software

Automatically Delete Call Recordings in FreePBX

A simple script to delete call recordings. Note that this has been designed to work hand-in-hand with our other script, that coverts the recordings to MP3 to save space: FreePBX – convert WAV call recordings to MP3

You can easily modify the script to delete call recordings that are in WAV format, or for different periods of time, by altering the “*.mp3” to “*.wav” and by modifying the +365 to +30 +60 +90 etc.


#!/bin/bash
# A script to delete old FreePBX call recordings
# Version 1 - 2016/12/08
#
# Changelog
# v1 - Initial Version
#
# Copyright Jaytag Computer Limited 2016 - www.jaytag.co.uk
#
# You may use or modify this script as you wish as long as this copyright
# message remains. Redistribution prohibited.
#
# Find all recordings older than 365 days and delete
find /var/spool/asterisk/monitor -name "*.mp3" -mtime +365 -delete

read more
DamianAutomatically Delete Call Recordings in FreePBX

Windows 10 – Don’t Miss Out!

Microsoft has confirmed that Windows 10’s free upgrade offer will expire on July 29, 2016. After that, you’ll have to pay £100 to upgrade on any computer that hasn’t already made the leap.

We know not everyone wants to upgrade to Windows 10 right now, and that’s fine. But did you know that Windows 7 has already ended the mainstream support cycle?

This means that Windows 7 will only receive security updates, and nothing else.

New features such as Cortana, the Windows App Store, and Bitlocker encryption aren’t available with Windows 7 Pro, so upgrading now is a good opportunity to gain access to these features, which you would otherwise pay for with Windows 7.

The vast majority of applications will work perfectly with Windows 10, just as they did with Windows 7.

We have been using Windows 10 in our offices now (as have man of our other customers) since the release date last year, and have nothing but positive words to say about it:

  • Faster boot times compared to Windows 7 – from a normal 30 seconds boot time to just 10 seconds
  • Improved driver compatibility – more things ‘just work’
  • Improved stability – less crashes and downtime
  • Great new features, like build in hard drive encryption

If you would like to take advantage of the free upgrade offer, but want advice on how to proceed, contact us now for a free rundown of the upgrade process.

read more
DamianWindows 10 – Don’t Miss Out!

FreePBX – convert WAV call recordings to MP3 v2

An updated version of our script to bulk convert wav call recordings to mp3 as mentioned here.

This version may be redistributed freely, as long as the copyright message remains.
#!/bin/bash
# A Script to Convert FreePBX call recordings from WAV to MP3
# Also updates the CDR database, for correct downloads through the web UI
# Version 2 - 2016/04/15
#
# Changelog
# v2 - Skip broken files (but show an error message)
# v1 - Initial version
#
# Copyright Jaytag Computer Limited 2016 - www.jaytag.co.uk
#
# You may use or modify this script as you wish as long as this copyright
# message remains. Redistribution is permitted.

# Set the Asterisk Recording Directory
recorddir="/var/spool/asterisk/monitor/"

# Start the Loop
for wavfile in `find $recorddir -name \*.wav`; do

# Make Variables from the WAV file names
wavfilenopath="$(echo $wavfile | sed 's/.*\///')"
mp3file="$(echo $wavfile | sed s/".wav"/".mp3"/)"
mp3filenopath="$(echo $mp3file | sed 's/.*\///')"

# Convert the WAV files to MP3, exit with an error message if the conversion fails
nice lame -b 16 -m m -q 9-resample "$wavfile" "$mp3file" && rm -frv $wavfile || echo "$wavfile encoding failed"

# Update the CDR Database, only if conversion is sucessful
if [ -e "$mp3file" ] then
mysql -u root -s -N -D asteriskcdrdb<<<"UPDATE cdr SET recordingfile='$mp3filenopath' WHERE recordingfile = '$wavfilenopath'"
echo "DBUPDATE -------------------------------------------------------"
echo "DBUPDATE - $wavfilenopath changed to $mp3filenopath in CDR DB"
echo "DBUPDATE -------------------------------------------------------"
fi

