Blog

How to – Integrate STIR/SHAKEN into Vicidial

STIR/SHAKEN

How to – Integrate STIR/SHAKEN into Vicidial

This document(written by Matt Florell) covers the TILTX SHAKEN (Call Shaper) API service features and how they integrate into VICIdial.

NOTE: you will need to use the VICIdial svn/trunk revision 3449 or higher on all servers in your cluster to use this feature.



What is the TILTX SHAKEN (Call Shaper) API service?

This service requires an AGI script to be run before each call is placed through your dialer(agi-TILTX_SHAKEN.agi). It will tag the call with SIP Headers with the "X-TILTX-ID", "Identity" and "CAID" values that TILTX returns so your carrier can route the call properly. There are also optional service features that allow for a National Do-Not-Call(DNC) list check and a Disconnected-number check, as well as CallerID Number validation/replacement "NumberRisk" service.

Reference TILTX URLs:
https://tiltx.zendesk.com/hc/en-us/articles/360060683571-TILTX-Call-Shaper-Module
https://tiltx.zendesk.com/hc/en-us/articles/4402421951885



How to set up TILTX Call Shaper on your VICIdial system:

REQUIREMENT 1: To use this feature, you will have to get a valid API Key from TILTX and create a new VICIdial Settings Container entry with the Container ID of "TILTX_SHAKEN_API_KEY", and place only the TILTX API key into the Container Entry.

REQUIREMENT 2: You will need to have the VICIdial svn/trunk revision 3449 or higher installed on all servers in your VICIdial cluster.

REQUIREMENT 3: You will need to put a similar dialplan entry into your Carrier Dialplan BEFORE the line where the call is placed out through your carrier:
			exten => _91NXXNXXXXXX,n,AGI(/var/lib/asterisk/agi-bin/agi-TILTX_SHAKEN.agi,${EXTEN:-10}-----${CALLERID(num)}-----YES-----)

		NOTE: Here are the configurable CLI flags for the above AGI script:
		  1. Phone number being called (USE DIALPLAN VARIABLE like '${EXTEN:-10}')
		  2. CallerID number being sent with call (USE DIALPLAN VARIABLE like '${CALLERID(num)}')
		  3. (YES/NO) whether to speak error messages or not, default 'NO'
		  4. Settings Container ID(override) to use for TILTX API settings, default 'TILTX_SHAKEN_API_KEY' if empty


New VICIdial statuses used: (if you are these subscribed to TILTX services)
ADCCAR - Disconnect Carrier-Defined
DNCCAR - DNC Carrier-Defined




Advanced Options:

You can override the hard-coded TILTX Call Shaper API "https://api.shaper.tiltx.com/Calls/shaper" by adding a second line to the Settings Container that looks like the following:

URL=>https://api.shaper.tiltx.com/Calls/shaper



Advanced Debug:

To see that the SIP Headers are being set properly, add the following line to your dialplan(extensions.conf after the 8368 "Playback" line), then reload your Asterisk dialplan and place a test call through the campaign detail screen:

exten => 8368,n,Verbose("X-CIDNAME:${SIP_HEADER(X-CIDNAME)}, X-TILTX-ID:${SIP_HEADER(X-TILTX-ID)}, Identity:${SIP_HEADER(Identity)}, CAID:${SIP_HEADER(CAID)}")

How do I get an API key for this?

That’s easy, send an email over to 007@tiltx.com and they will set you up.

Introduction to STIR/SHAKEN Webinar

STIR/SHAKEN

Introduction to STIR/SHAKEN Webinar

We will be holding a webinar on Thursday June 17th with special guest from the pioneers in STIR/SHAKEN technology from www.tiltx.com and Matt Florell from the ViciDial Group. -:- The live event link will be shared the day of the webinar. Please stay tuned for more info.

To be prepared for todays webinar, please reference this post: https://dialer.one/how-to-integrate-stir-shaken-into-vicidial/

Here is the link for the recording from the webinar: The password to watch it is: v97z$O9C

https://us02web.zoom.us/rec/play/DYKyCFGMn3A23DOaKuUG5DrbF9LcuEK3uuckDeiZTpVS46BhapyY6N8zF36vxTHyMqs7d0mN6GUHQHIa.wDqVOeE-5fM28kjt

Thank you all for attending and I hope to see your calls becoming compliant with this new technology and have a great rest of the year in your business ventures!

-Chris aka carpenox

How to – Scratch install Vicidial on CentOS 8

How to – Scratch install Vicidial on CentOS 8

This article will go over how to do a scratch install for Vicidial on CentOS 8. The majority of this was mapped out by Steve @ GenXoutsourcing. Thanks Steve

UPDATE: 6/13/21 -:- Special thanks to arx001 from the Vicidial Group Forums for helping me debug these instructions.

scratch install vicidial centos
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config

Set Default Editor to nano:
yum -y install nano

nano /etc/bashrc

Then add this line at the bottom:
export EDITOR="nano"

timedatectl set-timezone America/New_York


rc.local not work:

chmod +x /etc/rc.d/rc.local
systemctl enable rc-local
systemctl start rc-local
systemctl status rc-local

yum check-update
yum -y install epel-release
reboot

yum update -y
reboot

yum groupinstall "Development Tools" -y

reboot

yum -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
yum -y install http://rpms.remirepo.net/enterprise/remi-release-8.rpm
yum -y install yum-utils
dnf module enable php:remi-7.4


sudo dnf install -y mariadb-server

sudo dnf -y install dnf-plugins-core
sudo dnf config-manager --set-enabled powertools


yum install -y php php-mcrypt php-cli php-gd php-curl php-mysql php-ldap php-zip php-fileinfo php-opcache wget unzip make patch gcc gcc-c++ subversion php php-devel php-gd gd-devel readline-devel php-mbstring php-mcrypt php-imap php-ldap php-mysql php-odbc php-pear php-xml php-xmlrpc curl curl-devel perl-libwww-perl ImageMagick libxml2 libxml2-devel httpd libpcap libpcap-devel libnet ncurses ncurses-devel screen kernel* mutt glibc.i686 certbot python3-certbot-apache mod_ssl openssl-devel newt-devel libxml2-devel kernel-devel sqlite-devel libuuid-devel sox sendmail lame-devel htop iftop perl-File-Which php-opcache libss7 mariadb-devel libss7* libopen* 

systemctl start mariadb
mysql_secure_installation
systemctl enable mariadb

systemctl stop mariadb
cp /etc/my.cnf /etc/my.cnf.original
echo "" > /etc/my.cnf

nano /etc/my.cnf ; copy the below config to this file.

####################################################################################################

[mysql.server]
user = mysql
#basedir = /var/lib

[client]
port = 3306
socket = /var/lib/mysql/mysql.sock

[mysqld]
datadir = /var/lib/mysql
#tmpdir = /home/mysql_tmp
socket = /var/lib/mysql/mysql.sock
user = mysql
old_passwords = 0
ft_min_word_len = 3
max_connections = 800
max_allowed_packet = 32M
skip-external-locking
sql_mode="NO_ENGINE_SUBSTITUTION"

log-error = /var/log/mysqld/mysqld.log

query-cache-type = 1
query-cache-size = 32M

long_query_time = 1
#slow_query_log = 1
#slow_query_log_file = /var/log/mysqld/slow-queries.log

tmp_table_size = 128M
table_cache = 1024

join_buffer_size = 1M
key_buffer = 512M
sort_buffer_size = 6M
read_buffer_size = 4M
read_rnd_buffer_size = 16M
myisam_sort_buffer_size = 64M

max_tmp_tables = 64

thread_cache_size = 8
thread_concurrency = 8

# If using replication, uncomment log-bin below
#log-bin = mysql-bin

[mysqldump]
quick
max_allowed_packet = 16M

[mysql]
no-auto-rehash

[isamchk]
key_buffer = 256M
sort_buffer_size = 256M
read_buffer = 2M
write_buffer = 2M

[myisamchk]
key_buffer = 256M
sort_buffer_size = 256M
read_buffer = 2M
write_buffer = 2M

[mysqlhotcopy]
interactive-timeout

[mysqld_safe]
#log-error = /var/log/mysqld/mysqld.log
#pid-file = /var/run/mysqld/mysqld.pid

####################################################################################################


mkdir /var/log/mysqld
touch /var/log/mysqld/slow-queries.log
chown -R mysql:mysql /var/log/mysqld
systemctl restart mariadb

####################################################################################################


