Gundy Dot Org

Contact Me

This is where I, Gabriel Gunderson, talk about things that interest me. Topics often include: family, life, work and technology. I'm available for contract work. I specialize in Linux, PostgreSQL, FreeSWITCH, Python, Django, Twisted and anything else apt-get brings.

Posts Tagged: freeswitch

Firewall to block… well, just about everyone.

11 months ago | Tags: asterisk firewall freeswitch sip kamailio opensips | Notes: 1

Sometimes you don’t want to mess around with people cracking into your SIP servers and run up your phone bill (aka toll fraud). So, with this little script, we block all traffic from anywhere and everywhere. Be careful, it’s pretty heavy handed. BTW, there are some outputs for ClearOS, IPtables and Ubuntu’s UFW.

This should be useful for people running, FreeSWITCH, Asterisk, OpenSIPS and Kamailio.

#!/bin/bash

################################################################################
# We don't like blocking of huge parts of the world, but we often don't have the
# time or resources to deal with those who try to haxor our networks. kthanksbye
################################################################################

# Edit this to fit your level of frustration.
REGISTRIES="CHANGE_ME"

# This is how I roll:
#REGISTRIES="(AfriNIC|APNIC|LACNIC|RIPE NCC)"

################################################################################
# APNIC     Asia/Pacific Region
# ARIN      North America Region
# AfriNIC   Africa Region
# LACNIC    Latin America and some Caribbean Islands
# RIPE NCC  Europe, the Middle East, and Central Asia
################################################################################

IANA="http://www.iana.org"
IPV4_LIST="/assignments/ipv4-address-space/ipv4-address-space.txt"

REGEX="[0-9]{1,3}\.0\.0\.0/8"

BLOCK_LIST=`wget --quiet -O - ${IANA}${IPV4_LIST} | \
egrep "${REGISTRIES}" | \
awk '{print $1}' | \
sed "s/\//.0.0.0\//" | \
sed "s/^0*//"`

for NET in ${BLOCK_LIST}; do
    if [[ ${NET} =~ ${REGEX} ]]; then
        # Time to do your thing.
        echo "Sorry to break things off, ${NET}, it's not you... it's me."

        ########################################################################
        # IPtables
        ########################################################################
        #iptables -I INPUT -j LOG --log-prefix "${NET} Dropped: " --log-level 7
        #iptables -I INPUT -s ${NET} -j DROP

        ########################################################################
        # ClearOS firewalls - Blocked Incoming Connections
        # (add to the RULES section of /etc/clearos/firewall.conf)
        ########################################################################
        #echo "${NET}||0x10000002|0|${NET}|| \\" | sed "s/\//_/"

        ########################################################################
        # Ubuntu's UFW - Uncomplicated Firewall
        ########################################################################
        #sudo ufw deny from ${NET}

    fi
done

Happy hacking!

Installing Blink on Ubuntu

Text

1 year ago | Tags: sip blink freeswitch opensips ubuntu linux | Notes: 1

UPDATED: Now works with Ubuntu 12.04 LTS

Also, the web server is currently configured to block squid-deb-proxy (if you don’t use it, you should).

This little bash script will get Blink installed properly. This is what I’ve been using when testing FreeSWITCH and OpenSIPS. I guess it would work for my Asterisk buddies too ;)

#!/bin/bash
##############################################
KEY_URL="ag-projects.com"
KEY_NAME="agp-debian-gpg.key"
UBUNTU_VERSION="precise"
LIST_NAME="${KEY_URL}.list"

wget http://download.${KEY_URL}/${KEY_NAME}
sudo apt-key add ${KEY_NAME}

rm ${KEY_NAME}

cat << EOF > ${LIST_NAME}
## Sources for AG Projects (makers of Blink).
deb http://${KEY_URL}/ubuntu ${UBUNTU_VERSION} main
EOF

sudo chown root.root ${LIST_NAME}
sudo chmod 644 ${LIST_NAME}
sudo mv ${LIST_NAME} /etc/apt/sources.list.d/
echo "Updating packages... this might take a while."
sudo apt-get -qq update
echo "Installing Blink."
sudo apt-get -y install blink
##############################################

And there you go. That’s the best SIP client out for Linux. Why isn’t this in the Ubuntu repos already? That’s my question.

Photo

1 year ago | Tags: ClueCon FreeSWITCH Asterisk | Notes: 1

That was fun. Let’s do it again next year!

Photo

1 year ago | Tags: two-bit-book-review freeswitch asterisk | Notes: 2

So, if you don’t already know, this is the best source of info on Asterisk that’s out there. The book is solid gold. Anyone that’s comfortable with technical stuff (Linux, bash, vim etc.) should be able to get up and going with Asterisk using this killer resource. While I do a bunch of FreeSWITCH stuff these days, I still go to TFOT (the future of telephony) for general VoIP stuff from time to time.

