Blog

How to – Use Firewalld via command line

Robots trying to hack in

How to – use Firewalld via command line

This short post is just going to briefly go over the more common commands you need in order to manage firewalld and make sure you keep your servers safe. This firewall works in conjunction with the dynamic portal for ViciDial as well as the built in whitelist initially named ViciWhite in the IP list area in Admin.

Dynamic portal
Dynamic portal

Systemctl and Firewalld

Enable firewalld

This makes sure that firewalld will be started automatically with the server.

systemctl enable firewalld

Start firewalld

After the firewalld service is enabled, you’ll need to start it manually the first time. This is how you would manually start firewalld if it were not already running.

systemctl start firewalld

Stop firewalld

When troubleshooting rules and connection issues, you may need to stop the fireawlld service momentarily. You can stop the service with the following command.

systemctl stop firewalld

Restart firewalld

If for some reason, you need to restart the service, you can do that with the systemctl restart command.

systemctl restart firewalld

Firewalld status

Checking the status of the service gives us the most meaningful and informative output. Here you can see whether the service is enabled, running, failed, or anything else.

systemctl status firewalld

In this example output, you can see that the service is enabled, active, and running on the server. If it were not running or in a failed state, this would be displayed.

[root@alma ~]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: active (running) since Tue 2019-01-22 22:50:32 EST; 1h 0min ago
Main PID: 808 (firewalld)
CGroup: /system.slice/firewalld.service
└─808 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid

Managing Firewalld and Configuring Rules

Now that we have firewalld running, we can get down to set the configuration. We can open ports, allow services, whitelist IPs for access, and more. In all of these examples, we include the –permanent flag. This is important to make sure a rule is saved even after you restart firewalld, or reboot the server. Once you’re done adding new rules, you need to reload the firewall to make the new rules active.

Add a Port for TCP or UDP

You do have to specify TCP or UDP and to open a port for both. You will need to add rules for each protocol.

firewall-cmd --permanent --add-port=22/TCP
firewall-cmd --permanent --add-port=53/UDP

Remove a Port for TCP or UDP

Using a slight variation on the above structure, you can remove a currently open port, effectively closing off that port.

firewall-cmd --permanent --remove-port=444/tcp

Add a Service

These services assume the default ports configured within the /etc/services configuration file; if you wish to use a service on a non-standard port, you will have to open the specific port, as in the example above.

firewall-cmd --permanent --add-service=ssh
firewall-cmd --permanent --add-service=http

Remove a Service

As above, you specify the remove-service option, and you can close off the port that is defined for that service.

firewall-cmd --permanent --remove-service=mysql

Whitelist an IP Address

To whitelist or allow access from an IP or range of IPs, you can tell the firewall to add a trusted source.

firewall-cmd --permanent --add-source=192.168.1.100

You can also allow a range of IPs using what is called CIDR notation. CIDR is outside the scope of this article but is a shorthand that can be used for noting ranges of IP addresses.

firewall-cmd --permanent --add-source=192.168.1.0/24

Remove a Whitelisted IP Address

To remove a whitelisted IP or IP range, you can use the –remove-source option.

firewall-cmd --permanent --remove-source=192.168.1.100

Block an IP Address

As the firewall-cmd tool is mostly used for opening or allowing access, rich rules are needed to block an IP. Rich rules are similar in form to the way iptables rules are written.

firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source address='192.168.1.100' reject"

You can again use CIDR notation also block a range of IP addresses.

firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source address='192.168.1.0/24' reject"

Whitelist an IP Address for a Specific Port (More Rich Rules)

We have to reach back to iptables and create another rich rule; however, we are using the accept statement at the end to allow the IP access, rather than reject its access.

firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="192.168.1.100" port protocol="tcp" port="3306" accept'

Removing a Rich Rule

To remove a rich rule, use the option —remove-rich-rule, but you have to fully specify which rule is being removed, so it is best to copy and paste the full rule, rather than try to type it all out from memory.

firewall-cmd --permanent --remove-rich-rule='rule family="ipv4" source address="192.168.1.100" port protocol="tcp" port="3306" accept'

Saving Firewall Rules

After you have completed all the additions and subtraction of rules, you need to reload the firewall rules to make them active. To do this, you again use the firewall-cmd tool but using the option –reload.

firewall-cmd --reload

Viewing Firewall Rules

After reloading the rules, you can confirm if the new rules are in place correctly with the following.

firewall-cmd --list-all

Here is an example output from the –list-all option, you can see that this server has a number of ports, and services open in the firewall along with a rich rule (that forwards one port to another).

[root@alma ~]# firewall-cmd --list-all
public (default, active)
interfaces: enp1s0
sources: 192.168.1.0/24
services: dhcpv6-client dns http https mysql nfs samba smtp ssh
ports: 443/tcp 80/tcp 5900-5902/tcp 83/tcp 444/tcp 3260/tcp
masquerade: no
forward-ports:
icmp-blocks:
rich rules:
rule family="ipv4" source address="192.168.1.0/24" forward-port port="5423" protocol="tcp" to-port="80"


Hopefully this will help a lot of you that end up just not using a firewall at all because it intimidates you not knowing how to use it correctly. Well, I’ve just eliminated that excuse, so now I want to see more of you securing your servers and dialer systems. Here is a few articles to get you started in the right direction.

