Category Archives: Elastix

Elastix Asterisk distribution

DayNight aka Call Flow Control – More than 10

This information is provided without warranty – although I have been using this configuration successfully for over 12 months.

In FreePBX there is a module which has changed it’s name but remains an extremely useful one. Day/Night control, now called Call Flow Control, allows you to set a toggle-switch to change how a call is routed within the system. Typically this could be a Day or Night mode service, but you might also want a ‘We are closed for Christmas’ message for example. Using an announcement as the ‘night’ destination, using a recording linked to a feature code before going to a voicemail box, gives you a very quick way to temporarily close the office, with whatever message your users want to record themselves.

However, the module has a limitation; it only allows you to setup Callflows 0-9, for a total of 10 call-flow options. Should you need more than this, you would either need to program them manually, or else you can edit the module thus:

(This information was taken from here: http://www.freepbx.org/forum/freepbx/users/number-of-day-night-mode-controls-available-in-freepbx although this guide is a more basic version of the proposed patch)

Continue reading

Asterisk / Elastix queue and agent wallboard

UPDATED VERSION HEREhttp://sysadminman.net/blog/2013/asterisk-freepbx-queue-and-agent-wallboard-4933

I had a customer recently that was using the Elastix call centre module. This uses Asterisk queues to provide a call centre solution. Part of the call centre module is reports to monitor the status of the queue. However, the two reports that the customers wanted to run to generate a wallboard created quite a load on the server. They were running several complex MySQL queries against pretty large tables.

So I wrote a small PHP wallboard application. This shows the current status of the queue and the call agents that are signed in to it. It parses the output of the Asterisk command ‘queue show’ to generate these statistics. By default it’s set to refresh every 5 seconds. Now, I’m no programmer so the code is not pretty, but I thought I’d share it here in case it helped anyone else.

Asterisk / Elastix wallboard

Continue reading

Elastix vTiger exploit

Recently I’ve seen a big increase in the number of network scans against the version of vTiger that was included with Elastix.

The attackers are looking for this exploit – http://www.cvedetails.com/cve/CVE-2009-3249/

This allows viewing any file on the system, meaning that they can see all Asterisk usernames and passwords for trunks and extensions.

In fact there have been quite a lot of exploits with vTiger over the years, and there will likely be more – http://www.cvedetails.com/product/6148/Vtiger-Vtiger-Crm.html?vendor_id=3505

I strongly recommend that if you run Elastix (which includes vTiger even if you don’t use it) that you either –

  1. Limit access to the web interface of your server to only specific IP addresses
  2. If you don’t use vTiger then disable access to the interface by running –
chmod 000 /var/www/html/vtigercrm

FreePBX, Elastix, Trixbox secure access via SSH tunnel

One of the most insecure parts of an online PBX is the management web GUI. Restricting access to this is highly desirable and protects you from unpublished vulnerabilities.

One way is to use IPTables to limit certain IP addresses (http://sysadminman.net/blog/2011/restricting-web-interface-access-with-iptables-2156) but this relies on you having a fixed IP address.

Another, more flexible way, is to block all access via ports 80/443 (http/https) and access the system through a secure SSH tunnel using Putty.

If you have a SysAdminMan VPS and would like this setting up please get in touch.

First we need to block access to port 443/80. Do this be logging on as root and then running the iptables command to identify the rules allowing access. You may only see rules for port 80 or 443 depending on your system setup –

Continue reading

Elastix 1.5 and 1.6 security vulnerability

If you’re still using Elastix 1.5 or 1.6 (or earlier) then it is critically important that you ensure you are not open to this vulnerability –

http://secunia.com/advisories/41330/

This allows anyone to download a list of extensions and secrets from your Elastix server, no password required! They can then use this information to place expensive calls through your server.

To test if you are vulnerable visit the following URLs in a web browser, replacing the IP address with your Elastix server IP –

http://x.x.x.x/modules/extensions_batch/libs/download_csv.php
https://x.x.x.x/modules/extensions_batch/libs/download_csv.php

The easiest was to secure your server from this is to delete the affected file (this was done in later releases) –

rm /var/www/html/modules/extensions_batch/libs/download_csv.php

There are active scans on the Internet looking for vulnerable servers.

Part 8 – Create a custom trunk in Elastix for use with A2Billing

This is part 8 of a series of posts on setting up an Elastix extension with A2Billing. See here for details of the other parts – Using A2Billing to account for extension calls in Elastix

Now we are going to make some changes to the Elastix setup we did earlier. We are going to tell Elastix to route our calls via A2Billing, rather than going straight out using the trunk.

First we need to add a trunk so select Trunks and Add Custom Trunk –

Continue reading

Part 7 – Create a call plan and rate card in A2Billing on Elastix

This is part 7 of a series of posts on setting up an Elastix extension with A2Billing. See here for details of the other parts – Using A2Billing to account for extension calls in Elastix

This is by far the most complex part of setting up A2Billing. Creating and maintaining a rate card can be very time consuming. By far the best way to create the rates is to upload them from a CSV as provided by your VOIP provider. There can be many thousands of rates and it’s impossible to manage them by hand. We are going to create just a single rate to UK landlines so that we can test calling.

First click on RATECARD and Create Call Plan. Give your call plan a name, I’ve used Example –

Continue reading

Part 6 – Create a customer in a2billing on Elastix

This is part 6 of a series of posts on setting up an Elastix extension with A2Billing. See here for details of the other parts – Using A2Billing to account for extension calls in Elastix

Next we are going to create a customer in a2Billing. This will be the customer account for the extension 1000 that we setup in Elastix earlier.

First select CUSTOMERS and then Create Customers –

Continue reading

Part 4 – Create an outbound route in Elastix

This is part 4 of a series of posts on setting up an Elastix extension with A2Billing. See here for details of the other parts – Using A2Billing to account for extension calls in Elastix

Next we need to create an Outbound Route to tell Elastix which trunk to use for our calls.

Click on Outbound Routes on the left hand menus and then create a new Outbound Route –

Continue reading