Save Lono

It’s been a while since I posted, so I want to come out swinging.  I recently put together a phone system for a medium office.  They have a standard T1 and a 4 port FXS Digium card.  The analog card is for a PA system and two fax machines.  This post is a quick tutorial with examples for installation.

Goals of this post:

• Configure Digium T1 w/ PRI
• Configure Analog card channels
• Asterisk Dahdi setup

This tutorial assumes you have a somewhat recent working build of libpri, dahdi, and Asterisk.

(more…)

A customer of VoiceIP Solutions sent me this useful tutorial for re-sampling Polycom Ringtones.   If you have an MP3 you like, it can be re-sampled for use with a Polycom IP SIP phone!  The procedure is pretty straight forward, Install Audacity with yum or your favorite package manager, re-sample the track, then edit the proper Polycom Soundpoint boot files.

Goals of this Post:

– Install Audacity Digital Audio Editor
– Convert a MP3 to Polycom compatible track
– Enable custom special Ringtone on Polycom Soundpoint IP SIP phone

(more…)

A few weeks back I covered connecting ODBC to MS-SQL, but today we are going to do the same thing with MySQL.  The process is very similar.  One might ask, why use ODBC driver in the first place?  The reason is simple, there are many flavors of SQL and the ODBC driver allows one standard to connect them.  For that reason many software developers use ODBC for connecting their applications to SQL.

For my purposes, the Asterisk PBX platform can use ODBC to call ‘dial plan’ functions from the database, but that is another article!  This post assumes you have a working MySQL server and at least one table with data to pull from.

Goal of this Post:

– Install ODBC driver for MySQL
– configure odbc.ini
– configure odbcinst.ini
– verify connectivity with isql

(more…)

I’m not DBA, but most Linux system administrators need to at least know a little about SQL. Like adding users, making simple databases, changing passwords, backups, etc… This article describes backing up a database to a fresh machine. In my case I happen to be backing up my wordpress blog. However these steps can applied to Sugar CRM, Joomla, or any database driven site that uses MySQL. The following tutorial does not completely cover backing up a wordpress blog; it only covers the database portion.  Which applies to many LAMP projects.  Enjoy!

The Goals of this Post:

– to remind myself how to backup databases

LAB: Backup WordPress Blog Database to new machine

I’m changing the default password of nothing to the same password as my root user. Please note that mysql ‘root’ user is not the same as Linux system root. Also, they can be different passwords and probably should.

[root@mattcom1 ~]# mysqladmin -u root password mynewpassword
[root@mattcom1 ~]# mysql -u root -p
Enter password:
[root@mattcom1 ~]#

Create a blank database on the machine we will repopulating.

Welcome to the MySQL monitor. Commands end with ; or \g
Your MySQL connection id is 10
Server version: 5.0.77 Source distribution

Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.

mysql> create database savelono;

Use mysqldump command to back up the database on the original server. The database can be named anything, I usually back up to savelono.com with a ‘DATE-NAME.sql’ convention.

[root@savelono ~]# mysqldump -u root savelono > savelono-04-24-09.sql

Now copy your sql database to the new server and import it.

[root@mattcom1 ~]# mysql -u root -p -D savelono < savelono-04-24-09.sql

That’s it!  Piece of cake.

I got an Asterisk Appliance from VoiceIP Solutions for the purpose of writing up some labs.  I just got my hands on the unit and the first thing we are a going to do is upgrade the firmware.  I’m going to start by plugging my laptop’s ethernet into the LAN port on the Asterisk Appliance.

The unit I’m working with is AA50.  You can only get the firmware by registering with Digium.  Which is inconvenient.  Not a very open policy for an open source product.  In any case you must obtain the current AA50 uImage-1.3.0.1 image for browser upload.  Which I won’t lie… it is not easy.  There is a clearly marked drop down for documentation on the Digium support page.  I easily found the PDF, but there was no link to the firmware.  I ended up using their built-in search bar to find a page with a link to the AA50 firmware. I then accidentally downloaded the CD ISO image first.  I did eventually find and download the firmware.  I logged into the appliance and chose the update tab.

