System Network Programming Solution - Linux - windows - centos- security- cpanel - plesk -directadmin helm

I’ve deleted /home, how do I recreate the directories?

admin — Wed, 22 Feb 2012 10:39:00 +0000

Generally, this isn’t the best thing to have happen because all of the data is stored there. You’ll need to recreate all of the directory structures, as well as a few files required for DA to run:

1) Create the DA tmp directory so you can log into DA again:

mkdir -p /home/tmp
chmod 1777 /home/tmp

2) Create the /home/username directories and subdirectories:

cd /home
vi make_dirs.sh

press ‘i’ to go into “insert mode” then paste the following script (right click)

#!/bin/sh
for i in `ls /usr/local/directadmin/data/users`; do
{
 for d in `cat /usr/local/directadmin/data/users/${i}/domains.list`; do
 {
  mkdir -p /home/${i}/domains/${d}/public_html/cgi-bin
  mkdir -p /home/${i}/domains/${d}/private_html
  mkdir -p /home/${i}/domains/${d}/public_ftp
  mkdir -p /home/${i}/domains/${d}/stats
  mkdir -p /home/${i}/domains/${d}/logs
 };
 done;
 mkdir -p /home/${i}/backups    

 chown -R $i:$i /home/${i}
 chmod -R 755 /home/${i}
};
done;
exit 0;

Press “ctrl-c” to exit “insert mode”, then press “shift-Z” twice to save and exit. Once the file is saved, type:

chmod 755 make_dirs.sh
./make_dirs.sh

Disk Usage is showing 0.00

admin — Wed, 22 Feb 2012 10:36:28 +0000

*** Note: If you’re running a VPS with a “simfs” file system, quotas usually cannot be enabled with normal means. Contact yoru VPS provider to enable quotas for you.

DirectAdmin relies on the system quotas to return a value for how much space is being used. DirectAdmin will run

/usr/sbin/repquota /home

Where /homeis the quota_partition value set in the /usr/local/directadmin/conf/directadmin.conf file (eg, /home, / or /usr). The command should output a large list of numbers, eg

[root@server]# /usr/sbin/repquota /home
*** Report for user quotas on device /dev/hda3
Block grace time: 7days; Inode grace time: 7days
Block limits File limits
User used soft hard grace used soft hard grace
———————————————————————-
root – 417796 0 0 7446 0 0
nobody – 4 0 0 1 0 0
bin — 56880 0 0 510 0 0
majordomo — 8 0 0 2 0 0
diradmin – 8 0 0 2 0 0
admin — 200 0 0 44 0 0
user123 — 100 0 0 22 0 0
user456 — 100 0 0 22 0 0

If the “used” column is not showing anything, or users are not in the list, then you’ll need to run the quotacheck program:

Redhat:

/sbin/quotaoff -a; /sbin/quotacheck -avugm; /sbin/quotaon -a;

FreeBSD:

/usr/sbin/quotaoff -a; /sbin/quotacheck -avug; /usr/sbin/quotaon -a;

If are getting errors and no output is displayed for the repquota command, you’ll need to check your /etc/fstab file to make sure that it contains the rw,userquota,groupquota line beside the partition that is using the quotas.
*Important: On Linux (Redhat/Debian), it’s usrquota,grpquota, and on FreeBSD it’s userquota,groupquota.

Sample /etc/fstab (do not make your’s look identical if it’s different, this is one example from a specific OS):

# Device Mountpoint FStype Options Dump Pass#
/dev/ad0s1a / ufs rw,userquota,groupquota 1 1
/dev/ad0s1e /tmp ufs rw 2 2
proc /proc procfs rw 0 0

In this case, the quota_partition is /. The quota partition should be the partition that holds your users. Generally, this will be one of /home, / or /usr.

Once the repquota program is returning a normal value, then you can run the tally to get the correct usage to show up in DirectAdmin:

echo "action=tally&value=all" >> /usr/local/directadmin/data/task.queue

This task.queue command will get picked up by the dataskq binary. It calls the repquota command and dumps it into /home/tmp/quota-dump.
Check /var/log/directadmin/errortaskq.log for any errors with this.
Running the tally manually for a User can also help with debugging these issues.

Setup a per-user php.ini to allow open_basedir with suPhp

admin — Wed, 22 Feb 2012 09:41:54 +0000

new way:

If you wish to use per-user php.ini files in:
/usr/local/directadmin/data/users/username/php/php.ini
then you can use this guideto add the code:

SetEnv PHP_INI_SCAN_DIR /usr/local/directadmin/data/users/|USER|/php/

to the VirtualHost entires for that domain and it’s subdomains. This will tell suPhp to look in that path for a php.ini.
It’s loaded after the main php.ini, so if it’s not there, it’s not a big deal. You can add just the php entries that you wish to override the global php.ini’s defaults.
Note for complete usage of this setting, a how-to has been created here, which should be consulted with first: http://www.directadmin.com:80/forum/showpost.php?p=156958&postcount=25

If you only want to set a custom php.ini for individual users, and not all users, then you can use this guide to insert just the one line of code into the VirtualHost entires for that domain.

Sample /usr/local/directadmin/scripts/custom/user_create_post.sh

#!/bin/sh

HOME=/home/$username
OBD="${HOME}/:/tmp:/var/tmp:/usr/local/lib/php/"

P=/usr/local/directadmin/data/users/$username
if [ ! -e ${P}/php ]; then
            mkdir ${P}/php
fi

PI=${P}/php/php.ini
if [ ! -e ${PI} ]; then
            cp -f /usr/local/lib/php.ini.template ${PI}
            TMP="perl -pi -e 's#open_basedir = OBD#open_basedir = ${OBD}#' ${PI}"
            eval $TMP
fi
exit 0;

Where the /usr/local/lib/php.ini.template might look like this:

[PHP]
open_basedir = OBD

so that the regex in the user_create_post.sh will swap OBD will the user’s open_basedir path.

old way:

In order to setup a php.ini for each user with suPhp (installed by custombuild), edit:
/etc/httpd/conf/extra/httpd-suphp.conf

Find this line:

suPHP_ConfigPath /usr/local/etc/php5/cgi/

and comment it out by changing it to

#suPHP_ConfigPath /usr/local/etc/php5/cgi/

(just add a # in front of it).

