Blog

Latest Technical Notes

Using Ansible to update MikroTik routers

Administering a large installed base of MikroTik routers can be difficult. You can use The Dude, but this has not been updated in some time, and MikroTik have not made their long term intentions clear in relation to the continued development of the software.

We use Ansible internally to remotely configure machines, so it seemed a natural choice to update the firmware of the MikroTik routers we have installed.

Firstly, you need to generate an appropriate DSA SSH key. Refer to: MikroTik Wiki for full instructions.

From the source server, test the SSH connection works:
ssh admin-ssh@remoteserver.com

If you do not immediately connect, you may need to add the appropriate identity file to ~/.ssh/config
IdentityFile ~/.ssh/mikrotik_dsa

Then attempt re-connection.

You should see the MikroTik banner message and the [admin-ssh@remotesite] > command prompt. Just disconnect for now:
quit

Once the connection is working OK, we can then add the relevant routers to /etc/ansible/hosts. In our setup, these are in the [mikrotik] group.

The actual playbook we use is very simple. It checks if package updates are available, and if so, updates the MikroTik. BE CAREFUL – it reboots the remote router when the task is complete.


---
# An Ansible Playbook to mass update the ROS version on MikroTik routers
# Version 1 - 2015/11/15
#
# Copyright Jaytag Computer Limited 2015 - www.jaytag.co.uk
#
# You may use or modify this script as you wish as long as this copyright
# message remains. Redistribution prohibited.
- name: Mikrotik Update
hosts: mikrotik
# forces the connection to work one-by-one (note, this will stop the whole playbook if the host is unreachable)
# serial: 1

connection: paramiko
user: admin
gather_facts: no
tasks:
- name: Check if updates required
raw: /system package update check-for-updates
register: updatecheck


- name: Run package updates and reboot if needed
when: updatecheck.stdout.find('System is already up to date') == -1
raw: /system package update download
register: download
until: download.stdout.find('please reboot router') > -1
retries: 3
delay: 60


- name: Reboot the Router if the download is successful
when: (updatecheck.stdout.find('System is already up to date') == -1) and
(download.stdout.find('please reboot router') > -1)
raw: /system reboot
register: reboot
async: 0
poll: 0

read more
DamianUsing Ansible to update MikroTik routers

FreePBX – convert WAV call recordings to MP3

convert-wav-to-mp3

One of our customers recently reported an interesting issue. They were running FreePBX on a machine with a very small amount of hard drive space. Usually, this would not be an issue, as FreePBX can be installed easily onto a small drive, even less than 10GB (I have a moment of reflection now, thinking that actually 10GB is massive!!)

In any case, when you start recording calls on a system, the free space is quickly eaten up.

Within FreePBX, there is no way to set the call recording to MP3, and as a result, large WAV files are created.

The solution? Convert them to MP3, and update the CDR database to reflect the changed filenames – so that if you wish to download the call recordings from the web UI, the links are correct.

Prerequisites:

  • LAME

The script looks through /var/spool/asterisk/monitor where the call files are stored, and then converts the WAV files to MP3. The WAV files are then deleted.

This version is designed for a one-time-run from the command line. You will of course need to modify the mysql -u portion if you wish to make the update changes as another user.

Exercise caution! If you do not want to delete the WAV files, delete “&& rm -frv $wavfile” from the below script.


#!/bin/bash
# A Script to Convert FreePBX call recordings from WAV to MP3
# Also updates the CDR database, for correct downloads through the web UI
# Version 1 - 2015/11/15
#
# Copyright Jaytag Computer Limited 2015 - www.jaytag.co.uk
#
# You may use or modify this script as you wish as long as this copyright
# message remains. Redistribution prohibited.
# Set the Asterisk Recording Directory
recorddir="/var/spool/asterisk/monitor"
# Start the Loop, store the path of each WAV call recording as variable $wavfile
for wavfile in `find $recorddir -name \*.wav`; do
# Make Variables from the WAV file names, stripping the file path with sed
wavfilenopath="$(echo $wavfile | sed 's/.*\///')"
mp3file="$(echo $wavfile | sed s/".wav"/".mp3"/)"
mp3filenopath="$(echo $mp3file | sed 's/.*\///')"
# Convert the WAV files to MP3, exit with an error message if the conversion fails
nice lame -b 16 -m m -q 9-resample "$wavfile" "$mp3file" && rm -frv $wavfile || { echo "$wavfile encoding failed" ; exit 1; }
# Update the CDR Database
mysql -u root -s -N -D asteriskcdrdb<<<"UPDATE cdr SET recordingfile='$mp3filenopath' WHERE recordingfile = '$wavfilenopath'"
# On-Screen display of variables for debugging/logging
# echo ""
# echo "File -------------------------------------------------------"
# echo "Wav File : " $wavfile
# echo "Wav No Path : " $wavfilenopath
# echo "MP3 File : " $mp3file
# echo "MP3 No Path : " $mp3filenopath
# echo "End File ---------------------------------------------------"
# echo ""
# End the Loop
done