As a bonus, Jared Smith is one of the co-authors. He’s a cool guy and a friend. Also, I think if you buy a book he get’s a gold star next to his name in the tech-geek’s hall-of-fame. So, do yourself a favor and get this book into your hands!

P.S. If you’re in the Provo Utah area, I have an extra copy if you like… let me know in the comments!

Building OpenSIPS on Ubuntu 11.4

Text

1 year ago | Tags: FreeSWITCH OpenSIPS Debian Bash

So, at work we build lots of custom telephony stuff based on FreeSWITCH. Sometimes, when the job is more than an application server (something like offering SIP services to hundreds or even thousands of customers), you need other systems to complement FreeSWITCH. Lately we’ve been using OpenSIPS to fill that gap. Setting up network and infrastructure to provide these types of services can be tricky and involved. Most people (well, Debian sysadmins) agree that installing software from .debs makes it a little nicer to work with; it allows them to focus on the more involved parts of the setup and configuration. Anyway, here is a build script (download a copy) to help you get started with OpenSIPS (commented for newbies)…

#!/bin/bash

# We need subversion to check out the code.

sudo apt-get install subversion

# Check out the code at the latest branch.

svn co https://opensips.svn.sourceforge.net/svnroot/opensips/branches/1.7 \

opensips-1.7

# Now we need the basic tools we’ll need to build debs.

sudo apt-get -y install \

devscripts \

build-essential \

fakeroot

# Change directories to the newly checked out source code.

cd opensips-1.7/

# The build wants the ‘debian’ dir here in the root of the source.

ln -s packaging/debian debian

# We could have installed this before, but this way we’re clear about what

# these packages actually depend on.

sudo apt-get -y install \

bison \

dpatch \

flex \

libconfuse-dev \

libcurl4-gnutls-dev \

libdb-dev \

libexpat1-dev \

libgeoip-dev \

libjson0-dev \

libldap2-dev \

libmemcached-dev \

libmysqlclient15-dev \

libpcre3-dev \

libperl-dev \

libpq-dev \

libradiusclient-ng-dev \

libsnmp-dev \

libxml2-dev \

libxmlrpc-c3-dev \

unixodbc-dev \

xsltproc \

zlib1g-dev

# Now, we actually do the work of building… this might take a few mins.

debuild -i -us -uc -b

# Go back to the parent directory.

cd ..

# Let’s make a nice place to hold all of these shiny new .debs :)

mkdir opensips_debs

# And now move them into their new home.

mv opensips[_-]*.deb opensips_debs/

# If you’re happy with the build, you can clean this up (you might want to review them first).

rm opensips_1.7.0-1_amd64.build opensips_1.7.0-1_amd64.changes

You’ll need to configure the mail server as part of this setup. Default values are usually OK.

Also, this shouldn’t build your debs on the server that will run OpenSIPS. You don’t want all the extra packages that are required for building. So, build the .debs and then copy them to the server you’ll be using.

As always, I wouldn’t recommend running Ubuntu 11.4 on a production server —stick with the LTS versions :)

BTW, here are the packages you should end up with…

opensips_1.7.0-1_amd64.deb

opensips-dbhttp-module_1.7.0-1_amd64.deb

opensips-memcached-module_1.7.0-1_amd64.deb

opensips-snmpstats-module_1.7.0-1_amd64.deb

opensips-b2bua-module_1.7.0-1_amd64.deb

opensips-dialplan-module_1.7.0-1_amd64.deb

opensips-mysql-module_1.7.0-1_amd64.deb

opensips-unixodbc-module_1.7.0-1_amd64.deb

opensips-berkeley-module_1.7.0-1_amd64.deb

opensips-geoip-module_1.7.0-1_amd64.deb

opensips-perl-modules_1.7.0-1_amd64.deb

opensips-xmlrpc-module_1.7.0-1_amd64.deb

opensips-carrierroute-module_1.7.0-1_amd64.deb

opensips-identity-module_1.7.0-1_amd64.deb

opensips-postgres-module_1.7.0-1_amd64.deb

opensips-xmpp-module_1.7.0-1_amd64.deb

opensips-console_1.7.0-1_amd64.deb

opensips-jabber-module_1.7.0-1_amd64.deb

opensips-presence-modules_1.7.0-1_amd64.deb

opensips-cpl-module_1.7.0-1_amd64.deb

opensips-json-module_1.7.0-1_amd64.deb

opensips-radius-modules_1.7.0-1_amd64.deb

opensips-dbg_1.7.0-1_amd64.deb

opensips-ldap-modules_1.7.0-1_amd64.deb

opensips-regex-module_1.7.0-1_amd64.deb

Happy telephony hacking!

P.S. feel free to contact us if you think Izeni might be able to help you with your telephony needs.

UPDATE: Download the debs here if you like.