Doing this will let suPhp be more flexible in using a different php.ini file. By default, it will still fall back to the /usr/local/etc/php5/cgi/php.ini if nothing else is set, but by not setting it, it allows us to change it (suPhp only accepts the first call of that command).

The next step is to tell apache where to find the php.ini that you want.
Go to:
Admin Level -> Custom httpd configuration -> domain.com

Insert the following 1 line into the top textarea:

suPHP_ConfigPath |HOME|/

exactly as written, then hit save. You can do this for as many single domains as you wish.

Note that you can also make this a global change by adding that line to the virtualhost templates using this guide:
help.directadmin.com/item.php?id=2.

Restart apache when you’re done.

Don’t forget to actually add a php.ini file into /home/username/php.ini and save it with root as the owner if you don’t want the user changing it at all. In that php.ini file, you can specify a custom open_basedir path, thus preventing the user from wandering about the system. Automating a new php.ini can be done with the user_create_post.sh script.

Apache give each user their own cgi-bin directory

admin — Wed, 22 Feb 2012 09:39:42 +0000

Apache has public_html directory support. With this you specify the name of the directory which is appended onto a user’s home directory if a ~user request is received. For example http://domain.com/~rocky/file.html will be rocky’s home directory /home/rocky/public_html/file.html. Recently I took small part time job to setup web server for university. I want to give every student access to cgi-bin so that they can use perl. I don’t wanna give everyone access to /var/www/cgi-bin or /usr/lib/cgi-bin directory. ScriptAliases enables documents in the cgi-bin directory treated as applications and run by the server when requested rather than as documents sent to the client. So first I did setup ScriptAlias. However it was not working.
So all students was able to see each others perl source code so I was called again to fix this problem. After searching little bit, I found solution from offical Apache docs. So I modified httpd.conf and added following two directives to /home/*/public_html/cgi-bin section:

Options ExecCGI
SetHandler cgi-script

At the end final entry looked like as follows:


Options ExecCGI
SetHandler cgi-script

Then I restarted apache and it worked like a charm. See Apache document Dynamic Content with CGI. Update: As pointed out by Randal you just need to add above four lines.

How to setup jailed ssh and jailed cgi (beta)

admin — Wed, 22 Feb 2012 09:38:15 +0000

If you run custombuild, the jailed script portion of this guide is in the options.conf.

#Jailed shell (beta)
jail=yes

Then type

./build all_jail

The “./jail/jail_user.sh user” (from the custombuild dir) would be used for each user you want to jail. The remaining httpd.conf and other options from this guide still apply.

1) First, install the scripts and binaries (note, currently for apache 1.3.x only):

cd /usr/local/directadmin/customapache
mkdir jail
cd jail
wget http://files.directadmin.com/services/customapache/jail/build
chmod 755 build
./build update
./build all

2) It’s recommended you make backups of /etc/passwd, /etc/shadow, /etc/group, and /etc/master.passwd (if you have it)

cp -f /etc/passwd /etc/passwd.backup
cp -f /etc/group /etc/group.backup
cp -f /etc/shadow /etc/shadow.backup
cp -f /etc/master.passwd /etc/master.passwd.backup

3) To jail a specific user, this command is used:

cd /usr/local/directadmin/customapache/jail
./jail_user.sh username

If they are to use jailed CGI, then

SetEnv JAIL_DIR |HOME|

would need to be added to their virtualhosts (where home is their home directory, eg: /home/username).

Note that php through apache is not jailed, so enableing safemode and open_basedir would be recommended.

To *automate* the jailing process, you can create /usr/local/directadmin/scripts/custom/user_create_post.sh and fill it with:

#!/bin/sh
if [ $ssh = "ON" ]; then
  cd /usr/local/directadmin/customapache/jail
  ./jail_user.sh $username
fi
exit 0;

Then chmod it to 755:

chmod 755 /usr/local/directadmin/scripts/custom/user_create_post.sh

To automate the cgi jailing, then the SetEnv option has to be added to any virtualhost that is to use the jailing. Create /usr/local/directadmin/scripts/custom/domain_create_post.sh with the following:

#!/bin/sh
COUNT=`grep -e "^${username}:" /etc/passwd | grep -c /bin/jail`
if [ $COUNT -eq 1 ]; then
  echo "SetEnv JAIL_DIR |HOME|" > /usr/local/directadmin/data/users/${username}/domains/${domain}.cust_httpd
  echo "action=rewrite&value=httpd&user=${username}" >> /usr/local/directadmin/data/task.queue
fi
exit 0;

and chmod to 755, like the user_create_post.sh script.

4) Since a user can be created without ssh, and it gets added later, we’ll need to create a user_modify_post.sh script as well, but since it’s the same code, we’ll just create a symbolic link.

ln -s user_create_post.sh /usr/local/directadmin/scripts/custom/user_modify_post.sh

Note, that the jail_user.sh isn’t going to be very speedy as it has to transfer over all program binaries and libraries that would be needed inside the jail. This takes time. It also takes a huge amount of space that will not be counted in the users total disk usage.

Incoming search terms:

enable jailed shell openvz (1)

Basic system security

admin — Wed, 22 Feb 2012 09:34:54 +0000

Note that it’s ultimately the responsibility of the server admin to ensure his system is secure. These are some basic security tips that can be done to help protect your system. This is not an end-all guide for server security, admins must be diligent, but rather some suggestions for a start to securing your server.

1) At install time, the easiest thing to do is to mount your /tmp partition with the noexec,nosuid options, and mount the /home partition with the nosuidoption. This is done in your /etc/fstab and requires those paths to exist as partitions, and not just as subdirectories of /. If you’re unsure, type:

mount

to get a listing of your partitions and their current mounting options. Use google for more information on these mounting options. Be very careful when editing your /etc/fstab, as any errors could prevent your system from starting up. Note that you must not have “nosuid,noexec” for / or /usr, as those partitions have suid binaries normally (su, passwd, etc).

