TUTORIAL CDR CSV export formatted for blacklist module

MikeD

New Member
Joined
Mar 2, 2016
Messages
14
Reaction score
9
Hi,

Been enjoying PIAF and I have been tuning my install to work better for me. One of the things I did was to make a new function to replace the old CDR report export csv function to export a file ready for upload to the Blacklist Module. Every day (or when I remember) I run a query for a destination of "*98" for the previous day.

I would love to see this make it into a future release as the number of hack attempts is getting smaller and smaller as the Blacklist grows.

Mike



//**********change to cdr/functions.inc.php sdded new function


function cdr_export_blacklist_csv($csvdata) {
// Searching for more than 10,000 records take more than 30 seconds.
// php default timeout is 30 seconds, hard code it to 3000 seconds for now (which is WAY overkill).
// TODO: make this value a setting in Advanced Settings
set_time_limit(3000);
$fname = "cdr__" . (string) time() . $_SERVER["SERVER_NAME"] . ".csv";
$csv_header ="src,clid"; //<=====what fields to output

$mimetype = "application/octet-stream";

// Start sending headers
header("Pragma: public"); // required
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
header("Cache-Control: private",false); // required for certain browsers
header("Content-Transfer-Encoding: binary");
header("Content-Type: " . $mimetype);
header("Content-Disposition: attachment; filename=\"" . $fname . "\";" );
// Send data

$out = fopen('php://output', 'w');
fputcsv($out, explode(",",$csv_header));
foreach ($csvdata as $csv) {
$csv_line = array();
foreach(explode(",",$csv_header) as $k => $item) {
if ($item=='clid') //<==need to cleanup the callerID field
{
$csv[$item]=preg_replace('/\<.*\>/','',$csv[$item]); //<=====get rid of <number>
$csv[$item]=preg_replace('/"/','',$csv[$item]);//<=====delete quotes
}
$csv_line[$k] = $csv[$item];
}
fputcsv($out, $csv_line);
}
fclose($out);
die();
}

//***********change to cdr/page.cdr.php
[snip]
if ( isset($_POST['need_csv']) && $_POST['need_csv'] == 'true' ) {

$query = "(SELECT calldate, clid, did, src, dst, dcontext, channel, dstchannel, lastapp, lastdata, duration, billsec, disposition, amaflags, accountcode, uniqueid, userfield, cnum, cnam, outbound_cnum, outbound_cnam, dst_cnam FROM $db_name.$db_table_name $where $order $sort LIMIT $result_limit)";
$resultcsv = $dbcdr->getAll($query, DB_FETCHMODE_ASSOC);
cdr_export_blacklist_csv($resultcsv); //<===changed to my blacklist function
}
[snip]
 

MikeD

New Member
Joined
Mar 2, 2016
Messages
14
Reaction score
9
I got tired of hackers spending time on my toll free numbers trying to break into voicemail. So I decided to make an auto blacklist add that is called from my IVR. whereas hackers would spend typically 3-5 minutes in the voicemail module, it now blacklists them in as little as 5 seconds. With this in place, I am no longer burrnng through an hour of toll free calling a day.

Here is what I did. Please understand that I am new to this and there may be better approaches and certainly coding. I welcome any input on this.

changes based on Incredible PBX 12.0.70 'Incredible PBX GUI'

Create a custom destination:
Maintenance=>config edit=>extensions_custom.conf
(scroll to bottom and paste)

[blacklist-caller-add]
exten => s,1,Answer
exten => s,n,Set(caller=${CALLERID(name)} *AUTO*)
exten => s,n,Set(callernum=${CALLERID(number)})
exten => s,n,GotoIf($[ $[ "${callernum}" = "" ] | $[ "${callernum}" = "unknown" ] ]?noinfo)
exten => s,n,Set(DB(blacklist/${callernum})=${caller})
exten => s,n,Hangup
exten => s,n,(noinfo),Hangup

(click update)

Admin=>Custom Destination
Custom Destination: blacklist-caller-add,s,1
Description: Add Caller to blacklist
Notes:

(click submit then apply changes)

Applications=>IVR
(add a new Ext)

*98 Custom destination blacklist-caller-add

(click submit then apply changes)

When reviewing the blacklist (Admin=>Blacklist), you will see that auto added callers are tagged "Auto*

if you want to fix the Blacklist module v12.01 to display the setting status of "blocked CIDs" correctly, I found these changes to work:

edit page.blacklist.php

change line 176
from
if($num== "blocked") { // Don't display the blocked/unknown CID as an item, but keep track of it for displaying the checkbox later

to
if($num['number'] == "blocked") { // Don't display the blocked/unknown CID as an item, but keep track of it for displaying the checkbox later

comment line 124
//$numbers = blacklist_list();

add at line 86:
$numbers = blacklist_list();
foreach ($numbers as $num) {
if($num['number'] == "blocked") { // Don't display the blocked/unknown CID as an item, but keep track of it for displaying the checkbox later
$filter_blocked = true;
}
}

Again, I hope this can help anyone else frustrated with spending money on hacking attempts.

Mike

[EDIT] Addendum: You might want to think about also having "9" in IVR. trigger auto blacklist. I am seeing a number of calls come in trying this option first (and I do not announce this option).
 
Last edited:

MikeD

New Member
Joined
Mar 2, 2016
Messages
14
Reaction score
9
Very happy to report that even though I am still getting 15-20 "hacker" toll-free calls per day, My cost has gone way down. Average call duration has gone from 4.5 minutes to 35 seconds, reducing my daily cost from an average of $3/day to $0.25/day.

I could not have done this my old PBX.

Now to figure out why the OSS endpoint manager does not expose/handle daylight savings. I have converted it to pjsip and implemented the corporate directory, but not really happy with it (especially Polycom's implementation), though it does work.
 

MikeD

New Member
Joined
Mar 2, 2016
Messages
14
Reaction score
9
I am also exploring locking down voicemail to only allow for the recording of messages.

I found this mailbox defined as an example and not exposed anywhere in the GUI that I can find:

voicemail.conf:
120241 => 4242,Example Mailbox,root@localhost

Not sure where this got inserted, but time to comment it out.

Mike
 

MikeD

New Member
Joined
Mar 2, 2016
Messages
14
Reaction score
9
Very happy to report my last toll free hack attempt was two days ago. Hack attempts still going on for the main number, but those don't cost me anything. Four days ago, I received 57 calls in a day on the toll free number. This is huge for me.

Mike
 

MikeD

New Member
Joined
Mar 2, 2016
Messages
14
Reaction score
9
Please let me know if you have any questions.

Happy to help.

Mike
 

Members online

No members online now.

Forum statistics

Threads
25,782
Messages
167,509
Members
19,202
Latest member
pbxnewguy
Get 3CX - Absolutely Free!

Link up your team and customers Phone System Live Chat Video Conferencing

Hosted or Self-managed. Up to 10 users free forever. No credit card. Try risk free.

3CX
A 3CX Account with that email already exists. You will be redirected to the Customer Portal to sign in or reset your password if you've forgotten it.
Top