This will show you how secure OpenSUSE LEAP
Securing CentOS, Alma or Rocky Linux

Here are some more articles in relation to VICIdial security for your servers

How to – Use the built in Dynamic Portal for Vicibox
How to – Turn on IP whitelist in Vicidial
How to – Use one dynamic portal for whitelisting and have it sync across an entire cluster
How to – Fix the firewall on Vicibox10


That’s it for this article, hopefully you guys take this serious because hackers, especially ransomware thieves are targeting dialer servers in particular for their schemes, such as using the VoIP to call their victims to either trick them into downloading files or threatening them over the phone with blackmail or other means. BazarCall is one of the more well known tools thats being used by the ransomware group called Ryuk.

Call Center Solutions For Every type of Business, based in the Cloud

Agent Interface

Call Center Solutions For Every type of Business, based in the Cloud

Credit: Written By Sajid Ahmad

CyburDial Realtime Screen to monitor your agents by listening in, whispering(the agent can hear you but customer can not) or barging the call to take it over.
CyburDial Realtime Screen

What is a cloud center cloud solution?

Call center cloud solutions are the new age way to keep people working mainly when COVID hit. its to replace the more commonly known on-premise locations and having to house equipment for placing and receiving calls. It has given the call center world basically no restrictions when it comes to location, people they want to hire that don’t live locally and so many more benefits that it just doesn’t make sense not to switch to a cloud based phone system such as CyburDial.

In this, the cloud call focus can use the innovation of cloud communication that shows up with coordinated and fundamental elements, for example, IVR to give that expert voice edge to your clients, a live board to see an unmistakable image of business calls, call directing for sending the right calls to the right divisions or specialists.

This multitude of advantages show up with a virtual number or a complementary number. There are different numbers planned behind a complementary number. It makes more straightforward to advance significant calls to the right specialists or divisions.

Aside from these fundamental highlights, complementary numbers assist clients with contacting the business clients.

In the current day’s electronic world, cloud call focus arrangement gives simple admittance to the administrations which are fundamental for business correspondence like fast availability, better effort, and quick client question redressal.

These days if crowding into a physical location call center are over!

What are the advantages of a cloud call focus arrangement?

Cloud call focus arrangement collects the capability of a business to effort its clients with next to no geological limitations. As of not long ago, the old conventional framework used to give restricted client outreach choices that too with the adequate sum put resources into the establishment of the disconnected equipment.

Use CyburDial on any device
You can use CyburDial from any device with no additional downloads needed

Be that as it may, the cloud communication arrangement will provide your business with every one of the advantages of a call center, but without any burdens jor overhead that come with a physical location.

-:- Cloud Based Contact Center Solution -:-

Here are a few advantages that our cloud call focus arrangement will give your business and enable you to set up a cloud-based smaller than normal call community for your call taking care of:

1. More straightforward versatility:

Cloud call focus arrangement permits your business to scale and extend with no additional venture on cumbersome equipment. In situations where organizations need to add more specialists to the group or move to an alternate area or a nation out and out, Call center solutions on cloud focuses arrangements will not end up being oppressive.

2. Upgraded unwavering quality:

With quick cloud-based call center arrangements, your business can profit quickly while giving your clients the chance to have there goals met with almost zero wait time. Making them happy ends with you acquiring more clients via word of mouth w mean mmhich we all know it’s the best type of marketing on the planet.

3. Savvy module:

Setting up a contact center solution such as CyburDial is a way less feverish strategy than introducing massive on-premise equipment. It’s totally savvy on the grounds that your business can save that ridiculous amount you would normally spend on hardware for a local office and use it to put resources into the establishment and marketing for massive equipment.

4. First class security:

Cloud based contact center solutions offer more dependable information security as it is totally put away upheld in the cloud which empowers information encryption, ongoing administrator control, and server security with an intense firewall solution that totally locks down the system, but at the same time has something called the Dynamic portal which allows agents to authenticate their IP on the server in order to gain access. Tried approval is urgent with regards to the cloud call focus, in this way, it accompanies different security levels.

Dynamic portal
Dynamic portal

5. Insignificant margin time:

Customarily introduced equipment is inclined to separate in vital circumstances and normally takes more than an adequate measure of time in handling. In any case, with a cloud based contact center solution’ like CyburDial, it has immaterial personal time and guarantees no call misfortune for your business.

6. State-of-the-art framework mix:

Dissimilar to conventional equipment, cloud communication works with your clients to remain refreshed with current mechanical updates and enable your group to acquire the necessary computerization and improvement. Your business can then effectively overhaul and upgrade your contact center to be in-accordance with the ongoing TCPA changes and more importantly, to keep up with the times.

Data Center
Data Center

7. Execution investigation and information accessibility:

You can track, record and investigate the exhibition of your representatives with definite reports benefited by cloud based contact center. It is planned in a manner to furnish you with an easy to understand insight alongside thorough reports of recorded and convenient followed calls.

8. Business accessibility: 

Your business can undoubtedly guarantee 24*7 accessibility for your clients with a cloud-based call place arrangement. With customary equipment nonstop accessibility is hard to satisfy as it anticipates that the group should remain on the PC consistently. Consequently, with cloud innovation, progression in client care administration is altogether guaranteed by your business.