2) After the system is installed, a good idea is to add dangerous php functions to the disable_functionslist. This prevents php scripts from running “raw” functions that could be used to execute programs on your system. Note that some php scripts do legitimately require these functions to operate, so if your scripts don’t run after enabling this function, edit your php.ini to remove the required functions from the list, and restart apache. To add the disable_functions with custombuild, type the following then restart apache:

cd /usr/local/directadmin/custombuild
./build update
./build secure_php

3)Do regular updates of system services, libraries and scripts. It’s important to keep your system updated once installed. This is the responsibility of the server administrator. There are several tools and options avaiable to help the admin do this. For system libraries like openssl and other low level system items, this is left to the admin to do how he wish, usually package systems like yum or apt-get can do this for you. For services and scripts that DA installs, you can use the custombuild script. A typical update command with custombuild is:

cd /usr/local/directadmin/custombuild
./build update
./build all d

Note that in the custombuild directory is a file called “options.conf”. In this file is a list of all options you’ve got regarding what custombuild will do. Regarding updates, ensure you have clean_old_webapps=yes present. This removes all scripts from /var/www/html, after updating you do a new one. The options.conf also has cron options to check for updates nightly, or even install these options nightly. I recommend having the nightly cron check, and then a hand-on admin proceed with the update after he gets the notice. To enable a nightly notice replace the following boldoptions with your relevant information:

#Cron settings
cron=yes
email=email@domain.com
notifications=yes
updates=no
webapps_updates=yes

Then type:

./build cron

These are the settings for getting nightly notices for updates, but it won’t do the updates for you.
After getting the notice in your inbox, you’d run the following from the custombuild directory:

./build update_versions

to update just those items that require updating. Note that doing “./build all d” can be simpler, but takes longer to run.
If you wish to have “./build update_versions” be run automatically, change the updates=no to become updates=yes. Just keep in mind that the server admin is still required to be fully aware of the system and it’s state if he choses yes for this option. The webapps_updates option only applies when updates=no is used. It’s there to still allow updates to the php scripts in /var/www/html, while not affecting compiled services. Set webapps_updates=yes if updates=no and you wish to have automated updates of the webapps scripts with the cron option. If updates=yes, then the webapps_updates value doesn’t matter.

4) If you’re running php in “CLI” mode, then enabling both php SafeMode and open_basedir is wise. Safemode is an internal form of disable_functions which also does a bit more checking. See the documentation on Safemode for more info on this. Open_basedir, which is enabled by default, tells php to not allow scripts to access files outside of the set list of paths.
To control SafeMode and Open_Basedir on your php CLI system (default), go to:

Admin Level -> Php Safemode Config

5) suPhp is one option which some admin’s like, other’s do not. What suPhp (php CGI) does is runs php scripts as the system user of the account, rather than the “apache” user. This solves many issues like permission/ownership when a php script uploads files. It also allows an admin to track down rogue scripts more easily as it’s not running as a generic user. Another benefit of suPhp is that you can chmod your php scripts to 700 instead of 755. This makes them more secure in the case you’re storing passwords in your scripts. Drawbacks to suPhp include a slight slowdown in performance since there are a few more hoops to jump through to have php run as the user instead of “apache”. Also, the items in point 4) above have no effect since suPhp does not monitor VirtualHost php flags. All settings must be done in php.ini files. Note that you can have per-user php.ini files to allow per-user settings, see this link.

To enable suPhp, see this guide.

6) If you don’t plan on doing any remote access to mysql, then setting up mysqld to only listen on 127.0.0.1 would be a good idea. Note you’ll have to keep this in mind if your users start asking you why they can’t connect to mysql from a remote location. To set mysql to only bind to 127.0.0.1, add the following to the [mysqld]section of your /etc/my.cnf, then restart mysqld:

bind-address = 127.0.0.1

7) One filtering option for apache is mod_security. This is not part of our installation, but mod_security is an apache filter which checks all http requests sent by clients to ensure they’re valid. Note that if not setup correctly, it can break frontpage, or other php scripts that often have long URL requests, so proper setup and testing would be important. Check our forum for guides on this, it’s not covered by our support.

A firewall is always a good idea. Many people use iptables or apf. A new free plugin is also available here.

9) Set the User’s domains directory to block other Users on the system from seeing in:
http://help.directadmin.com/item.php?id=254

10) Setup your named.conf to not allow recursion. This should be done by default now, but check anyway with this guide.

11) Prevent Users from using weak passwords by enabling difficult password enforcement.

12) Prevent Users from creating subdomains belonging to other Users with this option.

13) If you’re using DirectAdmin with SSL, it’s a good idea to force all SSL connections to use SSLv3 instead of other older protocols.

14) To add another layer of security with the permissions of the perl binary, using a trick similar to step 9, run the following:

chgrp apache /usr/bin/perl /usr/bin/wget /usr/local/bin/wget /usr/local/bin/curl /usr/bin/curl
chmod 705 /usr/bin/perl /usr/bin/wget /usr/local/bin/wget /usr/local/bin/curl /usr/binl/curl

what this will do is tell the system that any user in group “apache” is not allowed to execute /usr/bin/perl. If you did implement step 9 you could in theory use “access” instead of “apache” for the chgrp value, to also prevent other system account from running it, but apache is the main one. This technique can be applies to other binaries as well, like wget, fetch, etc.. anything you don’t want the “apache” user from running. Keep in mind that using suPhp (step 5) essentially negates this issue since php scripts run as the user instead. Note that this is another layer of security, so using it anyway wouldn’t hurt anything, in the event that an apache exploit happens independant of php completely.

15) Brute Force Login Attempts are more common, so it’s best not to have direct ssh logins for common accounts like root or admin. Generally, it’s safe to use a hidden “su” user first, then login to root or other accounts once connected. Disable any accounts (root, admin, etc) that don’t need direct access by editing the /etc/ssh/sshd_config. Always test changes before logging out else you may lock yourself out from the box.

