The first commercial grade, fully open source and 100% Arduino compatible GPS/GLONASS
vehicle tracker with a powerful 32-bit ARM Cortex-M3 CPU.
opentracker
Faq on tracking
TrackR
Tile Slim on amazone
Saturday, November 26, 2016
Monday, June 1, 2015
Asterisk basics
A bit like Ubuntu, Asterisk has a long term version support.
From version 1.x to 1.8 continue with 10.x .
Specifications:
PBX futures
From asterisk-1.2 to 1.4
Year 2005-2008
Frameworks API/PBX Enhancements
From asterisk-1.6 to 11
Year 2008-2012
Application Server
From asterisk-12 to latest
Year 2012-Today
The latest Asterisk 13.0.0 LTS version has been released in few weeks ago.
It is supported for four years.
Security tlscipher , Media, Asterisk REST Interface (ARI) and the PJSIP stack in Asterisk are fully integreted.
Alembic scripts has been added for CDR tables
cdr_sqlite should use cdr_sqlite3_custom
PostgreSQL setting and configuration in res_pgsql.conf cdr_pgsql.conf. & cel_pgsql.conf.
SS7 support now requires libss7 v2.0 or later and the related description file in chan_dahdi.conf.sample.
Use chan_motif instead of chan_gtalk and/or chan_jingle
Use chan_ooh323 instead of chan_h323
WebRTC Support with WebSocket transport over SIP.
DTLS-SRTP – A secure transport for RTP media streams used by WebRTC and SIP endpoints.
ICE, STUN and TURN – A set of related technologies for establishing live media streams between software agents running behind network address translators (NATs) and firewalls.
ICE, STUN and TURN have been incorporated into the Asterisk RTP engine as part of the effort to support WebRTC.
Motif – A new channel driver for supporting the Jingle protocol and Google Talk. Motif combines functions previously spread across multiple channels, and makes use of a new and more standards-compliant XMPP implementation.
For more information get:
http://astbook.asteriskdocs.org/
From version 1.x to 1.8 continue with 10.x .
Specifications:
PBX futures
From asterisk-1.2 to 1.4
Year 2005-2008
Frameworks API/PBX Enhancements
From asterisk-1.6 to 11
Year 2008-2012
Application Server
From asterisk-12 to latest
Year 2012-Today
The latest Asterisk 13.0.0 LTS version has been released in few weeks ago.
It is supported for four years.
Security tlscipher , Media, Asterisk REST Interface (ARI) and the PJSIP stack in Asterisk are fully integreted.
Alembic scripts has been added for CDR tables
cdr_sqlite should use cdr_sqlite3_custom
PostgreSQL setting and configuration in res_pgsql.conf cdr_pgsql.conf. & cel_pgsql.conf.
SS7 support now requires libss7 v2.0 or later and the related description file in chan_dahdi.conf.sample.
Use chan_motif instead of chan_gtalk and/or chan_jingle
Use chan_ooh323 instead of chan_h323
WebRTC Support with WebSocket transport over SIP.
DTLS-SRTP – A secure transport for RTP media streams used by WebRTC and SIP endpoints.
ICE, STUN and TURN – A set of related technologies for establishing live media streams between software agents running behind network address translators (NATs) and firewalls.
ICE, STUN and TURN have been incorporated into the Asterisk RTP engine as part of the effort to support WebRTC.
Motif – A new channel driver for supporting the Jingle protocol and Google Talk. Motif combines functions previously spread across multiple channels, and makes use of a new and more standards-compliant XMPP implementation.
For more information get:
http://astbook.asteriskdocs.org/
Thursday, February 12, 2015
Yate
Yet Another Telephony Engine
cd /usr/src
svn checkout http://voip.null.ro/svn/yate/trunk yate
cd yate
This will fetch a copy of the SVN TRUNK in a new directory called yate.
Prepare and configure the sources
./autogen.sh
./configure --help
./configure
Look at the configure output and check that all features you need are detected.
If not, install what is missing.
Compile the sources
make
make install-noapi
Dependeciy in case fo errors: kdoc or doxygen package.
Check version
./run -V
Start Yate:
./run -vvvvv -CDo
To run Yate outside your build dir you need to set LD_LIBRARY_PATH so Yate can find libyate.so
echo "/usr/local/lib" >> /etc/ld.so.conf
ldconfig
Service installation
If you will run Yate as server you will need some extra steps so Yate will start automatically when your server starts.
Prepare the init script
You need to copy and rename the proper yate.init from a subdirectory of packing/ to /etc/init.d where all service start scripts are installed.
Info: You may edit the init/upstart file to point to the correct path (/usr/bin -> /usr/local/bin ).
This operation needs that you run as root:
cd /usr/src/yate
cp packing/deb/yate.init /etc/init.d/yate
chown root.root /etc/init.d/yate
You will then need to edit the init file and change the path to the executable from /usr/bin to /usr/local/bin.
Set the service script to start automatically
update-rc.d yate defaults
Start the service manually
Unless you are going to reboot the server you need to do the following once as root:
service yate restart
As a general note, use restart instead of start to avoid accidentally running multiple instances.
For testing the status:
service yate status
Stopping the service manually
service yate stop
Disabling the service
If you want to disable the service you need to disable autostart and also stop it manually:
update-rc.d -f yate remove
service yate stop
The configuration files are in conf.d directory that is found in the root directory where Yate was build.
When Yate is installed from a package the init script in /etc/rc.d/init.d/ should take care of providing the proper init parameters for starting Yate as a service.
Sangoma card driver installation
Download the driver from: ftp://ftp.sangoma.com/linux/current_wanpipe/
As root:
cd /usr/src/
ls
wanpipe-3.5.28.tgz
tar zxvf wanpipe-3.5.28.tgz
cd wanpipe-3.5.28
./Setup install
Acept to install WANPIPE start-up scripts
Test with
wanrouter hwprobe
wanrouter status
Configure Wanpipe
Follow the procedure outlined here to configure Wanpipe into two timeslot groups for YATE. First, as the root user, issue the following command:
wancfg
This will start the WANPIPE Configuration Utility, which will build the Wanpipe configuration files. Press OK at the first screen, select Create a new Configuration File and press Enter. You will see a list of the configuration files that are possible, and their states. For a new installation, press Enter to select wanpipe1.conf. Select the following from the list of detected cards:
AFT-A104u SLOT=2 BUS=5 IRQ=3 CPU=A PORT=1 V=13
If you are not in North America, you will probably need to change the physical medium from T1 to E1 using the first submenu from the next screen. We will write E1 for the physical medium. Next, you’ll have to configure the timeslot groups using the second submenu. You will need to define two timeslot groups: one for the D-channel, and the other for all the B-channels.
E1 configuration:
Timeslot Group 1 Configuration:
Timeslots in Group-> 16
HDLC engine--------> Enabled
Idle char ---------> 0x7E
MTU ---------------> 1200
MRU ---------------> 1200
Timeslot Group 2 Configuration:
Timeslots in Group-> 1-15.17-31
HDLC engine--------> Disabled
Idle char ---------> 0x7E
MTU ---------------> 1200
MRU ---------------> 1200
Specify MTU and MRU values. They should be the same. MTU/MRU values indicate the Rx/Tx CHUNK Size.To calculate MTU/MRU multiply your desired CHUNK size by the number of active channels. eg: 30 channels * 40bytes (which is 5ms voice chunk) = 1200 bytes.
Note: To avoid problems the chunk size must be a multiple of four.
You'll need to tell Wanpipe what each timeslot will be used for. The timeslots will be referred to as w1g1 and w1g2 (Wanpipe 1 group 1 and Wanpipe 1 group 2). If you have a multiport Wanpipe card, you may have other group names as well. For your current purposes, you'll want to be running HDLC streaming on each timeslot, with an operation mode of API. The timeslot group config screens are a little confusing to navigate, but with a bit of back-and-forth you should be able to figure them out. For each timeslot group, set the following:
Protocol: HDLC Streaming
Interface Setup--> 1 defined (select and press Enter)
Interface 1 – w1g1 (select and press Enter)
Operation Mode--> WANPIPE (select and press Enter)
You want to change this to:
Interface Operation Mode: API
The same actions for configuring the Timeslot for Group 2.
Save the file wanpipe1.conf and Exist.
Note: If you need to make changes in wanpipe configuration file please make sure that wanpipe is not running, to avoid errors.
Configuration in Yate
Use this tutorial to: install Yate.
To configure SIP to ISDN gateway you will need:
signaling - This is configured in ysigchan.conf.
- an ISDN trunk (container with a Q.931 call controller, a circuit group (voice circuits), a Q.921 data link and an HDLC signalling interface).
voice circuits that can be:
- local: Sangoma. This is configured in Yate in file: wpcard.conf.
Configure files:
ysigchan.conf
[trunk_isdn1]
type=isdn-pri-net
enable=yes
sig=wanpipe1
voice=wanpipe1
switchtype=euro-isdn-e1
strategy=increment
format=alaw
wpcard.conf
[wanpipe1]
type=E1
siggroup=w1g1
voicegroup=w1g2
Routing all calls through ISDN trunk:
regexroute.conf
[default]
.*=sig/\0;trunk=trunk_isdn1
Start devices
First the wanpipe must be started and then Yate.
Start wanpipe:
wanrouter start
Start Yate:
./run -vvvvv CDo
You can configure your users in regfile.conf or register.conf and start making calls.
For Sangoma binary card
The appropriate RPM can be downloaded from ftp://ftp.sangoma.com/linux/RPMS/.
To install the RPM run
rpm -i --force [the rpm name]
The force option is required to override the old modules.
Configure driver
To configure the driver you should run
/usr/sbin/wancfg
More info about that you will find out in the appropriate section of the manual.
Start Wanpipe
Finally to start Wanpipe the commands "wanrouter start" or "wanrouter start wanpipe1" must be executed.
Google voice
http://www.tuxguides.com/yate-server-free-google-voice-calling/
Set gmail account in accfile.conf :
[MyGMailAccount]
enabled=yes
protocol=jabber
username=GMail_username
password=GMail_password
domain=gmail.com
options=allowplainauth
Load Jabber client module
Since jabberclient is a client module, not loaded when Yate is running in server mode, you must explicitly load it. To do that set in yate.conf:
[postload]
${modulepath}/client/jabberclient${modsuffix}=yes
Set Yate Server with jingle in client mode
By default the jingle channel detects Yate run mode and behaves accordingly. To use it in client mode when Yate runs as server, set in yjinglechan.conf:
[general]
servermode=no
Configure users
In regfile.conf
[123]
password=secretpass
Routing calls in regexroute.conf :
[default]
; Route calls to contacts in MyGMailAccount roster
^123$=jingle/mycontact@domain;line=MyGMailAccount
; Route calls received on MyGMailAccount line
${in_line}MyGMailAccount=sip/sip:SIP_number@a.b.c.d
Using SIP MESSAGE or how to enable chat messages in SIP
By default Yate doesn't accept SIP MESSAGE requests.
To allow them in set enable=yes in message section from ysipchan.conf.
[message]
; Controls the behaviour for SIP messaging
; enable: bool: Allow the SIP module to receive MESSAGE requests
enable=yes
; auth_required: bool: Automatically challenge all senders for authentication
;auth_required=enable
; async_process: bool: Process SIP MESSAGE asynchronously in their own thread
;async_process=enable
SMSC
This is a basic example of storing received SIP MESSAGES in a database. Besides this you will need to add the logic that takes the messages from the database and sends them.