Hopefully this short article has given you some new insight and a better perspective on why you should change from those old bulky hard phones that take up room on your desk and switch to a system that works right on the computer you use all day anyways, or better yet, pull it up on your iPad, your iPhone, Android, tablet, surface or literally any smart device with a browser that you can think of, even your smart TV. Let’s leave the past and join the future, come join us as we revolutionize the telecommunications world by bringing in a solution that not only handles phone calls, but so much more and we can also integrate any CRM you already use to where they will communicate back and forth and sync your information across both platforms seamlessly. Oh, and one last thing i forgot to mention, CyburDial isn’t something you are going to rent from us or pay a ridiculous per seat charge($150+ per seat) like these other dialer systems(which we do have seat rentals available for startups if you prefer), but CyburDial is a custom built dialer system that you will own! That’s right, you buy the cloud based server which we will show you some options to pick from, we install our custom system on your server and then handle all your integrations for CRM’s and anything else you may need to combine with your new state of the art technology. We then provide you with learning material such as a 600 page manual, videos demonstrating how to use most of the more common features you will need to know about, an in depth training over zoom for both your agents and then your managers, making sure you have everything you need to know, in order to be successful in your business, but that’s not all, we are also going to provide you with 90 days support included in your buildout, to answer any questions as they come along, hop on a zoom call with you and/or your team to show you live how to do something your unsure of, we will create some loom videos for anything that’s confusing any of your staff, as well as 24 hour access to our helpdesk to make sure someone is ALWAYS around to help you. So what are you waiting for? Get ahold of us now by calling us at 725-22-CYBUR – Emailing us at sales@dialer.one or if you’d like to talk to someone over chat, click the little chat box in the corner or come join our Live Support Channel on Skype which has people from over 45 countries covering 6 continents where the passing of knowledge and the generosity of men and women helping each other is in no short demand because when you join CyburDial, its not just one of the best decisions you’ll make by becoming business associates, but you also become family.

-Chris aka carpenox

Tips and Tricks – Uncommon Issues

90 Day Callback filter

Tips and Tricks – Uncommon Issues

8/21/2022- carpenox

In this article, I am going to go over some of the more often asked questions and how to fir them. If you still don’t understand, feel free to join our live chat. Also included will be some pretty useful ways to use Linux’ built in tools for your benefit.

1) Lets start easy with “htop”. This command, “htop” will display your current drain on system resources and show you where you stand. Take a look at the picture below:

htop
htop

2) Creating a filter to only call certain status every 90 days only

This next one can be very useful for those of you that need to drop certain dispositions from being called for a set time period, for this example, we’re gonna say 90 days for any lead marked with NI(not interested). You need to create a “filter” and paste the following mysql query which can be altered to fit your needs: “status IN (‘NI’) and modify_date < NOW() – INTERVAL 90 DAY OR status IN (‘N’,’NA’ ,’B’,’AB’,’DROP’,’PDROP’,’NEW’,’NP’,’NANQUE’,’ADCT’)”. The first status “NI” can be set to anything you want, like ‘ADCT’ to go back and see if those temporary disconnected numbers are back or whatever dispo you’d like to go back to. You can also change the 90 to however many days you want to wait before dialing those again and finally, you can change from the right side of the query where it says “status IN (‘N’,’NA’ ,’B’,’AB’,’DROP’,’PDROP’,’NEW’,’NP’,’NANQUE’,’ADCT’)” and either add to it or remove from it, etc. Here is a small example of the one used in this article:

filter
90 day filter

3) Is your audio store not accepting new files? Does it keep telling you improper format? Not a problem, we need to run a few commands in the Linux cli to get this fixed up. Copy and paste the code below:

cd /usr/share/astguiclient/
sed -i 's/wgetbin -q/wgetbin --no-check-certificate -q/g' ADMIN_audio_store_sync.pl

/usr/share/astguiclient/ADMIN_audio_store_sync.pl --debugX


chmod -R 777 audio folder in /var/www/html/audio_folder (somehting like ndt7h4rr8fynf3y8er)
chown -R apache:apache /var/www/html/audio_folder (somehting like ndt7h4rr8fynf3y8er)

4) Need to change your recording links from http to https? Try the following query in mysql:

UPDATE recording_log
SET location = REPLACE(location, 'http://127.0.0.1/', 'https://127.0.0.1/')
WHERE location LIKE '%http://127.0.0.1/%';

you can also run this with archive_log instead of recording_log and the Ip's can be switched out with FQDN's or domain names.

5) Here is a simple way to change the passwords for all users as well as a couple variants to get more specific:

update vicidial_users 
set pass="newpass";  ###update all users password

update vicidial_users 
set pass="newpass" 
where user between 7000 AND 7015;  ##update users that are only between 7000 and 7015

update vicidial_users 
set pass="newpass"
 where user_level between 1 AND 8;  ##change password for all users between levels 1 and 8, dont change level 9 passwords

That’s it for today, I’ll add some more tomorrow and the days to follow so stay tuned.

Thanks, Chris aka carpenox


9/5/2022 – Adding a few more

6) Speed up call handling for agent only or dial servers only. (no web/DB)

If you are using servers where agents only log in and handle calls, but no calls are placed out from it, then you can use the new delay options on those servers to enhance efficient operations. The –autodial-delay=X option in the ADMIN_keepalive_ALL.pl script will allow you to set the delay to 100 milliseconds for these agent-only servers(the default is 2500ms). Lowering the delay for agent-only servers makes the auto-dial FILL process more responsive to the changes in the agent state on the agent-only servers which will enhance how your cluster operates. You can also use the –adfill-delay=X CLI option for the ADMIN_keepalive_ALL.pl script on the server that is running the FILL process and lower it as well if you have a larger cluster. The default of that process is also 2500ms, but you can lower it down to 500ms if needed.