Install the Perl Modules
yum install -y perl-CPAN perl-YAML perl-libwww-perl perl-DBI perl-DBD-MySQL perl-GD perl-Env perl-Term-ReadLine-Gnu perl-SelfLoader perl-open.noarch

cpan -i Tk String::CRC Tk::TableMatrix Net::Address::IP::Local Term::ReadLine::Gnu Spreadsheet::Read Net::Address::IPv4::Local RPM::Specfile Spreadsheet::XLSX Spreadsheet::ReadSXC MD5 Digest::MD5 Digest::SHA1 Bundle::CPAN Pod::Usage Getopt::Long DBI DBD::mysql Net::Telnet Time::HiRes Net::Server Mail::Sendmail Unicode::Map Jcode Spreadsheet::WriteExcel OLE::Storage_Lite Proc::ProcessTable IO::Scalar Scalar::Util Spreadsheet::ParseExcel Archive::Zip Compress::Raw::Zlib Spreadsheet::XLSX Test::Tester Spreadsheet::ReadSXC Text::CSV Test::NoWarnings Text::CSV_PP File::Temp Text::CSV_XS Spreadsheet::Read LWP::UserAgent HTML::Entities HTML::Strip HTML::FormatText HTML::TreeBuilder Switch Time::Local Mail::POP3Client Mail::IMAPClient Mail::Message IO::Socket::SSL readline

cd /usr/bin/
curl -LOk http://xrl.us/cpanm
chmod +x cpanm


cpanm -f File::HomeDir
cpanm -f File::Which
cpanm CPAN::Meta::Requirements
cpanm -f CPAN
cpanm YAML
cpanm MD5
cpanm Digest::MD5
cpanm Digest::SHA1
cpanm readline


cpanm Bundle::CPAN
cpanm DBI
cpanm -f DBD::mysql
cpanm Net::Telnet
cpanm Time::HiRes
cpanm Net::Server
cpanm Switch
cpanm Mail::Sendmail
cpanm Unicode::Map
cpanm Jcode
cpanm Spreadsheet::WriteExcel
cpanm OLE::Storage_Lite
cpanm Proc::ProcessTable
cpanm IO::Scalar
cpanm Spreadsheet::ParseExcel
cpanm Curses
cpanm Getopt::Long
cpanm Net::Domain
cpanm Term::ReadKey
cpanm Term::ANSIColor
cpanm Spreadsheet::XLSX
cpanm Spreadsheet::Read
cpanm LWP::UserAgent
cpanm HTML::Entities
cpanm HTML::Strip
cpanm HTML::FormatText
cpanm HTML::TreeBuilder
cpanm Time::Local
cpanm MIME::Decoder
cpanm Mail::POP3Client
cpanm Mail::IMAPClient
cpanm Mail::Message
cpanm IO::Socket::SSL
cpanm MIME::Base64
cpanm MIME::QuotedPrint
cpanm Crypt::Eksblowfish::Bcrypt
cpanm Crypt::RC4
cpanm Text::CSV
cpanm Text::CSV_XS

####################################################################################################


cd /usr/src
wget http://download.vicidial.com/required-apps/asterisk-perl-0.08.tar.gz
tar xzf asterisk-perl-0.08.tar.gz
cd asterisk-perl-0.08
perl Makefile.PL
make all
make install 

dnf --enablerepo=powertools install libsrtp-devel -y
yum install -y elfutils-libelf-devel libedit-devel

cd /usr/src
wget http://downloads.sourceforge.net/project/lame/lame/3.99/lame-3.99.5.tar.gz
tar -zxf lame-3.99.5.tar.gz
cd lame-3.99.5
./configure
make
make install

cd /usr/src/
wget https://digip.org/jansson/releases/jansson-2.13.tar.gz
tar xvzf jansson*
cd jansson-2.13
./configure
make clean
make
make install 
ldconfig

UPDATE: 6/22/21 - Ty @Ankit for catching the wrong directiory below 

cd /usr/src/
wget https://downloads.asterisk.org/pub/telephony/dahdi-linux-complete/dahdi-linux-complete-current.tar.gz
tar xzf dahdi*
cd /usr/src/dahdi-linux-complete-3.1.0+3.1.0/
nano /usr/src/dahdi-linux-complete-3.1.0+3.1.0/linux/include/dahdi/kernel.h
remove #include: </linux/pci-aspm.h>
make
make install
make install-config
(if you get an error here about 4.18.0-305.7.1.el8_4.x86_64 missing then do "yum install *4.18.0-305.7.1.el8_4.x86_64")

yum install dahdi-tools-libs

cd tools
make clean
make
make install
make install-config

if it gives an error /usr/sbin/dahdi_cfg -vvvvvvvvvvvvv 
edit the file "system.conf.sample" in "system.conf"


cd /usr/src/
wget http://downloads.asterisk.org/pub/telephony/libpri/libpri-1.6.0.tar.gz
tar xzf libpri-1.6.0.tar.gz
cd /usr/src/libpri-1.6.0
make clean
make
make install

nano  /etc/php.ini
error_reporting  =  E_ALL & ~E_NOTICE
memory_limit = 128M
short_open_tag = On
max_execution_time = 330
max_input_time = 360
post_max_size = 100M
upload_max_filesize = 42M
default_socket_timeout = 360
date.timezone = Europe/Rome

cd /usr/src/
wget http://download.vicidial.com/required-apps/asterisk-13.29.2-vici.tar.gz
tar xzf asterisk-13.29.2-vici.tar.gz
cd /usr/src/asterisk-13.29.2/
./configure --libdir=/usr/lib64 --with-pjproject-bundled -with-jansson-bundled
make clean
make menuselect    ; ####### select chan_meetme 
make
make install
make samples
make config


mkdir /usr/src/astguiclient
cd /usr/src/astguiclient
svn checkout svn://svn.eflo.net:3690/agc_2-X/trunk


mysql
SET GLOBAL connect_timeout=60;
CREATE DATABASE `asterisk` DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;
CREATE USER 'cron'@'localhost' IDENTIFIED BY '1234';
GRANT SELECT,INSERT,UPDATE,DELETE,LOCK TABLES on asterisk.* TO cron@'%' IDENTIFIED BY '1234';
CREATE USER 'custom'@'localhost' IDENTIFIED BY 'custom1234';
GRANT SELECT,INSERT,UPDATE,DELETE,LOCK TABLES on asterisk.* TO custom@'%' IDENTIFIED BY 'custom1234';
GRANT SELECT,INSERT,UPDATE,DELETE,LOCK TABLES on asterisk.* TO cron@localhost IDENTIFIED BY '1234';
GRANT SELECT,INSERT,UPDATE,DELETE,LOCK TABLES on asterisk.* TO custom@localhost IDENTIFIED BY 'custom1234';
GRANT RELOAD ON *.* TO cron@'%';
GRANT RELOAD ON *.* TO cron@localhost;
GRANT RELOAD ON *.* TO custom@'%';
GRANT RELOAD ON *.* TO custom@localhost;
flush privileges;
use asterisk;
\. /usr/src/astguiclient/trunk/extras/MySQL_AST_CREATE_tables.sql
\. /usr/src/astguiclient/trunk/extras/first_server_install.sql
ALTER TABLE phones ALTER template_id SET DEFAULT '';
\. /usr/src/astguiclient/trunk/extras/sip-iax_phones.sql
quit

cd /usr/src/astguiclient/trunk
mkdir /usr/share/astguiclient
mkdir /var/log/astguiclient
mkdir /var/spool/asterisk/monitorDONE
perl install.pl

 Copy Asterisk Settings=Yes + Server webroot path=/var/www/html

####################################################################################################


/usr/share/astguiclient/ADMIN_area_code_populate.pl
/usr/share/astguiclient/ADMIN_update_server_ip.pl --old-server_ip=10.10.10.15

####################################################################################################


nano /etc/rc.local

### paste this below: 

#!/bin/sh
#
# This script will be executed *after* all the other init scripts.
# You can put your own initialization stuff in here if you don't
# want to do the full Sys V style init stuff.

touch /var/lock/subsys/local

# OPTIONAL enable ip_relay(for same-machine trunking and blind monitoring)
/usr/share/astguiclient/ip_relay/relay_control start 2>/dev/null 1>&2

# Disable console blanking and powersaving
/usr/bin/setterm -blank
/usr/bin/setterm -powersave off
/usr/bin/setterm -powerdown

