PIONEERS Ready: Incredible PBX 13-13 LEAN

Discussion in 'Today's Tech News & Events' started by wardmundy, Oct 16, 2017.

  1. David Foxworth

    David Foxworth New Member

    Joined:
    Oct 26, 2013
    Messages:
    24
    Likes Received:
    10
    I notice the IncrediblePBX install script actually clones from the github repository the latest version of libsrtp, and then compiles and installs. The version of libsrtp that gets installed using this method is 2.2.0-pre. According to this link, they recommend staying with 1.5.4 in production systems:

    https://wiki.asterisk.org/wiki/display/AST/libsrtp

    I can confirm there are issues with libsrtp 2.2.0-pre. When I enable SRTP in Asterisk and on my phone, and place a call, Asterisk shuts down:

    == Setting global variable 'SIPDOMAIN' to '10.0.44.1'
    asterisk*CLI>
    Disconnected from Asterisk server
    Asterisk cleanly ending (0).
    Executing last minute cleanups

    I made some changes to the IncrediblePBX script to install libsrtp from the RPM on the EPEL repo, which is v1.5.4, by changing this line:

    yum -y install --enablerepo="epel" php-mcrypt

    to:

    yum -y install --enablerepo="epel" php-mcrypt libsrtp libsrtp-devel

    And commenting out the lines that install libsrtp from the Github repo:

    # Commenting out for now to try older version 1.5.4
    # cd /usr/src
    # git clone https://github.com/cisco/libsrtp.git
    # cd libsrtp
    # ./configure CFLAGS=-fPIC
    # make && make install
    # echo "/usr/local/lib" > /etc/ld.so.conf.d/libsrtp.conf
    # ldconfig


    Now SRTP calls no longer cause Asterisk to shutdown...
     
    tycho, Jose Pinto and wardmundy like this.
  2. wardmundy

    wardmundy Nerd Uno

    Joined:
    Oct 12, 2007
    Messages:
    14,172
    Likes Received:
    2,391
    Thanks, @David Foxworth. Will fix early next week.

    Update: Fixed in 1/2/2018 installer.
     
    #222 wardmundy, Dec 30, 2017
    Last edited: Jan 2, 2018
    hecatae and Jose Pinto like this.
  3. wardmundy

    wardmundy Nerd Uno

    Joined:
    Oct 12, 2007
    Messages:
    14,172
    Likes Received:
    2,391
    #223 wardmundy, Jan 8, 2018
    Last edited: Jan 8, 2018
    TirsoJRP and Jose Pinto like this.
  4. kdthomas

    kdthomas New Member

    Joined:
    May 13, 2016
    Messages:
    27
    Likes Received:
    4
    What's changed/added/removed?
     
  5. wardmundy

    wardmundy Nerd Uno

    Joined:
    Oct 12, 2007
    Messages:
    14,172
    Likes Received:
    2,391
    Just provides a turnkey ISO without first having to install CentOS. Incredible PBX components are identical. See the article for details.
     
    #225 wardmundy, Jan 9, 2018
    Last edited: Jan 10, 2018
    krzykat likes this.
  6. wardmundy

    wardmundy Nerd Uno

    Joined:
    Oct 12, 2007
    Messages:
    14,172
    Likes Received:
    2,391
    Here are a couple of patches for Telephone Reminders in Incredible PBX 13-13 Enchilada:
    Code:
    rm -f /etc/pbx/httpdconf/reminders.conf.1
    sed -i 's|$ttspick = 1|$ttspick = 0|' /var/www/html/reminders/index.php
    service httpd restart
    The first one fixes a problem with not being able to login with your Apache admin credentials. The second one was causing the Reminder messages not to be recorded with FLITE from the web interface. Installers have also been updated.
     
    Jose Pinto likes this.
  7. Jose Pinto

    Jose Pinto Member

    Joined:
    Oct 26, 2017
    Messages:
    147
    Likes Received:
    20
    Hi all
    To @wardmundy
    I need your help, please
    I made a new server with 13-13 and then I upgrade it to Enchilda - is working fine, but I made a misktake when It ask me to change the passwords, I also write all the password that it ask me to, but at the end it ask to press any key to continue or ctrl c to exit, what I did is that I just copy all the text with the passwords and I press ctrl, so no password was assign, I already setup the http password because this I know but what I need it help to setup all others, can you help me?
    Thank you very much for your time and attention
    Regards
     
  8. wardmundy

    wardmundy Nerd Uno

    Joined:
    Oct 12, 2007
    Messages:
    14,172
    Likes Received:
    2,391
    Run: /root/update-passwords. If you don't have it...
    Code:
    cd /root
    wget http://incrediblepbx.com/update-passwords.tar.gz
    tar zxvf update-passwords.tar.gz
    rm update-passwords.tar.gz
    ./update-passwords
     
    Jose Pinto likes this.
  9. Jose Pinto

    Jose Pinto Member

    Joined:
    Oct 26, 2017
    Messages:
    147
    Likes Received:
    20
    @wardmundy
    Thank you very much for your time attention and help.
     