Unzip: skipping filename.zip need PK compat. v4.5

admin — Wed, 22 Feb 2012 09:14:32 +0000

While accessing the Plesk control panel, you may encounter an error message as follows:

ERROR: PleskFatalException StatInfo-> getProductVersion failed

OR

ERROR: PleskFatalException StatInfo-> getProductVersion failed:

file_get_contents () failed: mktime()

[function.mktime]

The “Plesk getProductVersion failed ” message states that either the Plesk version file /usr/local/psa/version is empty AND/OR the plesk version in the ‘psa.misc’ table is incorrect. This is mostly caused due to a failed Plesk upgrade OR by removing/installing some Plesk modules.

To fix the issue do the following:

1. First, check the Plesk version installed on the server

# rpm -qi psa

note down the ‘version’ and ‘release’ values (these values will be different on your server).

Version : 9.5.3 Release : cos5.build95301122.20

now, check the OS installed on the server (for example, on CentOS)

# cat /etc/redhat-release

CentOS release 5.5 (Final)

Using the above Plesk and OS info, insert a line as follows (your values will differ) in the /usr/local/psa/version file.

9.5.3 CentOS 5 95301122.20

Save the file and restart the psa serivce.

2. If the above fix doesn’t work, do the following

Check the current value of Plesk in the psa.misc table.

mysql> select * from psa.misc where param='version';

If the value is not 0953 (example from my server), run the mysql update query to set the proper value. You should use the value that is returned by the ‘rpm -qi psa’ command on your server.

mysql> update psa.misc set val="0953" where param="version";

Exit and restart mysql. That is it.

Incoming search terms:

pk unzip (1)

How to create a Callback option

admin — Wed, 22 Feb 2012 09:08:28 +0000

1. Overview

This tutorial will show you how to create a queue, where your incoming calls to arrive. Noting so special, but we are also going to show you how to give a choice to the callers – they will be able to leave the queue at any time and in our example they will have the choice to leave a number at which you could callback them later. The best part is that the number will be nicely emailed to your email box with details not only about the left number, but also the CallerID, the queue at which the caller was initially placed and the date and time at which he has left his number.

2. Prerequisites

Before we start we will assume that you have a working Asterisk PBX with registered users in iax.conf, sip.conf or mgcp.conf(It depends on which protocol you would like to use)

We will show you how to create your extensions in extensions.conf.

To test how the setup works we recommend to use our IAX softphone Idefisk. You can download it from our website – here. If you do so, you can also take a look at our tutorial about how to configure it to work with Asterisk PBX.

For the sending of the emails you will need to install the mime-construct package. apt-get install mime-construct (in Debian) should do the trick. Of course you will need a SMTP server too.

3. Asterisk PBX configurations

We need to create one user in the iax.conf file. This is because we are going to use Idefisk and its IAX2 support. Idefisk supports the SIP protocol too. So if you want to use it, you have to do the configurations below respectively in sip.conf.

Here is the configuration.

[general]
trunkmtu = 4000
bandwidth=low
disallow=lpc10
jitterbuffer=no
forcejitterbuffer=no
tos=lowdelay
autokill=yes

[caller1]
secret=caller1
type=friend
host=dynamic
context=incoming_calls

So, we now we have the user caller1

Type=friend means that this user can make and receive calls. Host=dynamic means that the IP is not statically assigned but dynamically through a DHCP server. Allow=all means that the line which this user will use, support all available audio codecs, supported by Asterisk. Context=test – this shows that the user is allowed to work with the extensions in the context with this name in the configuration file extensions.conf.

Our extensions.conf looks like:

The configuration is below:

[incoming_calls]

exten => 100100,1,Set(CALLERID(name)=queue1)
exten => 100100,n,Queue(queue1)
exten => 100100,n,Hangup()

exten => 200200,1,Set(CALLERID(name)=queue2)
exten => 200200,n,Queue(queue2)
exten => 200200,n,Hangup()

exten => 300300,1,Set(CALLERID(name)=queue3)
exten => 300300,n,Queue(queue3)
exten => 300300,n,Hangup()

[queue1out]

exten => 1,1,Set(FLAG=1)
exten => 1,n,Playback(CallBack)
exten => 1,n,Read(NUMBER|beep|10|||5)
exten => 1,n,Wait(1)
exten => 1,n,Set(FLAG=2)
exten => 1,n,GoToIf($[${NUMBER} = ""]?empty:full)
exten => 1,n(empty),System(/usr/bin/call/mailnonumber.sh callback@test.org ${CALLERID(num)} Queue1)
exten => 1,n,Hangup()
exten => 1,n(full),System(/usr/bin/call/mailnumber.sh ${NUMBER} callback@test.org ${CALLERID(num)} Queue1)
exten => 1,n,Hangup()

exten => h,1,NoOp(${FLAG})
exten => h,2,GoToIf($[${FLAG} = 1]?h|3:h|4)
exten => h,3,System(/usr/bin/call/mailnonumber.sh callback@test.org ${CALLERID(num)} Queue1)
exten => h,4,Hangup()

[queue2out]

exten => 1,1,Set(FLAG=1)
exten => 1,n,Playback(CallBack)
exten => 1,n,Read(NUMBER|beep|10|||5)
exten => 1,n,Wait(1)
exten => 1,n,Set(FLAG=2)
exten => 1,n,GoToIf($[${NUMBER} = ""]?empty:full)
exten => 1,n(empty),System(/usr/bin/call/mailnonumber.sh callback@test.org ${CALLERID(num)} Queue2)
exten => 1,n,Hangup()
exten => 1,n(full),System(/usr/bin/call/mailnumber.sh ${NUMBER} callback@test.org ${CALLERID(num)} Queue2)
exten => 1,n,Hangup()

exten => h,1,NoOp(${FLAG})
exten => h,2,GoToIf($[${FLAG} = 1]?h|3:h|4)
exten => h,3,System(/usr/bin/call/mailnonumber.sh callback@test.org ${CALLERID(num)} Queue2)
exten => h,4,Hangup()