# On-Screen display of variables for debugging/logging
# echo ""
# echo "File -------------------------------------------------------"
# echo "Wav File : " $wavfile
# echo "Wav No Path : " $wavfilenopath
# echo "MP3 File : " $mp3file
# echo "MP3 No Path : " $mp3filenopath
# echo "End File ---------------------------------------------------"
# echo ""

# End the Loop
done

read more
DamianFreePBX – convert WAV call recordings to MP3 v2

Monitoring Asterisk With Observium

On the Asterisk server, ensure xinetd is installed

yum -y install xinetd
service xinetd start

Create an Observium agent for xinetd

nano /etc/xinetd.d/observium_agent

Add this to the file

service app-asterisk
{
type = UNLISTED
port = 36602
socket_type = stream
protocol = tcp
wait = no
user = root
server = /usr/bin/observium_agent/asterisk

# Don’t be too verbose. Don’t log every check. This might be
# commented out for debugging. If this option is commented out
# the default options will be used for this service.
log_on_success =

disable = no
}

Create the executable that xinetd will call when Observium connects

mkdir /usr/bin/observium_agent
nano /usr/bin/observium_agent/asterisk

Add this to the file

#!/bin/bash

####### Asterisk Telephony Server
if [ -a /usr/sbin/asterisk ] then
echo ‘<<<app-asterisk>>>’
ACTIVECHAN=$(asterisk -rx ‘core show channels’ | grep ‘active channels’ | cut -d’ ‘ -f1)
ACTIVECALL=$(asterisk -rx ‘core show channels’ | grep ‘active call’ | cut -d’ ‘ -f1)
IAXCHANNELS=$(asterisk -rx ‘iax2 show channels’ | grep active | cut -d’ ‘ -f1)
SIPCHANNELS=$(asterisk -rx ‘sip show channels’ | grep active | cut -d’ ‘ -f1)
SIPTOTALPEERS=$(asterisk -rx ‘sip show peers’ | grep ‘sip peers’ | cut -d’ ‘ -f1)
SIPONLINE=$(asterisk -rx ‘sip show peers’ | grep -o ‘[0-9]* online’ | head -1 | cut -d’ ‘ -f1)
IAXTOTALPEERS=$(asterisk -rx ‘iax2 show peers’ | grep ‘iax2 peers’ | cut -d’ ‘ -f1)
IAXONLINE=$(asterisk -rx ‘iax2 show peers’ | grep -o ‘[0-9]* online’ | head -1 | cut -d’ ‘ -f1)

echo “activechan:$ACTIVECHAN”
echo “activecall:$ACTIVECALL”
echo “iaxchannels:$IAXCHANNELS”
echo “sipchannels:$SIPCHANNELS”
echo “sippeers:$SIPTOTALPEERS”
echo “sippeersonline:$SIPONLINE”
echo “iaxpeers:$IAXTOTALPEERS”
echo “iaxpeersonline:$IAXONLINE”

fi

Set the script as executable and restart xinetd

chmod +x /usr/bin/observium_agent/asterisk
service xinetd restart

In Observium, go to the server and select Settings > Properties
Enable Modules > unix-agent
Set Agent Port to 36602 in Agent
Poll the device, and the Asterisk App will appear in the ‘Apps’ section of the device

read more
DamianMonitoring Asterisk With Observium

Get an A+ rating with Vesta on SSL Labs

We’ve recently been testing sites with the Qualys SSL Server Test here: https://www.ssllabs.com/ssltest/index.html

By default, the SSL settings on Vesta are good – but it’s not possible to get an A+ rating without making some changes to the nginx configuration files.