Edit 15/06/2016: There is a new version of the script here.

read more
DamianFreePBX – convert WAV call recordings to MP3

Windows 10 – Change PPTP ipv4 Settings

screenshot win10 pptp

In my RTM copy of Windows 10 Pro, when I try to edit the IPv4 settings of a VPN connection, nothing happened when I clicked ‘Properties’.

Thankfully, there is a solution to the issue – you can edit the file rasphone.pbk in a text editor like notepad.exe and make the necessary changes in this file.

The exact setting I wanted to change was to disable the default gateway – also known as split tunneling. This way I can connect to the VPN, and only tunnel traffic for that specific remote site over the VPN – i.e. use my normal non-vpn connection for internet traffic.

This is called “IpPrioritizeRemote”. I set this to 0 instead of 1 and saved the PBK file. When I re-established the VPN connection in the usual way, the ‘default gateway’ setting worked as intended.

The PBK file is profile dependant, but can be found either at:

C:Users*username*AppDataRoamingMicrosoftNetworkConnectionsPbk

or:

%appdata%MicrosoftNetworkConnectionsPbk

Other useful settings:
IpAddress – IP address for the client to use
IpDnsAddress – DNS server for the client to use
PhoneNumber – IP address of the remote host

read more
DamianWindows 10 – Change PPTP ipv4 Settings

Adding phpShield to Linux Hosting

SSH into the server

Run:
​​/usr/local/bin/php-config --extension-dir

The result shows the PHP extension directory
/usr/local/lib/php/extensions/no-debug-non-zts-20100525

​Upload the latest version of ixed.5.4.lin to this directory using WinSCP or similar file transfer tool

Find the location of php.ini​
php -i | grep php.ini

The result showns the php.ini location
​Configuration File (php.ini) Path => /usr/local/lib

Edit the php.ini file
nano /usr/local/lib/php.ini

​add the line:
extension="ixed.5.4.lin"

Restart the httpd daemon, or apache as required
service httpd restart
or
/etc/init.d/apache restart

Check that it’s working by running:
php -i | grep SourceGuardian

read more
DamianAdding phpShield to Linux Hosting

Manually set FreePBX timezone

Check here for the correct timezone: http://en.wikipedia.org/wiki/List_of_tz_database_time_zones​
SSH into the server
Run the following, with the relevant TZ database timezone. In this example, Europe/London
​ln -sf /usr/share/zoneinfo/Europe/London /etc/localtime
Then, edit /ect/sysconfig/clock
nano /etc/sysconfig/clock
Change the line to the correct TZ timezone:
ZONE="Europe/London"
Save the file
Run to check all is now correct:
date
Reboot the server

read more
DamianManually set FreePBX timezone

Join a wireless network before login

​Export the existing wifi setup
​netsh wlan export profile %SSIDName% folder=c:temp

XML files of the existing connections will be exported to c:temp. Find the one you want all users to access. You need to modify the to false and enter the wireless key.