### start up the MySQL server
systemctl restart mariadb.service

### start up the apache web server
systemctl restart apache2

### roll the Asterisk logs upon reboot
/usr/share/astguiclient/ADMIN_restart_roll_logs.pl

### clear the server-related records from the database
/usr/share/astguiclient/AST_reset_mysql_vars.pl

### load dahdi drivers
modprobe dahdi
/usr/sbin/dahdi_cfg -vvvvvvvvvvvvv

### sleep for 20 seconds before launching Asterisk
sleep 20

### start up asterisk
/usr/share/astguiclient/start_asterisk_boot.pl


####################################################################################################

crontab -e

### paste below:

### recording mixing/compressing/ftping scripts
#0,3,6,9,12,15,18,21,24,27,30,33,36,39,42,45,48,51,54,57 * * * * /usr/share/astguiclient/AST_CRON_audio_1_move_mix.pl
0,3,6,9,12,15,18,21,24,27,30,33,36,39,42,45,48,51,54,57 * * * * /usr/share/astguiclient/AST_CRON_audio_1_move_mix.pl --MIX
0,3,6,9,12,15,18,21,24,27,30,33,36,39,42,45,48,51,54,57 * * * * /usr/share/astguiclient/AST_CRON_audio_1_move_VDonly.pl
1,4,7,10,13,16,19,22,25,28,31,34,37,40,43,46,49,52,55,58 * * * * /usr/share/astguiclient/AST_CRON_audio_2_compress.pl --GSM
#2,5,8,11,14,17,20,23,26,29,32,35,38,41,44,47,50,53,56,59 * * * * /usr/share/astguiclient/AST_CRON_audio_3_ftp.pl --GSM

### keepalive script for astguiclient processes
* * * * * /usr/share/astguiclient/ADMIN_keepalive_ALL.pl --cu3way

### kill Hangup script for Asterisk updaters
* * * * * /usr/share/astguiclient/AST_manager_kill_hung_congested.pl

### updater for voicemail
* * * * * /usr/share/astguiclient/AST_vm_update.pl

### updater for conference validator
* * * * * /usr/share/astguiclient/AST_conf_update.pl

### flush queue DB table every hour for entries older than 1 hour
11 * * * * /usr/share/astguiclient/AST_flush_DBqueue.pl -q

### fix the vicidial_agent_log once every hour and the full day run at night
33 * * * * /usr/share/astguiclient/AST_cleanup_agent_log.pl
50 0 * * * /usr/share/astguiclient/AST_cleanup_agent_log.pl --last-24hours
## uncomment below if using QueueMetrics
#*/5 * * * * /usr/share/astguiclient/AST_cleanup_agent_log.pl --only-qm-live-call-check

## uncomment below if using Vtiger
#1 1 * * * /usr/share/astguiclient/Vtiger_optimize_all_tables.pl --quiet

### updater for VICIDIAL hopper
* * * * * /usr/share/astguiclient/AST_VDhopper.pl -q

### adjust the GMT offset for the leads in the vicidial_list table
1 1,7 * * * /usr/share/astguiclient/ADMIN_adjust_GMTnow_on_leads.pl --debug

### reset several temporary-info tables in the database
2 1 * * * /usr/share/astguiclient/AST_reset_mysql_vars.pl

### optimize the database tables within the asterisk database
3 1 * * * /usr/share/astguiclient/AST_DB_optimize.pl

## adjust time on the server with ntp
30 * * * * /usr/sbin/ntpdate -u pool.ntp.org 2>/dev/null 1>&2

### VICIDIAL agent time log weekly and daily summary report generation
2 0 * * 0 /usr/share/astguiclient/AST_agent_week.pl
22 0 * * * /usr/share/astguiclient/AST_agent_day.pl

### VICIDIAL campaign export scripts (OPTIONAL)
#32 0 * * * /usr/share/astguiclient/AST_VDsales_export.pl
#42 0 * * * /usr/share/astguiclient/AST_sourceID_summary_export.pl

### remove old recordings more than 7 days old
#24 0 * * * /usr/bin/find /var/spool/asterisk/monitorDONE -maxdepth 2 -type f -mtime +7 -print | xargs rm -f

### roll logs monthly on high-volume dialing systems
#30 1 1 * * /usr/share/astguiclient/ADMIN_archive_log_tables.pl

### remove old vicidial logs and asterisk logs more than 2 days old
28 0 * * * /usr/bin/find /var/log/astguiclient -maxdepth 1 -type f -mtime +2 -print | xargs rm -f
29 0 * * * /usr/bin/find /var/log/asterisk -maxdepth 3 -type f -mtime +2 -print | xargs rm -f
30 0 * * * /usr/bin/find / -maxdepth 1 -name "screenlog.0*" -mtime +4 -print | xargs rm -f

### cleanup of the scheduled callback records
25 0 * * * /usr/share/astguiclient/AST_DB_dead_cb_purge.pl --purge-non-cb -q

### GMT adjust script - uncomment to enable
#45 0 * * * /usr/share/astguiclient/ADMIN_adjust_GMTnow_on_leads.pl --list-settings

### Dialer Inventory Report
1 7 * * * /usr/share/astguiclient/AST_dialer_inventory_snapshot.pl -q --override-24hours

### inbound email parser
* * * * * /usr/share/astguiclient/AST_inbound_email_parser.pl



################ END PASTE HERE ####################


nano /etc/httpd/conf/httpd.conf

To disable logging, change:

CustomLog logs/access_log combined
        to this:
CustomLog /dev/null common

################

nano /etc/httpd/conf.d/record.conf

Alias /RECORDINGS/ "/var/spool/asterisk/monitorDONE/"

<Directory "/var/spool/asterisk/monitorDONE">
    Options Indexes MultiViews
    AllowOverride None
    Order allow,deny
    Allow from all
    Require all granted 
        <files *.mp3>
            Forcetype application/forcedownload
        </files>
</Directory>


################


for synchronization problems:

yourserverip/vicidial/admin.php
go to  Admin-> Servers-> update Asterisk Version: 13.29.2-vici
Or if you prefer the video version, watch our friend Harolds youtube

How to – Upgrade OpenSuSE from Leap 15.1 to 15.2 or 15.3

How to – Upgrade OpenSuSE from Leap 15.1 to 15.2 or 15.3

How to – Upgrade OpenSuSE from Leap 15.1 to 15.2 or 15.3 is what will be covered in this brief tutorial. Just change the 15.2 to 15.3 in any of the steps below to switch to 15.3 instead.

Step 1 – Preparing for upgrade by enabling the proper repository

zypper modifyrepo --enable openSUSE-Leap-15.1-Update
zypper ref
zypper up
vicibox9

Step 2 – Change existing repo’s for the others

This next part will change the repo’s to 15.2 and then we will start the fun part.

files="$(zypper lr -u | awk -F'|' '$4 ~ /Yes/ { gsub (" ", "", $2); r="/etc/zypp/repos.d/"$2".repo"; print r }')"
for f in $files
do
  echo "Backup of $f saved to /root/ before patching it up ..."
  cp -f "$f" /root/
  sed -i 's+/leap/15.1+/leap/$releasever+' "$f"
  sed -i 's+15.1.1+15.2+' "$f"
  sed -i 's+15.1+15.2+' "$f"
done

Step 3 – Update and reboot

zypper --releasever=15.2 ref
zypper --releasever=15.2 dup
reboot
vixibox9

If you have any problems, just comment here and I will help you out the best I can or you can drop by our Skype Group chat: https://join.skype.com/ujkQ7i5lV78O . Hope this helps a lot of you out there.

upgrade opensuse

]Make sure you copy mod_php7.conf to php7.confor the dynportal and audiostore conf files will cause apache to have errors. You can do so with the following command:

cp /etc/apache2/conf.d/mod_php7.conf /etc/apache2/conf.d/php7.conf

I hope this helps.

-Nox

How to – Secure Vicidial, correctly. Part 1

secure vicidial

How to – Secure Vicidial, correctly. Part 1

This article will show you how to secure Vicidial server correctly. This is definitely one of the topics, that I am asked about the most, so with that being said, this will be a multipart series with different “layers” of security from the basic way you need to secure your system in todays remote world, and as advanced as encrypted passwords, recordings, two factor authentication and more.

secure vicidial
Securing Vicidial

The steps I will cover in this article, will be the steps to take once you have finished installing a fresh Vicidial server. It will cover a single server setup, not a cluster which requires some additional steps to be shown later on in this series. This article will also presume you are setting this up for remote access, not just local. Let’s get started.


Secure Vicidial

Step 1 – Setup access through YAST firewall.

At the Linux CLI, type “yast firewall” and the following screen will pop up:

secure vicidial

Go down to “Interfaces” and select your NIC card that has WAN access and change the zone from default to public:

Change default zone to public

Then TAB over to the public zone and remove all entries but apache2-ssl and ssh, then add viciportal-ssl.

Public Zone services to allow

Finally, add these services to your “Trusted” zone and TAB over to [Accept] and press enter.

Trusted Zone services to allow

This completes the first step for securing your Vicidial server’s firewall access.


Step 2 – Granting access for Dynamic portal & IP whitelist access only through the VB-firewall crontab entry

The next thing you need to do is change the crontab entry from blacklist being blocked to whitelist and dynamic access only. To do so, type “crontab -e” at your Linux CLI and you should see the following:

crontab -e

“Page down” until you see the VB-firewall entries near the bottom and change them as you see below:

Make the changes you see above and press cntl+X to save and follow the prompts to save it.