7) Are all your calls showing DISPO?

This is usually because your php time doesnt match the system. You can change it by editing /etc/php.ini for CentOS/Alma/Rocky or /etc/php7/php.ini for Leap. Just change it to match and you’ll be good to go.

8) How can I move a lead based on how many times its been called or how old the lead is?

The answer is yes, you can use the script named dispo_move_list.php, that you can find in your /usr/src/astguiclient/trunk/extras folder on your web server. It has a few different choices you can use that you can see below:

# Definable Fields: (other fields should be left as they are)
# - log_to_file - (0,1) if set to 1, will create a log file in the agc directory
# - sale_status - (SALE---XSALE) a triple-dash "---" delimited list of the statuses that are to be moved
# - exclude_status - (Y,N) if set to Y, will trigger for all statuses EXCEPT for those listed in sale_status, default is N
# - talk_time_trigger - (0,1,2,3,...) if set to number greater than 0, will only trigger for talk_time at or above set number, default is 0
# - called_count_trigger - (1,2,3,...) if set to number greater than 0, will only trigger for called_count at or above set number, default is 0
# - list_id_trigger - (101,...) if set to number greater than 99, will only trigger for list_id equal to the set number(NOTE: list_id must be sent), default is disabled
# - list_id - (101,...) if you want to use list_id_trigger then this must be set: "list_id=--A--list_id--B--", default is disabled
# - lead_age - (1,2,3,...) if set to number greater than 0, will only trigger for a lead entry_date this number of days old or older, default is 0
# - new_list_id - (999,etc...) the list_id that you want the matching status leads to be moved to
# - reset_dialed - (Y,N) if set to Y, will reset the called_since_last_reset flag on the lead
# - populate_sp_old_list - (Y,N) if set to Y, will populate the security_phrase field of the lead with the old list_id
# - populate_comm_old_date - (Y,N) if set to Y, will populate the comments field of the lead with the date and time when the lead was last called
# Multiple sets of statuses:
# - sale_status_1, new_list_id_1, reset_dialed_1, exclude_status_1, called_count_trigger_1 - adding an underscore and number(1-99) will allow for another set of statuses to check for and what to do with them
# - multi_trigger - (talk-age...) if set to 1 or more of "talk,age,list,count,status"(separated by '-') it will check for only one of included triggers to be met for the lead to be moved, (does not work with multiple sets)

9) Can I record my agents outside of ViciDial or once calls are transferred outside the system?

Yes, you can. You have to use an agi script called agi-NVA_recording.agi which was made for this purpose. Here are some triggers for it below:

# ; 1. logging output (NONE|STDERR|FILE|BOTH)
# ; 2. the ViciDial user ID, if empty it defaults to accountcode(usually phone extension) or vicidial_live_agents user who launched the call
# ; 3. log this call in user_call_log (Y|N) default N
# ; 4. log this call in call_log (Y|N) default N, ONLY NEEDED FOR INBOUND AND INTERSYSTEM CALLS!!!
# ; 5. audio record this call (Y|N) default N
# ; 6. double-log this call in call_log (Y|N) default N, ONLY NEEDED FOR INBOUND CALLMENU FORWARDED CALLS!!!
# ; 7. play the recording ID of this call before recording starts
# ; 8. include the recording ID in the filename
# ; 9. search vicidial_list for phone number dialed (Y|N) default N, assumes 10 digit phone numbers
# ; 10. if 9 is Y, this is search method (ALLLISTS|PHONE) default ALLLISTS, search all lists, use phone setting, CURRENTLY DOES NOTHING
# ; 11. error out and end call if phone number is not found (Y|N) default N
# ; 12. run the phone entry's NVA Call URL (Y|N) default N
# ; 13. if 9 is Y, and phone number is not found, insert into phone's NVA List ID (Y|N) default N
# ; 14. if 13 is Y, override phone's NVA List ID with this list ID when lead is inserted
# ; 15. if 13 is Y, override phone's NVA Phone Code with this phone code when lead is inserted
# ; 16. if 13 is Y, override phone's NVA Status with this status when lead is inserted

Here as an example to give you an idea how it looks:
# ;custom dialplan entry example: (similar to the defaultlog Call Menu)
#exten => _X.,1,AGI(agi-NVA_recording.agi,BOTH------Y---N---Y---N---N---N)
#exten => _X.,n,Goto(default,${EXTEN},1)
#exten => _X.,n,Hangup

10) Why don’t calls to Canada show the caller ID? (They display those weird V435345874353457353 numbers)

It’s because Canadian telco’s accept any CID that is sent and Vicidial sends this UID first which is ignored by American telco’s and it was a hard solution for me to find, so here it is for you guys. It uses a dialplan that was given to me by The dialplan God – Striker24/7.