In javascript.conf in section scripts:
[scripts]
sip_messages=smsc.js
In mysqldb.conf define the database account:
[smsc]
database=smscdb
user=mysql
password=yate
Then in smsc.js from share/scripts directory in yate's sources (unless you configured a different path in javascript.conf or you installed yate) write the logic:
function onCallRoute(msg)
{
Engine.output("Handling call.route caller="+msg.caller+" called="+msg.called);
if (msg.route_type=="msg") {
var m = new Message("database");
m.account = "smsc";
m.query = "INSERT INTO sms(caller,called,message) VALUES('" + sql_escape(msg.caller) + "','" + sql_escape(msg.called) + "','" + sql_escape(msg.xsip_body) + "')";
m.dispatch();
}
}
function sql_escape(val)
{
// ..
return val;
}
Message.install(onCallRoute, "call.route", 50);
Allowing SIP MESSAGE only for some users
Here is an example of a javascript global script that allows SIP MESSAGE only for user 101.
In javascript.conf in section scripts:
[scripts]
sip_messages=filter_sip_messages.js
Then in file filter_sip_messages.js from share/scripts:
function onCallRoute(msg)
{
Engine.output("Handling call.route caller="+msg.caller+" called="+msg.called);
if (msg.route_type=="msg") {
if (msg.caller!="101") {
Engine.output("Stopping SIP MESSAGE for user "+msg.caller);
msg.reason = "rejected";
}
}
}
Message.install(onCallRoute, "call.route", 50);
How to route and bill from a database
Install devel packages for PostGreSQL in your platform. Then in Yate sources run:
./configure
make
Then start Yate:
./run -vvvvv -CDo
Check if module is loaded
Note: Check if module PostGreSQL is loaded. It is required to be loaded so that Yate can connect to database.
Verify module loading when starting Yate
When Yate starts you can see a list of modules that are loaded. If PostGreSQL does not appear, you must install the devel packages, then reload Yate.
./run -vvvvv -CDo
yate.conf
[general]
modload=no
[modules]
pgsqldb.yate=yes
Configuration
The configuration file is pgsqldb.conf. It is found in directory conf.d where Yate sources are.
The file must be renamed from pgsqldb.conf.sample into pgsqldb.conf.
There can be multiple connections to different databases.
pgsqldb.conf
[general]
; This section is special - holds settings common to all connections
; priority: int: Handler priority
;priority=100
; Each other section in this file describes a database connection
;[default]
; The section name is used as the database connection name
; autostart: bool: Automatically initiate the connection on startup
;autostart=yes
; timeout: int: Query timeout in milliseconds
;timeout=10000
; retry: int: How many times to retry the connection or query
;retry=5
; encoding: string: Character set encoding used to communicate with the server
; If not set will match the encoding of server side database
;encoding=
; connection: string: Ready-built client connection string for PQconnectStart
; If this is not set the string is built from the following pieces
; Take care if you set this - it will override anything that follows
;connection=
; host: string: PostgreSQL server to connect to
;host=localhost
; port: int: Port on which the server is listening for connections
;port=5432
; database: string: Name of the database to use in queries
;database=yate
; user: string: Username to use to access the database
;user=postgres
; password: string: Password to authenticate the user to the database server
;password=
Example
Example of configuring an PostGreSQL database account in file pgsqldb.conf:
[yateadmin]
host=localhost
port=5432
database=yateadmin
user=postgres
password=yate_admin
This is where a new connection is made.
You can have multiple connections to different databases.
The name between [] will be used in other configuration files to set the used account.
If you need to store CDRs, you will have to use register.conf file, so that Yate will know which connection to make.
register.conf
[general]
account=yateadmin
status pgsqldb
%%+status:pgsqldb
name=pgsqldb,type=database,format=Total|Failed|Errors|AvgExecTime;conns=0,failed=0
%%-status
If line name=pgsqldb,.... don't appear in the list that means that module is not loaded. Install devel packages. Then restart Yate for changes to take place.
Enable messages
In register.conf file you have to activate handlers for each message you are going to use. That means that you have to enable parameters:
- user.auth=yes -> Activate handler on the user.auth message. Used to authenticate users.
- user.register=yes -> Activate handler on the user.register message. Used for users registration.
- call.route=yes -> Activate handler on the call.route message. Used to route the calls.
- call.cdr=yes -> Activate handler on the call.cdr message. Used to write CDRs in the database.
Configure database in Yate
There are 3 steps to accomplish this task:
create your database with tables that you need for your configuration (here is an example of a database schema).
put the credentials of the database of the database created in Yate's configuration file: pgsqldb.conf).
'tell' Yate which connection to use when users will be registered. This is done in register.conf file.
Set the connection information of database
In PostgreSQL configuration file: pgsqldb.conf we have to set the connection data for this database in a section that will have the same name as the account settled in register.conf:
[yateadmin]
host=localhost
port=5432
database=yateadmin
user=postgres
password=secret
After "=" you have to write your connection information.
Set the name of the database connection
When using register module, set the name of the database connection in section [default]:
[default]
account=yateadmin
Define, authenticate, register Users
The users with their information will be kept in the database. You can see table users as an example of a table schema.
Then in register.conf you have to authenticate, register your users by enabling user.auth and user.register in [general] and writing their associated queries.
To authenticate and register users user.auth and user.register are enabled. register.conf
[general]
user.auth=yes
user.register=yes
[user.auth]
query=SELECT password FROM users WHERE username='${username}'
result=password
[user.register]
query=UPDATE users SET location='${data}',expires=CURRENT_TIMESTAMP + INTERVAL '${expires} s' WHERE username='${username}'
Route calls from database
See an example of a database schema.
In register.conf in section [general] the call.route and call.cdr must be enabled. They are used for routing the calls and writing the call logs in the database.
[general]
call.route=yes
call.cdr=yes
[call.route]
query=SELECT location,(CASE WHEN location IS NULL THEN 'offline' ELSE NULL END) AS error FROM users WHERE username='${called}'
result=location
[call.cdr]
initquery=UPDATE cdr SET ended=true WHERE ended IS NULL OR NOT ended
cdr_initialize=INSERT INTO cdr VALUES(TIMESTAMP 'EPOCH' + INTERVAL '${time} s','${chan}','${address}','${direction}','${billid}',\
'${caller}','${called}',INTERVAL '${duration} s' ,INTERVAL '${billtime} s',INTERVAL '${ringtime} s','${status}','${reason}',false)
cdr_update=UPDATE cdr SET caller='${caller}',called='${called}',duration=INTERVAL '${duration} s',billtime=INTERVAL '${billtime} s',\
ringtime=INTERVAL '${ringtime} s',status='${status}',reason='${reason}' WHERE chan='${chan}' AND billid='${billid}'
cdr_finalize=UPDATE cdr SET caller='${caller}', called='${called}', duration=INTERVAL '${duration} s',billtime=INTERVAL '${billtime} s',\
ringtime=INTERVAL '${ringtime} s',status='${status}',reason='${reason}',ended=true WHERE chan='${chan}' AND billid='${billid}'
For more complex routing like routing to registered lines(gateways) which are defined in the database, you can do a stored procedures.
cd /usr/src
svn checkout http://voip.null.ro/svn/yate/trunk yate
cd yate
This will fetch a copy of the SVN TRUNK in a new directory called yate.
Prepare and configure the sources
./autogen.sh
./configure --help
./configure
Look at the configure output and check that all features you need are detected.
If not, install what is missing.
Compile the sources
make
make install-noapi
Dependeciy in case fo errors: kdoc or doxygen package.
Check version
./run -V
Start Yate:
./run -vvvvv -CDo
To run Yate outside your build dir you need to set LD_LIBRARY_PATH so Yate can find libyate.so
echo "/usr/local/lib" >> /etc/ld.so.conf
ldconfig
Service installation
If you will run Yate as server you will need some extra steps so Yate will start automatically when your server starts.
Prepare the init script
You need to copy and rename the proper yate.init from a subdirectory of packing/ to /etc/init.d where all service start scripts are installed.
Info: You may edit the init/upstart file to point to the correct path (/usr/bin -> /usr/local/bin ).
This operation needs that you run as root:
cd /usr/src/yate
cp packing/deb/yate.init /etc/init.d/yate
chown root.root /etc/init.d/yate
You will then need to edit the init file and change the path to the executable from /usr/bin to /usr/local/bin.
Set the service script to start automatically
update-rc.d yate defaults
Start the service manually
Unless you are going to reboot the server you need to do the following once as root:
service yate restart
As a general note, use restart instead of start to avoid accidentally running multiple instances.
For testing the status:
service yate status
Stopping the service manually
service yate stop
Disabling the service
If you want to disable the service you need to disable autostart and also stop it manually:
update-rc.d -f yate remove
service yate stop
The configuration files are in conf.d directory that is found in the root directory where Yate was build.
When Yate is installed from a package the init script in /etc/rc.d/init.d/ should take care of providing the proper init parameters for starting Yate as a service.
Sangoma card driver installation
Download the driver from: ftp://ftp.sangoma.com/linux/current_wanpipe/
As root:
cd /usr/src/
ls
wanpipe-3.5.28.tgz
tar zxvf wanpipe-3.5.28.tgz
cd wanpipe-3.5.28
./Setup install
Acept to install WANPIPE start-up scripts
Test with
wanrouter hwprobe
wanrouter status
Configure Wanpipe
Follow the procedure outlined here to configure Wanpipe into two timeslot groups for YATE. First, as the root user, issue the following command:
wancfg
This will start the WANPIPE Configuration Utility, which will build the Wanpipe configuration files. Press OK at the first screen, select Create a new Configuration File and press Enter. You will see a list of the configuration files that are possible, and their states. For a new installation, press Enter to select wanpipe1.conf. Select the following from the list of detected cards:
AFT-A104u SLOT=2 BUS=5 IRQ=3 CPU=A PORT=1 V=13
If you are not in North America, you will probably need to change the physical medium from T1 to E1 using the first submenu from the next screen. We will write E1 for the physical medium. Next, you’ll have to configure the timeslot groups using the second submenu. You will need to define two timeslot groups: one for the D-channel, and the other for all the B-channels.
E1 configuration:
Timeslot Group 1 Configuration:
Timeslots in Group-> 16
HDLC engine--------> Enabled
Idle char ---------> 0x7E
MTU ---------------> 1200
MRU ---------------> 1200
Timeslot Group 2 Configuration:
Timeslots in Group-> 1-15.17-31
HDLC engine--------> Disabled
Idle char ---------> 0x7E
MTU ---------------> 1200
MRU ---------------> 1200
Specify MTU and MRU values. They should be the same. MTU/MRU values indicate the Rx/Tx CHUNK Size.To calculate MTU/MRU multiply your desired CHUNK size by the number of active channels. eg: 30 channels * 40bytes (which is 5ms voice chunk) = 1200 bytes.
Note: To avoid problems the chunk size must be a multiple of four.
You'll need to tell Wanpipe what each timeslot will be used for. The timeslots will be referred to as w1g1 and w1g2 (Wanpipe 1 group 1 and Wanpipe 1 group 2). If you have a multiport Wanpipe card, you may have other group names as well. For your current purposes, you'll want to be running HDLC streaming on each timeslot, with an operation mode of API. The timeslot group config screens are a little confusing to navigate, but with a bit of back-and-forth you should be able to figure them out. For each timeslot group, set the following:
Protocol: HDLC Streaming
Interface Setup--> 1 defined (select and press Enter)
Interface 1 – w1g1 (select and press Enter)
Operation Mode--> WANPIPE (select and press Enter)
You want to change this to:
Interface Operation Mode: API
The same actions for configuring the Timeslot for Group 2.
Save the file wanpipe1.conf and Exist.
Note: If you need to make changes in wanpipe configuration file please make sure that wanpipe is not running, to avoid errors.
Configuration in Yate
Use this tutorial to: install Yate.
To configure SIP to ISDN gateway you will need:
signaling - This is configured in ysigchan.conf.
- an ISDN trunk (container with a Q.931 call controller, a circuit group (voice circuits), a Q.921 data link and an HDLC signalling interface).
voice circuits that can be:
- local: Sangoma. This is configured in Yate in file: wpcard.conf.