Ok, so these steps above will prepare your server for the next steps of this process which I have written in other articles already, but I will link them here for easy navigation.


Step 3 – Enabling IP Whitelist

You can follow my blog post about IP whitelist, here.


Step 4 – Setting up the dynamic portal

You can follow the article for these instructions, here.

Dynportal
Dynportal

Well, that’s it for part 1, you have now setup your system for secure remote access to your server through IP whitelist & dynamic portal only. As always, feel free to comment below with any questions or issues you have along the way. My team and I are always available to help our Vicidial community secure themselves against the threats todays world comes with such as BazarCall malware, Ryuk and Conti Ransomwares and other cyber threats that directly target the telecommunications industry. Please protect yourself accordingly, if you need help with this, please fill out the form below for a FREE security audit or if you need some technical assistance on your servers.



Well, that’s it from us here at CyburDial for today, but please stay tuned for Part 2 of this series which will cover adding in other servers for a cluster type environment and how to allow access only to certain services on each server that are needed for communication between the cluster such as MySQL.

I hope this helps.

-Nox

How to – Scratch install instructions for Vicidial on OpenSuSE Leap 15.3 with Asterisk 16.17.0

Install Asterisk 16 on Vicidial

How to – Scratch install instructions for Vicidial on OpenSuSE Leap 15.3 with Asterisk 16.17.0

So, I have decided to write up a scratch install instructions for Vicidial on OpenSuSE Leap 15.3 with Asterisk 16.17-0 instead of Asterisk 13 and wanted to share the instructions step by step. I have not tested this yet.

zypper ar http://download.opensuse.org/distribution/leap/15.3/repo/oss/ openSUSE-Leap-15.3-Oss
zypper ar http://download.opensuse.org/repositories/devel:/languages:/perl/openSUSE_Leap_15.3/ openSUSE-Leap-15.3-PERL
zypper ar http://download.opensuse.org/repositories/server:/php:/applications/openSUSE_Leap_15.3/ openSUSE-Leap-15.3-PHP-Applications
zypper ar http://download.opensuse.org/update/leap/15.3/oss/ openSUSE-Leap-15.3-Update
zypper ar https://download.opensuse.org/repositories/home:vicidial:asterisk-13/openSUSE_Leap_15.3/home:vicidial:asterisk-13.repo
zypper ar https://download.opensuse.org/repositories/home:/vicidial/openSUSE_Leap_15.3/home:vicidial.repo
zypper ar https://download.opensuse.org/repositories/home:/vicidial:/vicibox/openSUSE_Leap_15.3/home:vicidial:vicibox.repo
zypper ar https://download.opensuse.org/repositories/home:/zippy:/jx:/packages-ready/openSUSE_Leap_15.3/ home_zippy_jx_packages-ready
zypper addrepo https://download.opensuse.org/repositories/devel:languages:python:Factory/openSUSE_Leap_15.3/devel:languages:python:Factory.repo



zypper ref
zypper up
zypper in dahdi*
zypper in libpri*
zypper in libedit*
zypper in net-snmp*
zypper in libjansson4*

zypper install sqlite3-devel mariadb-server mariadb make patch gcc gcc-c++ subversion php php-devel php-gd gd-devel php-mbstring php-mcrypt php-imap php-ldap php-mysql php-odbc php-pear php-xml php-xmlrpc curl curl-devel perl-libwww-perl ImageMagick libxml2 libxml2-devel httpd libpcap libpcap-devel libnet ncurses ncurses-devel screen mysql-devel ntp mutt wget nano unzip sipsak sox libuuid-devel httpd php-common php-pdo mod_ssl perl-DBI perl-DBD-MySQL perl-Digest-HMAC perl-YAML perl-ExtUtils-ParseXS perl-NetAddr-IP perl-Crypt-SSLeay perl-Curses perl-DBD-Pg perl-Module-ScanDeps perl-Text-CSV perl-HTML-Template perl-IO-Compress perl-Text-Glob perl-Jcode perl-Test-Script perl-Archive-Tar perl-Test-Base perl-OLE-Storage_Lite perl-Archive-Zip perl-Net-Server perl-Convert-ASN1 perl perl-Compress-Raw-Zlib perl-Digest-SHA1 perl-Data-Dumper perl-Error perl-ExtUtils-CBuilder perl-Test-Tester perl-Parse-RecDescent perl-Spiffy perl-IO-Zlib perl-Module-Build perl-HTML-Parser perl-Net-SSLeay perl-Proc-ProcessTable perl-TermReadKey perl-Term-ReadLine-Gnu perl-Digest-SHA perl-Tk perl-Net-SNMP perl-Test-NoWarnings perl-XML-Writer perl-Proc-PID-File perl-Compress-Raw-Bzip2 perl-libwww-perl perl-XML-Parser perl-File-Remove perl-Parse-CPAN-Meta perl-Set-Scalar perl-Probe-Perl perl-File-Which perl-Package-Constants perl-Module-Install perl-File-HomeDir perl-Spreadsheet-ParseExcel perl-Mail-Sendmail perl-Spreadsheet-XLSX asterisk-perl perl-version perl-Crypt-DES perl-URI perl-Net-Daemon perl-IO-stringy perl-YAML-Tiny perl-HTML-Tagset perl-Socket6 perl-BSD-Resource perl-IPC-Run3 perl-Text-CSV_XS perl-Unicode-Map perl-Net-Telnet perl-PAR-Dist perl-Date-Manip perl-JSON perl-rrdtool lame screen iftop htop perl-GD gcc gcc-c++- bzip2 make libjansson-devel dahdi-linux-devel libxml2-tools libxml2-2 libxml2-devel libuuid-devel sqlite3-devel



perl -MCPAN -e 'my $c = "CPAN::HandleConfig"; $c->load(doit => 1, autoconfig => 1); $c->edit(prerequisites_policy => "follow"); $c->edit(build_requires_install_policy => "yes"); $c->commit'

cpan -i String::CRC Tk::TableMatrix Net::Address::IP::Local Term::ReadLine::Gnu Spreadsheet::Read Net::Address::IPv4::Local RPM::Specfile Spreadsheet::XLSX Spreadsheet::ReadSXC MD5 Digest::MD5 Digest::SHA1 Bundle::CPAN Pod::Usage Getopt::Long DBI DBD::mysql Net::Telnet Time::HiRes Net::Server Mail::Sendmail Unicode::Map Jcode Spreadsheet::WriteExcel OLE::Storage_Lite Proc::ProcessTable IO::Scalar Scalar::Util Spreadsheet::ParseExcel Archive::Zip Compress::Raw::Zlib Spreadsheet::XLSX Test::Tester Spreadsheet::ReadSXC Text::CSV Test::NoWarnings Text::CSV_PP File::Temp Text::CSV_XS Spreadsheet::Read LWP::UserAgent HTML::Entities HTML::Strip HTML::FormatText HTML::TreeBuilder Switch Time::Local MIME::POP3Client Mail::IMAPClient Mail::Message IO::Socket::SSL readline 

cd /usr/bin/
curl -LOk http://xrl.us/cpanm
chmod +x cpanm
cpanm -f File::Which
cpanm -f File::HomeDir
cpanm CPAN::Meta::Requirements
cpanm -f CPAN
cpanm -f DBD::mysql
cpanm User::Identity --force
cpanm YAML MD5 Digest::MD5 Digest::SHA1 Curses Getopt::Long Net::Domain Term::ReadKey Term::ANSIColor HTML::FormatText MIME::Decoder Mail::POP3Client Mail::Message Crypt::Eksblowfish::Bcrypt

### Make Swap ###
mkdir -p /var/lib/swap
dd if=/dev/zero of=/var/lib/swap/swapfile bs=4G count=4096
mkswap /var/lib/swap/swapfile
swapon /var/lib/swap/swapfile
cat /proc/swaps
nano /etc/fstab
paste this: /var/lib/swap/swapfile swap swap defaults 0 0
save and exit

### Create DB & Cron user
mysql
CREATE DATABASE `asterisk` DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;
CREATE USER 'cron'@'localhost' IDENTIFIED BY '1234';
GRANT SELECT,INSERT,UPDATE,DELETE,LOCK TABLES on asterisk.* TO cron@'%' IDENTIFIED BY '1234';
GRANT SELECT,INSERT,UPDATE,DELETE,LOCK TABLES on asterisk.* TO cron@localhost IDENTIFIED BY '1234';
GRANT RELOAD ON *.* TO cron@'%';
GRANT RELOAD ON *.* TO cron@localhost;
flush privileges;
exit