(more…)

nmap is a commonly used tool distributed with Linux (and available for many OSes) for mapping networks and port scanning.  Since almost every networked application runs on TCP/IP it is crucial to have the ability to troubleshoot every layer of the stack(OSI model).  A misconfigured firewall can easily cause hours of frustration.

We will use Asterisk as an example but the following tutorial could easily be applied to any network application.  If you run Asterisk PBX systems across many networks you have probably encountered firewalls.  Errant firewalls can cause huge headaches.  In some cases you may question if access to SIP & IAX2 ports on the firewall are being blocked.

Conventional wisdom:

[matt@mattcom1 ~]$ telnet localhost 22
Trying 127.0.0.1…
Connected to localhost.
Escape character is ‘^]’.
SSH-2.0-OpenSSH_5.1

Using Telnet to verify that a port is listening for incoming connections is great for a host of common TCP applications like smtp(25), http(80) or FTP(21).  But for large scale port mapping and network scanning you may need a beefier tool.  In comes nmap.

Lets start with some nmap basics then run through the IAX2/SIP scenario. Below is nmap with the ‘-O’ switch and my local subnet at home.  The ‘-O’ switch will set nmap to determine remote host Operating System.  192.168.1.0 means network (range) and ‘/24’ tells us that it is a 24 bit subnet mask or ‘255.255.255.0’.

[root@mattcom1 ~]# nmap -O 192.168.1.0/24


Starting Nmap 4.68 ( http://nmap.org ) at 2009-01-23 16:31 PST
Interesting ports on 192.168.1.1:
Not shown: 1714 closed ports
PORT   STATE SERVICE
80/tcp open  http
MAC Address: 00:0F:66:CA:B7:B7 (Cisco-Linksys)
No exact OS matches for host (If you know what OS is running on it, see http://nmap.org/submit/ ).
TCP/IP fingerprint:
OS:SCAN(V=4.68%D=1/23%OT=80%CT=1%CU=39191%PV=Y%DS=1%G=Y%M=000F66%TM=497A617
OS:A%P=i386-redhat-linux-gnu)SEQ(SP=0%GCD=64%ISR=50%TI=I%II=I%SS=S%TS=U)SEQ
OS:(SP=A%GCD=A%ISR=50%TI=I%II=I%SS=S%TS=U)OPS(O1=M5B4%O2=M5B4%O3=M5B4%O4=M5
OS:B4%O5=M5B4%O6=M5B4)WIN(W1=16D0%W2=16D0%W3=16D0%W4=16D0%W5=16D0%W6=16D0)E
OS:CN(R=Y%DF=N%T=96%W=3%O=%CC=N%Q=U)T1(R=Y%DF=N%T=96%S=O%A=S+%F=AS%RD=0%Q=)
OS:T2(R=Y%DF=N%T=96%W=80%S=Z%A=S%F=AR%O=%RD=0%Q=)T3(R=Y%DF=N%T=96%W=100%S=Z
OS:%A=S+%F=AR%O=%RD=0%Q=)T4(R=Y%DF=N%T=96%W=400%S=A%A=S%F=AR%O=%RD=0%Q=)T5(
OS:R=Y%DF=N%T=96%W=7A69%S=Z%A=S+%F=AR%O=%RD=0%Q=)T6(R=Y%DF=N%T=96%W=8000%S=
OS:A%A=S%F=AR%O=%RD=0%Q=)T7(R=Y%DF=N%T=96%W=FFFF%S=Z%A=S+%F=AR%O=%RD=0%Q=)U
OS:1(R=Y%DF=N%T=96%TOS=0%IPL=38%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK=G%RUL=G%RUD=
OS:G)IE(R=Y%DFI=N%T=96%TOSI=Z%CD=S%SI=S%DLI=S)


