Wednesday, 30 August 2017

Setting up Asterisk RealTime SIP Users

It is assumed that you have installed Astersik successfully from my previous post.
By default Asterisk comes with text based configuration files, which requires reloading of module every time, for the file we changed. But when we setup Asterisk Real Time architecture we don't need reload. Here I will show you example of adding real time SIP users.

1. First we will take backup of sample files which we will modify,

cd /etc/asterisk
mv res_config_mysql.conf res_config_mysql.conf_orig
mv /etc/asterisk/extensions.conf /etc/asterisk/extensions.conf_orig
mv /etc/asterisk/extconfig.conf /etc/asterisk/extconfig.conf_orig
mv /etc/asterisk/sip.conf /etc/asterisk/sip.conf_orig

open file, nano /etc/asterisk/res_config_mysql.conf and add below database details in it.

[general]
dbhost = 127.0.0.1
dbname = conference
dbuser = root
dbpass = yourdbpass
dbport = 3306

open file, nano /etc/asterisk/extconfig.conf and add below content in it.

[settings]
sippeers => mysql,general,RealTimeUsers

open file, nano /etc/asterisk/sip.conf and add below details in it.

[general]
callcounter=yes ; enable device states for SIP devices
rtcachefriends=yes
udpbindaddr=0.0.0.0:5060
disallow=all
allow=ulaw
allow=alaw
allow=gsm

open file, nano /etc/asterisk/extensions.conf and add below code in it

[mycontext]
exten => 1000,1,Dial(SIP/1000)
exten => 1001,1,Dial(SIP/1001)

Now apply below command
asterisk -rvvvv
core reload


To check Asterisk realtime status, you can use below command

conference-VirtualBox*CLI> realtime mysql status
general connected to conference@127.0.0.1, port 3306 with username root for 5 seconds.

2. Now login to database and create database and table

root@conference-VirtualBox:/etc/asterisk# mysql -uroot -pyourdbpass

mysql>
mysql> CREATE DATABASE conference;
mysql> use conference;
mysql> CREATE TABLE `RealTimeUsers` (
`id` int NOT NULL AUTO_INCREMENT,
`type` varchar(6) DEFAULT NULL,
`name` varchar(128) DEFAULT NULL,
`secret` varchar(128) DEFAULT NULL,
`context` varchar(128) DEFAULT NULL,
`host` varchar(128) DEFAULT NULL,
`ipaddr` varchar(128) DEFAULT NULL,
`port` varchar(5) DEFAULT NULL,
`regseconds` bigint(20) DEFAULT NULL,
`defaultuser` varchar(128) DEFAULT NULL,
`fullcontact` varchar(128) DEFAULT NULL,
`regserver` varchar(128) DEFAULT NULL,
`useragent` varchar(128) DEFAULT NULL,
`lastms` int(11) DEFAULT NULL,
`firstname` varchar(128) DEFAULT NULL,
`lastname` varchar(128) DEFAULT NULL,
`interpretertype` varchar(255) DEFAULT NULL,
`isinterpreter` int(1) DEFAULT '0',
`isused` int(1) NOT NULL DEFAULT '0',
PRIMARY KEY (id)
);

Adding real time SIP users with below queries

INSERT INTO RealTimeUsers (type,name,secret,context,host,defaultuser,firstname,lastname) VALUES('friend','1000','1234','mycontext','dynamic','1000','abc','xyz');

INSERT INTO RealTimeUsers (type,name,secret,context,host,defaultuser,firstname,lastname) VALUES('friend','1001','1234','mycontext','dynamic','1001','abc','xyz');

Great you have configured Astersik real time SIP users. Now, you can register in softphone like zoiper with above two created users, and then try to dial out each other.