exten => _81NXXNXXXXXX,1,AGI(agi://127.0.0.1:4577/call_log)
exten => _81NXXNXXXXXX,n,NoOp(MY CALLERD !!!! ${CALLERID(all)})
exten => _81NXXNXXXXXX,n,Set(_CALLERID(num)=${CALLERID(num)})
exten => _81NXXNXXXXXX,n,Dial(IAX2/ASTloop/9${EXTEN:1},,tTo)
exten => _81NXXNXXXXXX,n,Hangup()

exten => _91NXXNXXXXXX,1,Set(CALLERID(num)=${CALLERID(num)})
exten => _91NXXNXXXXXX,n,Set(CALLERID(name)=${CALLERID(num)})
exten => _91NXXNXXXXXX,n,NoOp(MY CALLERD !!!! ${CALLERID(all)} ${CALLERID(num)} ${CALLERID(name)})
exten => _91NXXNXXXXXX,n,Dial(SIP/${EXTEN:1}@TILTX,,tTo)
exten => _91NXXNXXXXXX,n,Hangup()

Well thats it for today, hopefully these help someone.

-Chris aka carpenox

How to – Create an IVR for inbound calls

IVR

How to – Create an IVR for inbound calls

In this article I am going to over how to create an inbound call menu or IVR (Interactive Voice Response) for ViciDial which will help reduce your drop percent to help you legally within the 3% drop rate for the USA or 5% drop rate for Canada, by way of the FCC guidelines.

Step 1 – Create the call menu

Login to the admin GUI for ViciDial and click “inbound” then “add a new call menu” as shown below., then name your call menu. (For this example, I named it IVR)

add a new call menu
Add a new call menu

Step 2 – Setup your basic IVR options

Now we are going to setup the top portion on the call menu/IVR. Assuming you have already created your audio recording for your IVR and added it to the audio store, select that file at the “Menu Prompt” option. You can also fill out your timeout prompt, invalid prompt and other options as shown below:

IVR Options
IVR Options

Step 3 – Create your IVR options

Now we will select a few common IVR options to add to your call menu. For this example I have given options to 1) leave a voicemail message, 2) be transferred to a live agent, 3) Be added to the Do Not call list or #) to play the options again. See below:

IVR selections
IVR Selections

Step 4 – Route unanswered Inbound calls to IVR

The final step is to add this IVR/Call menu to your inbound calls when your agents aren’t available. For this you need to go to your inbound ingroup and change your “call time” and no agent queueing/after hours options to reflect the picture below:

Set the call menu for the inbound calls

This articles assumes you know how to already setup the other parts needed for this such as creating audio recordings, uploading them to the audio store and setting up inbound groups. If you have any questions feel free to visit our skype live chat. Hopefully this helps some of you that have been asking me about this.

-Chris aka carpenox

How to – Setup Email for ViciDial reports and voicemail

email vicidial

How to – Setup Email for ViciDial reports and voicemail

This article will go over how to setup your email configuration on your server in order to get reports from ViciDial or to receive voicemail to email notifications and recordings. Gmail recently changed the way their security is handled so some changes need to be made in order for your emails to go through. You can alter the config below for any email service you may use.

Step 1 – Edit your postfix config file

Ok so first you need to edit your postfix configuration by editing main.cf and adding a few lines to the bottom of it.

nano /etc/postfix/main.cf
### Now paste the following lines to the bottom: ###
relayhost = [smtp.gmail.com]:587
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = lmdb:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_sasl_mechanism_filter = plain
smtp_use_tls = yes

Step 2 – Create a Gmail APP Password

  1. Go to Gmail and log in to your account.
  2. Now, in the upper-right corner, click the Home Account icon. In the open wizard, click “Manage my Accounts.
  1. You will be redirected to Gmail Settings. In the left tab, click Security, and then click ‘2-step verification’ in the ‘Signing into Google’ section.Click on verification
  2. The 2-step verification window will appear on the screen, click ‘Get started.’2-step verification window
  3. In the next step, Google will ask you to use your phone as your second sign-in step. Click ‘Try it Now’ to move ahead. You will be asked to log in to Gmail again, and a notification will appear on your phone screen to confirm the sign-in, click Yes.Notification will appear on your phone screen to confirm the sign-in
  4. After giving access from your phone, Google will ask you to add a backup option, enter your phone number, and click Send.Add a backup option
  5. A code will be sent to your phone to confirm the login, enter the code in the opened window and click ‘Next.’A code will be sent to your phone

2-step verification has been enabled. Now, you can easily create an App Password to login to third-party apps.

Creating App Passwords

  1. To create the App Password after enabling 2-step verification, go to ‘Manage your Account’ from the home tab.
  2. Now, in managing accounts, click the Security tab in the left pane, and then scroll down to ‘Signing to Google.’
  3. Here, you’ll see the App Passwords option, click over it. You will be asked to sign in again to your Gmail account.Sign in to your Gmail account
  4. After signing in, select the type of app and device for which you want to generate an app password and click Generate.Select the type of app and device
  5. The App Password will be created; you can copy it to the clipboard, and click ‘Done.’App Password will be created

That’s how you can create App Password for your Gmail account. Now, you can use this Password to login to Gmail with your ViciDial server.

Step 3 – Edit your sasl_password file

Now you need to edit your sasl_password file as shown below:

nano /etc/postfix/sasl_passwd
### Alter the line below with your username and password ###
[smtp.gmail.com]:587 youremail@gmail.com:password

That’s all there is to it, now set your email account on your voicemail boxes or automated reports in ViciDial and you should be good to go.