Although SSL Labs do give an indication as to where the SSL rating is low, it’s not very easy to see exactly what needs to be changed with nginx to get the A+ rating. The key things to improve:

  1. Limit the SSL ciphers that can be used
  2. Add HTTP Strict Transport Security with long duration
  3. Enable SSL stapling

Firstly, you have to SSH onto your vesta server, and edit the main nginx conf file:

nano /etc/nginx/nginx.conf

Then, add the following settings:

# Improved SSL settings – as suggested by jaytag.co.uk
ssl_session_cache builtin:1000 shared:SSL:10m;
add_header Strict-Transport-Security “max-age=63072000; includeSubDomains; preload”;
add_header X-Frame-Options DENY;
ssl_stapling on; # Requires nginx >= 1.3.7
ssl_stapling_verify on; # Requires nginx => 1.3.7
resolver 8.8.4.4 8.8.8.8 valid=300s;
resolver_timeout 5s;

Then save the file.

One of the warnings you will receive is “This server supports weak Diffie-Hellman (DH) key exchange parameters” so you have to generate strong DH key parameters. There is some interesting info here about the duration of calculating the primes: http://security.stackexchange.com/questions/95178/diffie-hellman-parameters-still-calculating-after-24-hours so taking their advice, we will use the -dsaparam switch to speed up the process.

mkdir /etc/pki/nginx
openssl dhparam -dsaparam -out /etc/pki/nginx/dhparam.pem 4096

If you are feeling super secure (takes a few hours to randomly generate the primes) do this instead:

openssl dhparam -out /etc/pki/nginx/dhparam.pem 4096

When complete, you can then edit the nginx parameters:

cp /home/jaytag/conf/web/snginx.conf /home/jaytag/conf/web/snginx.conf.old
nano /home/jaytag/conf/web/snginx.conf

Add in the top section after the line ssl on:

ssl_stapling on;
ssl_dhparam /etc/pki/nginx/dhparam.pem;
ssl_session_timeout 24h;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers kEECDH+AES128:kEECDH:kEDH:-3DES:kRSA+AES128:kEDH+3DES:DES-CBC3-SHA:!RC4:!aNULL:!eNULL:!MD5:!EXPORT:!LOW:!SEED:!CAMELLIA:!IDEA:!PSK:!SRP:!SSLv2;
ssl_prefer_server_ciphers on;
add_header Strict-Transport-Security “max-age=31536000;”;
add_header Content-Security-Policy-Report-Only “default-src https:; script-src https: ‘unsafe-eval’ ‘unsafe-inline’; style-src https: ‘unsafe-inline’; img-src https: data:; font-src https: data:; report-uri /csp-report”;

Then save the file.

The last step is to restart nginx:

service nginx restart

Now re-test on SSL Labs. Success!

aratingSSLLabs

 

read more
DamianGet an A+ rating with Vesta on SSL Labs

FreePBX – convert WAV call recordings to MP3

convert-wav-to-mp3

One of our customers recently reported an interesting issue. They were running FreePBX on a machine with a very small amount of hard drive space. Usually, this would not be an issue, as FreePBX can be installed easily onto a small drive, even less than 10GB (I have a moment of reflection now, thinking that actually 10GB is massive!!)

In any case, when you start recording calls on a system, the free space is quickly eaten up.

Within FreePBX, there is no way to set the call recording to MP3, and as a result, large WAV files are created.

The solution? Convert them to MP3, and update the CDR database to reflect the changed filenames – so that if you wish to download the call recordings from the web UI, the links are correct.

Prerequisites:

  • LAME

The script looks through /var/spool/asterisk/monitor where the call files are stored, and then converts the WAV files to MP3. The WAV files are then deleted.

This version is designed for a one-time-run from the command line. You will of course need to modify the mysql -u portion if you wish to make the update changes as another user.

Exercise caution! If you do not want to delete the WAV files, delete “&& rm -frv $wavfile” from the below script.


