It seems you have no tags attached to pages. To attach a tag simply click on the tags button at the bottom of any page.
visuallinux
RSS: New posts
visuallinux 1244414793|%e %b %Y, %H:%M %Z|agohover
Dear All.
In some cases someone of my customers (Gateway) can't put username and password for authentication for receive traffic from they on my FS; it has to be a IP based authentication.
In Menu ADD SIP Gateway if possible add a gateway with username xxxx and password xxxx and Register False for receive traffic a ip based authentication?.
Best regards,
Fernando
tleyden 1244481497|%e %b %Y, %H:%M %Z|agohover
I'm pretty sure you will need to use Access Control Lists (ACL's) to accomplish that. There is currently no support for that in the WikiPBX GUI, but it might be possible to add it. Please try to make it work by modifying the xml configuration file directly. I think it is called acl.conf.xml and is in /usr/local/freeswitch/conf/autoload_configs.
visuallinux 1244503863|%e %b %Y, %H:%M %Z|agohover
Hello, thanks for your answer.
I did the follow test:
I created a gateway with username and password xxxx and Register false; and i can received calls from this gateway anyway and works fine.
I will test with update ac.conf.xml now.
Another questions i want install the system in three diffrent machines; example:
FreeSWITCH on Machine-1
Wikipbx on Machine-2
PostgreSQL on Machine-3
It's possible?
What libraries i need on Machine-1 and what libraries i need on Machine-2?
Fernando.
stas_shtin 1244521646|%e %b %Y, %H:%M %Z|agohover
It's possible to setup wikipbx like you desire. You need all wikipbx code and its dependencies on machine 2. If you're using mod_python IVRs that come with wikipbx, you should copy the wikipbx/ivr directory to machine 1 where your python will be able to find it. Also, soundclips (e.g. voicemail recordings) are saved by freeswitch but they should be available to wikipbx users over web too, so you'll have to use some kind of file synchronization solution or network file system in order for this to work.
I'm not sure if wikipbx has been extensively tested in such setup, though.
visuallinux 1244760992|%e %b %Y, %H:%M %Z|agohover
Hello,
So i think the best config is in Machine-1 with FS and Wikipbx and Machine-2 with Database.
Thank you for your answer.
Fernando.
visuallinux 1244760848|%e %b %Y, %H:%M %Z|agohover
Hello,
Excuse my delay in my test.
Today i testing received traffic from a IP based authentication ( acl.conf.xml); and Wikipbx works very well.
The calls was registered in table wikipbx_completecall succesfully.
wikipbx=> select id,account_id,uuid,caller_id_number,destination_number,chan_name,answered_time,hangup_time from wikipbxweb_completedcall where id=443;
id | account_id | uuid | caller_id_number | destination_number | chan_name | answered_time | hangup_time
-+--+--------+----+----+---+----—+----—
443 | 1 | c6b5e0da-56d7-11de-9370-97b8447cd6fa | 105 | 56968482060 | 56968482060 | 2009-06-11 18:33:02-04 | 2009-06-11 18:33:12-04
(1 fila)
wikipbx=> select id,account_id,uuid,caller_id_number,destination_number,chan_name,answered_time,hangup_time from wikipbxweb_completedcall where id=442;
id | account_id | uuid | caller_id_number | destination_number | chan_name | answered_time | hangup_time
-+--+--------+----+----+----+----+----—
442 | 1 | c69696da-56d7-11de-9370-97b8447cd6fa | 105 | 56968482060 | XXX.XX.802.091|501#XXX.XX.802.091|501 | 2009-06-11 18:33:02-04 | 2009-06-11 18:33:12-04
(1 fila)
The IP 190.208.XX.XXX is in acl.conf.xml and send traffic to my FS ( Wikipbx) but this IP is not registered as Gateway in Wikipbx. So why in record id 442 assume account_id = 1?
Regards.
Fernando
stas_shtin 1244805308|%e %b %Y, %H:%M %Z|agohover
The IP 190.208.XX.XXX is in acl.conf.xml and send traffic to my FS ( Wikipbx) but this IP is not registered as Gateway in Wikipbx. So why in record id 442 assume account_id = 1?
In order to detect which account receives the call wikipbx checks:
1. SIP port
2. freeswitch channel name or profile name
So, the call probably came to the port that account uses.
tleyden 1244826816|%e %b %Y, %H:%M %Z|agohover
Yes, exactly. In this case I'm pretty sure the account lookup was based on SIP port.
If the CDR XML has a sip port of 5060 for example, it will lookup the Account object in the database that has a sip port of 5060 and then use that Account ID for the record stored in wikipbxweb_completedcall.
visuallinux 1244929023|%e %b %Y, %H:%M %Z|agohover
Hello.
When i allow or deny IP in acl.conf.xml the changes are not availables.
For example i deny the follow IP in the acl.conf.xml like this:
<configuration name="acl.conf" description="Network Lists">
<network-lists>
<list name="dl-candidates" default="allow">
<node type="deny" cidr="190.208.XX.XXX"/>
<node type="deny" cidr="10.0.0.0/8"/>
<node type="deny" cidr="172.16.0.0/12"/>
<node type="deny" cidr="192.168.0.0/16"/>
</list>
and i reloadxml or restart freeswitch and wikipbx, anyway accepts calls from gateway 190.208.XX.XXX why?
I can include acl.conf.xml in directory /usr/src/wikipbx/freeswitchxml/ for deny or allow IP's?