I hope this helps.

-Chris aka carpenox

How to – Use CID groups

CID Groups

How to – Use CID groups

This article is going to go over the method to best setup CID groups and the different ways to configure each option available for them including statefill, statelookup and creating auto rotators. This will assume you know how to add DID’s to the system which is fairly easy. So the first thing you need to do is create the CID group as defined below:

Step 1 – Create CID group

Within the ViciDial admin gui go to the Admin section then to CID groups

CID groups
CID Groups

Once you are here, just click “Add a CID Group”:

Add a CID group

The first one we will create is for state lookup method, define “AREACODE” as the group type like shown below:

CID group - state lookup
CID group – State lookup

hit submit and you’ll see it looking like the below picture

CID Group added

Step 2 – Add the DID’s to the CID Group

Next, we will be using the admin utilities to add your DIDs to the CID Group. Go to the “Reports” page and scroll down to the bottom to click on “Admin utilities” then click on “Admin bulk Tools”

Click Admin Utilities

click Admin Bulk Tools

Now scroll down to “CID Groups and AC-CID Bulk Add” and add your DID’s, selecting “state lookup” will assign each number with its area code to the proper state its from, selecting “statefill” will automatically add every area code for each state you have a DID for with separate entries for each area code which is a really nice option to ensure local presence in some fashion even if you don’t own DID’s from every area code.

Add DID to the CID group

When you choose statefill youll see the same number submitted many times, this is normal

statefill
StateFill Option

After doing this you’ll notice it filled it every area code for this example I did it for Florida, and even though I only entered 5 area codes, it filled in these 5 numbers for every area code in Florida:

Area Code Statefill

Step 3 – Assign CID group to your campaign

Now you just have to assign the newly created CID group to the detail view of your campaign as shown below, make sure you set “Custom CallerID:” to Y

assign cid group to campaign
Assinging CID Group to campaign

Now I will show you how to create an auto rotating CID group which will rotate all the DID’s added to this group based on intervals you can choose. Complete step one again but choose “None” for the “CID Group Type” as shown below”

Auto Rotator - vicidial
Create CID Group for Auto Rotator

Once your hit submit, choose how often you want the DID’s to change, a good starting point is every 5 minutes or 35 calls as shown below:

auto rotator
Set intervals for auto rotator

Go back and complete step 2 again using the “state lookup” method and assign the CID Group to the campaign, now your DID’s will auto rotate, I hope you have enjoyed this tutorial and like always, if you have any questions, feel free to join our Live Support on Skype.

I hope this helps

-Chris aka carpenox

How to – Add conferences for add on servers to a cluster

vicidial conferences

How to – Add conferences for add on servers to a cluster

This article will show you how to add additional servers to your cluster and make sure all the conferences are also added. Its just a few simple steps needed to have it done for you.

Step 1 – Adding the second server(or 3rd, 4th, 5th, whatever)

There is a SQL script already created that does all the hard work for you, just follow the commands below:

mysql -A asterisk
\. /usr/src/astguiclient/trunk/extras/second_server_install.sql
vicidial conferences
This should be the output you see if done correctly

Step 2 – Updating the IP from 10.10.10.16 to your new server IP

For this part, there is a perl script that will update the conferences and vicidial conferences as well as the new server that was added to your GUI as “TESTast”. Just copy and paste the following line into your Linux CLI:

/usr/share/astguiclient/ADMIN_update_server_ip.pl --old-server_ip=10.10.10.16

Then make sure you add your IP to the third question it asks you as shown below:

vicidial conferences
Changing the server IP

Step 3 – Run the install.pl script

Now we need to run the install.pl script to connect the second server to DB server

cd /usr/src/astguiclient/trunk
perl install.pl

Make sure when you get to the DB server question you input your DB server IP(where the blue arrow is)

perl install.pl
Change DB server IP

Step 4 – Change the name of the server in the ViciDial GUI

Make sure to change the name of your server and update the Asterisk version and trunks

Change TESTast to your new server name
asterisk
Change your asterisk version and trunks

Thats all there is to it, you should now have your second server added to your cluster. IF you have any questions feel free to comment here or stop by our Skype Live support

How to – Setup a slave DB for a scratch installed ViciDial

Slave DB

How to – Setup a slave DB for a scratch installed ViciDial

This Article will go over how to setup a slave database server for your ViciDial cluster when using a scratch installed server bunch. For this particular example I have used Alma Linux 8.5 which installs Mysql 10.3.28, if you followed my scratch instructions. This process was a pain in the arse, but after much trial and error I was able to get it done and here is how I did it:

Step 1 – Edit the MySQL config file

Add these lines to /etc/my.cnf below [mysqld] on both the master and slave database:

log_bin=/var/lib/mysql/mysql-bin
relay_log=/var/lib/mysql/mysql-relay-bin
binlog_format=mixed
binlog_direct_non_transactional_updates=1
datadir = /srv/mysql/data
log-bin=mysql-bin
server-id       = 1
slave-skip-errors = 1032,1690,1062
replicate-ignore-db=mysql
replicate-do-db=asterisk
slave_parallel_threads=40
slave-parallel-mode=optimistic
slave_parallel_max_queued=5242880

