logolás szintjének megemelése

- On the command prompt type: asterisk -r
- In the asterisk command line interface type: core set verbose 128
- Additionally, you can also type: core set debug 128

Trixbox tűzfal mögött

Megoldás és megoldás

SIP with firewall/NAT using Asterisk

Tűzfalbeállítások Asterisk-hez

http://www.voip-info.org/wiki/view/Asterisk+firewall+rules

Beállítások iptables esetén
# SIP on UDP port 5060. Other SIP servers may need TCP port 5060 as well
iptables -A INPUT -p udp -m udp --dport 5060 -j ACCEPT

# IAX2- the IAX protocol
iptables -A INPUT -p udp -m udp --dport 4569 -j ACCEPT

# IAX - most have switched to IAX v2, or ought to
iptables -A INPUT -p udp -m udp --dport 5036 -j ACCEPT

# RTP - the media stream
iptables -A INPUT -p udp -m udp --dport 10000:20000 -j ACCEPT

# MGCP - if you use media gateway control protocol in your configuration
iptables -A INPUT -p udp -m udp --dport 2727 -j ACCEPT

Portech MV-372

Mobile to Lan szabályt a következők szerint kell beállítani

Paraméter

Érték

CID

*

URL

Mellék@Asterisk IP

Egyéb beállítási segédletek

http://www.powermediasrl.it/fsn/portech-mv-372-con-asterisktrixboxelastix.html

Linksys SPA3102

Az eszköz trixbox rendszerhez történő illesztését az itt található leírás alapján végezhetjük el egyszerűen

fail2ban telepítése Trixbox alá

Forrás

First we are going to install the rpmforge repository and use the fail2ban package from there -

rpm -Uhv http://apt.sw.be/redhat/el5/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.el5.rf.i386.rpm
sed -i 's/enabled = 0/enabled = 1/' /etc/yum.repos.d/rpmforge.repo
yum install -y fail2ban jwhois

Now disable the rpmforge repo do that it doesn't interfere with any of the CentOS/Asterisk packages -

sed -i 's/enabled = 1/enabled = 0/' /etc/yum.repos.d/rpmforge.repo

Next we are going to create the fail2ban configuration file for Asterisk. This tells fail2ban what text to monitor the logs for -

cat >> /etc/fail2ban/filter.d/asterisk.conf <<-EOF
# Fail2Ban configuration file
#
#
# $Revision: 250 $
#

[INCLUDES]

# Read common prefixes. If any customizations available -- read them from
# common.local
#before = common.conf

[Definition]

#_daemon = asterisk

# Option:  failregex
# Notes.:  regex to match the password failures messages in the logfile. The
#          host must be matched by a group named "host". The tag "<HOST>" can
#          be used for standard IP/hostname matching and is only an alias for
#          (?:::f{4,6}:)?(?P<host>\S+)
# Values:  TEXT
#

failregex = NOTICE.* .*: Registration from '.*' failed for '<HOST>' - Wrong password
            NOTICE.* .*: Registration from '.*' failed for '<HOST>' - No matching peer found
            NOTICE.* .*: Registration from '.*' failed for '<HOST>' - Username/auth name mismatch
            NOTICE.* .*: Registration from '.*' failed for '<HOST>' - Device does not match ACL
            NOTICE.* .*: Registration from '.*' failed for '<HOST>' - Peer is not supposed to register
            NOTICE.* <HOST> failed to authenticate as '.*'$
            NOTICE.* .*: No registration for peer '.*' \(from <HOST>\)
            NOTICE.* .*: Host <HOST> failed MD5 authentication for '.*' (.*)
            NOTICE.* .*: Failed to authenticate user .*@<HOST>.*

# Option:  ignoreregex
# Notes.:  regex to ignore. If this regex matches, the line is ignored.
# Values:  TEXT
#
ignoreregex =
EOF

Next we are going to add some lines to the jail.conf file that tells fail2ban what log files to monitor and what action to take when the required text is detected. This includes sending an alert e-mail so you may want to change 'root' to your e-mail address. It also includes the length of time the IP address is blocked for in seconds. Here we have it set to 3 days, you may want to modify this -

cat >> /etc/fail2ban/jail.conf <<-EOF
[asterisk-iptables]

enabled  = true
filter   = asterisk
action   = iptables-allports[name=ASTERISK, protocol=all]
           sendmail-whois[name=ASTERISK, dest=root, sender=fail2ban@example.org]
logpath  = /var/log/asterisk/full
maxretry = 5
bantime = 259200
EOF

Fail2ban needs the date in the Asterisk log files written in a specific format. To do this we can add a line to the 'General' section of the Asterisk logger configuration file. If you already have a 'General' section in there you will just want to add the line manually rather than running the command below -

cat >> /etc/asterisk/logger.conf <<-EOF
[general]
dateformat=%F %T
EOF
asterisk -rx "logger reload"

Finally we want to fire up fail2ban and set it to start at boot time -

service fail2ban start
chkconfig fail2ban on

One final thing you may want to do is 'whitelist' your own IP address/s. You can do this by adding them to the ignoreip line in the jail.conf file. Here's a couple of lines to do it automatically, just change the IP address here for your own IP address -

sed -i 's/ignoreip = /ignoreip = 123.123.123.123 /' /etc/fail2ban/jail.conf
service fail2ban restart

2.8.0.4-es trixbox függőségi probléma upgrade után

rpm -e --nodeps c-ares

rpm -e --nodeps sipsak

yum install sipsak
yum install c-ares

Biztonság

http://sysadminman.net/blog/2009/hacking-and-securing-your-asterisk-server-592

http://www.asteriskblog.hu/

http://blogs.digium.com/2009/03/28/sip-security/

http://particio.com/~kovzol/kotta/doku.php?id=tegyuek_biztonsagossa_az_asterisket

VOIP szolgáltatók összehasonlítása

A különböző VOIP szolgáltatók ajánlatainak öszehasonlítását itt olvashatjuk.