Network Distance: 1 hop


Interesting ports on 192.168.1.2:
Not shown: 1714 closed ports
PORT   STATE SERVICE
80/tcp open  http
MAC Address: 00:90:4C:91:00:01 (Epigram)
Device type: general purpose
Running: Linux 2.4.X
OS details: Linux 2.4.18 – 2.4.32 (likely embedded)
Uptime: 0.115 days (since Fri Jan 23 13:45:46 2009)
Network Distance: 1 hop


All 1715 scanned ports on 192.168.1.105 are filtered
MAC Address: 00:1E:8C:B4:17:D8 (Asustek Computer)
Too many fingerprints match this host to give specific OS details
Network Distance: 1 hop


Interesting ports on 192.168.1.108:
Not shown: 1711 closed ports
PORT     STATE SERVICE
135/tcp  open  msrpc
139/tcp  open  netbios-ssn
445/tcp  open  microsoft-ds
3389/tcp open  ms-term-serv
MAC Address: 00:1C:C4:2E:7F:33 (Hewlett Packard)
Device type: general purpose
Running: Microsoft Windows Vista
OS details: Microsoft Windows Vista
Uptime: 0.055 days (since Fri Jan 23 15:12:49 2009)
Network Distance: 1 hop


Interesting ports on 192.168.1.254:
Not shown: 1709 closed ports
PORT     STATE SERVICE
22/tcp   open  ssh
111/tcp  open  rpcbind
139/tcp  open  netbios-ssn
445/tcp  open  microsoft-ds
2000/tcp open  callbook
6000/tcp open  X11
Device type: general purpose
Running: Linux 2.6.X
OS details: Linux 2.6.17 – 2.6.24
Uptime: 0.207 days (since Fri Jan 23 11:34:02 2009)
Network Distance: 0 hops


OS detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 256 IP addresses (5 hosts up) scanned in 32.049 seconds

Okay so if you look at my local Asterisk server(192.168.1.254) you will notice that many ports are open but none of them are SIP(5060)or IAX2(4569).  Why is that?  Below the ‘-sT’ switch means SYN scan of TCP ports.

[root@mattcom1 ~]# nmap -sT 192.168.1.254


Starting Nmap 4.68 ( http://nmap.org ) at 2009-01-23 17:37 PST
Interesting ports on 192.168.1.254:
Not shown: 1709 closed ports
PORT     STATE SERVICE
22/tcp   open  ssh
111/tcp  open  rpcbind
139/tcp  open  netbios-ssn
445/tcp  open  microsoft-ds
2000/tcp open  callbook
6000/tcp open  X11

Even though Asterisk is up with a Polycom Soundpoint IP attached no SIP port appears open.  The mystery is solved if we take a close look at how a SIP calls are initiated.  SIP calls are initiated on UDP port 5060.  After the initial handshake the client opens up a series of RTP streams for audio, video, or whatever media is being relayed through SIP.  If we change the flags on the nmap tool we can see if the port is open.

[root@mattcom1 ~]# nmap -sU -p 5060 192.168.1.254


Starting Nmap 4.68 ( http://nmap.org ) at 2009-01-23 18:51 PST
Interesting ports on 192.168.1.254:
PORT     STATE         SERVICE
5060/udp open|filtered sip

We SYN scanned port UDP 5060 and the ‘STATE’ is ‘open|filtered’.  When asterisk is shut down… or the port is blocked, as we can see below…

[root@mattcom1 ~]# nmap -sU -p 5060 192.168.1.254


Starting Nmap 4.68 ( http://nmap.org ) at 2009-01-23 19:12 PST
Interesting ports on 192.168.1.254:
PORT     STATE  SERVICE
5060/udp closed sip


Nmap done: 1 IP address (1 host up) scanned in 0.114 seconds

The same is true for IAX2 as SIP.  When Asterisk is off the ‘STATE’ shows ‘closed’. One last note, the ‘open|filtered’ state could legitimately be filtered, but by checking when Asterisk(or whatever UDP service) is on and off you can tell for sure.  I got some great information at nmap.org, I encourage anyone interested to check it out.