### Install Asterisk 16 ###
mkdir /usr/src/asterisk
wget http://download.vicidial.com/beta-apps/asterisk-16.17.0-vici.tar.gz
tar -xzvf asterisk-16.17.0-vici.tar.gz
./configure --libdir=/usr/lib64 --with-pjproject-bundled -with-jansson-bundled
rm menuselect.makeopts
make menuselect*
**** Go down one to applications and hit enter, go down until you find the "meetme" app and press space bar, then hit "X" ****
make && make install && make samples && make config && make basic-pbx
/usr/share/astguiclient/start_asterisk_boot.pl

mkdir /usr/src/astguiclient
cd /usr/src/astguiclient
svn checkout svn://svn.eflo.net:3690/agc_2-X/trunk

mysql
SET GLOBAL connect_timeout=60;
use asterisk;
\. /usr/src/astguiclient/trunk/extras/MySQL_AST_CREATE_tables.sql
\. /usr/src/astguiclient/trunk/extras/first_server_install.sql
ALTER TABLE phones ALTER template_id SET DEFAULT '';
\. /usr/src/astguiclient/trunk/extras/sip-iax_phones.sql
quit

/usr/src/astguiclient/trunk/install.pl
/usr/share/astguiclient/ADMIN_area_code_populate.pl
/usr/src/astguiclient/trunk/bin/ADMIN_update_server_ip.pl

nano /etc/rc.local

### paste this below: 

#!/bin/sh
#
# This script will be executed *after* all the other init scripts.
# You can put your own initialization stuff in here if you don't
# want to do the full Sys V style init stuff.

touch /var/lock/subsys/local

# OPTIONAL enable ip_relay(for same-machine trunking and blind monitoring)
/usr/share/astguiclient/ip_relay/relay_control start 2>/dev/null 1>&2

# Disable console blanking and powersaving
/usr/bin/setterm -blank
/usr/bin/setterm -powersave off
/usr/bin/setterm -powerdown

### start up the MySQL server
systemctl start mariadb.service
systemctl enable mariadb.service

### start up the apache web server
systemctl start apache2
systemctl enable apache2

### roll the Asterisk logs upon reboot
/usr/share/astguiclient/ADMIN_restart_roll_logs.pl

### clear the server-related records from the database
/usr/share/astguiclient/AST_reset_mysql_vars.pl

### load dahdi drivers
modprobe dahdi
/usr/sbin/dahdi_cfg -vvvvvvvvvvvvv

### sleep for 20 seconds before launching Asterisk
sleep 20

### start up asterisk
/usr/share/astguiclient/start_asterisk_boot.pl


############## END PASTE HERE ##################


crontab -e

### paste below:

### recording mixing/compressing/ftping scripts
#0,3,6,9,12,15,18,21,24,27,30,33,36,39,42,45,48,51,54,57 * * * * /usr/share/astguiclient/AST_CRON_audio_1_move_mix.pl
0,3,6,9,12,15,18,21,24,27,30,33,36,39,42,45,48,51,54,57 * * * * /usr/share/astguiclient/AST_CRON_audio_1_move_mix.pl --MIX
0,3,6,9,12,15,18,21,24,27,30,33,36,39,42,45,48,51,54,57 * * * * /usr/share/astguiclient/AST_CRON_audio_1_move_VDonly.pl
1,4,7,10,13,16,19,22,25,28,31,34,37,40,43,46,49,52,55,58 * * * * /usr/share/astguiclient/AST_CRON_audio_2_compress.pl --GSM
#2,5,8,11,14,17,20,23,26,29,32,35,38,41,44,47,50,53,56,59 * * * * /usr/share/astguiclient/AST_CRON_audio_3_ftp.pl --GSM

### keepalive script for astguiclient processes
* * * * * /usr/share/astguiclient/ADMIN_keepalive_ALL.pl --cu3way

### kill Hangup script for Asterisk updaters
* * * * * /usr/share/astguiclient/AST_manager_kill_hung_congested.pl

### updater for voicemail
* * * * * /usr/share/astguiclient/AST_vm_update.pl

### updater for conference validator
* * * * * /usr/share/astguiclient/AST_conf_update.pl

### flush queue DB table every hour for entries older than 1 hour
11 * * * * /usr/share/astguiclient/AST_flush_DBqueue.pl -q

### fix the vicidial_agent_log once every hour and the full day run at night
33 * * * * /usr/share/astguiclient/AST_cleanup_agent_log.pl
50 0 * * * /usr/share/astguiclient/AST_cleanup_agent_log.pl --last-24hours
## uncomment below if using QueueMetrics
#*/5 * * * * /usr/share/astguiclient/AST_cleanup_agent_log.pl --only-qm-live-call-check

## uncomment below if using Vtiger
#1 1 * * * /usr/share/astguiclient/Vtiger_optimize_all_tables.pl --quiet

### updater for VICIDIAL hopper
* * * * * /usr/share/astguiclient/AST_VDhopper.pl -q

### adjust the GMT offset for the leads in the vicidial_list table
1 1,7 * * * /usr/share/astguiclient/ADMIN_adjust_GMTnow_on_leads.pl --debug

### reset several temporary-info tables in the database
2 1 * * * /usr/share/astguiclient/AST_reset_mysql_vars.pl

### optimize the database tables within the asterisk database
3 1 * * * /usr/share/astguiclient/AST_DB_optimize.pl

## adjust time on the server with ntp
30 * * * * /usr/sbin/ntpdate -u pool.ntp.org 2>/dev/null 1>&2

### VICIDIAL agent time log weekly and daily summary report generation
2 0 * * 0 /usr/share/astguiclient/AST_agent_week.pl
22 0 * * * /usr/share/astguiclient/AST_agent_day.pl

### VICIDIAL campaign export scripts (OPTIONAL)
#32 0 * * * /usr/share/astguiclient/AST_VDsales_export.pl
#42 0 * * * /usr/share/astguiclient/AST_sourceID_summary_export.pl

### remove old recordings more than 7 days old
#24 0 * * * /usr/bin/find /var/spool/asterisk/monitorDONE -maxdepth 2 -type f -mtime +7 -print | xargs rm -f

### roll logs monthly on high-volume dialing systems
#30 1 1 * * /usr/share/astguiclient/ADMIN_archive_log_tables.pl

### remove old vicidial logs and asterisk logs more than 2 days old
28 0 * * * /usr/bin/find /var/log/astguiclient -maxdepth 1 -type f -mtime +2 -print | xargs rm -f
29 0 * * * /usr/bin/find /var/log/asterisk -maxdepth 3 -type f -mtime +2 -print | xargs rm -f
30 0 * * * /usr/bin/find / -maxdepth 1 -name "screenlog.0*" -mtime +4 -print | xargs rm -f

### cleanup of the scheduled callback records
25 0 * * * /usr/share/astguiclient/AST_DB_dead_cb_purge.pl --purge-non-cb -q

### GMT adjust script - uncomment to enable
#45 0 * * * /usr/share/astguiclient/ADMIN_adjust_GMTnow_on_leads.pl --list-settings

### Dialer Inventory Report
1 7 * * * /usr/share/astguiclient/AST_dialer_inventory_snapshot.pl -q --override-24hours

### inbound email parser
* * * * * /usr/share/astguiclient/AST_inbound_email_parser.pl



################ END PASTE HERE ####################

a2enmod ssl
a2enflag SSL

reboot

go to http://127.0.0.1/vicidial/admin.php


Enjoy!!

-CarpeNox

BazarLoader used to deploy Ryuk ransomware on high-value targets

BazarLoader

BazarLoader used to deploy Ryuk ransomware on high-value targets

Trojan Horse malware

The TrickBot gang operators are increasingly targeting high-value targets with the new stealthy BazarLoader trojan before deploying the Ryuk ransomware.

For years, the TrickBot gang has been using their trojan to compromise enterprise networks by downloading different software modules used for specific behavior such as stealing passwordsspreading to other machines, or even stealing a domain’s Active Directory database.

As these modules have become heavily analyzed over time, security solutions have become better at detecting these modules before being utilized.

From TrickBot to BazarLoader

In April 2020, bleepingcomputer reported that the TrickBot gang had started to use a new BazarLoader/BazarBackdoor infection in phishing attacks.

In a new report, Advanced Intel security researchers explain that instead of burning victims with the highly-detected TrickBot trojan, threat actors now favor BazarBackdoor as their tool of choice for high-value enterprise targets.

“BazarBackdoor remains the covert malware relying upon minimal functionality while on the host producing high-value long-term infections due to its simplicity and external operation dependency to exploit more information later.”

“In other words, the BazarBackdoor “blending-in“ simplicity and obfuscation layer allows the payload to be a better choice for high-value targets,” Kremez told BleepingComputer in a conversation about their report.

A BazarLoader compromise starts with a targeted phishing attack, as shown by a phishing email received by BleepingComputer in April.

BazarLoader phishing attack
BazarLoader phishing attack

After infecting a computer, BazarLoader will use process hollowing to inject the BazarBackdoor component into legitimate Windows processes such as cmd.exe, explorer.exe, and svchost.exe. A scheduled task is created to load BazarLoader every time a user logs into the system.