#!/bin/bash
# A Script to Convert FreePBX call recordings from WAV to MP3
# Also updates the CDR database, for correct downloads through the web UI
# Version 1 - 2015/11/15
#
# Copyright Jaytag Computer Limited 2015 - www.jaytag.co.uk
#
# You may use or modify this script as you wish as long as this copyright
# message remains. Redistribution prohibited.
# Set the Asterisk Recording Directory
recorddir="/var/spool/asterisk/monitor"
# Start the Loop, store the path of each WAV call recording as variable $wavfile
for wavfile in `find $recorddir -name \*.wav`; do
# Make Variables from the WAV file names, stripping the file path with sed
wavfilenopath="$(echo $wavfile | sed 's/.*\///')"
mp3file="$(echo $wavfile | sed s/".wav"/".mp3"/)"
mp3filenopath="$(echo $mp3file | sed 's/.*\///')"
# Convert the WAV files to MP3, exit with an error message if the conversion fails
nice lame -b 16 -m m -q 9-resample "$wavfile" "$mp3file" && rm -frv $wavfile || { echo "$wavfile encoding failed" ; exit 1; }
# Update the CDR Database
mysql -u root -s -N -D asteriskcdrdb<<<"UPDATE cdr SET recordingfile='$mp3filenopath' WHERE recordingfile = '$wavfilenopath'"
# On-Screen display of variables for debugging/logging
# echo ""
# echo "File -------------------------------------------------------"
# echo "Wav File : " $wavfile
# echo "Wav No Path : " $wavfilenopath
# echo "MP3 File : " $mp3file
# echo "MP3 No Path : " $mp3filenopath
# echo "End File ---------------------------------------------------"
# echo ""
# End the Loop
done

Edit 15/06/2016: There is a new version of the script here.

read more
DamianFreePBX – convert WAV call recordings to MP3

Adding phpShield to Linux Hosting

SSH into the server

Run:
​​/usr/local/bin/php-config --extension-dir

The result shows the PHP extension directory
/usr/local/lib/php/extensions/no-debug-non-zts-20100525

​Upload the latest version of ixed.5.4.lin to this directory using WinSCP or similar file transfer tool

Find the location of php.ini​
php -i | grep php.ini

The result showns the php.ini location
​Configuration File (php.ini) Path => /usr/local/lib

Edit the php.ini file
nano /usr/local/lib/php.ini

​add the line:
extension="ixed.5.4.lin"

Restart the httpd daemon, or apache as required
service httpd restart
or
/etc/init.d/apache restart

Check that it’s working by running:
php -i | grep SourceGuardian

read more
DamianAdding phpShield to Linux Hosting

Manually set FreePBX timezone

Check here for the correct timezone: http://en.wikipedia.org/wiki/List_of_tz_database_time_zones​
SSH into the server
Run the following, with the relevant TZ database timezone. In this example, Europe/London
​ln -sf /usr/share/zoneinfo/Europe/London /etc/localtime
Then, edit /ect/sysconfig/clock
nano /etc/sysconfig/clock
Change the line to the correct TZ timezone:
ZONE="Europe/London"
Save the file
Run to check all is now correct:
date
Reboot the server

read more
DamianManually set FreePBX timezone

Join a wireless network before login

​Export the existing wifi setup
​netsh wlan export profile %SSIDName% folder=c:temp

XML files of the existing connections will be exported to c:temp. Find the one you want all users to access. You need to modify the to false and enter the wireless key.

You will end up with something like this:

<?xml version="1.0"?>
<WLANProfile xmlns="http://www.microsoft.com/networking/WLAN/profile/v1">
<name>Best Network</name>
<SSIDConfig>
<SSID>
<hex>42657374204E6574776F726B</hex>
<name>Best Network</name>
</SSID>
</SSIDConfig>
<connectionType>ESS</connectionType>
<connectionMode>auto</connectionMode>
<MSM>
<security>
<authEncryption>
<authentication>WPA2PSK</authentication>
<encryption>AES</encryption>
<useOneX>false</useOneX>
</authEncryption>
<sharedKey>
<keyType>passPhrase</keyType>
<protected>false</protected>
<keyMaterial>W2kjwoei111</keyMaterial>
</sharedKey>
</security>
</MSM>
</WLANProfile>

Delete the network from Wireless connections, because you need to re-add it for all users, and this will fail if it’s already setup.

Reimporting/Adding the WLAN config for all users
netsh wlan add profile filename=”wifi.xml” user=all

Note the wifi.xml needs to be modified to match the name of the xml file you wish to import.​

The wireless network should now connect before login.

read more
DamianJoin a wireless network before login