Configure files:
ysigchan.conf
[trunk_isdn1]
type=isdn-pri-net
enable=yes
sig=wanpipe1
voice=wanpipe1
switchtype=euro-isdn-e1
strategy=increment
format=alaw
wpcard.conf
[wanpipe1]
type=E1
siggroup=w1g1
voicegroup=w1g2
Routing all calls through ISDN trunk:
regexroute.conf
[default]
.*=sig/\0;trunk=trunk_isdn1
Start devices
First the wanpipe must be started and then Yate.
Start wanpipe:
wanrouter start
Start Yate:
./run -vvvvv CDo
You can configure your users in regfile.conf or register.conf and start making calls.
For Sangoma binary card
The appropriate RPM can be downloaded from ftp://ftp.sangoma.com/linux/RPMS/.
To install the RPM run
rpm -i --force [the rpm name]
The force option is required to override the old modules.
Configure driver
To configure the driver you should run
/usr/sbin/wancfg
More info about that you will find out in the appropriate section of the manual.
Start Wanpipe
Finally to start Wanpipe the commands "wanrouter start" or "wanrouter start wanpipe1" must be executed.
Google voice
http://www.tuxguides.com/yate-server-free-google-voice-calling/
Set gmail account in accfile.conf :
[MyGMailAccount]
enabled=yes
protocol=jabber
username=GMail_username
password=GMail_password
domain=gmail.com
options=allowplainauth
Load Jabber client module
Since jabberclient is a client module, not loaded when Yate is running in server mode, you must explicitly load it. To do that set in yate.conf:
[postload]
${modulepath}/client/jabberclient${modsuffix}=yes
Set Yate Server with jingle in client mode
By default the jingle channel detects Yate run mode and behaves accordingly. To use it in client mode when Yate runs as server, set in yjinglechan.conf:
[general]
servermode=no
Configure users
In regfile.conf
[123]
password=secretpass
Routing calls in regexroute.conf :
[default]
; Route calls to contacts in MyGMailAccount roster
^123$=jingle/mycontact@domain;line=MyGMailAccount
; Route calls received on MyGMailAccount line
${in_line}MyGMailAccount=sip/sip:SIP_number@a.b.c.d
Using SIP MESSAGE or how to enable chat messages in SIP
By default Yate doesn't accept SIP MESSAGE requests.
To allow them in set enable=yes in message section from ysipchan.conf.
[message]
; Controls the behaviour for SIP messaging
; enable: bool: Allow the SIP module to receive MESSAGE requests
enable=yes
; auth_required: bool: Automatically challenge all senders for authentication
;auth_required=enable
; async_process: bool: Process SIP MESSAGE asynchronously in their own thread
;async_process=enable
SMSC
This is a basic example of storing received SIP MESSAGES in a database. Besides this you will need to add the logic that takes the messages from the database and sends them.
In javascript.conf in section scripts:
[scripts]
sip_messages=smsc.js
In mysqldb.conf define the database account:
[smsc]
database=smscdb
user=mysql
password=yate
Then in smsc.js from share/scripts directory in yate's sources (unless you configured a different path in javascript.conf or you installed yate) write the logic:
function onCallRoute(msg)
{
Engine.output("Handling call.route caller="+msg.caller+" called="+msg.called);
if (msg.route_type=="msg") {
var m = new Message("database");
m.account = "smsc";
m.query = "INSERT INTO sms(caller,called,message) VALUES('" + sql_escape(msg.caller) + "','" + sql_escape(msg.called) + "','" + sql_escape(msg.xsip_body) + "')";
m.dispatch();
}
}
function sql_escape(val)
{
// ..
return val;
}
Message.install(onCallRoute, "call.route", 50);
Allowing SIP MESSAGE only for some users
Here is an example of a javascript global script that allows SIP MESSAGE only for user 101.
In javascript.conf in section scripts:
[scripts]
sip_messages=filter_sip_messages.js
Then in file filter_sip_messages.js from share/scripts:
function onCallRoute(msg)
{
Engine.output("Handling call.route caller="+msg.caller+" called="+msg.called);
if (msg.route_type=="msg") {
if (msg.caller!="101") {
Engine.output("Stopping SIP MESSAGE for user "+msg.caller);
msg.reason = "rejected";
}
}
}
Message.install(onCallRoute, "call.route", 50);
How to route and bill from a database
Install devel packages for PostGreSQL in your platform. Then in Yate sources run:
./configure
make
Then start Yate:
./run -vvvvv -CDo
Check if module is loaded
Note: Check if module PostGreSQL is loaded. It is required to be loaded so that Yate can connect to database.
Verify module loading when starting Yate
When Yate starts you can see a list of modules that are loaded. If PostGreSQL does not appear, you must install the devel packages, then reload Yate.
./run -vvvvv -CDo
yate.conf
[general]
modload=no
[modules]
pgsqldb.yate=yes
Configuration
The configuration file is pgsqldb.conf. It is found in directory conf.d where Yate sources are.
The file must be renamed from pgsqldb.conf.sample into pgsqldb.conf.
There can be multiple connections to different databases.
pgsqldb.conf
[general]
; This section is special - holds settings common to all connections
; priority: int: Handler priority
;priority=100
; Each other section in this file describes a database connection
;[default]
; The section name is used as the database connection name
; autostart: bool: Automatically initiate the connection on startup
;autostart=yes
; timeout: int: Query timeout in milliseconds
;timeout=10000
; retry: int: How many times to retry the connection or query
;retry=5
; encoding: string: Character set encoding used to communicate with the server
; If not set will match the encoding of server side database
;encoding=
; connection: string: Ready-built client connection string for PQconnectStart
; If this is not set the string is built from the following pieces
; Take care if you set this - it will override anything that follows
;connection=
; host: string: PostgreSQL server to connect to
;host=localhost
; port: int: Port on which the server is listening for connections
;port=5432
; database: string: Name of the database to use in queries
;database=yate
; user: string: Username to use to access the database
;user=postgres
; password: string: Password to authenticate the user to the database server
;password=
Example
Example of configuring an PostGreSQL database account in file pgsqldb.conf:
[yateadmin]
host=localhost
port=5432
database=yateadmin
user=postgres
password=yate_admin
This is where a new connection is made.
You can have multiple connections to different databases.
The name between [] will be used in other configuration files to set the used account.
If you need to store CDRs, you will have to use register.conf file, so that Yate will know which connection to make.
register.conf
[general]
account=yateadmin
status pgsqldb
%%+status:pgsqldb
name=pgsqldb,type=database,format=Total|Failed|Errors|AvgExecTime;conns=0,failed=0
%%-status
If line name=pgsqldb,.... don't appear in the list that means that module is not loaded. Install devel packages. Then restart Yate for changes to take place.
Enable messages
In register.conf file you have to activate handlers for each message you are going to use. That means that you have to enable parameters:
- user.auth=yes -> Activate handler on the user.auth message. Used to authenticate users.
- user.register=yes -> Activate handler on the user.register message. Used for users registration.
- call.route=yes -> Activate handler on the call.route message. Used to route the calls.
- call.cdr=yes -> Activate handler on the call.cdr message. Used to write CDRs in the database.
Configure database in Yate
There are 3 steps to accomplish this task:
create your database with tables that you need for your configuration (here is an example of a database schema).
put the credentials of the database of the database created in Yate's configuration file: pgsqldb.conf).
'tell' Yate which connection to use when users will be registered. This is done in register.conf file.
Set the connection information of database
In PostgreSQL configuration file: pgsqldb.conf we have to set the connection data for this database in a section that will have the same name as the account settled in register.conf:
[yateadmin]
host=localhost
port=5432
database=yateadmin
user=postgres
password=secret
After "=" you have to write your connection information.
Set the name of the database connection
When using register module, set the name of the database connection in section [default]:
[default]
account=yateadmin
Define, authenticate, register Users
The users with their information will be kept in the database. You can see table users as an example of a table schema.
Then in register.conf you have to authenticate, register your users by enabling user.auth and user.register in [general] and writing their associated queries.
To authenticate and register users user.auth and user.register are enabled. register.conf
[general]
user.auth=yes
user.register=yes
[user.auth]
query=SELECT password FROM users WHERE username='${username}'
result=password
[user.register]
query=UPDATE users SET location='${data}',expires=CURRENT_TIMESTAMP + INTERVAL '${expires} s' WHERE username='${username}'
Route calls from database
See an example of a database schema.
In register.conf in section [general] the call.route and call.cdr must be enabled. They are used for routing the calls and writing the call logs in the database.
[general]
call.route=yes
call.cdr=yes
[call.route]
query=SELECT location,(CASE WHEN location IS NULL THEN 'offline' ELSE NULL END) AS error FROM users WHERE username='${called}'
result=location
[call.cdr]
initquery=UPDATE cdr SET ended=true WHERE ended IS NULL OR NOT ended
cdr_initialize=INSERT INTO cdr VALUES(TIMESTAMP 'EPOCH' + INTERVAL '${time} s','${chan}','${address}','${direction}','${billid}',\
'${caller}','${called}',INTERVAL '${duration} s' ,INTERVAL '${billtime} s',INTERVAL '${ringtime} s','${status}','${reason}',false)
cdr_update=UPDATE cdr SET caller='${caller}',called='${called}',duration=INTERVAL '${duration} s',billtime=INTERVAL '${billtime} s',\
ringtime=INTERVAL '${ringtime} s',status='${status}',reason='${reason}' WHERE chan='${chan}' AND billid='${billid}'
cdr_finalize=UPDATE cdr SET caller='${caller}', called='${called}', duration=INTERVAL '${duration} s',billtime=INTERVAL '${billtime} s',\
ringtime=INTERVAL '${ringtime} s',status='${status}',reason='${reason}',ended=true WHERE chan='${chan}' AND billid='${billid}'
For more complex routing like routing to registered lines(gateways) which are defined in the database, you can do a stored procedures.
Sunday, December 21, 2014
Asterisk Freeswitch FreePBX FreeTDM Skypopen FusionPbx Mysql Odbc
download Asterisk: Asterisk-13
Libpri: libpri-1.4-current
Dahdi: dahdi-linux-complete-current
Download AsteriskNOW: AsteriskNOW-current-x86_64-DVD
Asternic Call Center Stats Lite:asternic-stats-1.x
Asternic CDR Stats freePBX Module: AsternicCDR1.x
Chan_dongle
chan_dongle-1.1.r14
chan_dongle-asterisk13
download FreePBX
FreePBX13.0.0
FreePBX2.11
Download FreePBX Distro
FreePBX Distro13, 64bit, Asterisk13
freeswitch:freeswitch_install
Automatic Calling subscribers-25,000rubles:
CallCenter | Webinterface | Databaseoutgoingcalls
Installing FreeSWITCH FusionPBX Skypopen FreeTDM DAHDI mode on Centos
yum update
Disable SELinux
/bin/sed-i-es, 'SELINUX=enforcing', 'SELINUX=disabled', /etc/selinux/config
reboot
install dependencies
yum install make ncurses-devel unixODBC-devel openssl-devel gnutls-devel libogg-devel libvorbis-devel curl-devel libtiff-devel libjpeg-devel autoconf automake gcc-c++ git-core libjpeg-devel libtool subversion autoconf
automake libtoolgcc-c++ ncurses-devel makelibX11-devel Xvfbalsa-utilslibXv libXScrnSaver xorg-x11-fonts*alsa-lib libXScrnSaver libtiff-devel libjpeg-devel kernel kernel-devel gitxzxz-devel mesa-dri-drivers
sqlite sqlite-devel pcrepcre-devel speex-devel libedit-devel bison patch
alsa-libfontconfigfreetype glibc libgcc libICElibSMl ibstdc++ libX11 libXau libxcb
libXcursor libXext libXfixes libXi libXinerama libXrandr libXrender libXScrnSaver libXv
php php-pdo php-mysql
set ldns and ldns-devel
yum install ldnsldns-devel-y
yum install http*
yum install mysql*
chkconfig mysqld on
service mysqld start
Ask a MySQL password
/usr/bin/mysqladmin-urootpassword"yourpassword"
Install and configure the ODBC
yum install unixODBC-devel mysql-connector-odbc
We establish a symbolic link from libmyodbc5.soonlibmyodbc.so.[64]-64-batOS.
ln /usr/lib64/libmyodbc5.so /usr/lib64/libmyodbc.so
Run:
odbcinst-j. Displays alist ofconfiguration files.