BazarLoader scheduled task
BazarLoader scheduled task

Eventually, BazarBackdoor will deploy a Cobalt Strike beacon, which provides remote access to threat actors who install post-exploitation tools such as BloodHound and Lasagne for mapping a Windows domain and extracting credentials.

Ultimately, the attack leads to threat actors deploying Ryuk ransomware on the entire network and demand massive ransoms.

BazarBackdoor attack flow
BazarBackdoor attack flow
Source: Advanced Intel

Even with this increase in utilization, as BazarBackdoor requires a more significant amount of human-operation, Kremez believes that BazarLoader will be reserved for select targets.

“The downside of hunting with BazarBackdoor is that it requires an expensive exploitation operation to pivot from the infections,” Kremez explained.

For mass-distribution, we should continue to see TrickBot utilized for network compromise.


Check out our FREE security audit to see if you are a victim.

What is BazarCall malware?

BazarCall

What is BazarCall malware?

Answer: Malware targeting VoIP servers. Read on.

For the past two months, security researchers have been waging an online battle against a new ‘BazarCall’ malware that uses call centers to distribute some of the most damaging Windows malware.

The new malware was discovered being distributed by call centers in late January and is named BazarCall, or BazarCall, as the threat actors initially used it to install the BazarLoader malware.

While other malware is now being distributed, researchers continue to identify the distribution campaign as BazarCall.

Like many malware campaigns, BazarCall starts with a phishing email but from there deviates to a novel distribution method – using phone call centers to distribute malicious Excel documents that install malware.

Instead of bundling attachments with the email, BazarCall emails prompt users to call a phone number to cancel a subscription before they are automatically charged. These call centers would then direct users to a specially crafted website to download a “cancellation form” that installs the BazarCall malware.

BazarCall: From phishing emails to call centers

BazarCall attacks all start with a phishing email targeting corporate users that state the recipient’s free trial is about to run out. However, these emails do not provide any details regarding the alleged subscription.

The emails then prompt the user to contact a listed phone number to cancel the subscription before they are charged $69.99 to $89.99 for a renewal, as shown in the example BazarCall phishing email below.

Example BazarCall email
Example BazarCall email

While the bulk of the emails seen by BleepingComputer have been from a fictitious company named “Medical reminder service, Inc.”, the emails have also used other fake company names such as ‘iMed Service, Inc.’, ‘Blue Cart Service, Inc.’, and ‘iMers, Inc.’  

These emails all use similar subjects such as “Thank you for using your free trial” or “Your free trial period is almost over!” Security researcher ExecuteMalware has compiled a more extensive list of email subjects used by this attack.

When a recipient calls the listed phone number, they will be placed on a short hold and then be greeted by a live person. When asked for more information or how to cancel the subscription, the call center agent asks the victim for a unique customer ID enclosed in the email.

Randy Pargman, Vice President of Threat Hunting & Counterintelligence at Binary Defense, told BleepingComputer that this unique customer ID is a core component of the attack and is used by the call center to determine if the caller is a targeted victim.

“They will be able to identify the company that got that email when you give them a valid customer number on the phone. But if you give them a wrong number they will just tell you that they canceled your order and it’s all good without sending you to the website,” Pargman told BleepingComputer in a conversation about BazarCall.

If a correct customer ID is given, the call center agent will direct the user to a fake website that pretends to be the associated medical services company. The phone agent will stay on the phone with the victim and guide them to a cancellation page where they are prompted to enter their customer ID, as shown below.

BazarCall distribution site
BazarCall distribution site
Source: Brad Duncan

When the user enters their customer ID number, the website will automatically prompt the browser to download an Excel document (xls or xlsb). The call center agent will then help the victim open the file and clicking on the ‘Enable Content’ button to enable malicious macros.

In some calls conducted by Pargman, the threat actors instructed him to disable antivirus to prevent the malicious documents from being detected.

Malicious BazarCall Excel document
Malicious BazarCall Excel document

When the Excel macros are enabled, the BazarCall malware will be downloaded and executed on the victim’s computer.

When the BazarCall campaign first started, it was used to distribute the BazarLoader malware but has also begun distributing TrickBot, IcedID, Gozi IFSB, and other malware. 

These Windows infections are particularly dangerous as they provide remote access to compromised corporate networks where the threat actors spread laterally through the network to steal data or deploy ransomware.

Threat actors use BazarLoader and Trickbot to deploy the Ryuk or Conti ransomware, while IcedID has been used in the past to deploy the now-defunct Maze and Egregor ransomware infections.

Security researcher Brad Duncan has shared a video illustrating a call into the threat actor’s call center and its distribution of malicious documents to unsuspecting victims. https://www.youtube.com/embed/uAkeXCYcl4Y

BazarCall: Deployed via a Distribution-as-a-Service

While BazarLoader and the TrickBot infections are believed to be created by the same ‘TrickBot’ hacking group, the other distributed infections are not related to these threat actors.

Due to this, Pargman has told BleepingComputer that he believes that another threat actor group is running the call centers and renting out distribution as a Distribution-as-a-Service.

“My belief is that this is a distro as a service and that UNC1878 is probably a customer of theirs,” Pargman explained.

This belief is echoed by Cryptolaemus security researcher Joseph Roosen who told BleepingComputer that the distribution service is run like a regular company, keeping strict Monday through Friday business hours.

BleepingComputer’s efforts to contact the call center over the past four days have been unsuccessful due to the constantly changing infrastructure used by the threat actors.

Due to the efforts of researchers such as Pargman, Roosen, Duncan, William Thomas of Cyjax, TheAnalyst, and ExecuteMalware, and many others, the distribution service has been forced to constantly change their phone numbers and hosting sites as the researchers take them down. 

Unfortunately, even with the cybersecurity community’s combined efforts, this distribution method has been very successful.

Due to their distribution method, malware samples commonly have very low detection rates on VirusTotal as they are not publicly distributed and detected by antivirus vendors.

Furthermore, from emails seen by BleepingComputer, people are falling for this scam as they believe they are legitimate subscriptions that need to be canceled.


For this reason, we here at Cyburity would like to offer our services free of charge to anyone effected by this malware, BazarCall so we can track down their command centers and disable them as well as remediate any threat actors from your server. If you have been affected or would like to have a free security audit to see if you have been, please schedule a FREE security audit. By working together, we can break down these hacking groups to make it where they move on from this scam to something else…..because they will.

-Nox

How to – Install Asterisk 16 on Vicidial

Install Asterisk 16 on Vicidial

How to – Install Asterisk 16 on Vicidial

In this article, I will demonstrate Install Asterisk 16 on Vicidial aka vicibox 9. In theory it should also work for you CentOS lovers (bleh) too, but just change the zypper commands to yum.

Step 1 – Remove Asterisk 13 & install dependencies

zypper remove asterisk
zypper in libedit* gcc gcc-c++- bzip2 make libjansson-devel dahdi-linux-devel libxml2-tools libxml2-2 libxml2-devel libuuid-devel sqlite3-devel

modprobe dahdi
modprobe dahdi_dummy

Step 2 – Download & install Asterisk 16.17.0-vici

We can find this on the Vicidial website: http://download.vicidial.com/beta-apps/asterisk-16.17.0-vici.tar.gz

Copy the code below and paste it into your Linux CLI:

cd /usr/src/
wget http://download.vicidial.com/beta-apps/asterisk-16.17.0-vici.tar.gz
tar -xzvf asterisk-16.17.0-vici.tar.gz
cd asterisk-16.17.0-vici
./configure --libdir=/usr/lib64 --with-pjproject-bundled --with-jansson-bundled
rm menuselect.makeopts
make menuselect*
**** Go down one to applications and hit enter, go down until you find the "meetme" app and press space bar, then hit "X" ****
make && make install && make samples && make config && make basic-pbx
/usr/share/astguiclient/start_asterisk_boot.pl
Install Asterisk 16 on Vicidial
Press Space bar to select [*] app_meetme and then press X

Step 3 – Run the perl install script in /usr/src/astguiclient.trunk

cd /usr/src/astguiclient/trunk
perl install.pl

****make sure to change the asterisk version to: 16.17.0-vici & copy sample files

Step 4 – cp all files that have .rmpsave in /etc/asterisk to its original version as shown below

cd /etc/asterisk
example: cp sip.conf.rpmsave sip.conf

do the rest too

Install Asterisk 16 on Vicidial

Step 5 – Rebuild server via Vicidial admin

Go to Admin > Servers > Click on the server and change the Asterisk Version

Install Asterisk 16 on Vicidial
Change Asterisk Version

And then change ‘Rebuild conf files’ to Y and hit submit

Install Asterisk 16 on Vicidial

Now you can make sure everything is running correctly by typing the following commands and match the results to the picture below.

modprobe dahdi
dahdi_cfg -v
screen -ls
asterisk -r

Thats all there is to it. If you have any errors or problems, please let me know in the comments below or stop by our live support channel on skype. I hope this helps.