Monday, 28 August 2017

How to install and use Opus codec in Astersik


This document shows you how to install and use Opus codec in Asterisk server:



Here select appropriate Asterisk version of your instalation and then server architecture, in my case it was Asterisk 13 with 64 bit

2. Now download file as below,
- cd /usr/src
- wget http://downloads.digium.com/pub/telephony/codec_opus/asterisk-13.0/x86-64/codec_opus-13.0_current-x86_64.tar.gz

3. Extract the downloaded file,
- tar -xvzf codec_opus-13.0_current-x86_64.tar.gz
- cd codec_opus-13.0_1.1.0-x86_64

4. Copy the codec_opus.so file into the Asterisk module directory
- cp codec_opus.so /usr/lib/asterisk/modules/

5. Copy the codec_opus_config-en_US.xml file into the Asterisk external documentation directory
- cp codec_opus_config-en_US.xml /var/lib/asterisk/documentation/thirdparty

6. Goto Asterisk CLI and restart it
- asterisk -rvvvv
- core restart now
- asterisk -rvvvv
- core reload

7. Now check opus codec running or not with below command
ubuntu*CLI> module show like opus
Module Description Use Count Status Support Level
codec_opus.so OPUS Coder/Decoder 0 Running extended
res_format_attr_opus.so Opus Format Attribute Module 1 Running core

If module not loaded, then try to load it manually from Asterisk cli,
- module load codec_opus.so
- module load res_format_attr_opus.so

8. Open file, nano /etc/asterisk/sip.conf and allow opus codec in it as shown below, so SIP soft phones can use that codec.

[general]
callcounter=yes ; enable device states for SIP devices
rtcachefriends=yes
udpbindaddr=0.0.0.0:5060
disallow=all
allow=opus
allow=ulaw
allow=alaw
allow=gsm

After adding, do sip reload from Asterisk cli to take changes into effect
ankit-desktop*CLI> sip reload
Reloading SIP
== Parsing '/etc/asterisk/sip.conf': Found
== Parsing '/etc/asterisk/users.conf': Found
== Using SIP CoS mark 4
== Parsing '/etc/asterisk/sip_notify.conf': Found
ankit-desktop*CLI>

Sunday, 27 August 2017

How to Install Asterisk on Ubuntu 14.04


Asterisk Installation


This document explains how to install Asterisk on Ubuntu 14.04,
the installation steps are given below:


1. We are using AWS server instance here, so create AWS instance and log into the server.

2. Now first we have to update system, type below command to update system from terminal

apt-get update && apt-get upgrade -y

3. Install dependency with following command, while installing these dependencies, it may ask you MySQL password to set, give password of your choice and remember

apt-get install -y build-essential linux-headers-`uname -r` openssh-server apache2 mysql-server mysql-client bison flex php5 php5-curl php5-cli php5-mysql php-pear php5-gd curl sox libncurses5-dev libssl-dev libmysqlclient-dev mpg123 libxml2-dev libnewt-dev sqlite3 libsqlite3-dev pkg-config automake libtool autoconf git unixodbc-dev uuid uuid-dev libasound2-dev libogg-dev libvorbis-dev libcurl4-openssl-dev libical-dev libneon27-dev libsrtp0-dev libspandsp-dev libmyodbc

4. Now reboot server

5. After reboot type these commands

a2enmod rewrite
service apache2 restart

6. Install and configure Asterisk

Download required source files in /usr/src directory

cd /usr/src

wget http://downloads.asterisk.org/pub/telephony/dahdi-linux-complete/dahdi-linux-complete-current.tar.gz

wget http://downloads.asterisk.org/pub/telephony/libpri/libpri-current.tar.gz

wget http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-13-current.tar.gz
In my case it was,
wget http://downloads.asterisk.org/pub/telephony/asterisk/old-releases/asterisk-13.15.0.tar.gz (can download any specific version also from this link)

wget -O jansson.tar.gz https://github.com/akheron/jansson/archive/v2.7.tar.gz
wget http://www.pjsip.org/release/2.4/pjproject-2.4.tar.bz2


