homepage Welcome to WebmasterWorld Guest from 54.242.140.11
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Pubcon Platinum Sponsor 2014
Home / Forums Index / Hardware and OS Related Technologies / Linux, Unix, and *nix like Operating Systems
Forum Library, Charter, Moderators: bakedjake

Linux, Unix, and *nix like Operating Systems Forum

    
Asterisk, FreeBSD, pf - Build a home wireless router, firewall, and PBX in 60 minutes
bakedjake

WebmasterWorld Administrator bakedjake us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 3863250 posted 6:07 am on Mar 5, 2009 (gmt 0)

So, interesting project this weekend:

FreeBSD 7.1-RELEASE #0: Sat Feb 28 18:07:07 EST 2009
root@bouncer:/usr/obj/usr/src/sys/BOUNCER
pf (I love pf....)
Asterisk

Old computer lying around with a an ethernet port built into it. I think it's an old HP P4 machine. Got a quad ethernet card on the cheap. Decided that Vonage @ $45/mo. isn't really cheaper than a landline, so I'm convinced I want to play with something else.

Needed to buy a wireless card compatible with FreeBSD, which means Atheros. Picked up a cheap-ish Cisco Aironet. If you've never used Cisco (not linksys, real cisco) wireless products, they're a joy. They'll probably kill you with the RF, but they're great.

Pop everything in.

em0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
em1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
em2: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
em3: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
bge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
ath0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 2290

OK, time to turn this thing into a wireless router

ifconfig create bridge0

My rc.conf:


### Uncomment for workstation mode
# ifconfig_ath0="WPA DHCP"

### Server mode - bring up wireless as AP and bridge ethernet
ifconfig_bge0="DHCP up"
ifconfig_ath0="up ssid wxnet mediaopt hostap mtu 1500"
ifconfig_em0="up"
ifconfig_em1="up"
ifconfig_em2="up"
ifconfig_em3="up"
cloned_interfaces="bridge0"
ifconfig_bridge0="inet 10.10.10.1 netmask 255.255.255.0 addm ath0 addm em0 addm em1 addm em2 addm em3 up"
pf_enable="YES"
pflog_enable="YES"
gateway_enable="YES"

hostname="bouncer"
hostapd_enable="YES"
dhcpd_enable="YES"
dhcpd_ifaces="bridge0"
inetd_enable="YES"
asterisk_enable="YES"

svscan_enable="YES"
sshd_enable="YES"
ftpproxy_enable="YES"

Configure PF... some simple rules:


### options, normalization, queueing, translation, filtering

### new pf.conf
###

#### define macros

tcp_services = "{ 22, 5060 }" # ssh and sip
udp_services = "{ 5060, 4569, 5036, 9999 >< 20001, 2727 }" # asterisk ports for udp
int_if = "bridge0" # our internal interface
ext_if = "bge0" # our external interface
localnet = $int_if:network # localnet definition
icmp_types = "{ echoreq, unreach }" # define icmp types to let through
martians = "{ 127.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8, 169.254.0.0/16, 192.0.2.0/24, 0.0.0.0/8, 240.0.0.0/4 }"

#### normalization

scrub in # reasemble fragmented packets

#### translation: nat
#### NOTE: FreeBSD's default forwarding behavior seems to be NAT
#### This is therefore not necessary.
#
#
# nat on $ext_if from $localnet to any -> ($ext_if) # (DEFAULT, NOT NECESSARY) nat from internal to external network

# default: block all traffic

block all # block all traffic by default

#### antispoof and block non-routables

antispoof quick for $ext_if # antispoof on external interface
antispoof for $int_if # antispoof on internal interface - can't be quick b/c of bridge
block drop in quick on $ext_if from $martians to any # block inbound traffic from non-routables
block drop out quick on $ext_if from any to $martians # block outbound traffic destined to non-routables