[queue3out]

exten => 1,1,Set(FLAG=1)
exten => 1,n,Playback(CallBack)
exten => 1,n,Read(NUMBER|beep|10|||5)
exten => 1,n,Wait(1)
exten => 1,n,Set(FLAG=2)
exten => 1,n,GoToIf($[${NUMBER} = ""]?empty:full)
exten => 1,n(empty),System(/usr/bin/call/mailnonumber.sh callback@test.org ${CALLERID(num)} Queue3)
exten => 1,n,Hangup()
exten => 1,n(full),System(/usr/bin/call/mailnumber.sh ${NUMBER} callback@test.org ${CALLERID(num)} Queue3)
exten => 1,n,Hangup()

exten => h,1,NoOp(${FLAG})
exten => h,2,GoToIf($[${FLAG} = 1]?h|3:h|4)
exten => h,3,System(/usr/bin/call/mailnonumber.sh callback@test.org ${CALLERID(num)} Queue3)
exten => h,4,Hangup()

As we are talking about queues, we are going to create three different queues in the queues.conf configuration file

The configuration:

[general]

[default]

[queue1]

music = default
strategy = ringall
timeout=15
retry = 5
context = queue1out
periodic-announce-frequency = 60
periodic-announce = Call_Back_1

member => IAX2/user1
member => IAX2/user2
member => IAX2/user3
member => IAX2/user4
member => IAX2/user5
member => IAX2/user6
member => IAX2/user7
member => IAX2/user8
member => IAX2/user9

[queue2]

music = default
strategy = ringall
timeout=15
retry = 5
context = queue2out
periodic-announce-frequency = 60
periodic-announce = Call_Back_1

member => IAX2/user1
member => IAX2/user2
member => IAX2/user3
member => IAX2/user4
member => IAX2/user5
member => IAX2/user6
member => IAX2/user7
member => IAX2/user8
member => IAX2/user9

[queue3]

music = default
strategy = ringall
timeout=15
retry = 5
context = queue3out
periodic-announce-frequency = 60
periodic-announce = Call_Back_1

member => IAX2/user1
member => IAX2/user2
member => IAX2/user3
member => IAX2/user4

Now let’s take a look at the shell script you will need if you want to send emails with the left number. The script will use the mime-construct program to create the email message and send it to the desired recipient. The second script has the same purpose and the only change is in the body of the email message.

Here are the configurations:

Script 1:

#!/bin/sh

NUMBER=$1
RECIPIENT=$2
CALLERID=$3
QUEUE=$4

mime-construct –to $RECIPIENT –subject “You have just missed a call” –string “The number that have been left by the caller: $NUMBER. The CallerID we have received: $CALLERID. The call is coming from the $QUEUE queue. Call was received at `date`”

Script 2:

#!/bin/sh

RECIPIENT=$1
CALLERID=$2
QUEUE=$3

mime-construct –to $RECIPIENT –subject “You have just missed a call” –string “The caller did not left a telephone number. The CallerID we have received: $CALLERID. The call is coming from the $QUEUE queue. Call was received at `date`”

4. Explanation

Now, we are going to explain you what the configurations about actually means and how it works.

However, keep in mind that we are going to explain you only the configurations concerning the Callback possibility. If you want to learn more about the used configuration files and their options – take a look at one of our tutorials:

iax.conf
extensions.conf
queues.conf

Let’s start with queues.conf.

In the example above you could see three different queues each one with different number of agents.

Each queue has its own configuration. Most of the settings are common, unless one option – the context.

This option is giving you the possibility to define a context, where eventually, by pressing a single digit, the caller will be “transferred”. The digit could be pressed at any time while the caller is waiting in the queue. The context we are talking about has to be created in the extensions.conf configuration file. There is one more requirement and it is that you have to create an extension of one digit, in this context – the digit that the caller will press in order to exit the queue.

Despite of the fact, that for all the queues, the setup for leaving a number and then emailing it to our email address will be pretty much the same, we recommend you to create different contexts for every different queue. That is because we are going to email not only the left number but also some other information such as the queue from which the caller has quitted. Of course you could do it with one common and more complicated context for all the queues, but we think that it will be much easier to manage and change the settings for each queue independently of the other ones.

So here are all the options in our queue and what they are doing”

music = default – the music class defined in musiconhold.conf, where Asterisk will be looking for mp3 files, which will be played to the caller instead of ringing tone, while he is waiting in the queue.
strategy = ringall – one of six ringing strategies that you could choose. This one means the phone of each agent, assigned to the queue, will start ringing in case of incoming call. For details about the other strategies take a look at our tutorial about queues.conf
timeout=15 – a timeout in seconds. It defines after how many seconds with no answer the agent phone to stop ringing. For more information about refer to our tutorial about queues.conf .
retry = 5 – after how many seconds to try to ring all the agents again. For more information about refer to our tutorial about queues.conf.
context = queue3out – we have already explained this above.
periodic-announce-frequency = 60 – define in seconds an interval of time after which the caller, waiting in the queue, will hear a prerecorded message. It could be a message with instructions or something else. It is up to you. For more information about refer to our tutorial about queues.conf.
periodic-announce = Call_Back_1 – that is the name of the prerecorded message that should be played after the periodic announce timeout expires. For more information about refer to our tutorial about queues.conf.

member => IAX2/user1 – there are two different ways to assign agents to a specific queue. We have picked up the easies one. Whenever a phone with username user1 is registered successfully to the Asterisk system, the incoming calls in the queue will be send to this phone. You could have as many as you want agents assigned to the queue in this way and the incoming call will be send to all of them according to the chosen strategy. For more information about refer to our tutorial about queues.conf.

Now let’s take a look at the configurations in extensions.conf.

First of all we have three extensions for the incoming calls. They are all put in the [incoming_calls] context. Their purpose is to put the incoming calls in the corresponding queue.

When we have an incoming call, the first thing we are doing is to change the Callerid name to the name of the queue where the caller will be put. Thus the agent who is answering the call will know from which queue exactly the call is coming. It is not absolutely necessary, but the idea is that one agent could be assigned to many different queues. In order to do the change we are using the Set application – More information about it in our tutorial

The next step is to actually send the call in the queue – pretty easy one. There is an application called Queue to which you just have to pass the name of the desired queue as an argument. We are not going to use any extra options. You could find more information about how to use the QUEUE application in our tutorial

You could notice and the usage of the Hangup application. It is always a good idea to use it as last application for all of your extensions. Thus, you will always be sure that the used channel will be released when the conversation is over. Refer to our tutorial for more information on this application

Next step is to create the contexts, where the callers should be “transferred” in case they have decided to exit the queue. As we have mentioned above we have different context for each of the queue.