  10. Jose Pinto

    Jose Pinto Member

    Joined:
    Oct 26, 2017
    Messages:
    147
    Likes Received:
    20
    To @wardmundy
    Problem instaling Let's Encrypt Certificate - Incredible PBX 13-13 with Enchilada using Centos 6.9
    I just talk to Seth Schoen and Brad Warren both are Certbot EFF Engineer about the problems that I had to Install the Let's Encrypt Certicate using the post http://nerdvittles.com/?p=23520.
    I will try to explaing what happens in other place not here.
    Thanks
     
    #230 Jose Pinto, Feb 2, 2018
    Last edited: Feb 7, 2018
  11. Enrico123

    Enrico123 New Member

    Joined:
    Apr 8, 2018
    Messages:
    3
    Likes Received:
    0
    Hello to all :)
    It's driving me crazy: I have Incredible PBX 13-13 with Enchilada on Centos 6.9 whit all the updates and upgrades, but I'm unable to run mt TDM800 Digitum card.
    I tryed to install and reinstall everything from scratch, but when I try to install the DAHDI conf module I always got the same error and I don't know how to fix this and I've got to go on production within the next week. Any help will be very appreciated:

    syntax error, unexpected $end in Unknown on line 20

    Module Administration
    Please confirm the following actions:
    Upgrades, installs, enables and disables:
    • DAHDi Config will be upgraded to online version 13.0.33.12
    Incredible PBX® and FreePBX® code is licensed pursuant to GPL
    Click here to review license terms and usage conditions/restrictions
    Incredible PBX is a registered trademark of Ward Mundy & Associates, LLC
    FreePBX and Sangoma® are registered trademarks of Sangoma Technologies
    Copyright © 2007-2018, Sangoma Technologies and Ward Mundy & Associates, LLC
    Status
    Please wait while module actions are performed
    Downloading and Installing dahdiconfig
    Downloading dahdiconfig 323221 of 323221 (100%)
    Installing dahdiconfig
    Untarring..Done
    Checking tables...Done
    11. Whoops\Exception\ErrorException
    /var/www/html/admin/modules/dahdiconfig/functions.inc.php161
    10. Whoops\Run handleError
    <#unknown>0
    9. parse_ini_string
    /var/www/html/admin/modules/dahdiconfig/functions.inc.php161
    8. dahdi_config2array
    /var/www/html/admin/modules/dahdiconfig/includes/dahdi_cards.class.php1005
    7. dahdi_cards read_dahdi_scan
    /var/www/html/admin/modules/dahdiconfig/includes/dahdi_cards.class.php589
    6. dahdi_cards load
    /var/www/html/admin/modules/dahdiconfig/includes/dahdi_cards.class.php173
    5. dahdi_cards __construct
    /var/www/html/admin/modules/dahdiconfig/install.php650
    4. include_once
    /var/www/html/admin/libraries/modulefunctions.class.php2482
    3. module_functions _doinclude
    /var/www/html/admin/libraries/modulefunctions.class.php2434
    2. module_functions _runscripts
    /var/www/html/admin/libraries/modulefunctions.class.php1984
    1. module_functions install
    /var/www/html/admin/page.modules.php283
    0. include
    /var/www/html/admin/config.php385
     
  12. wardmundy

    wardmundy Nerd Uno

    Joined:
    Oct 12, 2007
    Messages:
    14,172
    Likes Received:
    2,391
    @Enrico123: Download this updated DahdiConfig tarball to your desktop. Then login to web GUI and perform install steps 6, 7, and 8 from here. Good luck!!
     

    Attached Files:

    jwallace likes this.
  13. Enrico123

    Enrico123 New Member

    Joined:
    Apr 8, 2018
    Messages:
    3
    Likes Received:
    0
    Sadly always the same damn error