-Nox

How to – Vicidial Scratch install on CentOS 7

vicidial scratch install centos

How to – Vicidial Scratch install on CentOS 7

This is a complete guide for vicidial scratch installation on centos 7. It is assumed that you have freshly installed CentOS.

vicidial scratch install centos

Update OS & Reboot

yum -y update
reboot

Install Dependencies & Reboot

yum -y install epel-release
yum install -y kernel*
yum install -y kernel-devel

yum install -y httpd php-common php-pdo php php-pear php-mbstring php-cli php-gd php-imap php-devel phpsysinfo php-mysql phpmyadmin mod_ssl mariadb mariadb-server mariadb-devel perl-DBI perl-DBD-MySQL perl-Digest-HMAC perl-YAML perl-ExtUtils-ParseXS perl-NetAddr-IP perl-Crypt-SSLeay perl-Curses perl-DBD-Pg perl-Module-ScanDeps perl-Text-CSV perl-HTML-Template perl-IO-Compress perl-Text-Glob perl-Jcode perl-Test-Script perl-Archive-Tar perl-Test-Base perl-OLE-Storage_Lite perl-Archive-Zip perl-Net-Server perl-Convert-ASN1 perl perl-Compress-Raw-Zlib perl-Digest-SHA1 perl-Data-Dumper perl-Error perl-ExtUtils-CBuilder perl-Test-Tester perl-Parse-RecDescent perl-Spiffy perl-IO-Zlib perl-Module-Build perl-HTML-Parser perl-Net-SSLeay perl-Proc-ProcessTable perl-TermReadKey perl-Term-ReadLine-Gnu perl-Digest-SHA perl-Tk perl-Net-SNMP perl-Test-NoWarnings perl-XML-Writer perl-Proc-PID-File perl-Compress-Raw-Bzip2 perl-libwww-perl perl-XML-Parser perl-File-Remove perl-Parse-CPAN-Meta perl-Set-Scalar perl-Probe-Perl perl-File-Which perl-Package-Constants perl-Module-Install perl-File-HomeDir perl-Spreadsheet-ParseExcel perl-Mail-Sendmail perl-Spreadsheet-XLSX asterisk-perl perl-version perl-Crypt-DES perl-URI perl-Net-Daemon perl-IO-stringy perl-YAML-Tiny perl-HTML-Tagset perl-Socket6 perl-BSD-Resource perl-PlRPC perl-IPC-Run3 perl-Text-CSV_XS perl-Unicode-Map perl-Module-CoreList perl-Net-Telnet perl-PAR-Dist perl-Date-Manip perl-JSON perl-Proc-Daemon perl-Spreadsheet-WriteExcel perl-rrdtool install lame screen sox ntp iftop subversion dahdi-linux-devel php-xcache wget nano vim readline-devel 

yum install -y make patch gcc gcc-c++ 
yum -y install ncurses-devel
yum -y install libxml2-devel
yum -y install sqlite-devel

reboot

Enable & Start http,mariadb and Add Ports into Firewall

systemctl enable httpd.service; systemctl enable mariadb.service; systemctl start httpd.service; systemctl start mariadb.service
firewall-cmd --permanent --zone=public --add-service=http
firewall-cmd --permanent --zone=public --add-service=https
firewall-cmd --reload

enter Server-IP address into browser(from another Machine/Same Machine) and make sure Apache is showing Testing 123…Webpage. If this webpage is not showing then make sure Apache is properly install, the ports are added into Firewall. You can disable the firewall completely to make sure if it FW problem or something else.

Install CPAN Modules

cpan -i String::CRC Tk::TableMatrix Net::Address::IP::Local Term::ReadLine::Gnu Spreadsheet::Read Net::Address::IPv4::Local RPM::Specfile Spreadsheet::XLSX Spreadsheet::ReadSXC

Install Asterisk Perl Module

cd /usr/src/ 
wget http://download.vicidial.com/required-apps/asterisk-perl-0.08.tar.gz 
tar -zxf asterisk-perl-0.08.tar.gz 
cd asterisk-perl-0.08
perl Makefile.PL
make all 
make install

Asterisk 13.29.2 Download & Installation

Download & Unzip Asterisk, Dahdi & Libpri

mkdir /usr/src/asterisk
cd /usr/src/asterisk
wget http://download.vicidial.com/required-apps/asterisk-13.29.2-vici.tar.gz
wget http://download.vicidial.com/beta-apps/dahdi-linux-complete-2.11.1.tar.gz
wget http://downloads.asterisk.org/pub/telephony/libpri/libpri-current.tar.gz

tar xzf asterisk-13.29.2-vici.tar.gz
tar xzf dahdi-linux-complete-2.11.1.tar.gz
tar xzf libpri-current.tar.gz

Install DAHDI

cd dahdi-linux-complete-2.11.1+2.11.1
make all
make install
modprobe dahdi
modprobe dahdi_dummy
make config

Install Libpri

cd /usr/src/asterisk/libpri-1.6.0
make clean
make
make install

Install Asterisk Prerequisites

bash /usr/src/asterisk/asterisk-13.29.2-vici/contrib/scripts/install_prereq install

Install Asterisk *64bit

cd /usr/src/asterisk/asterisk-13.29.2-vici
./configure --libdir=/usr/lib64 --with-pjproject-bundled
make menuselect #Select Application>MeetMe App
make
make install
make samples
make config
chkconfig asterisk on

Create Database

mysql
CREATE DATABASE `asterisk` DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;
CREATE USER 'cron'@'localhost' IDENTIFIED BY '1234';
GRANT SELECT,INSERT,UPDATE,DELETE,LOCK TABLES on asterisk.* TO cron@'%' IDENTIFIED BY '1234';
GRANT SELECT,INSERT,UPDATE,DELETE,LOCK TABLES on asterisk.* TO cron@localhost IDENTIFIED BY '1234';
GRANT RELOAD ON *.* TO cron@'%';
GRANT RELOAD ON *.* TO cron@localhost;
flush privileges;
quit

Install Vicidial

mkdir /usr/src/astguiclient
cd /usr/src/astguiclient
svn checkout svn://svn.eflo.net:3690/agc_2-X/trunk
cd trunk
perl install.pl

Enter 13.29.2-vici when it asks for Asterisk Version + Copy Asterisk Settings=Yes + Server webroot path=/var/www/html

Import DB Server Install Settings

mysql
SET GLOBAL connect_timeout=60;
use asterisk;
\. /usr/src/astguiclient/trunk/extras/MySQL_AST_CREATE_tables.sql
\. /usr/src/astguiclient/trunk/extras/first_server_install.sql
\. /usr/src/astguiclient/trunk/extras/sip-iax_phones.sql
quit

Extra settings on Terminal

/usr/share/astguiclient/ADMIN_area_code_populate.pl
chmod -R 755 /usr/src/astguiclient/trunk/bin/VICIDIAL_IN_new_leads_file.pl
cp /usr/src/astguiclient/trunk/extras/performance_test_leads.txt /usr/share/astguiclient/LEADS_IN/
/usr/src/astguiclient/trunk/bin/VICIDIAL_IN_new_leads_file.pl --forcelistid=107 --forcephonecode=1

Start Up Script

nano /etc/rc.d/rc.local

Enter Following in the opened file, remove everything from there and copy paste below in it:

#!/bin/sh
#
# This script will be executed *after* all the other init scripts.
# You can put your own initialization stuff in here if you don't
# want to do the full Sys V style init stuff.

touch /var/lock/subsys/local

# OPTIONAL enable ip_relay(for same-machine trunking and blind monitoring)
/usr/share/astguiclient/ip_relay/relay_control start 2>/dev/null 1>&2

# Disable console blanking and powersaving
/usr/bin/setterm -blank
/usr/bin/setterm -powersave off
/usr/bin/setterm -powerdown

### start up the MySQL server
/etc/init.d/mysqld start

### start up the apache web server
/etc/init.d/httpd start

### roll the Asterisk logs upon reboot
/usr/share/astguiclient/ADMIN_restart_roll_logs.pl

### clear the server-related records from the database
/usr/share/astguiclient/AST_reset_mysql_vars.pl

### load dahdi drivers
modprobe dahdi
/usr/sbin/dahdi_cfg -vvvvvvvvvvvvv

### sleep for 20 seconds before launching Asterisk
sleep 20

### start up asterisk
/usr/share/astguiclient/start_asterisk_boot.pl

chmod +x /etc/rc.local

Setting up crontab

crontab -e

Copy the below and paste it into open window and then save it with “:wq”