Before we continue – a few words about the idea behind. We are running queues with a callback option. In other words, when we have a caller waiting in the queue, we will play him a message every 60 seconds. The message will saying: “All of our lines are busy. You could leave your number by pressing one and we will call you back as soon as possible or you could stay in the queue and wait to be served.”.

If the caller decides to exit the queue, he will be asked to leave his number after the “beep” signal. At this stage, you have to keep in mind that the caller might not leave his number for some reason. So what we will have a check and if the number is not left we will send an email message that the caller has decided not to leave his number.

So what do we need as extensions? The first thing we are doing is to set a flag. Why? In case the caller hangs up at some point before leaving his number, we need to send a message that we did not received the number. For the purpose we are using the so called predefined extension – h, which allows you to execute something in case of hang up. Refer to our tutorial for more information

However, there is a slight chance that the caller might wait for the timeout to expires without leaving his number or to have a problem with the sending of DTMF tone, that we will have an email saying that the caller has left his number but the number field will be empty and because we have a hang up event even if the caller has left his number, we need the flag to determine whether the hang up is before the application that will store the number or after it and on that basis we will know whether we need to send an email message on hang up or not. In this way we omit the sending of one message twice.

On the next step we have the Playback application. Its simple purpose is to play a sound files. We have a sound message, which instructs the caller to type his number after the beep tone and to press the pound key (#) when he is ready. For more information refer to our tutorial about the Playback application

Next, comes the Read application. It’s the one used to store the number typed by the caller. It has many options.

There is a small limitation in the application we are going to use to save the number typed by the caller. We need to know, when he has finished with the typing. So there are two ways.

The first one is to ask him to press the pound key (#) once he is ready and the second one is to limit the length of the number the caller could type plus a timeout.
In our example we are going to limit the length of the number to 10 digits and we are going to put a timeout of 5 seconds. We are going to store the number typed by the caller in the NUMBER variable. The Read application gives you the possibility to play a sound file before the typing of the number. In our case we will are going to play a beep tone

Refer to our tutorial for more information and details about the Read application

Next steps – we have the Wait application, which is not absolutely necessary and then we set the flag variable to 2. This, as we have already described above will be used to omit the sending of one and the same email message twice. For more information about the Wait application, refer to our tutorial.

We now have to check whether the caller has actually left his number or not. For the purpose we can use the GoToIf application. It has a very specific syntax, but its idea is simple to verify whether one condition is true or false. So, in our case we are just checking whether the NUMBER variable is empty or not. If it is empty then the execution of the dialplan will continue with the next step, marked as n(empty). n makes your life easier as you do not have to write and follow the steps (priorities) – n means that you take the previous priority and increase it with 1. (empty) is a label showing to you and the system to which n you will be send.

If the NUMBER variable contains even one digit then we assume that we have the number of the caller so the execution of the dialplan will be send to the step with label (full). Refer to our Tutorial for more information, details and option about the GoToIf application.

Both steps (empty) and (full) have one and the same task – to execute the shell script, which will form the email message and send it. The only difference would be in the body of the email message. The application, which we have to use is called System. It just executes system commands as you will do it in your Linux CLI. Refer to our Tutorial for more information about the System application.

In our case we are executing our own scripts called mailnumber and mailnonumber. They are written in such way that we have to pass them a few parameters. You could see them above as screenshots and in pure text

If we do not have the caller’s number, we will execute the script called mailnonumber. We need to add, as first parameter, the email address of the recipient. The second parameter is the CallerId number as we have received it in our system. The last parameter is the name of the queue from which the caller has exited.

If we have the caller’s number we will have executed another shell script called mailnumber which has a different body, but the same parameters plus one more, which of course is the number left by the caller.

The sending of the email is the last step we need to do and that is why after it we have to hang up the channel. For the purpose we will use once again the Hangup application.

In the predefined extensions starting with h we have a simple check of the FLAG variable to help use determine whether we have to send an email with saying that we do not have the caller’s number. (this step is only needed in case the caller hangs up before the prompt to leave his number)

A few words about the shell scripts.

They are not very complicated. All you need is a basic knowledge of shell scripts and the mime-construct package. apt-get install mime-construct (in Debian) and you will have it. Then its just up to the mime-construct’s syntax

Now all you have to do is to register your IAX2 base softphone Idefisk to your Asterisk system with the settings, shown above, in iax.conf and dial one of the extensions created in the [incoming_calls] context.

What will happen (if you have followed our setup) is that you will be put in a queue and on every 60 seconds you will hear a message saying that you could exit the queue and leave your number by pressing 1. If you press one you will hear a prompt to leave you number after the signal. Then you will hear beep and if you leave your number followed by the pound key (#), the number will be emailed to the desired email address and you will probably receive a callback.

4. Uploaded files

extensions.conf
iax.conf
queues.conf
mailnumber.sh
mailnonumber.sh

Automatically call all phones to check if they work

admin — Wed, 22 Feb 2012 09:05:47 +0000

1. Description:

The purpose of this system is the automated testing of all accounts which can receive calls, with the Echo() application. It is based on a bash script which creates a call file and an extension in the dialplan. Basically when the system is started the script selects all users, starts calling (via call files) them one after another. This is very basic example of the “reverse application manipulation”.

2. Pre-setup:

Before running through the core of this tutorial, let’s make some small preparations for it.

* Ensure that you have a working Asterisk server.
* Ensure that you have rights to read/write at /var/spool/asterisk directory.
* Ensure that you have rights to write in /etc/asterisk/extensions.conf file.
* Make a recording of the following announcement: “This is an automated test. Excuse us for the inconvenience. After the signal you will be able to hear your voice like an echo. If you are unable to hear your voice, please press the pound key. By pressing the pound key we will be notified for your problem.”
* Make a recording of the following announcement: “We have been notified for your problem. We will contact you with more information.”