#Odbcinst-j
unixODBC2.2.14
DRIVERS............:/etc/odbcinst.ini
SYSTEMDATASOURCES:/etc/odbc.ini
FILEDATASOURCES..:/etc/ODBCDataSources
USERDATASOURCES..:/root/.odbc.ini
SQLULENSize.......:4
SQLLENSize........:4
SQLSETPOSIROWSize.:2
Uncomment the MySQL driver settings /etc/odbcinst.ini
Add the following in formation to the odbc.ini file located in /etc/odbc.ini
[DEFAULT]
Driver=MySQL
[freeswitch]
Driver=MySQL
SERVER=localhost
PORT=3306
DATABASE=fusionpbx
OPTION=67108864
Socket=/var/lib/mysql/mysql.sock
We establish FreeSwit chcmod_skypopen.
cd /usr/src
git clone https://freeswitch.org/stash/scm/fs/freeswitch.git
cd freeswitch
./bootstrap.sh
git remote set-url origin https://freeswitch.org/stash/scm/fs/freeswitch.git
vim modules.conffile
Uncomment additional modules
mod_rtmp
mod_directory
mod_callcenter
mod_tts_commandline
mod_dingaling
mod_flite
mod_shout
mod_pocketsphinx
mod_cidlookup
mod_skypopen
mod_curl
mod_xml_curl
Install FreeSWITCH
cd /usr/src/freeswitch
./configure
make
make install
8kHz StandardAudio:
make sounds-install
make moh-install
16kHz High Definition Audio:
make hd-moh-install
make hd-sounds-install
32kHz Ultra High Definition Audio:
make uhd-moh-install
make uhd-sounds-install
48kHz CD QualityAudio:
make cd-sounds-install
make cd-moh-install
FreeTDM
https://wiki.freeswitch.org/wiki/FreeTDM
https://wiki.freeswitch.org/wiki/Freetdm.conf_Examples
Establish Skypopen
How to configure skypopen.ko OSSsound driver
Make sure that no audio drivers are not loaded ,otherwise nothing happens.
After entering:
lsmod|grepsnd
If you get a message drivers are loaded, try disabling the sound card in the bios.
Establish the dependence of Skype
yum install libqt xdg libqtxdg-devel qtwebkit qtwebkit-devel
When everything is in order, install audio driver Skypopen.
cd /usr/src/freeswitch/src/mod/endpoints/mod_skypopen/oss
make clean
make
insmod./skypopen.ko
mknod/dev/dspcMarch14
Interactive installer and configurator mod_skypopen.
cd /usr/src/freeswitch/src/mod/endpoints/mod_skypopen/install
./install.pl
Interactive Skype configurator
Add a startup script inrc.local Skype client
echo "sh/usr/local/freeswitch/skypopen/skype-clients-startup-dir/start_skype_clients.sh">> /etc/rc.d/rc.local
Related Links skypopen:
http://wiki.freeswitch.org/wiki/Mod_skypopen_Skype_Endpoint_and_Trunk
Continue FreeSwitch installation
AddUserFreeswitch:
useraddfreeswitch
Establish rules and owners to files FreeSwitch.
Copy the init script.
cd /usr/local/
chown -Rfreeswitch:freeswitchfreeswitch
chmod -Rg+w freeswitch
cd /usr/local/freeswitch/build
cp freeswitch.init.redhat /etc/init.d/freeswitch
chmod +x /etc/init.d/freeswitch
cp freeswitch.sysconfig /etc/sysconfig/freeswitch
Add installation freeswitch sysconfig
cat >> /etc/sysconfig/freeswitch<<EOT
PID_FILE=/var/run/freeswitch/freeswitch.pid
FS_USER=freeswitch
FS_FILE=/usr/local/freeswitch/bin/freeswitch
FS_HOME=/usr/local/freeswitch
EOT
Change the rights to run an init script and add FreeSwitch to start at boot time.
chmod 765 /etc/init.d/freeswitch
/sbin/chkconfig--add freeswitch
/sbin/chkconfig--level 5 freeswitchon
/sbin/chkconfig--list freeswitch
Remove the default configs FreeSwitch from the default boot.
cd /usr/local/freeswitch/conf/dialplan/default
mv 00_ladspa.xml 00_ladspa.noload
mv 00_pizza_demo.xml 00_pizza_demo.noload
mv 01_Talking_Clock.xml 01_Talking_Clock.noload
Share CLI
cd /usr/local/bin/
ln-s /usr/local/freeswitch /bin/fs_clifs_cli
We establish FusionPBX
cd /var/www/html
mkdirfusionpbx
svn co http://fusionpbx.googlecode.com/svn/trunk/fusionpbxfusionpbx
FusionPBX correct permissions.
cd /var/www/html
chown -R apache:apachefusionpbx
cd /usr/local/freeswitch/conf/
chmod 770 'find.-typed'
chmod 660 'find.-typef'
Add apache user to the group freeswitch.
usermod -a-G freeswitch apache
We star tour services and set them to autostart.
service freeswitch start
service httpd restart
chkconfig freeswitch on
chkconfig httpd on
yum install monit
service monit start
chkconfig monit on
firefox http://youraddress/fusionpbx
softphones:
Zoiper
jitsi
MicroSIP
SjPhone
Phoner
PhonerLite
QuteCom
Libpri: libpri-1.4-current
Dahdi: dahdi-linux-complete-current
Download AsteriskNOW: AsteriskNOW-current-x86_64-DVD
Asternic Call Center Stats Lite:asternic-stats-1.x
Asternic CDR Stats freePBX Module: AsternicCDR1.x
Chan_dongle
chan_dongle-1.1.r14
chan_dongle-asterisk13
download FreePBX
FreePBX13.0.0
FreePBX2.11
Download FreePBX Distro
FreePBX Distro13, 64bit, Asterisk13
freeswitch:freeswitch_install
Automatic Calling subscribers-25,000rubles:
CallCenter | Webinterface | Databaseoutgoingcalls
Installing FreeSWITCH FusionPBX Skypopen FreeTDM DAHDI mode on Centos
yum update
Disable SELinux
/bin/sed-i-es, 'SELINUX=enforcing', 'SELINUX=disabled', /etc/selinux/config
reboot
install dependencies
yum install make ncurses-devel unixODBC-devel openssl-devel gnutls-devel libogg-devel libvorbis-devel curl-devel libtiff-devel libjpeg-devel autoconf automake gcc-c++ git-core libjpeg-devel libtool subversion autoconf
automake libtoolgcc-c++ ncurses-devel makelibX11-devel Xvfbalsa-utilslibXv libXScrnSaver xorg-x11-fonts*alsa-lib libXScrnSaver libtiff-devel libjpeg-devel kernel kernel-devel gitxzxz-devel mesa-dri-drivers
sqlite sqlite-devel pcrepcre-devel speex-devel libedit-devel bison patch
alsa-libfontconfigfreetype glibc libgcc libICElibSMl ibstdc++ libX11 libXau libxcb
libXcursor libXext libXfixes libXi libXinerama libXrandr libXrender libXScrnSaver libXv
php php-pdo php-mysql
set ldns and ldns-devel
yum install ldnsldns-devel-y
yum install http*
yum install mysql*
chkconfig mysqld on
service mysqld start
Ask a MySQL password
/usr/bin/mysqladmin-urootpassword"yourpassword"
Install and configure the ODBC
yum install unixODBC-devel mysql-connector-odbc
We establish a symbolic link from libmyodbc5.soonlibmyodbc.so.[64]-64-batOS.
ln /usr/lib64/libmyodbc5.so /usr/lib64/libmyodbc.so
Run:
odbcinst-j. Displays alist ofconfiguration files.
#Odbcinst-j
unixODBC2.2.14
DRIVERS............:/etc/odbcinst.ini
SYSTEMDATASOURCES:/etc/odbc.ini
FILEDATASOURCES..:/etc/ODBCDataSources
USERDATASOURCES..:/root/.odbc.ini
SQLULENSize.......:4
SQLLENSize........:4
SQLSETPOSIROWSize.:2
Uncomment the MySQL driver settings /etc/odbcinst.ini
Add the following in formation to the odbc.ini file located in /etc/odbc.ini
[DEFAULT]
Driver=MySQL
[freeswitch]
Driver=MySQL
SERVER=localhost
PORT=3306
DATABASE=fusionpbx
OPTION=67108864
Socket=/var/lib/mysql/mysql.sock
We establish FreeSwit chcmod_skypopen.
cd /usr/src
git clone https://freeswitch.org/stash/scm/fs/freeswitch.git
cd freeswitch
./bootstrap.sh
git remote set-url origin https://freeswitch.org/stash/scm/fs/freeswitch.git
vim modules.conffile
Uncomment additional modules
mod_rtmp
mod_directory
mod_callcenter
mod_tts_commandline
mod_dingaling
mod_flite
mod_shout
mod_pocketsphinx
mod_cidlookup
mod_skypopen
mod_curl
mod_xml_curl
Install FreeSWITCH
cd /usr/src/freeswitch
./configure
make
make install
8kHz StandardAudio:
make sounds-install
make moh-install
16kHz High Definition Audio:
make hd-moh-install
make hd-sounds-install
32kHz Ultra High Definition Audio:
make uhd-moh-install
make uhd-sounds-install
48kHz CD QualityAudio:
make cd-sounds-install
make cd-moh-install
FreeTDM
https://wiki.freeswitch.org/wiki/FreeTDM
https://wiki.freeswitch.org/wiki/Freetdm.conf_Examples
Establish Skypopen
How to configure skypopen.ko OSSsound driver
Make sure that no audio drivers are not loaded ,otherwise nothing happens.
After entering:
lsmod|grepsnd
If you get a message drivers are loaded, try disabling the sound card in the bios.
Establish the dependence of Skype
yum install libqt xdg libqtxdg-devel qtwebkit qtwebkit-devel
When everything is in order, install audio driver Skypopen.
cd /usr/src/freeswitch/src/mod/endpoints/mod_skypopen/oss
make clean
make
insmod./skypopen.ko
mknod/dev/dspcMarch14
Interactive installer and configurator mod_skypopen.
cd /usr/src/freeswitch/src/mod/endpoints/mod_skypopen/install
./install.pl
Interactive Skype configurator
Add a startup script inrc.local Skype client
echo "sh/usr/local/freeswitch/skypopen/skype-clients-startup-dir/start_skype_clients.sh">> /etc/rc.d/rc.local
Related Links skypopen:
http://wiki.freeswitch.org/wiki/Mod_skypopen_Skype_Endpoint_and_Trunk
Continue FreeSwitch installation
AddUserFreeswitch:
useraddfreeswitch
Establish rules and owners to files FreeSwitch.