### keepalive script for astguiclient processes
* * * * * /usr/share/astguiclient/ADMIN_keepalive_ALL.pl

### Compress astguiclient log files and remove old ones
25 2 * * * /usr/bin/find /var/log/astguiclient -maxdepth 1 -type f -mtime +1 -print | grep -v \.xz | xargs xz -9 >/dev/null 2>&1
28 0 * * * /usr/bin/find /var/log/astguiclient -maxdepth 1 -type f -mtime +30 -print | xargs rm -f

### fix the vicidial_agent_log once every hour and the full day run at night
33 * * * * /usr/share/astguiclient/AST_cleanup_agent_log.pl
50 0 * * * /usr/share/astguiclient/AST_cleanup_agent_log.pl --last-24hours
## uncomment below if using QueueMetrics
#*/5 * * * * /usr/share/astguiclient/AST_cleanup_agent_log.pl --only-qm-live-call-check

### updater for VICIDIAL hopper
* * * * * /usr/share/astguiclient/AST_VDhopper.pl -q

### adjust the GMT offset for the leads in the vicidial_list table
1 1,7 * * * /usr/share/astguiclient/ADMIN_adjust_GMTnow_on_leads.pl --debug --list-settings

### optimize the database tables within the asterisk database
3 1 * * * /usr/share/astguiclient/AST_DB_optimize.pl

### VICIDIAL agent time log weekly and daily summary report generation
2 0 * * 0 /usr/share/astguiclient/AST_agent_week.pl
22 0 * * * /usr/share/astguiclient/AST_agent_day.pl

### VICIDIAL campaign export scripts (OPTIONAL)
#32 0 * * * /usr/share/astguiclient/AST_VDsales_export.pl
#42 0 * * * /usr/share/astguiclient/AST_sourceID_summary_export.pl

### inventory report optional
#1 7 * * * /usr/share/astguiclient/AST_dialer_inventory_snapshot.pl -q --override-24hours

### roll logs monthly on high-volume dialing systems
#30 1 1 * * /usr/share/astguiclient/ADMIN_archive_log_tables.pl --months=6

### roll call_log and vicidial_log_extended daily on very high-volume dialing systems
#20 1 * * * /usr/share/astguiclient/ADMIN_archive_log_tables.pl --daily

## uncomment below if using Vtiger
#1 1 * * * /usr/share/astguiclient/Vtiger_optimize_all_tables.pl --quiet

# cleanup of the scheduled callback records
25 0 * * * /usr/share/astguiclient/AST_DB_dead_cb_purge.pl --purge-non-cb --quiet

### inbound email parser should only be active on a single server
* * * * * /usr/share/astguiclient/AST_inbound_email_parser.pl

### flush queue DB table every hour for entries older than 1 hour
11 * * * * /usr/share/astguiclient/AST_flush_DBqueue.pl -q

### remove and rotate old asterisk logs
29 0 * * * /usr/bin/find /var/log/asterisk -maxdepth 3 -type f -mtime +30 -print | xargs rm -f
30 0 * * * /usr/bin/find / -maxdepth 1 -name "screenlog.0*" -mtime +7 -print | xargs rm -f
31 0 * * * /usr/bin/find /tmp -maxdepth 1 -type f -mtime +7 -print | xargs rm -f
32 0 * * * /usr/bin/find /var/log/asterisk -maxdepth 1 -type f -mtime +1 -print | grep -v \.xz | xargs xz >/dev/null 2>&1

### recording mixing/compressing/ftping scripts
0,3,6,9,12,15,18,21,24,27,30,33,36,39,42,45,48,51,54,57 * * * * /usr/share/astguiclient/AST_CRON_audio_1_move_mix.pl
0,3,6,9,12,15,18,21,24,27,30,33,36,39,42,45,48,51,54,57 * * * * /usr/share/astguiclient/AST_CRON_audio_1_move_mix.pl --MIX
#0,3,6,9,12,15,18,21,24,27,30,33,36,39,42,45,48,51,54,57 * * * * /usr/share/astguiclient/AST_CRON_audio_1_move_VDonly.pl
1,4,7,10,13,16,19,22,25,28,31,34,37,40,43,46,49,52,55,58 * * * * /usr/share/astguiclient/AST_CRON_audio_2_compress.pl --MP3
#2,5,8,11,14,17,20,23,26,29,32,35,38,41,44,47,50,53,56,59 * * * * /usr/share/astguiclient/AST_CRON_audio_3_ftp.pl --MP3 --run-check
#0 1 * * * /usr/share/astguiclient/AST_CRON_audio_4_ftp2.pl --ftp-server=server.ip --ftp-login=user --ftp-pass=pass --ftp-directory=/ --ftp-persistent --ftp-validate --transfer-limit=100000 --list-limit=100000

### remove old recordings more than 7 days old, and delete originals after 1 day
#24 0 * * * /usr/bin/find /var/spool/asterisk/monitorDONE -maxdepth 2 -type f -mtime +7 -print | xargs rm -f
24 1 * * * /usr/bin/find /var/spool/asterisk/monitorDONE/ORIG -maxdepth 2 -type f -mtime +1 -print | xargs rm -f

### kill Hangup script for Asterisk updaters
* * * * * /usr/share/astguiclient/AST_manager_kill_hung_congested.pl

### updater for voicemail
* * * * * /usr/share/astguiclient/AST_vm_update.pl

### updater for conference validator
* * * * * /usr/share/astguiclient/AST_conf_update.pl

### reset several temporary-info tables in the database
2 1 * * * /usr/share/astguiclient/AST_reset_mysql_vars.pl

### Reboot nightly to manage asterisk issues and memory leaks - uncomment if issues arise
30 6 * * * /sbin/reboot

### remove text to speech file more than 4 days old
#20 0 * * * /usr/bin/find /var/lib/asterisk/sounds/tts/ -maxdepth 2 -type f -mtime +4 -print | xargs rm -f

### Update agent records with the IP of the phone they are logging in on
#*/5 * * * * /usr/share/astguiclient/AST_phone_update.pl --agent-lookup

### Delete voicemail that is older then 60 days
#0 2 * * * /usr/local/bin/vmspool_manager.pl --active --age=60

### ViciBox integrated firewall, by default just load the VoIP Black list and reload it every 4 hours
### You can lock everyone out of your server if you set this wrong, so understand what you are doing!!!
@reboot /usr/local/bin/VB-firewall.pl --voipbl --noblack --quiet
0 */6 * * * /usr/local/bin/VB-firewall.pl --voipbl --noblack --flush --quiet

Finally Reboot

reboot

Verify Installation

screen -ls

Installing G729 Codec

cd /usr/lib64/asterisk/modules
wget http://asterisk.hosting.lv/bin/codec_g729-ast130-gcc4-glibc-x86_64-core2.so
mv codec_g729-ast130-gcc4-glibc-x86_64-core2.so codec_g729.so
asterisk -r
module load codec_g729.so
/etc/init.d/asterisk restart

Login Vicidial Admin/Agent Interface

Admin Interface:
yourserverip/vicidial/admin.php (username:6666, password:1234)
Agent Interface:
yourserverip/agc/vicidial.php (enter agent username and password which you have created through admin interface)

Verify Codec Installation

asterisk -r  core show translations

Backup/Test/Restore Existing Vicidial System

Run this for a 1-server system or server with database on it: (this may take hours on large system)

/usr/share/astguiclient/ADMIN_backup.pl --debugX

Run this on dialer/Asterisk-only servers: (do not run this if you only have one server):

/usr/share/astguiclient/ADMIN_backup.pl --debugX --without-db --without-web

Test backup:

Create a new (any name) database on any mysql server, apply the backup data to it, and verify a new lead from Today is actually in there.

On ALL servers: (Database, web, telephony)

cd /usr/src/astguiclient

Download Vicidial trunk on ALL servers

svn checkout svn://svn.eflo.net:3690/agc_2-X/trunk

On ONLY database server:

Going into mysql and executing the upgrade sql file:
mysql
use asterisk
\. /usr/src/astguiclient/trunk/extras/upgrade_2.14.sql
quit

about:blankREPORT THIS AD

On ALL servers: (Database, web, telephony)

cd /usr/src/astguiclient/trunk
perl ./install.pl
NOTES: If you have customized any scripts in the bin or agi folders,
then make sure you back them up before running the install.pl script.
This script will replace existing files in the astguiclient installation.

On one server only, update your phone codes data:

/usr/share/astguiclient/ADMIN_area_code_populate.pl --purge-table –debug

systemctl restart dahdi; systemctl disable asterisk
modprobe dahdi

cp /usr/src/asterisk/asterisk-13.29.2/contrib/init.d/rc.redhat.asterisk /etc/init.d/asterisk


I hope this helps
-Nox