Compile and Install DAHDI (Required if any hardware card installed to support PRI like lines)

cd /usr/src
tar xvfz dahdi-linux-complete-current.tar.gz
rm -f dahdi-linux-complete-current.tar.gz
cd dahdi-linux-complete-*
make all
make install
make config
cd /usr/src
tar xvfz libpri-current.tar.gz
rm -f libpri-current.tar.gz
cd libpri-*
make
make install


Compile and install janson

cd /usr/src
tar vxfz jansson.tar.gz
rm -f jansson.tar.gz
cd jansson-*
autoreconf -i
./configure
make
make install


Compile and install Asterisk

cd /usr/src
tar xvfz asterisk-13-current.tar.gz
rm -f asterisk-13-current.tar.gz
cd asterisk-*
contrib/scripts/install_prereq install (this step may ask to enter telephony country code like 61, you can give as per your country)
./configure
contrib/scripts/get_mp3_source.sh
make menuselect


make
make install
make config
ldconfig
update-rc.d -f asterisk remove
make samples

Now, you have installed Asterisk, type below commands from terminal as root user, to go to Asterisk cli,

asterisk
asterisk -rvvvv
core restart now
asterisk -rvvvv
core reload

Saturday, 26 August 2017

Fail2Ban Installation and Configuration - Asterisk


How to install and setup fail2ban for Asterisk to prevent brute force attacks:

Ubuntu:


1. Install fail2ban with below command
- apt-get install fail2ban

2. Optionally you can install sendmail to send email notifications for block IPs
apt-get install sendmail-bin sendmail (Optional)

3. Now you need to setup logger.conf file
- mv /etc/asterisk/logger.conf /etc/asterisk/logger.conf.orig
- open, nano /etc/asterisk/logger.conf
- if it is FreePBX then open, nano /etc/asterisk/logger_logfiles_custom.conf
- add below general and logfiles sections mentioned in bold, in it and save

[general]
dateformat=%F %T ; ISO 8601 date format

[logfiles]
console => notice,warning,error
messages => security,notice,warning,error

- from asterisk cli apply this command to take changes into effect

ankit-desktop*CLI> logger reload
== Parsing '/etc/asterisk/logger.conf': Found
Asterisk Queue Logger restarted

4. Now open file, nano /etc/fail2ban/jail.conf
For asterisk fail2ban configuration add below content and save, replace dest,sender and ignoreip parameters to yours. If it is FreePBX then you can set logpath to /var/log/asterisk/full


[asterisk-tcp]

enabled = true
filter = asterisk
action = iptables-multiport[name=asterisk-tcp, port="5060", protocol=tcp]
sendmail[name=Asterisk, dest=abc@xyx.com, sender=info@xyz.com]
logpath = /var/log/asterisk/messages
maxretry = 3
findtime = 12000
bantime = 259200
ignoreip = 192.168.0.46

[asterisk-udp]

enabled = true
filter = asterisk
action = iptables-multiport[name=asterisk-udp, port="5060", protocol=udp]
sendmail[name=Asterisk, dest=abc@xyz.com, sender=info@xyz.com]
logpath = /var/log/asterisk/messages
maxretry = 3
findtime = 12000
bantime = 259200
ignoreip = 192.168.0.46

5. Add below content in nano /etc/fail2ban/filter.d/asterisk.conf and save


# Fail2Ban configuration file
#
#
# $Revision: 251 $
#

[INCLUDES]

# Read common prefixes. If any customizations available -- read them from
# common.local
before = common.conf


[Definition]