3. Setup:

The setup that we are going to use has the following properties: the system should find all users for curtain channel (iax2 or sip). Every user is been called by the Asterisk and is been greeted with announcement one. We will set an absolute timeout to two minutes (120 seconds). After that the Echo() application is going to start in order to make the test. If the user hangs up, Asterisk will do nothing, and the system is going to call the next user. If the user press the pound key, the system is going to run a program or script which will notify us for the problem.

Step 3.1: Creating the needed extensions
Let’s create the extension that we are going to use. Since we are going to use a call file, there is no significance where (at which context) the extension will be placed. For this tutorial we will create a special context named `echotest`. Here what you have to do:

	Open your extensions.conf using a text redactor.
	At the bottom of the file (on new line) add new context by typing `[echotest]` (without the quotes).
	Add the following extension:
		exten => echo,1,Answer()
			; Answer the line
		exten => echo,n,Set(TIMEOUT(absolute)=120)
			; Sets maximum length of the call to two minutes (if someone forgets to hang up)
		exten => echo,n,Playback(file1)
			; Playbacks file named `f1`. The user will hear the contents of `f1`
			; In our tutorial `f1` is the first announcement that we have recorded.
		exten => echo,n,Echo()
			; starting Echo() application which will create the echo effect
		exten => echo,n,Playback(f2)
			; Playbacks file named `f2`. The user will hear the contents of `f2`
			; In our tutorial `f2` is the first announcement that we have recorded.
		exten => echo,n,System(/bin/notify_us ${CUR})
			; Notification script which will notify us that curtain user is experiencing problems.
		exten => echo,n,HangUp()
			; Hangs up the call.

Here is an screenshot of what it should look like:

This extension is very usefull even if you use it alone (without the script). If the user follows the instructions, there are two possible outcomes:

* the user hears his voice and hangs up the call. In this case Asterisk will terminate the call and the second part of the extension won’t execute (the part with second playback and running notification program/script). The user may not hang up the call, but because of the absolute timeout that we have set, the call will be termincated in 120 seconds. If we look at Asterisk console, the output should be something like this:

* the user doesn’t hear his voice, and presses the pound key. In this case, Asterisk will continue with the next priority of the extension (which is the run of the notification program/script). If we look at Asterisk console, the output should be something like this:

Remark: if you have only write access to /etc/asterisk/extensions.conf , create somewhere a file in which write the context and the extension. Then run the command:

		`cat /route/to/somewhere/file >> /etc/asterisk/extensions.conf`

where `/route/to/somewhere/file` is the path and the file in which you have written the thing.

Step 3.2: Preparation for the creation of call files
Now let’s create a prototype for our call files. We will create it in /var/spool/asterisk/ directory. However the location of the prototype is not important for script (the location have to differs important dirs like `/dev`, `/boot`, `/var/spool/asterisk/outgoing`, etc…).

	Context: echotest
		# Asterisk will execute extension in this string
	Extension: echo
		# Name of the extension
	Priority: 1
		# At which priority Asterisk will begin the execution
	Callerid: Automated Test System <>
		# Setting the CallerID to the specified string.

If you copy/paste the protoype file, notice that you have to remove the comments marked with #. Asterisk will not escape those comments, and their might lead to unexpected results. The file should look like this one:

You may notice that the only not optional keyword for the call files (Channel: CHAN/USER) is missing. Don’t worry we will not make with this file. We will just use it for creation of the actual call files. We will use this prototype call file with the filename `echotest.org.call` at the following directory: /var/spool/asterisk/ echotest-$i.call;

Step 3.3: Making a list of people to call
Now let’s create a small bash script which will make the whole work for us.
We will need to get all users which are added to our configuration files. There are two ways to do this:

1. parsing sip.conf or accordingly iax.conf – you have to have read access to those files if you want to proceed in this way.

2. parsing the console output for the actually loaded users into the memory of our Asterisk server.

asterisk -rx “$1 list users” | grep -va Username | grep -va Verbosity | grep -va “UNIX Connection” | cut -d -f 1

Both methods have both pros and cons:

* parsing the configuration files – we will write a bash script for this method. We will name it `example1`.

- configuration files might be very long (parsing them might be a slow task)
- there might be more than one configuration file
- there might be some account which are not activated (if someone made changes in them, but haven’t reloaded Asterisk)
+ configuration files are more predictable and there are less things that you should escape

* parsing console output – we will write a bash script for this method. We will name it `example2`.

- you have to mess with the verbose level of Asterisk in order to escape the NOTICES and ERRORS. This might escape important events.
+ console output is far shorter (as length of the information) than the configuration files

`example1`
#! /bin/bash

cd /var/spool/asterisk;

for i in $(cat /etc/asterisk/$1.conf | grep -a ‘[' | grep -a ']‘ | grep -va ‘;[' | cut -d[ -f 2 | cut -d] -f 1); do
echo “Channel: $1/$i” >> echotest-$i.call;
cat echotest.org.call >> echotest-$i.call;
echo “SetVar: CUR=$1/$i” >> echotest-$i.call;
echo ” — Makeing echo test with $1/$i”;
sleep 120;
mv echotest-$i.call outgoing/
done;

Run the script in the following way:
./echotest iax to test IAX2 users
./echotest sip to test SIP users

`example2`

#! /bin/bash

cd /var/spool/asterisk;

for i in $(asterisk -rx “$1 list users” | grep -va Username | grep -va Verbosity | grep -va “UNIX Connection” | cut -d -f 1); do
echo “Channel: $1/$i” >> echotest-$i.call;
cat echotest.org.call >> echotest-$i.call;
echo “SetVar: CUR=$1/$i” >> echotest-$i.call;
echo ” — Makeing echo test with $1/$i”;
sleep 120;
mv echotest-$i.call outgoing/
done;

Run the script in the following way:
./echotest IAX2 to test IAX2 users
./echotest SIP to test SIP users

Step 3.4: Improve the scripts to reduce the amount of extensions we forgot to call