Step 2 – Create the slave user on both servers

Go into MySQL and create the slave user and do this on both servers

CREATE USER 'slave'@'localhost' IDENTIFIED BY 'slave1234';
CREATE USER 'slave'@'%' IDENTIFIED BY 'slave1234';
GRANT SELECT, CREATE, INSERT, UPDATE, DELETE, ALTER, DROP, INDEX on asterisk.* TO slave@'%' IDENTIFIED BY 'slave1234';
GRANT SELECT, CREATE, INSERT, UPDATE, DELETE, ALTER, DROP, INDEX on asterisk.* TO slave@localhost IDENTIFIED BY 'slave1234';
grant replication slave on . to slave@'%' identified by 'slave1234';
grant replication slave on . to slave@'localhost' identified by 'slave1234';
flush privileges;
Create slave user on both the master and slave DB

Step 3 – Change some setting on the slave DB

Now we need to change some of the settings for the slave DB and add a couple more lines. Change the server-id to 2 instead of 1 in /etc/my.cnf and add the read_only=1 and report-host=whatever the slave DB host is

server-id=2
# read only yes
read_only=1
# define own hostname
report-host=slavedb.yourserver.com

Step 4 – Restart the MySQL services on both servers

Run the following command on both servers:

service mysql restart

Step 5 – Create the MySQL dump to send over to the slave DB from the master

We need to create the MySQL dump and send it over to the slave using the scp command like so:

mkdir /home/mariadb_backup
mariabackup --backup --target-dir /home/mariadb_backup -u root
Create MySQL dump file

Once thats done go ahead and zip up the files and send the file over by typing the following:

cd /home/mariadb_backup
zip -r mysqldump.zip *
scp mysqldump.zip 192.168.1.10:/root/

Why we are here, lets lock the MySQL tables on the master:

mysql
FLUSH TABLES WITH READ LOCK;
exit

Step 6 – Connect to Slave DB and extract the files and load it into the slave

ssh into your slave db server and change directory to /root then create the folder and extract the files like so:

cd /root
mkdir mariadb_backup
mv mysqldump.zip mariadb_backup/
cd mariadb_backup/
unzip mysqldump.zip
systemctl stop mariadb
rm -rf /var/lib/mysql/*

Now run the following commands that are BOLD to import the MySQL dump and set its position to match that of the master.

# run prepare task before restore task (OK if [completed OK])
[root@node01 ~]# mariabackup --prepare --target-dir /root/mariadb_backup
mariabackup based on MariaDB server 10.3.28-MariaDB Linux (x86_64)
mariabackup: cd to /root/mariadb_backup/
.....
.....
2019-11-29 19:38:20 0 [Note] InnoDB: Starting crash recovery from checkpoint LSN=1630833
Last binlog file , position 0
191129 19:38:21 completed OK!

# run restore
[root@node01 ~]# mariabackup --copy-back --target-dir /root/mariadb_backup
mariabackup based on MariaDB server 10.3.28-MariaDB Linux (x86_64)
191129 19:39:21 [01] Copying ibdata1 to /var/lib/mysql/ibdata1
191129 19:39:21 [01]        ...done
.....
.....
191129 19:39:21 [01] Copying ./xtrabackup_binlog_pos_innodb to /var/lib/mysql/xtrabackup_binlog_pos_innodb
191129 19:39:21 [01]        ...done
191129 19:39:21 completed OK!

[root@node01 ~]# chown -R mysql. /var/lib/mysql
[root@node01 ~]# systemctl start mariadb
# confirm [File] and [Position] value of master log
[root@node01 ~]# cat /root/mariadb_backup/xtrabackup_binlog_info
mysql-bin.000001        642     0-101-2

# set replication
[root@node01 ~]# mysql -u root -p
Enter password:
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 10
Server version: 10.3.28-MariaDB-log MariaDB Server

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> change master to 
    -> master_host='10.0.0.31',             # Master Host IP address
    -> master_user='repl_user',             # replication user
    -> master_password='password',          # replication user password
    -> master_log_file='mysql-bin.000001',  # [File] value confirmed above
    -> master_log_pos=642;              # [Position] value confirmed above
Query OK, 0 rows affected (0.58 sec)

# start replication
MariaDB [(none)]> start slave; 
Query OK, 0 rows affected (0.00 sec)

# show status
MariaDB [(none)]> show slave status\G 
*************************** 1. row ***************************
                Slave_IO_State: Waiting for master to send event
                   Master_Host: 10.0.0.31
                   Master_User: repl_user
                   Master_Port: 3306
                 Connect_Retry: 60
               Master_Log_File: mysql-bin.000001
           Read_Master_Log_Pos: 642
                Relay_Log_File: mariadb-relay-bin.000002
                 Relay_Log_Pos: 555
         Relay_Master_Log_File: mysql-bin.000001
              Slave_IO_Running: Yes
             Slave_SQL_Running: Yes
               Replicate_Do_DB:
           Replicate_Ignore_DB:
            Replicate_Do_Table:
        Replicate_Ignore_Table:
       Replicate_Wild_Do_Table:
   Replicate_Wild_Ignore_Table:
                    Last_Errno: 0
                    Last_Error:
                  Skip_Counter: 0
           Exec_Master_Log_Pos: 642
               Relay_Log_Space: 866
               Until_Condition: None
                Until_Log_File:
                 Until_Log_Pos: 0
            Master_SSL_Allowed: No
            Master_SSL_CA_File:
            Master_SSL_CA_Path:
               Master_SSL_Cert:
             Master_SSL_Cipher:
                Master_SSL_Key:
         Seconds_Behind_Master: 0
 Master_SSL_Verify_Server_Cert: No
                 Last_IO_Errno: 0
                 Last_IO_Error:
                Last_SQL_Errno: 0
                Last_SQL_Error:
   Replicate_Ignore_Server_Ids:
              Master_Server_Id: 101
                Master_SSL_Crl:
            Master_SSL_Crlpath:
                    Using_Gtid: No
                   Gtid_IO_Pos:
       Replicate_Do_Domain_Ids:
   Replicate_Ignore_Domain_Ids:
                 Parallel_Mode: conservative
                     SQL_Delay: 0
           SQL_Remaining_Delay: NULL
       Slave_SQL_Running_State: Slave has read all relay log; waiting for the slave I/O thread to update it
              Slave_DDL_Groups: 0
Slave_Non_Transactional_Groups: 0
    Slave_Transactional_Groups: 0
1 row in set (0.000 sec)