    Whoops \ Exception \ ErrorException (E_WARNING)


    syntax error, unexpected $end in Unknown on line 20

    Upgrades, installs, enables and disables:
    • DAHDi Config 13.0.33.13 will be installed and enabled
    Incredible PBX® and FreePBX® code is licensed pursuant to GPL
    Click here to review license terms and usage conditions/restrictions
    Incredible PBX is a registered trademark of Ward Mundy & Associates, LLC
    FreePBX and Sangoma® are registered trademarks of Sangoma Technologies
    Copyright © 2007-2018, Sangoma Technologies and Ward Mundy & Associates, LLC
    Status
    Please wait while module actions are performed
    Installing dahdiconfig
    Checking tables...Done
    11. Whoops\Exception\ErrorException
    /var/www/html/admin/modules/dahdiconfig/functions.inc.php161
    10. Whoops\Run handleError
    <#unknown>0
    9. parse_ini_string
    /var/www/html/admin/modules/dahdiconfig/functions.inc.php161
    8. dahdi_config2array
    /var/www/html/admin/modules/dahdiconfig/includes/dahdi_cards.class.php1005
    7. dahdi_cards read_dahdi_scan
    /var/www/html/admin/modules/dahdiconfig/includes/dahdi_cards.class.php589
    6. dahdi_cards load
    /var/www/html/admin/modules/dahdiconfig/includes/dahdi_cards.class.php173
    5. dahdi_cards __construct
    /var/www/html/admin/modules/dahdiconfig/install.php650
    4. include_once
    /var/www/html/admin/libraries/modulefunctions.class.php2482
    3. module_functions _doinclude
    /var/www/html/admin/libraries/modulefunctions.class.php2434
    2. module_functions _runscripts
    /var/www/html/admin/libraries/modulefunctions.class.php1984
    1. module_functions install
    /var/www/html/admin/page.modules.php297
    0. include
    /var/www/html/admin/config.php385
     
  14. wardmundy

    wardmundy Nerd Uno

    Joined:
    Oct 12, 2007
    Messages:
    14,172
    Likes Received:
    2,391
    @Enrico123: I don't use DAHDI so I'm not going to be of much help. All I can tell you is that on a fresh 13-13 Enchilada install with NO DAHDI hardware installed, I have no errors installing this updated module. You might try removing the TDM800 and building a fresh install. Then install this updated module and see if that eliminates the errors. If so, then shut down the machine and install the DAHDI card and reboot. Other than that, I'd recommend you switch to the VitalPBX build since the original developers are also the ones that wrote and maintain the DAHDI stuff for Digium.
     
  15. Enrico123

    Enrico123 New Member

    Joined:
    Apr 8, 2018
    Messages:
    3
    Likes Received:
    0
    Hi,
    I've tryed it, without the card the module installs but is not loaded. Trying to load it give no result and in the main page shows these errors:

    Unable to write to /etc/dahdi/system.conf

    Unable to write to /etc/modprobe.d/dahdi.conf

    File /etc/modprobe.d/dahdi.conf does not exist.

    File /etc/dahdi/modules does not exist.

    File /etc/dahdi/system.conf does not exist.

    it seems that we're almost there, but still missing something.
    I gave a quick look at VitalPBX, but, as fa as I can see they have the Voicemail to email module as a paid one, and it's one of those that I nedd ( I basically simply only need IVR and voice to email)
     
  16. chris_c_

    chris_c_ Active Member

    Joined:
    Aug 19, 2010
    Messages:
    482
    Likes Received:
    66
    @krzykat @tbrummell
    That FreePBX Responsive Firewall is absolutely essential for mid-call mobility to work, because users neither know nor care what their randomly assigned 4G LTE IP address, or WiFi IP address, is going to be. Yet, the handover must happen as fast as possible, in less than one second. Only the responsive firewall can let in a new IP address, for a few packets until it logs in to the PBX and reconnects to the call.

    Where did you get the above firewall rules, from the freepbx firewall module responsive section?
     
  17. jerrm

    jerrm Guru

    Joined:
    Sep 23, 2015
    Messages:
    393
    Likes Received:
    150
    Those basic rules in one flavor or another have been around 5-10 years or so.

    I flip the logic, instead of blocking bad user agents, for "roaming users" packets must match specified good user agents and specified extension numbers. Both can easily be spoofed, but a scanner is not likely to hit a valid combination. Security through obscurity isn't true security, but it cuts down on what the real tools have to deal with by orders of magnitude.

    Using iptables string matching on clear text udp is easy, tcp takes a couple more steps, but string matching becomes mostly useless in a TLS environment.

    Looks like the FPBX stuff probably monitors AMI or Rest events, maybe with some dialplan hooks to add dynamic rules to iptables. Having that level of info can be a big help, but Fail2Ban with good iptables limiting probably could be acceptable.
     
    chris_c_ likes this.
  18. chris_c_

    chris_c_ Active Member

    Joined:
    Aug 19, 2010
    Messages:
    482
    Likes Received:
    66
    Someone should try and install and run the freepbx firewall github module in responsive mode.
    The source code for voipfirewalld is GPL.
    The dev work is already done, it works, no need to reinvent the wheel.
     
    #238 chris_c_, Aug 9, 2018 at 10:07 AM
    Last edited: Aug 9, 2018 at 10:38 AM

Share This Page