Copy the init script.
cd /usr/local/
chown -Rfreeswitch:freeswitchfreeswitch
chmod -Rg+w freeswitch
cd /usr/local/freeswitch/build
cp freeswitch.init.redhat /etc/init.d/freeswitch
chmod +x /etc/init.d/freeswitch
cp freeswitch.sysconfig /etc/sysconfig/freeswitch
Add installation freeswitch sysconfig
cat >> /etc/sysconfig/freeswitch<<EOT
PID_FILE=/var/run/freeswitch/freeswitch.pid
FS_USER=freeswitch
FS_FILE=/usr/local/freeswitch/bin/freeswitch
FS_HOME=/usr/local/freeswitch
EOT
Change the rights to run an init script and add FreeSwitch to start at boot time.
chmod 765 /etc/init.d/freeswitch
/sbin/chkconfig--add freeswitch
/sbin/chkconfig--level 5 freeswitchon
/sbin/chkconfig--list freeswitch
Remove the default configs FreeSwitch from the default boot.
cd /usr/local/freeswitch/conf/dialplan/default
mv 00_ladspa.xml 00_ladspa.noload
mv 00_pizza_demo.xml 00_pizza_demo.noload
mv 01_Talking_Clock.xml 01_Talking_Clock.noload
Share CLI
cd /usr/local/bin/
ln-s /usr/local/freeswitch /bin/fs_clifs_cli
We establish FusionPBX
cd /var/www/html
mkdirfusionpbx
svn co http://fusionpbx.googlecode.com/svn/trunk/fusionpbxfusionpbx
FusionPBX correct permissions.
cd /var/www/html
chown -R apache:apachefusionpbx
cd /usr/local/freeswitch/conf/
chmod 770 'find.-typed'
chmod 660 'find.-typef'
Add apache user to the group freeswitch.
usermod -a-G freeswitch apache
We star tour services and set them to autostart.
service freeswitch start
service httpd restart
chkconfig freeswitch on
chkconfig httpd on
yum install monit
service monit start
chkconfig monit on
firefox http://youraddress/fusionpbx
softphones:
Zoiper
jitsi
MicroSIP
SjPhone
Phoner
PhonerLite
QuteCom
Saturday, December 13, 2014
Complete working software
Telephony network from scratch
dependency libraries
yum install opencore-amr
From LCR only, this package installs GSM adaptive multirate codecs and the EFR codec. The Full-Rate codec is included in LCR's repository.
wget http://sourceforge.net/projects/opencore-amr/files/opencore-amr/
tar xvzf opencore-amr-x.x.x.tar.gz
cd opencore-amr-x.x.x
./configure
make
make install
ldconfig
cd ..
This package installs the open source SIP stack of Nokia Research Center.
wget http://sourceforge.net/projects/sofia-sip/files/sofia-sip/
tar xvzf sofia-sip-x.xx.xx.tar.gz
cd sofia-sip-x.xx.xx
./configure
make
make install
ldconfig
cd ..
This package installs the open source RTP protocol required for libosmo-abis.
wget http://download.savannah.gnu.org/releases/linphone/ortp/sources/
tar xvzf ortp-x.xx.x.tar.gz
cd ortp-x.xx.x
./configure
make
make install
ldconfig
cd ..
yum install sqlite3 libdbi dbd-sqlite3
This package installs the core utility library for various Osmocom projects.
git clone git://git.osmocom.org/libosmocore.git
cd libosmocore
autoreconf -i
./configure
make
make install
ldconfig
cd ..
This package installs the core utility library for various Osmocom projects.
git clone git://git.osmocom.org/libosmo-abis.git
PKG_CONFIG_PATH=/usr/local/lib/pkgconfig/ ./configure .....
cd libosmo-abis
# change branch:
git checkout -b jolly/multi-trx origin/jolly/multi-trx
autoreconf -i
./configure
(sometimes it is necessary to point to different .../lib/pkgconfig/ path: PKG_CONFIG_PATH=/usr/local/lib/pkgconfig/ ./configure .....)
make
make install
ldconfig
cd ..
This package installs the [wiki:osmo-nitb Osmocom Network In The Box] software
git clone git://git.osmocom.org/openbsc.git
cd openbsc/openbsc/
# change branch:
git checkout -b jolly/testing origin/jolly/testing
autoreconf -i
./configure
(sometimes it is necessary to point to different .../lib/pkgconfig/ path: PKG_CONFIG_PATH=/usr/local/lib/pkgconfig/ ./configure .....)
make
make install
cd ../..
This package installs the open source Base Transceiver Station.
git clone git://git.osmocom.org/osmo-bts.git
cd osmo-bts
#change branch:
git checkout -b jolly/trx origin/jolly/trx
autoreconf -i
./configure --enable-trx
(sometimes it is necessary to point to different .../lib/pkgconfig/ path: PKG_CONFIG_PATH=/usr/local/lib/pkgconfig/ ./configure .....)
make
make install
cd ..
This package installs the open source PBX software to bridge ISDN (DSS1) / SIP / GSM (MNCC protocol)
git clone git://git.misdn.eu/lcr.git/
cd lcr
autoreconf -i
./configure --with-sip --with-gsm-bs --with-gsm-ms
PKG_CONFIG_PATH=/usr/local/lib/pkgconfig/ ./configure .....
make
make install
ldconfig
cd ..
Configuration examples
OsmoBTS
mkdir ~/.osmocom
vim ~/.osmocom/osmo-bts.cfg
bts 0
band DCS1800
ipa unit-id 1801 0
oml remote-ip 127.0.0.1
rtp bind-ip 127.0.0.1
rtp jitter-buffer 0
paging lifetime 0
gsmtap-sapi bcch
gsmtap-sapi ccch
gsmtap-sapi rach
gsmtap-sapi agch
gsmtap-sapi pch
gsmtap-sapi sdcch
gsmtap-sapi pacch
gsmtap-sapi pdtch
gsmtap-sapi sacch
fn-advance 20
ms-power-loop -10
timing-advance-loop
trx 0
rxgain 0
power 0
OpenBSC
mkdir ~/.osmocom
vim ~/.osmocom/open-bsc.cfg
Change 'arfcn' to a frequency you have license for
e1_input
e1_line 0 driver ipa
e1_line 0 port 0
network
network country code 262
mobile network code 42
short name OpenBSC
long name OpenBSC
auth policy accept-all
location updating reject cause 13
encryption a5 0
neci 1
paging any use tch 0
rrlp mode ms-based
mm info 1
handover 0
handover window rxlev averaging 10
handover window rxqual averaging 1
handover window rxlev neighbor averaging 10
handover power budget interval 6
handover power budget hysteresis 3
handover maximum distance 9999
timer t3101 10
timer t3103 0
timer t3105 0
timer t3107 0
timer t3109 0
timer t3111 0
timer t3113 60
timer t3115 0
timer t3117 0
timer t3119 0
timer t3122 10
timer t3141 0
dtx-used 0
subscriber-keep-in-ram 0
bts 0
type sysmobts
band DCS1800
cell_identity 0
location_area_code 1
training_sequence_code 7
base_station_id_code 63
ms max power 0
cell reselection hysteresis 4
rxlev access min 0
periodic location update 30
channel allocator descending
rach tx integer 9
rach max transmission 7
channel-descrption attach 1
channel-descrption bs-pa-mfrms 5
channel-descrption bs-ag-blks-res 1
ip.access unit_id 1801 0
oml ip.access stream_id 255 line 0
neighbor-list mode automatic
trx 0
rf_locked 0
arfcn 869
nominal power 0
max_power_red 0
rsl e1 tei 0
timeslot 0
phys_chan_config CCCH+SDCCH4
hopping enabled 0
timeslot 1
phys_chan_config TCH/F
hopping enabled 0
timeslot 2
phys_chan_config TCH/F
hopping enabled 0
timeslot 3
phys_chan_config TCH/F
hopping enabled 0
timeslot 4
phys_chan_config TCH/F
hopping enabled 0
timeslot 5
phys_chan_config TCH/F
hopping enabled 0
timeslot 6
phys_chan_config TCH/F
hopping enabled 0
timeslot 7
phys_chan_config TCH/F
hopping enabled 0
Linux-Call-Router (LCR) (optional)
vim /usr/local/etc/lcr/options.conf
Add a line to show logging to the console:
debug 0x100000
The simplest configuration uses only the GSM interface. It allows LCR to forward calls from GSM to GSM or from GSM to a call test feature.
vim /usr/local/etc/lcr/interface.conf
You can remove or comment everything and just add this interface:
[gsm]
gsm-bs
tones yes
earlyb no
extern
routing.conf
vim /usr/local/etc/lcr/routing.conf
You can remove or comment everything and just add these rulesets:
[main]
interface=gsm : goto ruleset=gsm
: disconnect cause=31
[gsm]
dialing=99 : test
: extern interfaces=gsm
Look at the gsm rule set. All calls that dial '99' prefix, will be test calls. All other calls will be forwarded back to 'gsm' interface.
Running
Open a shell and start OpenBSC:
osmo-nitb -c ~/.osmocom/open-bsc.cfg -l ~/.osmocom/hlr.sqlite3 -P -C --debug=DRLL:DCC:DMM:DRR:DRSL:DNM
OpenBSC runs as a stand-alone network with given config file and data base. In order to use LCR, add '-m' option. In this case the LCR replaces the built-in call control.
osmo-nitb -c ~/.osmocom/open-bsc.cfg -l ~/.osmocom/hlr.sqlite3 -P -m -C --debug=DRLL:DCC:DMM:DRR:DRSL:DNM
Very important is the option '-C'. On certain machines, osmo-nitb will halt from time to time while writing counters to database. This Without this option, audio might interrupt several seconds from time to time.
The debugging is usefull for early tests, because you will quickly see what happens if a mobile requests something.
<0005> bsc_init.c:422
WARNING: You are running an 'accept-all' network on a BTS that is not barred.
This configuration is likely to interfere with production GSM networks and
should only be used in a RF shielded environment such as a faraday cage!
<0019> input/ipaccess.c:925 enabling ipaccess BSC mode
DB: Database initialized.
DB: Database prepared.
<001d> sms_queue.c:220 Attempting to send 20 SMS
Open a shell and start OsmoBTS:
osmobts-trx -c ~/.osmocom/osmo-bts.cfg
Refer to the [wiki:OsmoTRX] page on how to run OsmoTRX.
The installation/setup/calibration of UmTRX is beyond the scope of this document. Please refer to:
https://github.com/fairwaves
http://files.ettus.com/uhd_docs/manual/html/build.html
http://wush.net/trac/rangepublic/wiki/BuildInstallRun
calypso-BTS
Building Osmocom-BB with arm-elf toolchain is also beyond the scope of this document. If you managed to compile and run Osmocom-BB you should be able to run the transceiver too.
git clone git://git.osmocom.org/libosmo-dsp.git
git clone git://git.osmocom.org/osmocom-bb.git
In order to compile Osmocom-BB with transceiver support, do the following:
cd libosmo-dsp
autoreconf -i
./configure
(sometimes it is necessary to point to different .../lib/pkgconfig/ path: PKG_CONFIG_PATH=/usr/local/lib/pkgconfig/ ./configure .....)
make
make install
cd ..
cd osmocom-bb
# change branch:
git checkout -b jolly/testing origin/jolly/testing
cd src
make
# after it compiles, just enable transceiver support
cd host/layer23
./configure --enable-transceiver
make
'''NOTE: "ms-power-loop" at osmo-bts.cfg should be set to -65, in order to prevent saturating the input. Also if the phone is only one or few meters away, "ms max power" should be set to 0. In case of long distance test it can be set to 30 (DCS) or 33 (GSM 900).'''