Step 7 – Unlock the Master DB

Now go back into the master DB and unlock the tables:

mysql
unlock tables;

Step 8 – Set the Slave DB in ViciDIal

Now you can set the slave server info in ViciDial by going into the admin GUI and going into system settings. Set the slave DB server IP and choose which reports you want to display from it.

Well, this has been quite the nightmare to get it done and hopefully I can save some of you some time with this article. If you have any problems feel free to join our Skype Live Support Channel and someone will be willing to help.

-Chris aka carpenox

How to – Setup an archive server

archive

How to – Setup an archive server

This article is going to go over how to “scratch” install an archive server on CentOS 8, Rocky Linux or Alma Linux. You can pretty much follow it for OpenSuSe as well but there would be some small variations for installing vsftpd.

Step 1 – Install and setup vsftpd

The first thing we have to do is install and properly configure vsftpd.

yum install vsftpd
nano /etc/vsftpd/vsftpd.conf
paste the following at the very bottom:

allow_writeable_chroot=YES
userlist_deny=NO
pasv_min_port=30000
pasv_max_port=31000
userlist_enable=YES
userlist_deny=NO
userlist_file=/etc/vsftpd/user_list
allow_writeable_chroot=YES
vsftpd config
vsftpd.conf config
nano /etc/vsftpd/user_list
(add "cronarchive" to the bottom)

useradd -m -d /home/archive/ cronarchive
passwd cronarchive 
(set the pw u want)

mkdir -p /home/archive
chmod -R 777 /home/archive

Step 2 – Set your archive server in install.pl script

Below is a settings example to put during the install.pl script which can be run by running the following commands. This has to be run on all asterisk servers:

cd /usr/src/astguiclient/trunk/
perl install.pl
archive setup
archive setup during install.pl script

Step 3 – Turning on the cronjob to send the recordings over to the archive server

Changing this cronjob has to be done on all asterisk servers. You have to remove the # in front of this line by typing “crontab -e” and scrolling until you find it:

2,5,8,11,14,17,20,23,26,29,32,35,38,41,44,47,50,53,56,59 * * * * /usr/share/astguiclient/AST_CRON_audio_3_ftp.pl --MP3 --run-check
crontab -e

Step 4 – Changing the Apache alias for the recordings

Last thing we need to do is change the alias for the recordings on the archive server as shown below:

nano /etc/httpd/conf.d/record.conf

Alias /RECORDINGS/ "/home/archive/"

<Directory "/home/archive">
    Options Indexes MultiViews
    AllowOverride None
    Order allow,deny
    Allow from all
    Require all granted
        <files *.mp3>
            Forcetype application/forcedownload
        </files>
</Directory>
Apache alias
Apache alias

Well, thats all there is to it, hopefully this will help some of you with improving your cluster setups and properly setting up an archive server.

-Chris aka carpenox

How to – Create a DNC call menu for people to remove themselves

DNC Call Menu

How to – Create a DNC call menu for people to remove themselves

This article will go over the process to create a call menu or IVR that allows people to remove themselves from the calling list by pressing a key. The FTC is cracking down on VoIP carriers to make sure their clients are using this feature and it will end up getting your VoIP routes shut down if you do not have this feature on your system.

DNC Call Menu
DNC Call Menu

Step 1 – Create a new Call Menu

Go to the admin GUI for ViciDial and click on inbound, then “Add a new call menu”

add a new call menu
Add a new call menu

Step 2 – Fill out the required fields as highlighted in the picture below

For this example we have used some of the built in sounds for ViciDial and piped them together ( | ) to create the voice prompt we want as well as the post message to be played after they opt out. This example only shows 1 option to be pressed, but it can be amplified even more by setting up other options such as leaving a voicemail, asking for a callback, routing to an operator or anything else you can pretty much do with the system.

Call Menu Options

Step 3 – Attach the call menu to you inbound group that your DID’s are routed through

You can get to your ingroup also through the inbound menu option in the admin GUI. Once your in your inbound group attached to your DIDs, go down to no agent queueing option and set it to Y, then set the route to call menu as shown below:

Inbound group for DIDs
Inbound Group for DID’s

That’s all there is to it, hopefully you guys head my advice and do this now before it happens to you via your carrier, cause trust me when I tell you, its coming. If you need additional help, feel free to stop by our live support on Skype by clicking here.

-Chris aka carpenox