A Betamax klónok árainak összehasonlítását itt olvashatjuk.

Trixbox hangolása Hyper-V környezetben

Az alábbi írás hasznos információkkal szolgál

http://paulgibbs.wordpress.com/2010/02/06/configuring-trixbox-to-run-in-a-hyper-v-vm-with-proper-time-sync-and-integration-components/

Scriptek írása

AGI Scripting O'Reilly

15 perces megszakadás

/etc/asterisk/sip_general_additional.conf

...
session-timers=refuse

Watchdog

https://gist.github.com/justincampbell/1461697

Kapcsolódási probléma dinamikus IP váltás után

http://forums.whirlpool.net.au/archive/1953138

Asterisk NAT mögöt

http://www.smartvox.co.uk/astfaq_configbehindnat.htm

CallGroup PickGroup

http://www.freepbx.org/support/documentation/howtos/how-to-use-callgroups-and-pickgroups

Csengőhangok

http://forums.digium.com/viewtopic.php?p=152714

Asterisk Synology NAS modul

Asterisk log files (CLI)

Voicemail

Segít abban, hogy ha nincs vonalbontás, akkor automatikusan befejeződhessen a hangposta:

voicemail.conf

maxsilence=10
silencethreshold=256

FAX beállítások SPA ATA készülékek esetén

http://wiki.freeswitch.org/wiki/SPA2102_T38_Howto

Firmware

Latest release apparently buggy (5.2.12). Get version 5.2.10 instead. Read that as T38 DOES NOT WORK on 5.2.12. Comment: I am using latest 5.2.13(004) which has no problem at all. Read the release note of 5.2.12 which fixed a few bugs 5.2.10. One of them I consider major.

Configure SPA2102

Provider and registration as per usual. watch the 0.030 bug on the RTP Packet size (login advanced)

  • Voice -> SIP
    • RTP Packet Size: 0.020
  • Voice -> Line 1 [or 2]
Preferred CodecG711uSecond Preferred CodecG711u
Third Preferred CodecG711uUse Pref Codec Onlyyes
Silence Supp EnablenoSilence Thresholdmedium
G729a EnableyesEcho Canc Enableno
G723 EnableyesEcho Canc Adapt Enableno
G726-16 EnableyesEcho Supp Enableno
G726-24 EnableyesFAX CED Detect Enableyes
G726-32 EnableyesFAX CNG Detect Enableyes
G726-40 EnableyesFAX Passthru CodecG711u
DTMF Process INFOyesFAX Codec Symmetricyes
DTMF Process AVTYesFAX Passthru MethodReINVITE
DTMF Tx MethodAutoDTMF Tx ModeStrict
DTMF Tx Strict Hold Off Time90FAX Process NSEyes
Hook Flash Tx MethodNoneFAX Disable ECANyes
Release Unused CodecyesFAX Enable T38yes
FAX T38 Redundancy1FAX Tone Detect Modecaller or callee


In addition to above, you will want to use the following settings:

On the Same Line Tab:

  • Network Jitter Buffer: very high
  • Jitter buffer adjustment: disable
  • Call Waiting: no
  • 3 Way Calling: no
  • Echo Canceller: no
  • Silence Suppression: no
  • Preferred Codec: G.711
  • Use Pref. codec Only: Yes

Without the above settings, outbound fax would work (in proxy media mode) some of the time, but T38 negotioation would fail sometimes and never go through. One example was HP's faxback service: 1-888-hpfaxme (1-888-473-2963).

Configure Fax Machine

You'll also need to set your Fax machine to a max speed of 14.4k and a min speed of 7200.

NAT-olt extension-ök leszakadnak konfiguráció módosítás után

A problémát az asterisk-nél ezen a hibajegyen tartják nyilván

Megoldás

Freepbx esetén

Settings->Asterisk SIP Settings->Other SIP Settings

rtcachefriends=yes
rtsavesysname=yes
rtupdate=yes

VoIP tarifák összehasonlítása

http://voipratetracker.com/compare_rates?ct=hungary&period=month&country_select=Update

2 freepbx/asterisk központ összekapcsolása

http://wiki.freepbx.org/pages/viewpage.action?pageId=4161588

Asterisk SNMP

http://deobfuscate.net/2013/09/05/configuring-snmp-v3-for-asterisk-on-freepbx/

FAX

Fax beállítások

Asterisk Jitter Buffer

https://sysadminman.net/blog/2013/improving-asterisk-call-quality-with-sip-jitter-buffers-5612

/etc/asterisk/sip_general_custom.conf

jbenable=yes

jbimpl=adaptive

  • No labels

1 Comment

  1. Anonymous

    As a Newbie, I am continuously searching online for articles that can aid me. Thank you eekgkkckedekkbff