HA (High Availability) FreeSWITCH

Text

2 years ago | Tags: freeswitch ha high availability

My lovely wife is running a marathon tomorrow. She wakes up at 3:00am to catch a bus to the race’s starting point. So, I’ll be home taking care of the kids (and making sure she can get a nap in the afternoon). I’ve been looking for a fun project to do while I’m at home and I think I’ve found it…

photo credit

I’m going to setup an HA (again, High Availability) FreeSWITCH install. I’ve got a few virtual systems installed already and just need to throw some new FreeSWITCH RPMs/DEBs on them —that’s right… one is going to be running CentOS and the other is going to be running Ubuntu. I wouldn’t do this in a production telephony setup, but after all, this is for ‘fun’ :)

I’ll need to get the ODBC setup (don’t know if I’ll use PostgreSQL or MySQL yet (anyone who knows me, knows that I favor PostgreSQL, but I need to keep up on MySQL too)) and configure a heartbeat between them. I guess there will be a bunch of other details too. Maybe I’ll blog about it (if there appears to be interest).

The sweet thing is, I should be able to “pull the plug” (not literally, remember, this is virtualization we’re talking about) and the far end of the call should only hear a few moments of silence and the call should pick up right where it left off. That’s right, the server with the live call goes down and the other server takes the call over. Props to the FreeSWITCH devs for making such a killer switch!

You know what? As I think about this, I’m thinking that I’ll record the call from the remote side and see what it actually sounds like. With luck and careful planning, it should go mostly undetected. Sweet :)

FreeSWITCH, Python, Django and Linux

Text

2 years ago | Tags: izeni freeswitch django python linux | Notes: 2

My company, Izeni, does custom software development. We focus on FreeSWITCH, Python, Django, and Linux. If you happen to be lucky enough to need some of that good stuff, drop us a line :)

Answer

2 years ago | Tags: freeswitch asterisk api question | Notes: 4

Question: Well it said "Ask me anything" so here it goes. Does Freeswitch truly have a better developer API hen compared with Asterisk? Recently with Asterisk all I wanted to do whas utilize the manager interface to stream a sound clip to a live channel. No can do. I had to actually create a meetme conference and originate an extension that was a 'playback' exten into the conference. Is freeswitch better at thing like that? - Anonymous
Answer:
Glad you stopped by. We love FreeSWITCH and are happy to answer a few questions. I don’t know if I understand exactly what you’re doing, but if you want to play a file back to a channel, you can use the ‘uuid_displace’ with the uuid of the channel and it will play that file over the audio channel’s current audio. It’s great for announcements like, “You have 5 minutes left on this calling card.” You can also use ‘uuid_broadcast’ if you want the audio be heard on both sides of the call (or legs A and B).
Hope that helps. Give FreeSWITCH a try, you will not be disappointed!

Python People in Utah

Text

2 years ago | Tags: python utah izeni django twisted freeswitch jquery

My company, Izeni, is looking to hire Python programmers. If you’re in Utah and want to work somewhere where you can build cool things with cool people (OK, that last part was a stretch), give me a shout. Izeni is a small and scrappy (read: not dripping with cash), but working here has its perks too. We’ve got some things on the burner that we’re really excited about (inquire within for details).

We work with cool technologies: Linux, Apache, memcached, Python, Django, jQuery, FreeSWITCH, Twisted, PostgreSQL, and the list goes on. We’ve got a laid back culture. We support Open Source projects in terms of both code and money. We’re flexible with scheduling. No stuffy management types or ballooning egos to deal with :)

If you’re hardworking, like to learn and want to be part of a team that builds cool things, we might have a place for you. Drop me a line :) gabe@gundy.org

Building FreeSWITCH on Ubuntu 10.10

Text

2 years ago | Tags: bash freeswitch linux scripts ubuntu | Notes: 8

This is a bash script that I’ve been using to build my FreeSWITCH debs.

#!/bin/bash
sudo apt-get update
sudo apt-get -y install \
autoconf \
automake \
debhelper \
devscripts \
git-core \
libasound2-dev \
libcurl4-openssl-dev \
libdb-dev \
libgdbm-dev \
libgnutls-dev \
libogg-dev \
libperl-dev \
libssl-dev \
libtiff4-dev \
libtool \
libvorbis-dev \
libx11-dev \
ncurses-dev \
python-dev \
unixodbc-dev \
uuid-dev
git clone git://git.freeswitch.org/freeswitch.git freeswitch_git
cd freeswitch_git
debuild -i -us -uc -b
echo “Here are your debs:”
ls -l ../*.deb

Happy FreeSWITCH hacking!

BTW, no, I wouldn’t recommend running production FreeSWITCH servers on Ubuntu 10.10… not that I haven’t :)

Update: If you’re looking to get some FreeSWITCH work done, please contact my company, Izeni.