#_daemon = asterisk

# Option: failregex
# Notes.: regex to match the password failures messages in the logfile. The
# host must be matched by a group named "host". The tag "<HOST>" can
# be used for standard IP/hostname matching and is only an alias for
# (?:::f{4,6}:)?(?P<host>\S+)
# Values: TEXT
#
# Asterisk 1.8 uses Host:Port format which is reflected here

failregex = NOTICE.* .*: Registration from '.*' failed for '<HOST>:.*' - Wrong password
NOTICE.* .*: Registration from '.*' failed for '<HOST>:.*' - No matching peer found
NOTICE.* .*: Registration from '.*' failed for '<HOST>:.*' - No matching peer found
NOTICE.* .*: Registration from '.*' failed for '<HOST>:.*' - Username/auth name mismatch
NOTICE.* .*: Registration from '.*' failed for '<HOST>:.*' - Device does not match ACL
NOTICE.* .*: Registration from '.*' failed for '<HOST>:.*' - Peer is not supposed to register
NOTICE.* .*: Registration from '.*' failed for '<HOST>:.*' - ACL error (permit/deny)
NOTICE.* .*: Registration from '.*' failed for '<HOST>:.*' - Device does not match ACL
NOTICE.* .*: Registration from '\".*\".*' failed for '<HOST>:.*' - No matching peer found
NOTICE.* .*: Registration from '\".*\".*' failed for '<HOST>:.*' - Wrong password
NOTICE.* <HOST> failed to authenticate as '.*'$
NOTICE.* .*: No registration for peer '.*' \(from <HOST>\)
NOTICE.* .*: Host <HOST> failed MD5 authentication for '.*' (.*)
NOTICE.* .*: Failed to authenticate user .*@<HOST>.*
NOTICE.* .*: <HOST> failed to authenticate as '.*'
NOTICE.* .*: <HOST> tried to authenticate with nonexistent user '.*'
VERBOSE.*SIP/<HOST>-.*Received incoming SIP connection from unknown peer
# Option: ignoreregex
# Notes.: regex to ignore. If this regex matches, the line is ignored.
# Values: TEXT
#
ignoreregex =


6. Restart fail2ban service
- service fail2ban restart

7. Some useful commands
- to block IP address
iptables -A INPUT -s 190.53.232.25 -j DROP

- how to delete iptables rule by line number
iptables -L --line-numbers
iptables -D fail2ban-asterisk-tcp 1
iptables -D fail2ban-asterisk-udp 1

Introduction to Asterisk, an open source VoIP platform

Asterisk is an open source, widely used VoIP communications server. It offers all modern PBX features, as compared to traditional hardware based PBX systems. This software can be installed on most used Linux flavors like Ubuntu/CentOS.

Many small to medium sized companies and organizations uses this software based PBX system. The following are some examples of use cases:

1. As IVR application
- For developing Interactive Voice Response service, IVR is application in which customer dials given public phone number and call is answered by scripted dial plan in Asterisk, it may be like "Welcome to company, press 1 for sales, press 2 for support", and on appropriate DTMF(keypad) input call can be bridged to concern person. Many more application can be built with this IVR as per our need and imaginations.

2. Call broadcast service
- In some cases people may need to broadcast some important message or offers to thousands of people in that case one can do call broadcast to target audience, and upon answer the call person can listen prerecorded message.

3. Conferencing solution
- Asterisk offers conferencing capability, in that all users can join to single conference room and can talk to each other, no matter where the person currently is. Remote members can join to common conference room and can talk on important discussion.

4. Call Center solution
- Here, to manage too much call traffic this solution can be used, when customer dial on public phone number it can be hold in Queue if all call center agents are busy, and once agent becomes free, call can be routed to available agent to answer. This way company
don't loose customer and can be answered as soon as possible.

5. Asterisk and CRM integrations
- Nowadays, many people integrate this powerful Asterisk server with their CRM system also, so callerID identification, screen popup when call comes from specific callerID, callerID lookup and authenticate call like cool features can be achieved.

6. Public telephone network connectivity to Asterisk
- Today SIP trunking, PRI line integration with Asterisk are possible, so these public telephone lines can be patched to Asterisk PBX and we can get global reach with this technology.

Well, above are the mainly used use cases of Asterisk system, we can do many more applications and use cases, as per our need and imaginations.