`example1`

#! /bin/bash

cd /var/spool/asterisk;

for j in $(cat iax.conf | grep -a “include” | cut -d -f 3); do
echo ” — Parsing included file $j”;
for f in $(cat $j | grep -a ‘[' | grep -a ']‘ | grep -va ‘;[' | cut -d[ -f 2 | cut -d] -f 1); do
echo “Channel: $1/$f” >> echotest-$i.call;
cat echotest.org.call >> echotest-$i.call;
echo “SetVar: CUR=$1/$f” >> echotest-$i.call;
echo ” — Makeing echo test with $1/$i”;
sleep 121;
mv echotest-$i.call outgoing/
done;
done;

Run the script in the following way:
./echotest iax to test IAX2 users
./echotest sip to test SIP users

`example2`

#! /bin/bash

cd /var/spool/asterisk;

OldVerbose=`asterisk -rx “set verbose 1″ | grep was | cut -d -f 3`

echo Verbose will be set to 0. Old Verbose (equal to $OldVerbose) will be restored later;

asterisk -rx “set verbose 0″;

cd /var/spool/asterisk;

for i in $(asterisk -rx “$1 list users” | grep -va Username | grep -va Verbosity | grep -va “UNIX Connection” | cut -d -f 1); do

echo “Channel: $1/$i” >> echotest-$i.call;
cat echotest.org.call >> echotest-$i.call;
echo “SetVar: CUR=$1/$i” >> echotest-$i.call;
echo ” — Makeing echo test with $1/$i”;
sleep 121;
mv echotest-$i.call outgoing/
done;
asterisk -rx “set verbose $OldVerbose”;

Run the script in the following way:
./echotest IAX2 to test IAX2 users
./echotest SIP to test SIP users

The second version of those scripts were upgraded in some ways:
configuration file parsing – recurse search and parse of included files
configuration file parsing – script will place a message on the console for every user it calls
configuration file parsing – script will place a message on the console for file it starts to parse
console output – escape most of the messages by temporally setting the VERBOSE level to 0
configuration file parsing – script will place a message on the console for every user it calls

I am sure that the reader of this tutorial will try to modify these scripts. That’s why I will leave some notifications which will help you:
SetVar: CUR=$1/$i – is setting a variable in the dialplan so Asterisk will be able to notify (in some way) that a problem occurred with curtain user
sleep 121; – removing this line may case the following problem – Asterisk will try to dial too much calls and might crash.
sleep 121; – setting a different value to the sleep command may cause the following bug – Asterisk will change the ${CUR} variable and if the user presses the pound key, you might be notified for an other user.

Enjoy your testing!

Asterisk Installation on CentOS

admin — Wed, 22 Feb 2012 09:01:52 +0000

The first step that you should make is to you to choose which version of Asterisk you want to install.

* Asterisk 1.2 – the stable version
* Asterisk 1.4 – the version that is currently in beta testing

When you know which version you want to install download the according packages.

Note that we will install also libpri and zaptel packages. They are optional for Asterisk but if you want to use Asterisk with MeetMe (see MeetMe application and meetme.conf) or to use MusicOnHold you’ll have to install zaptel. The TDMoE cards will also need the zaptel module in order to work correctly. If you will use PRI cards you’ll have to install libpri module.

For Asterisk 1.2:

* Asterisk sources
* Zaptel sources
* Libpri sources

For Asterisk 1.4:

* Asterisk sources
* Zaptel sources
* Libpri sources

Now check the exact version of your kernel. You can achieve this by typing `uname -a`. The output should be something like this: `Linux luser 2.6.17-1.2142_EL #1 Tue Jul 11 22:41:14 EDT 2006 i686 i686 i386 GNU/Linux`. Check if you are using 2.6 or 2.4 kernel. Notice that. We’ll need this info later. You should check if you have installed the kernel sources (for the current version of the kernel) on your machine. To achieve this type `rpm -q kernel-devel` The output of the screen should be something like this:

Note that if you don’t have kernel sources you should install them. You can use yum again: `yum install kernel-devel`. If you use this command yum will install the sources for your current version of the kernel.

It is time to check for the availability of some other packages:

rpm -q bison
rpm -q bison-devel
rpm -q ncurses
rpm -q ncurses-devel
rpm -q zlib
rpm -q zlib-devel
rpm -q openssl
rpm -q openssl-devel
rpm -q gnutls-devel
rpm -q gcc
rpm -q gcc-c++

If any of those packages are not installed install them by using yum

yum install bison
yum install bison-devel
yum install ncurses
yum install ncurses-devel
yum install zlib
yum install zlib-devel
yum install openssl
yum install openssl-devel
yum install gnutls-devel
yum install gcc
yum install gcc-c++

If yum is unable to find one or more of these packages, try your luck with PBone. You should find the required packages there. When you download them, install them with either of those:

rpm -i PACKAGE.rpm
rpm -Uvh PACKAGE.rpm

CentOS doesn’t install the kernel sources into the /usr/src/linux directory as is written in Zaptel’s and Asterisk’s Makefile. Go to `/usr/src` and create a link named ‘linux‘ to your kernel sources directory (the default place for your kernel’s sources is /usr/src/kernels/…). The result should look like this:

Now extract the downloaded sources by the command `tar -vxzf PACKAGE.tar.gz`, where PACKAGE.tar.gz are the packages that we downloaded (libpri, zaptel and asterisk itself).

Installing Libpri:

cd /path/to/source/libpri
make
make install

Installing Zaptel:

cd /usr/src/asterisk/zaptel
# if you have a 2.4 kernel you should type just make
make
# if you have a 2.6 kernel you should type make linux26
make linux26 – if you have a 2.6 kernel
make install

Installing Asterisk:

cd /usr/src/asterisk/asterisk
# before making Asterisk you have to install mpg123 package (to be able to play mp3 files for music on hold).
make mpg123
# for Asterisk v1.4 you should start configure script

./configure
make
make install
make samples

In order to verify the asterisk installation start your asterisk daemon by typing `safe_asterisk` and connect to its console by typing `asterisk -vvvvvr`. Now reload the entire configuration by typing `reload`.

Incoming search terms:

how to install rpm packages in windows (1)