[ view entry ] ( 814 views ) | print article
apt-get install isdnutils-base
because ippp0 sets a default route we change to ippp1:
mv /etc/isdn/device.ippp0 /etc/isdn/device.ippp1
mv /etc/isdn/ipppd.ippp0 /etc/isdn/ipppd.ippp1
/etc/isdn/device.ippp1 (remove '# REMOVE'):
LOCALMSN='XXXXX'
REMOTEMSN=
isdnctrl ihup ${device} on
isdnctrl secure ${device} off
/etc/isdn/ipppd.ippp1 (remove '# REMOVE'):
debug
name YYYYY
/etc/ppp/chap-secrets:
# client server secret IP addresses
YYYYY HOSTNAME PASSWORD ""
[ view entry ] ( 750 views ) | print article
I will make calls from my phone to PSTN and with dial extension "#9" to my voip account.
This is done with following dialplan "(xx.<:@gw0>|<#9,:>xx.)"
If a call from PSTN is not answered within 20 sec the call should be redirected via voip (see CFNA Solution).
Because my SPA-3102 is behind a firewall i use it as a bridge.
Firewall
modprobe ip_conntrack_sip ports=9060; modprobe ip_nat_sip
iptables -A FORWARD -p udp --dport 9060 -m state --state NEW,ESTABLISHED -j ACCEPT
With this settings i don't need "NAT Keep Alive" and Register every 3600 sec (1 hour) is ok.
Usually udp connectiontracking has a timeout of 180 sec, but ip_conntrack_sip reads the sip content and set the timeout (3600).
My Settings
WAN
Connection Type: DHCP
Enable WAN Web Server: yes
Lan Setup
Networking Service: Bridge
Enable DHCP Server: no
SIP
RFC 2543 Call Hold: no
RTP Port Min: 9000
RTP Port Max: 9059
Provisioning
Provision Enable: no
Upgrade Enable: no
Regional
Ring1 Cadence: 60(1/4)
Ring Waveform: Sinusoid
Ring Frequency: 50
Ring Voltage: 60
CWT Frequency: 420@-20
FXS Port Impedance: 270 + (750 || 150nF)
Caller ID Method: ETSI FSK
Caller ID FSK Standard: v.23
Line 1
Make Call Without Reg: Yes (if no network connected)
Proxy: 1.2.3.4:9060
User ID: sipuid
Password: xxxx
Preferred Codec: G729a
G7* Enable: no
Dial Plan: (xx.<:@gw0>|<#9,:>xx.)
PSTN Line
Make Call Without Reg: Yes
User ID: sipuid
Password: xxxx
Preferred Codec: G729a
G7* Enable: no
PSTN CID For VoIP CID: Yes
medium Min CPC Duration: 0.25
Disconnect Tone: 440@-30,440@-30;2(0.4/0.4/1+2)
FXO Port Impedance: 270 + (750 || 150nF)
On-Hook Speed: 3ms
Line-In-Use Voltage: 25
Current Limiting Enable: Yes
Ring Validation Time: 150 ms
Ring Indication Delay: 0
Ring Timeout: 650 ms
Without this "Ring Timings" after "PSTN Ring Timeout" the call to Line 1 got CANCELED also immediately the following call to VOIP (don't know why - saw it in traces to syslog).
With "PSTN Ring Timeout: 20" i also saw no cancel but that's a dirty workaround for me (better are a correct "Ring Timings").
Enable Traces
System
Syslog Server: 1.2.3.4
Debug Server: 1.2.3.4
Debug Level: 3
Line 1 / PSTN Line
SIP Debug Option: full
CFNA Solution 1:
User 1
Cfwd No Ans Dest: 12345678
Cfwd No Ans Delay: 20
PSTN Line
PSTN Answer Delay: 40 (20 sec Line 1 and 20 sec voip => after that forced hangup)
disable via phone with *93
enable via phone with *92[Number as dialed via dialplan(use #9 for voip)]
Drawback:
* after disabling with *93 the number is deleted
* enable with *92#9NUMBER (without #9 PSTN is used according to Dialplan (xx.<:@gw0>|<#9,:>xx.) it would be NUMBER@gw0)
* only G711 Codec supported (because PSTN calls Line 1 and then only G711 seams to be supported)
CFNA Solution 2:
PSTN Line
Dial Plan 8: (S0<:12345678@1.2.3.4:9060>)
PSTN Caller Default DP: 8
PSTN Answer Delay: 20
Drawback: you cannot dis/en-able via phone
CFNA Solution 3:
Use a local asterisk where you can connect sip clients rinnging at the same time when a call arrives on the SPA-3102
[ view entry ] ( 1184 views ) | print article
I want to rsync on my local-host via ssh from a remote host without a ssh enabled root account but full access to the whole filesystem.
local-host:
ssh-keygen -t rsacopy ~/.ssh/id_dsa.pub to remote-host:/home/rsyncuser/.ssh/authorized_keys
rsync files with ssh:
rsync -vaHxr --numeric-ids --delete --rsync-path=rsync_wrapper.sh \
-e "ssh -c arcfour -o Compression=no -x" \
rsyncuser@remote-host:REMOTEDIR LOCALDIR
remote-host (source of files to rsync):
groupadd -g 3001 rsyncuser/home/rsyncuser/.ssh/authorized_keys:
useradd -u 3001 -g rsyncuser -s /bin/bash -m rsyncuser
from="192.168.0.2,",command="/home/rsyncuser/validate-rsync.sh"limit access with from (optional).
ssh-dss 012345678...
On sucessfully ssh login command is executed.
/home/rsyncuser/validate-rsync.sh:
#!/bin/sh/usr/bin/rsync_wrapper.sh:
case "$SSH_ORIGINAL_COMMAND" in
*\&*)
echo “Rejected”
;;
*\;*)
echo “Rejected”
;;
*\(*)
echo “Rejected”
;;
*\{*)
echo “Rejected”
;;
*\<*)
echo “Rejected”
;;
*\`*)
echo “Rejected”
;;
rsync\ --server*)
$SSH_ORIGINAL_COMMAND
;;
*)
echo "Rejected"
;;
esac
#!/bin/sh/etc/sudoers:
/usr/bin/sudo /usr/bin/rsync "$@";
rsyncuser ALL = NOPASSWD: /usr/bin/rsync
[ view entry ] ( 831 views ) | print article
dnssec-keygen -a RSAMD5 -b 1024 -n HOST -k -r /dev/urandom home.domain.org
put content of XXX.key into your zonefile
move xxx.key and xxx.private to your client with sftp
/etc/ppp/ip-up.d/ip_update:
#!/bin/sh
TTL=60
SERVER='NAMESERVER'
ZONE='DOMAIN'
HOSTNAME='HOSTNAME.DOMAIN'
KEYFILE='PATH/KEYFILENAME without endings (.key)'
[ -n "$PPP_LOCAL" ] || exit 0
logger "ip_update: Updating dynamic IP $PPP_LOCAL on $SERVER"
RESULT=$(nsupdate -v -k $KEYFILE 2>&1 << EOF
server $SERVER
zone $ZONE
update delete $HOSTNAME A
update add $HOSTNAME $TTL A $PPP_LOCAL
send
EOF)
RC=$?
[ $RC != 0 ] && \
logger "ip_update $PPP_LOCAL on $SERVER failed ($RC/$RESULT)"
exit $RC
Manual update a zonefile with bind 9.3:
rndc freeze zone
edit the zone
rndc unfreeze zone
References:
secure-ddns-howto
running-a-secure-ddns-service-with-bind
[ view entry ] ( 587 views ) | print article
<<First <Back | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | Next> Last>>