Now you should start with a single phone for one timeslot only. If it works, you can try two phones to serve two timeslots. Since you have only one slot, you will only be able to transmit broadcast, do location updating and send/receive SMS. Here is the "osmo-bts.cfg" for a single timeslot:
bts 0
band DCS1800
ipa unit-id 1801 0
oml remote-ip 127.0.0.1
rtp jitter-buffer 0
paging queue-size 200
paging lifetime 0
fn-advance 30
ms-power-loop -60
timing-advance-loop
settsc
setbsic
trx 0
rxgain 0
power 0
slotmask 1 0 0 0 0 0 0 0
Run osmocon and transceiver application in separate shells:
# Please refer to Osmocom-BB wiki for compiling and running own firmware on compal phones...
osmocon -p /dev/ttyUSB0 -m c123xor -c path_to/trx.highram.bin -r 99
transceiver -e 5 -r 99
When using two phones, two timeslots can be served. I suggest to configure second timeslot (TS 1) as TCH/H at openbsc.cnf. This way it is possible to allow two traffic channels on a single timeslot. If you do a call from one phone to another, you will need one channel for each phone. In order to use two phones, you need to change the alot map of osmo-bts.cnf:
slotmask 1 1 0 0 0 0 0 0
Run two osmocon and transceiver application in separate shells:
osmocon -p /dev/ttyUSB0 -m c123xor -c path_to/trx.highram.bin -r 99
# This osmocon connects to the serial interface of the second phone.
# Note: "/tmp/osmocom_l2.2" is the second socket to which the transceiver will connect.
osmocon -p /dev/ttyUSB1 -s /tmp/osmocom_l2.2 -m c123xor -c path_to/trx.highram.bin -r 99
transceiver -e 5 -r 99 -2
Run Linux-Call-Router (LCR) (optional) with debugging output
lcr start
Test
Location Updating
Switch on the phone.
If you have a SIM card for your network 262 42, you can use it and do automatic network search. If not, do a manual network and select this network. You should see debugging output on OpenBSC like this:
<0002> gsm_04_08.c:424 -> LOCATION UPDATE ACCEPT
Call the music (LCR required)
Now enter phone number 995 to select the test function 5 of LCR. This test function just plays the hold music.
Echo and BFI test (LCR required)
Enter phone number 993 to select the test function 3 of LCR. This test function echoes back everything that is received. Note that it will re-transcode the speech data, so the audio from your voice is compressed and decompressed twice until you can hear a fraction of a second later.
You may experience short beeps. These beeps represent all bad frames that could not be decoded or got lost over the air. (Without this test, the missing frames will be extrapolated from previous frame, so some loss rate will not be recognized by the remote end.)
Original post is here
http://openbsc.osmocom.org/trac/wiki/network_from_scratch
dependency libraries
yum install opencore-amr
From LCR only, this package installs GSM adaptive multirate codecs and the EFR codec. The Full-Rate codec is included in LCR's repository.
wget http://sourceforge.net/projects/opencore-amr/files/opencore-amr/
tar xvzf opencore-amr-x.x.x.tar.gz
cd opencore-amr-x.x.x
./configure
make
make install
ldconfig
cd ..
This package installs the open source SIP stack of Nokia Research Center.
wget http://sourceforge.net/projects/sofia-sip/files/sofia-sip/
tar xvzf sofia-sip-x.xx.xx.tar.gz
cd sofia-sip-x.xx.xx
./configure
make
make install
ldconfig
cd ..
This package installs the open source RTP protocol required for libosmo-abis.
wget http://download.savannah.gnu.org/releases/linphone/ortp/sources/
tar xvzf ortp-x.xx.x.tar.gz
cd ortp-x.xx.x
./configure
make
make install
ldconfig
cd ..
yum install sqlite3 libdbi dbd-sqlite3
This package installs the core utility library for various Osmocom projects.
git clone git://git.osmocom.org/libosmocore.git
cd libosmocore
autoreconf -i
./configure
make
make install
ldconfig
cd ..
This package installs the core utility library for various Osmocom projects.
git clone git://git.osmocom.org/libosmo-abis.git
PKG_CONFIG_PATH=/usr/local/lib/pkgconfig/ ./configure .....
cd libosmo-abis
# change branch:
git checkout -b jolly/multi-trx origin/jolly/multi-trx
autoreconf -i
./configure
(sometimes it is necessary to point to different .../lib/pkgconfig/ path: PKG_CONFIG_PATH=/usr/local/lib/pkgconfig/ ./configure .....)
make
make install
ldconfig
cd ..
This package installs the [wiki:osmo-nitb Osmocom Network In The Box] software
git clone git://git.osmocom.org/openbsc.git
cd openbsc/openbsc/
# change branch:
git checkout -b jolly/testing origin/jolly/testing
autoreconf -i
./configure
(sometimes it is necessary to point to different .../lib/pkgconfig/ path: PKG_CONFIG_PATH=/usr/local/lib/pkgconfig/ ./configure .....)
make
make install
cd ../..
This package installs the open source Base Transceiver Station.
git clone git://git.osmocom.org/osmo-bts.git
cd osmo-bts
#change branch:
git checkout -b jolly/trx origin/jolly/trx
autoreconf -i
./configure --enable-trx
(sometimes it is necessary to point to different .../lib/pkgconfig/ path: PKG_CONFIG_PATH=/usr/local/lib/pkgconfig/ ./configure .....)
make
make install
cd ..
This package installs the open source PBX software to bridge ISDN (DSS1) / SIP / GSM (MNCC protocol)
git clone git://git.misdn.eu/lcr.git/
cd lcr
autoreconf -i
./configure --with-sip --with-gsm-bs --with-gsm-ms
PKG_CONFIG_PATH=/usr/local/lib/pkgconfig/ ./configure .....
make
make install
ldconfig
cd ..
Configuration examples
OsmoBTS
mkdir ~/.osmocom
vim ~/.osmocom/osmo-bts.cfg
bts 0
band DCS1800
ipa unit-id 1801 0
oml remote-ip 127.0.0.1
rtp bind-ip 127.0.0.1
rtp jitter-buffer 0
paging lifetime 0
gsmtap-sapi bcch
gsmtap-sapi ccch
gsmtap-sapi rach
gsmtap-sapi agch
gsmtap-sapi pch
gsmtap-sapi sdcch
gsmtap-sapi pacch
gsmtap-sapi pdtch
gsmtap-sapi sacch
fn-advance 20
ms-power-loop -10
timing-advance-loop
trx 0
rxgain 0
power 0
OpenBSC
mkdir ~/.osmocom
vim ~/.osmocom/open-bsc.cfg
Change 'arfcn' to a frequency you have license for
e1_input
e1_line 0 driver ipa
e1_line 0 port 0
network
network country code 262
mobile network code 42
short name OpenBSC
long name OpenBSC
auth policy accept-all
location updating reject cause 13
encryption a5 0
neci 1
paging any use tch 0
rrlp mode ms-based
mm info 1
handover 0
handover window rxlev averaging 10
handover window rxqual averaging 1
handover window rxlev neighbor averaging 10
handover power budget interval 6
handover power budget hysteresis 3
handover maximum distance 9999
timer t3101 10
timer t3103 0
timer t3105 0
timer t3107 0
timer t3109 0
timer t3111 0
timer t3113 60
timer t3115 0
timer t3117 0
timer t3119 0
timer t3122 10
timer t3141 0
dtx-used 0
subscriber-keep-in-ram 0
bts 0
type sysmobts
band DCS1800
cell_identity 0
location_area_code 1
training_sequence_code 7
base_station_id_code 63
ms max power 0
cell reselection hysteresis 4
rxlev access min 0
periodic location update 30
channel allocator descending
rach tx integer 9
rach max transmission 7
channel-descrption attach 1
channel-descrption bs-pa-mfrms 5
channel-descrption bs-ag-blks-res 1
ip.access unit_id 1801 0
oml ip.access stream_id 255 line 0
neighbor-list mode automatic
trx 0
rf_locked 0
arfcn 869
nominal power 0
max_power_red 0
rsl e1 tei 0
timeslot 0
phys_chan_config CCCH+SDCCH4
hopping enabled 0
timeslot 1
phys_chan_config TCH/F
hopping enabled 0
timeslot 2
phys_chan_config TCH/F
hopping enabled 0
timeslot 3
phys_chan_config TCH/F
hopping enabled 0
timeslot 4
phys_chan_config TCH/F
hopping enabled 0
timeslot 5
phys_chan_config TCH/F
hopping enabled 0
timeslot 6
phys_chan_config TCH/F
hopping enabled 0
timeslot 7
phys_chan_config TCH/F
hopping enabled 0
Linux-Call-Router (LCR) (optional)
vim /usr/local/etc/lcr/options.conf
Add a line to show logging to the console:
debug 0x100000
The simplest configuration uses only the GSM interface. It allows LCR to forward calls from GSM to GSM or from GSM to a call test feature.
vim /usr/local/etc/lcr/interface.conf
You can remove or comment everything and just add this interface:
[gsm]
gsm-bs
tones yes
earlyb no
extern
routing.conf
vim /usr/local/etc/lcr/routing.conf
You can remove or comment everything and just add these rulesets:
[main]
interface=gsm : goto ruleset=gsm
: disconnect cause=31
[gsm]
dialing=99 : test
: extern interfaces=gsm
Look at the gsm rule set. All calls that dial '99' prefix, will be test calls. All other calls will be forwarded back to 'gsm' interface.
Running
Open a shell and start OpenBSC:
osmo-nitb -c ~/.osmocom/open-bsc.cfg -l ~/.osmocom/hlr.sqlite3 -P -C --debug=DRLL:DCC:DMM:DRR:DRSL:DNM
OpenBSC runs as a stand-alone network with given config file and data base. In order to use LCR, add '-m' option. In this case the LCR replaces the built-in call control.
osmo-nitb -c ~/.osmocom/open-bsc.cfg -l ~/.osmocom/hlr.sqlite3 -P -m -C --debug=DRLL:DCC:DMM:DRR:DRSL:DNM
Very important is the option '-C'. On certain machines, osmo-nitb will halt from time to time while writing counters to database. This Without this option, audio might interrupt several seconds from time to time.
The debugging is usefull for early tests, because you will quickly see what happens if a mobile requests something.
<0005> bsc_init.c:422
WARNING: You are running an 'accept-all' network on a BTS that is not barred.
This configuration is likely to interfere with production GSM networks and
should only be used in a RF shielded environment such as a faraday cage!
<0019> input/ipaccess.c:925 enabling ipaccess BSC mode
DB: Database initialized.
DB: Database prepared.
<001d> sms_queue.c:220 Attempting to send 20 SMS
Open a shell and start OsmoBTS:
osmobts-trx -c ~/.osmocom/osmo-bts.cfg
Refer to the [wiki:OsmoTRX] page on how to run OsmoTRX.
The installation/setup/calibration of UmTRX is beyond the scope of this document. Please refer to:
https://github.com/fairwaves
http://files.ettus.com/uhd_docs/manual/html/build.html
http://wush.net/trac/rangepublic/wiki/BuildInstallRun
calypso-BTS
Building Osmocom-BB with arm-elf toolchain is also beyond the scope of this document. If you managed to compile and run Osmocom-BB you should be able to run the transceiver too.
git clone git://git.osmocom.org/libosmo-dsp.git
git clone git://git.osmocom.org/osmocom-bb.git
In order to compile Osmocom-BB with transceiver support, do the following:
cd libosmo-dsp
autoreconf -i
./configure
(sometimes it is necessary to point to different .../lib/pkgconfig/ path: PKG_CONFIG_PATH=/usr/local/lib/pkgconfig/ ./configure .....)
make
make install
cd ..
cd osmocom-bb
# change branch:
git checkout -b jolly/testing origin/jolly/testing
cd src
make
# after it compiles, just enable transceiver support
cd host/layer23
./configure --enable-transceiver
make
'''NOTE: "ms-power-loop" at osmo-bts.cfg should be set to -65, in order to prevent saturating the input. Also if the phone is only one or few meters away, "ms max power" should be set to 0. In case of long distance test it can be set to 30 (DCS) or 33 (GSM 900).'''