I was testing the follow example too; if i register the IP of my Wikipbx system in any external gateway and this external Gateway is not added as gateway in Wikipbx, these external Gateway anyway can send treffic to my Wikipbx and this accepts always. So how i can restrict access ?
stas_shtin 1244964346|%e %b %Y, %H:%M %Z|agohover
This is not really something that belongs to wikipbx forum since ACL is just not supported so far. Freeswitch users mailing list is a better place for asking out configuration questions.
Make sure you're understanding Freeswitch ACL docs, you may need to add dialplan checks to make it work or you may be missing a user profile parameter that activates ACLs.
visuallinux 1245103920|%e %b %Y, %H:%M %Z|agohover
Hello All.
Thanks and excuse for off topic, i am know how working both and understandig FS and Wikipbx.
Thank you for your help.
tleyden 1245110525|%e %b %Y, %H:%M %Z|agohover
The problem is that it is hard to get help on the freeswitch list when you are using wikipbx. Once they realize that you are using wikipbx, they will refer you here, since they don't want to get stuck debugging wikipbx related issues, or freeswitch issues caused by incorrect configuration generated by wikipbx. I think if wikipbx had a "static xml export", then people could more easily go to the freeswitch people for help with problems, because wikipbx would really be out of the picture aside from the fact that it generated the configuration..
I can include acl.conf.xml in directory /usr/src/wikipbx/freeswitchxml/ for deny or allow IP's?
No, it will be ignored .. only things wikipbx knows/cares about from freeswitchxml will be used. Currently acl.conf.xml is not one of those things.
I was testing the follow example too; if i register the IP of my Wikipbx system in any external gateway and this external Gateway is not added as gateway in Wikipbx, these external Gateway anyway can send treffic to my Wikipbx and this accepts always. So how i can restrict access ?
I think one way to accomplish this is to tell the profile to authenticate all calls by default, and I believe the parameter name is auth-calls. There is no support in the DB/GUI yet, so you will have to edit the profile template in /usr/src/wikipbx/freeswitchxml/.
visuallinux 1245189144|%e %b %Y, %H:%M %Z|agohover
Hello.
I solved the IP based authentication on wikipbx like this:
<action application="set" data="proxy_media=true"/>
<action application="check_acl" data="${network_addr} test2 normal_clearing"/>
<action application="bridge" data="sofia/gateway/ubb/$1$2$3"/>
But now return the problem of codecs:
2009-06-16 17:39:01 [NOTICE] switch_channel.c:602 switch_channel_set_name() New Channel sofia/admin/521.71.802.091|51925424#521.71.802.091|51925424 [1b4f93c2-5abe-11de-acfb-fda0ec915974]
2009-06-16 17:39:01 [DEBUG] sofia.c:3037 sofia_handle_sip_i_state() Channel sofia/admin/521.71.802.091|51925424#521.71.802.091|51925424 entering state [received][100]
2009-06-16 17:39:01 [DEBUG] sofia.c:3044 sofia_handle_sip_i_state() Remote SDP:
v=0
o=root 25643 25643 IN IP4 190.208.17.125
s=session
c=IN IP4 190.208.17.125
t=0 0
m=audio 13936 RTP/AVP 18 101
a=rtpmap:18 G729/8000
a=fmtp:18 annexb=no
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-16
a=silenceSupp:off - - - -
2009-06-16 17:39:01 [DEBUG] sofia_glue.c:2955 sofia_glue_negotiate_sdp() Audio Codec Compare [G729:18:8000:0]/[PCMU:0:8000:20]
2009-06-16 17:39:01 [DEBUG] sofia_glue.c:2955 sofia_glue_negotiate_sdp() Audio Codec Compare [G729:18:8000:0]/[G729:18:8000:20]
2009-06-16 17:39:01 [DEBUG] sofia_glue.c:1913 sofia_glue_tech_set_codec() Set Codec sofia/admin/521.71.802.091|51925424#521.71.802.091|51925424 G729/8000 20 ms 160 samples
……..
2009-06-16 17:39:02 [NOTICE] sofia.c:3597 sofia_handle_sip_i_state() Hangup sofia/admin/56968482060 [CS_CONSUME_MEDIA] [CALL_REJECTED]
The calls are declined in any codecs g711 or g729, it's before was worked very well but i do not what happen now.
I do not sure if the problem is codecs or not?
In /usr/src/wikipbx/freeswitchxml/sofia.conf.xml i have:
<param name='codec-prefs' value='PCMU@20i,G729'/>
Before i add the codec G729 and the problem was solved but now the calls are declined
Any idea?
stas_shtin 1245190760|%e %b %Y, %H:%M %Z|agohover
You don't have a problem with codecs - the log states that G.729 is selected. What was the debug output before call hangup - looks like you've removed some of it?
visuallinux 1245191746|%e %b %Y, %H:%M %Z|agohover
Hello
On FS_CLI i get the following:
http://pastebin.freeswitch.org/9402
I am not sure but i think the problem began before i add a new web user as admin.
My sofia status is the follows:
freeswitch@internal> sofia status
Name Type Data State
admin profile sip:442.891.111.002|aifos_dom#442.891.111.002|aifos_dom:5060 RUNNING (0)
ubb gateway sip:53.1.861.291|sf#53.1.861.291|sf NOREG
portales gateway sip:521.71.802.091|pis#521.71.802.091|pis NOREG
1 profile 0 aliases
sofia status profile admin :
http://pastebin.freeswitch.org/9403
Fernando