You will end up with something like this:

<?xml version="1.0"?>
<WLANProfile xmlns="http://www.microsoft.com/networking/WLAN/profile/v1">
<name>Best Network</name>
<SSIDConfig>
<SSID>
<hex>42657374204E6574776F726B</hex>
<name>Best Network</name>
</SSID>
</SSIDConfig>
<connectionType>ESS</connectionType>
<connectionMode>auto</connectionMode>
<MSM>
<security>
<authEncryption>
<authentication>WPA2PSK</authentication>
<encryption>AES</encryption>
<useOneX>false</useOneX>
</authEncryption>
<sharedKey>
<keyType>passPhrase</keyType>
<protected>false</protected>
<keyMaterial>W2kjwoei111</keyMaterial>
</sharedKey>
</security>
</MSM>
</WLANProfile>

Delete the network from Wireless connections, because you need to re-add it for all users, and this will fail if it’s already setup.

Reimporting/Adding the WLAN config for all users
netsh wlan add profile filename=”wifi.xml” user=all

Note the wifi.xml needs to be modified to match the name of the xml file you wish to import.​

The wireless network should now connect before login.

read more
DamianJoin a wireless network before login

No DAHDI modules on the system. Not starting

You need to retrieve the correct kernel-devel for the kernel of linux you are running, and remake DAHDI from source

SSH onto the machine and run:
uname -r

Note the kernel version.

then, google for kernel-devel (kernel version)
find a suitable download source (i.e. from rpm.pbone.net)

then on the machine
rpm -ivh ftp://ftp.is.co.za/mirror/centos/6.5/updates/x86_64/Packages/kernel-devel-2.6.32-431.1.2.0.1.el6.x86_64.rpm

You can then download DAHDI and make from source:

cd /usr/src/
wget http://downloads.asterisk.org/pub/telephony/dahdi-linux-complete/dahdi-linux-complete-current.tar.gz
tar zxvf dahdi-linux-complete-current.tar.gz
cd dahdi-linux-complete-2.9.1.1+2.9.1
make all
make install
make config
/etc/init.d/dahdi restart
chkconfig dahdi on

DAHDI should then work OK​​

read more
DamianNo DAHDI modules on the system. Not starting

Convert plain numbers to MAC addresses with Excel

We use the following formula if you need a – between the octets:

=MID(c2,1,2)&"-"&MID(c2,3,2)&"-"&MID(c2,5,2)&"-"&
MID(c2,7,2)&"-"&MID(c2,9,2)&"-"&MID(c2,11,2)

We use the following formula if you need a : between the octets:

=MID(c2,1,2)&":"&MID(c2,3,2)&":"&MID(c2,5,2)&":"&
MID(c2,7,2)&":"&MID(c2,9,2)&":"&MID(c2,11,2)

Of course, you need to change the cell references in each (i.e. the c2) to match which cell you need to convert.

read more
DamianConvert plain numbers to MAC addresses with Excel

How to reset a network card in Windows

Open Control Panel
Click Hardware and Sound
Click Device Manager
In Network Adapters, find the LAN card you want to reset – this is often something like:

  • Realtek PCIe GBE Family Controller
  • Broadcom NetXtreme 57xx Gigabit Controller
  • Intel PRO/1000MT Network Adapter

Right click on the adapter and click Uninstall
You will be warned that this will remove the device from the system – ensure that ‘Delete the driver software’ is *not* ticked if this is shown
Note: Clicking OK will disconnect your remote access session if you are connected!
Click OK
The icon will disappear, and the network adapter will be disabled
At the top of the device manager list, the PC name is displayed
Right click this PC name and select Scan for hardware changes
The network card should reappear in Network Adapters
The network card will be reset to default settings, so you may need to reconfigure IP addresses, reconnect to a wireless network etc.

read more
DamianHow to reset a network card in Windows

Send test email via telnet

It’s often useful to test an email server manually – to ensure the port is open and redirected properly, and also that the server is delivering messages to the mailbox correctly.

Here is how to send an email manually with telnet:

Open a command prompt on the PC you will send the test email from
telnet server.server.com 25​
HELO jaytag.co.uk (response will be 250 OK)
MAIL FROM:dmcmillan@jaytag.co.uk (response should be 250 OK – mail from dmcmillan@jaytag.co.uk)
RCPT TO:james@stephenrjames.com (response should be 250 OK – Recipient james@stephenrjames.com)
DATA (response should be 354 Send data. End with CRLF.CRLF)
Test Email!
(line break)
.
(line break)
QUIT​

A successful delivery will look something like this:
250 OK

read more
DamianSend test email via telnet