Now you should start with a single phone for one timeslot only. If it works, you can try two phones to serve two timeslots. Since you have only one slot, you will only be able to transmit broadcast, do location updating and send/receive SMS. Here is the "osmo-bts.cfg" for a single timeslot:
bts 0
band DCS1800
ipa unit-id 1801 0
oml remote-ip 127.0.0.1
rtp jitter-buffer 0
paging queue-size 200
paging lifetime 0
fn-advance 30
ms-power-loop -60
timing-advance-loop
settsc
setbsic
trx 0
rxgain 0
power 0
slotmask 1 0 0 0 0 0 0 0
Run osmocon and transceiver application in separate shells:
# Please refer to Osmocom-BB wiki for compiling and running own firmware on compal phones...
osmocon -p /dev/ttyUSB0 -m c123xor -c path_to/trx.highram.bin -r 99
transceiver -e 5 -r 99
When using two phones, two timeslots can be served. I suggest to configure second timeslot (TS 1) as TCH/H at openbsc.cnf. This way it is possible to allow two traffic channels on a single timeslot. If you do a call from one phone to another, you will need one channel for each phone. In order to use two phones, you need to change the alot map of osmo-bts.cnf:
slotmask 1 1 0 0 0 0 0 0
Run two osmocon and transceiver application in separate shells:
osmocon -p /dev/ttyUSB0 -m c123xor -c path_to/trx.highram.bin -r 99
# This osmocon connects to the serial interface of the second phone.
# Note: "/tmp/osmocom_l2.2" is the second socket to which the transceiver will connect.
osmocon -p /dev/ttyUSB1 -s /tmp/osmocom_l2.2 -m c123xor -c path_to/trx.highram.bin -r 99
transceiver -e 5 -r 99 -2
Run Linux-Call-Router (LCR) (optional) with debugging output
lcr start
Test
Location Updating
Switch on the phone.
If you have a SIM card for your network 262 42, you can use it and do automatic network search. If not, do a manual network and select this network. You should see debugging output on OpenBSC like this:
<0002> gsm_04_08.c:424 -> LOCATION UPDATE ACCEPT
Call the music (LCR required)
Now enter phone number 995 to select the test function 5 of LCR. This test function just plays the hold music.
Echo and BFI test (LCR required)
Enter phone number 993 to select the test function 3 of LCR. This test function echoes back everything that is received. Note that it will re-transcode the speech data, so the audio from your voice is compressed and decompressed twice until you can hear a fraction of a second later.
You may experience short beeps. These beeps represent all bad frames that could not be decoded or got lost over the air. (Without this test, the missing frames will be extrapolated from previous frame, so some loss rate will not be recognized by the remote end.)
Original post is here
http://openbsc.osmocom.org/trac/wiki/network_from_scratch
Radius Active Directory Cisco
Debian/Ubuntu
tar zxf freeradius-server-2.X.Y.tar.gz
cd freeradius-server-2.X.Y
fakeroot dpkg-buildpackage -b -uc
dpkg -i ../*freeradius*_2.X.Y-*_*.deb
add-apt-repository ppa:freeradius/stable-3.0
or
deb http://ppa.launchpad.net/freeradius/stable-3.0/ubuntu UBUNTU_VERSION_HERE main
deb-src http://ppa.launchpad.net/freeradius/stable-3.0/ubuntu UBUNTU_VERSION_HERE main
apt-get install dpkg-dev
apt-get build-dep freeradius
Dependencies
For OpenCSW install GCC
pkg-util -i -y gcc4-core
FreeRadius on Solaris
./configure
make
make install
export PATH='/usr/sbin:/usr/bin:/opt/csw/bin:/opt/csw/gcc3/bin:/usr/ccs/bin:/opt/SUNWspro/bin'
export CFLAGS='-I/usr/local/openldap/include/ -I/usr/local/mysql/include/mysql/ -I/opt/csw/include/'
export LDFLAGS='-L/usr/local/openldap/lib/ -R/usr/local/openldap/lib -L/usr/local/mysql/lib -R/usr/local/mysql/lib -L/opt/csw/lib -R/opt/csw/lib'
export LD_OPTIONS='-L/usr/local/openldap/lib/ -R/usr/local/openldap/lib -L/usr/local/mysql/lib -R/usr/local/mysql/lib -L/opt/csw/lib -R/opt/csw/lib'
./configure --prefix=/usr/local/freeradius-1.1.2-mysql-ldap --with-ldap --with-mysql-dir=/usr/local/mysql-5.0.21
gmake
gmake install
vim /usr/local/lib/gcc-lib/sparc-sun-solaris2.10/3.3.2/install-tools/mkheaders.conf
SHELL=/bin/sh
SYSTEM_HEADER_DIR="/usr/include"
OTHER_FIXINCLUDES_DIRS=""
FIXPROTO_DEFINES=""
STMP_FIXPROTO="stmp-fixproto"
STMP_FIXINC="stmp-fixinc"
Rebuild the headers.
./mkheaders
On mac
curl -LO http://www.samba.org/ftp/talloc/talloc-2.1.0.tar.gz
tar zxvf talloc-2.1.0.tar.gz
cd talloc-2.1.0
./configure --without-gettext
make
make install
cd ../
curl -LO ftp://ftp.freeradius.org/pub/freeradius/freeradius-server-3.0.0.tar.gz
tar zxvf freeradius-server-3.0.0.tar.gz
cd freeradius-server-3.0.0
./configure --enable-developer
make
make install
Centos
yum install freeradius
yum upgrade freeradius
yum install freeradius-mysql
yum --enablerepo=updates-testing update freeradius
yum info freeradius\*
rpm -qa freeradius\*
rpm -qf /usr/lib/freeradius/rlm_sql_mysql.so
yum whatprovides /usr/lib/freeradius/rlm_sql_mysql\*.so
service radiusd start
chkconfig radiusd on
chkconfig --list radiusd
chkconfig radiusd off
rpm -ql freeradius-mysql
rpm -qlp /usr/src/redhat/RPMS/i386/freeradius-mysql-2.1.1-7.fc10.i386.rpm
rpm -qf /usr/lib/freeradius/rlm_sql_mysql-2.1.1.so
yum install rpm-build
yum install yum-utils
yum install freeradius freeradius-libs freeradius-utils freeradius-ldap freeradius-python freeradius-mysql
for manual installation of dependencies packages
rpm -Uhv /usr/src/redhat/RPMS/pkgName.x86_64.rpm
For CentOS CentOS-6 run the following as root:
cd /etc/yum.repos.d/
wget http://download.opensuse.org/repositories/home:freeradius:3.0.x:centos/CentOS_CentOS-6/home:freeradius:3.0.x:centos.repo
yum install freeradius
vim smb.conf
[global]
# workgroup = NT-Domain-Name or Workgroup-Name
workgroup = XYZDOM //the name of your domain
# Security mode. Most people will want user level
# security. See security_level.txt for details.
security = ads
======== Share Definitions ========
...
winbind use default domain = no
password server = XYZSRV.XYZ-COMPANY.COM //your AD-server
realm = XYZ-COMPANY.COM //your realm
[homes]
comment = Home Directories
browseable = no
writable = yes
vim etc/krb5.conf.
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
default_realm = EXAMPLE.COM
dns_lookup_realm = false
dns_lookup_kdc = false
[realms]
EXAMPLE.COM = {
kdc = kerberos.example.com:88
admin_server = kerberos.example.com:749
default_domain = example.com
}
XYZ-COMPANY.COM = {
kdc = XYZSRV.XYZ-COMPANY.COM
}
[domain_realm]
.example.com = EXAMPLE.COM
example.com = EXAMPLE.COM
[kdc]
profile = /var/kerberos/krb5kdc/kdc.conf
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}
vim /etc/nsswitch.conf
#and add winbind at the end of each line shown below
passwd: files winbind
shadow: files winbind
group: files winbind
protocols: files winbind
services: files winbind
netgroup: files winbind
automount: files winbind
reboot
ps –ef | grep nmbd
ps –ef | grep smbd
net join –U Administrator
Administrator is the name of the domain controller admin. Enter your password when prompted. If everything works fine, the Linux server has been registered to the Windows domain.
Verify now if the winbindd daemon is running
ps –ef | grep winbindd
Try next if you can authenticate a user from the domain
wbinfo –a user%password
The error is absolutely normal in this case because there are no cleartext user credentials on the domain Controller (Active Directory) for this user
challenge/response password authentication succeeded
Type the following line
ntlm_auth –-request-nt-key –-domain=<your domain> –-username=<your username>
For example
ntlm_auth –-request-nt-key –-domain=XYZDOM –-username=example_user
You will be prompted for your password.
The command line returns
NT_STATUS_OK : Success (0x0)
If the username and password are the same as those stored in Active Directory.
The radiusd.conf file sets the uid and gid your radiusd process will run as (by the user and group directives, respectively). The ntlm_auth process will have the same identity. If your filesystem containing the winbindd_privileged directory supports POSIX ACLs, you can safely grant ntlm_auth the necessary permissions, in case your disribution's default setting were insufficient. If radiusd runs as the user radiusd for example, then you should use setfacl the following way
setfacl -m u:radiusd:rx winbindd_privileged
man setfacl
for more information on POSIX ACLs!
In order to get FreeRADIUS working, the following files must be configured:
clients.conf
mods-available/mschap
mods-available/eap
users
vim clients.conf
client 192.168.2.44 {
secret = 2!34r&dp0t
shortname = 192.168.2.44
nastype = cisco
}
#Shared secret for them all
client 192.168.2.0/24 {
secret = 2!34r&dp0t
shortname = network1
}
mods-available/mschap
with_ntdomain_hack = yes
ntlm_auth = "/path/to/ntlm_auth --request-nt-key --username=%{%{Stripped-User-Name}:-%{%{User-Name}:-None}} --challenge=%{%{mschap:Challenge}:-00} --nt-response=%{%{mschap:NT-Response}:-00}"
--domain=%{mschap:NT-Domain}
mods-available/eap
default_eap_type = peap.
tls-config tls-common {
random_file = /dev/urandom.
vim raddb/users
username1 Cleartext-Password := "user-password1", MS-CHAP-Use-NTLM-Auth := 0
username2 Cleartext-Password := "user-password2", MS-CHAP-Use-NTLM-Auth := 0
username3 Cleartext-Password := "user-password3", MS-CHAP-Use-NTLM-Auth := 0
authorize {
...
# Read the 'users' file
files # <--- This one!
...
}
Activate AAA (Authentication, Authorization, Accounting)
enable aaa new-model
Create a list of authentication methods by using Radius group as default.
aaa authentication dot1x default group radius
Activate authorization for using dynamic VLAN assignment by Radius.
aaa authorization network default group radius
Configure parameters of Radius server. In this case we use IP 192.168.2.16 and the default ports 1812 and 1813
radius-server host 192.168.2.16 auth-port 1812 acct-port 1813 timeout 3
Configure the maximum number of retransmissions to the server for the requests
radius server retransmit 3
Configure the shared secret between switch and Radius server.
radius server key <mysharedsecret>
Please use the secret that you have specified in the clients.conf file.
Next we must configure each interface (port) to operate in 802.1X mode.
Repeat this procedure for each port that should do access control
configure terminal
(config)#interface FastEthernet1/0/12
(config-if)# switchport mode access
(config-if)# dot1x port-control auto
(config-if)# end
The command show dot1x< allows to check 802.1X settings.
Do not forget to save the configuration of your switch.
copy running-config startup-config
vim /usr/local/openssl/ssl/openssl.cnf
# req_extensions = v3_req
# The extensions to add to a certificate request
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = LU
countryName_min = 2
countryName_max = 2
stateOrProvinceName = State or Province Name (full name)
stateOrProvinceName_default = Luxembourg
localityName = Locality Name (eg, city)
localityName_default = Luxembourg-city
0.organizationName = Organization Name (eg, company)
0.organizationName_default = XYZ
organizationalUnitName = Organizational Unit Name
organizationalUnitName_default = IT
commonName = Common Name (eg, YOUR name)
commonName_max = 64
commonName_default = administrator
emailAddress = Email Address
emailAddress_max = 40
emailAddress_default = operations@xyz.com
# SET-ex3 = SET extension number 3
[ req_attributes ]
challengePassword = A challenge password
challengePassword_min = 4
challengePassword_max = 20
challengePassword_default = whatever
unstructuredName = An optional company name
echo "newreq.pem" | /usr/local/openssl/ssl/misc/CA.pl –newca
find / -name CA.all
Move all the files to /etc/raddb/certs/
tar zxf freeradius-server-2.X.Y.tar.gz
cd freeradius-server-2.X.Y
fakeroot dpkg-buildpackage -b -uc
dpkg -i ../*freeradius*_2.X.Y-*_*.deb
add-apt-repository ppa:freeradius/stable-3.0
or
deb http://ppa.launchpad.net/freeradius/stable-3.0/ubuntu UBUNTU_VERSION_HERE main
deb-src http://ppa.launchpad.net/freeradius/stable-3.0/ubuntu UBUNTU_VERSION_HERE main
apt-get install dpkg-dev
apt-get build-dep freeradius
Dependencies
For OpenCSW install GCC
pkg-util -i -y gcc4-core
FreeRadius on Solaris
./configure
make
make install
export PATH='/usr/sbin:/usr/bin:/opt/csw/bin:/opt/csw/gcc3/bin:/usr/ccs/bin:/opt/SUNWspro/bin'
export CFLAGS='-I/usr/local/openldap/include/ -I/usr/local/mysql/include/mysql/ -I/opt/csw/include/'
export LDFLAGS='-L/usr/local/openldap/lib/ -R/usr/local/openldap/lib -L/usr/local/mysql/lib -R/usr/local/mysql/lib -L/opt/csw/lib -R/opt/csw/lib'
export LD_OPTIONS='-L/usr/local/openldap/lib/ -R/usr/local/openldap/lib -L/usr/local/mysql/lib -R/usr/local/mysql/lib -L/opt/csw/lib -R/opt/csw/lib'
./configure --prefix=/usr/local/freeradius-1.1.2-mysql-ldap --with-ldap --with-mysql-dir=/usr/local/mysql-5.0.21
gmake
gmake install
vim /usr/local/lib/gcc-lib/sparc-sun-solaris2.10/3.3.2/install-tools/mkheaders.conf
SHELL=/bin/sh
SYSTEM_HEADER_DIR="/usr/include"
OTHER_FIXINCLUDES_DIRS=""
FIXPROTO_DEFINES=""
STMP_FIXPROTO="stmp-fixproto"
STMP_FIXINC="stmp-fixinc"
Rebuild the headers.
./mkheaders
On mac
curl -LO http://www.samba.org/ftp/talloc/talloc-2.1.0.tar.gz
tar zxvf talloc-2.1.0.tar.gz
cd talloc-2.1.0
./configure --without-gettext
make
make install
cd ../
curl -LO ftp://ftp.freeradius.org/pub/freeradius/freeradius-server-3.0.0.tar.gz
tar zxvf freeradius-server-3.0.0.tar.gz
cd freeradius-server-3.0.0
./configure --enable-developer
make
make install
Centos
yum install freeradius
yum upgrade freeradius
yum install freeradius-mysql
yum --enablerepo=updates-testing update freeradius
yum info freeradius\*
rpm -qa freeradius\*
rpm -qf /usr/lib/freeradius/rlm_sql_mysql.so
yum whatprovides /usr/lib/freeradius/rlm_sql_mysql\*.so
service radiusd start
chkconfig radiusd on
chkconfig --list radiusd
chkconfig radiusd off
rpm -ql freeradius-mysql
rpm -qlp /usr/src/redhat/RPMS/i386/freeradius-mysql-2.1.1-7.fc10.i386.rpm
rpm -qf /usr/lib/freeradius/rlm_sql_mysql-2.1.1.so
yum install rpm-build
yum install yum-utils
yum install freeradius freeradius-libs freeradius-utils freeradius-ldap freeradius-python freeradius-mysql
for manual installation of dependencies packages
rpm -Uhv /usr/src/redhat/RPMS/pkgName.x86_64.rpm
For CentOS CentOS-6 run the following as root:
cd /etc/yum.repos.d/
wget http://download.opensuse.org/repositories/home:freeradius:3.0.x:centos/CentOS_CentOS-6/home:freeradius:3.0.x:centos.repo
yum install freeradius
vim smb.conf
[global]
# workgroup = NT-Domain-Name or Workgroup-Name
workgroup = XYZDOM //the name of your domain
# Security mode. Most people will want user level
# security. See security_level.txt for details.
security = ads
======== Share Definitions ========
...
winbind use default domain = no
password server = XYZSRV.XYZ-COMPANY.COM //your AD-server
realm = XYZ-COMPANY.COM //your realm
[homes]
comment = Home Directories
browseable = no
writable = yes
vim etc/krb5.conf.
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
default_realm = EXAMPLE.COM
dns_lookup_realm = false
dns_lookup_kdc = false
[realms]
EXAMPLE.COM = {
kdc = kerberos.example.com:88
admin_server = kerberos.example.com:749
default_domain = example.com
}
XYZ-COMPANY.COM = {
kdc = XYZSRV.XYZ-COMPANY.COM
}
[domain_realm]
.example.com = EXAMPLE.COM
example.com = EXAMPLE.COM
[kdc]
profile = /var/kerberos/krb5kdc/kdc.conf
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}
vim /etc/nsswitch.conf
#and add winbind at the end of each line shown below
passwd: files winbind
shadow: files winbind
group: files winbind
protocols: files winbind
services: files winbind
netgroup: files winbind
automount: files winbind
reboot
ps –ef | grep nmbd
ps –ef | grep smbd
net join –U Administrator
Administrator is the name of the domain controller admin. Enter your password when prompted. If everything works fine, the Linux server has been registered to the Windows domain.
Verify now if the winbindd daemon is running
ps –ef | grep winbindd
Try next if you can authenticate a user from the domain
wbinfo –a user%password
The error is absolutely normal in this case because there are no cleartext user credentials on the domain Controller (Active Directory) for this user
challenge/response password authentication succeeded
Type the following line
ntlm_auth –-request-nt-key –-domain=<your domain> –-username=<your username>
For example
ntlm_auth –-request-nt-key –-domain=XYZDOM –-username=example_user
You will be prompted for your password.
The command line returns
NT_STATUS_OK : Success (0x0)
If the username and password are the same as those stored in Active Directory.
The radiusd.conf file sets the uid and gid your radiusd process will run as (by the user and group directives, respectively). The ntlm_auth process will have the same identity. If your filesystem containing the winbindd_privileged directory supports POSIX ACLs, you can safely grant ntlm_auth the necessary permissions, in case your disribution's default setting were insufficient. If radiusd runs as the user radiusd for example, then you should use setfacl the following way
setfacl -m u:radiusd:rx winbindd_privileged
man setfacl
for more information on POSIX ACLs!
In order to get FreeRADIUS working, the following files must be configured:
clients.conf
mods-available/mschap
mods-available/eap
users
vim clients.conf
client 192.168.2.44 {
secret = 2!34r&dp0t
shortname = 192.168.2.44
nastype = cisco
}
#Shared secret for them all
client 192.168.2.0/24 {
secret = 2!34r&dp0t
shortname = network1
}
mods-available/mschap
with_ntdomain_hack = yes
ntlm_auth = "/path/to/ntlm_auth --request-nt-key --username=%{%{Stripped-User-Name}:-%{%{User-Name}:-None}} --challenge=%{%{mschap:Challenge}:-00} --nt-response=%{%{mschap:NT-Response}:-00}"
--domain=%{mschap:NT-Domain}
mods-available/eap
default_eap_type = peap.
tls-config tls-common {
random_file = /dev/urandom.
vim raddb/users
username1 Cleartext-Password := "user-password1", MS-CHAP-Use-NTLM-Auth := 0
username2 Cleartext-Password := "user-password2", MS-CHAP-Use-NTLM-Auth := 0
username3 Cleartext-Password := "user-password3", MS-CHAP-Use-NTLM-Auth := 0
authorize {
...
# Read the 'users' file
files # <--- This one!
...
}
Activate AAA (Authentication, Authorization, Accounting)
enable aaa new-model
Create a list of authentication methods by using Radius group as default.
aaa authentication dot1x default group radius
Activate authorization for using dynamic VLAN assignment by Radius.
aaa authorization network default group radius
Configure parameters of Radius server. In this case we use IP 192.168.2.16 and the default ports 1812 and 1813
radius-server host 192.168.2.16 auth-port 1812 acct-port 1813 timeout 3
Configure the maximum number of retransmissions to the server for the requests
radius server retransmit 3
Configure the shared secret between switch and Radius server.
radius server key <mysharedsecret>
Please use the secret that you have specified in the clients.conf file.
Next we must configure each interface (port) to operate in 802.1X mode.
Repeat this procedure for each port that should do access control
configure terminal
(config)#interface FastEthernet1/0/12
(config-if)# switchport mode access
(config-if)# dot1x port-control auto
(config-if)# end
The command show dot1x< allows to check 802.1X settings.
Do not forget to save the configuration of your switch.
copy running-config startup-config
vim /usr/local/openssl/ssl/openssl.cnf
# req_extensions = v3_req
# The extensions to add to a certificate request
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = LU
countryName_min = 2
countryName_max = 2
stateOrProvinceName = State or Province Name (full name)
stateOrProvinceName_default = Luxembourg
localityName = Locality Name (eg, city)
localityName_default = Luxembourg-city
0.organizationName = Organization Name (eg, company)
0.organizationName_default = XYZ
organizationalUnitName = Organizational Unit Name
organizationalUnitName_default = IT
commonName = Common Name (eg, YOUR name)
commonName_max = 64
commonName_default = administrator
emailAddress = Email Address
emailAddress_max = 40
emailAddress_default = operations@xyz.com
# SET-ex3 = SET extension number 3
[ req_attributes ]
challengePassword = A challenge password
challengePassword_min = 4
challengePassword_max = 20
challengePassword_default = whatever
unstructuredName = An optional company name
echo "newreq.pem" | /usr/local/openssl/ssl/misc/CA.pl –newca
find / -name CA.all
Move all the files to /etc/raddb/certs/
Needed equipments
Chinese FXO/FXS cards. 4 ports card only cost around $55 USD.
http://openbsc.osmocom.org/trac/wiki/network_from_scratch
Rafael Micro RTL-SDR (R820T) 24-1766MHz 3.2MS/s 8bit No ~20
Elonics E4000 52 – 2200 MHz with a gap from 1100 MHz to 1250 MHz (varies)
has closed and is expensive
HackRF vs. BladeRF low cost tech similar to USRP
in use with gnu radio for signal control in time
http://www.rtl-sdr.com/tag/bladerf/
https://github.com/RangeNetworks/dev/wiki#running
https://github.com/Nuand/bladeRF/wiki/Getting-Started%3A-Linux#Redhatbased_distros_eg_Fedora_CentOS
http://www.yatebts.com/play_video.php
http://galaxyehacker.blogspot.it/2014/01/super-sim-sim-max.html
pySIM python application for USB SIM card reader / writer
priceangels.com
pandawill.com
dealextreme.com
http://openbsc.osmocom.org/trac/wiki/network_from_scratch
Rafael Micro RTL-SDR (R820T) 24-1766MHz 3.2MS/s 8bit No ~20
Elonics E4000 52 – 2200 MHz with a gap from 1100 MHz to 1250 MHz (varies)
has closed and is expensive
HackRF vs. BladeRF low cost tech similar to USRP
in use with gnu radio for signal control in time
http://www.rtl-sdr.com/tag/bladerf/
https://github.com/RangeNetworks/dev/wiki#running
https://github.com/Nuand/bladeRF/wiki/Getting-Started%3A-Linux#Redhatbased_distros_eg_Fedora_CentOS
http://www.yatebts.com/play_video.php
http://galaxyehacker.blogspot.it/2014/01/super-sim-sim-max.html
pySIM python application for USB SIM card reader / writer
priceangels.com
pandawill.com
dealextreme.com
Subscribe to:
Comments (Atom)