#### filtering rules

pass out all # assume localhost is trusted, pass OUT all traffic
pass inet from { lo0, $localnet } to any # fwd traffic from localnets to anywhere
pass in on $ext_if inet proto tcp from any to ($ext_if) port $tcp_services # allow defined tcp services to the machine
pass in on $ext_if inet proto udp from any to ($ext_if) port $udp_services # allow defined udp services to the machine
pass in on $ext_if inet proto icmp all icmp-type $icmp_types # allow icmp ping requests and path mtu discovery

Cool. Functional wireless router + firewall built. Install isc-dhcpd from ports. We have some IP phones unused lying around work. I grabbed a Mitel 5330, put it into IP mode, and made some changes to the DHCP config for scope options. Plug the phone in, boot into SIP mode, and it gets an IP address. Nice.

Next, go to ports, install asterisk.

Basic config:

extensions.conf

[phones]
exten => _X.,1.NoOp()
exten => _X.,n,Dial(SIP/1000)

exten => 700,1,VoiceMailMain()

[outgoing]
exten => _X.,Dial(SIP/peer/${EXTEN})

sip.conf

[general]
port=5600 ; port to listen to
bindaddr=0.0.0.0 ; address to bind to, 0.0.0.0 is all
disallow=all
allow=ulaw

register => username:password@sip.peer.com

[peer]
type=friend
host=sip.peer.com
dtmfmode=rfc2833
insecure=invite,port
disallow=all
allow=ulaw
context=phones
nat=yes

[1000]
type=friend
context=phones
host=dynamic
secret=mitel1000

voicemail.conf

[general]
format=wav
serveremail=voicemail@localhost
attach=yes
fromstring=Voicemail
emailsubject=New Voicemail message ${VM_MSGNUM}
emailbody=A ${VM_DUR} long message from ${VM_CALLERID}, on ${VM_DATE}\n
emaildateformat=%A, %d %B %Y at %H:%M:%S

[default]
1000 => 1000,Jake,jake@example.com

Went to a website, signed up for a DID (direct inward dialing) number from a provider, and I had a number ringing to the phone on my desk in less than 5 minutes.

So for not a lot of money, and not too much time, I built a fully functional PBX in my house over the weekend. Just for good measure I wrapped it up all nicely into one box and threw out my wrt54g.

I am addicted! I remember discussing this stuff at a blues bar in London with trillianjedi [webmasterworld.com] about 3 years ago, but I didn't *get* it. I get it now!

Asterisk is EXTREMELY powerful. I can script actions. I can create different dialplans for different users of the system. A business number is different from a home number, and a "family" number rings all the phones in the house. The telemarketers can be exterminated with Zapateller(). Free!

Even more amazing? The potential this PBX holds for e-commerce. One of our projects involves a pretty big call center. The scripting capability of this system is ridiculously powerful. Order tracking tied with issue tracking. Real-time queuing management and reporting. Sales data tied directly to the same customer database we use for the rest of our operations.... the possibilities are limitless.

Even better, it's a fun weekend project. Try it. :) My scripts are obfuscated in obvious places, but this should get you up and running in about an hour. The DID provider I'm paying is $1.99/mo for the number and around a penny a minute.... looking at my last 6 Vonage bills for usage, my new provider will work out to about $8 a month.

 

coopster

WebmasterWorld Administrator coopster us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 3863250 posted 3:00 pm on Mar 5, 2009 (gmt 0)

Asterisk? Or AsteriskNOW?
I pulled the data sheet to look at the differences at a glance, and I honestly did not spend much time here ... but that is why I am going to ask you ;-)

What is the main difference here and why did you choose the option you did?

bakedjake

WebmasterWorld Administrator bakedjake us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 3863250 posted 4:31 pm on Mar 5, 2009 (gmt 0)

AsteriskNOW is an "appliance", that is a Linux distribution with asterisk pre-configured all rolled into one.

I prefer FreeBSD on network boxen for a few reasons, so NOW wasn't appropriate for my needs.

There are lots of GUI options for Asterisk; it seems like trixbox is the most popular. AsteriskGUI is another one (it seems the one used in NOW).

It's all the same underlying software. :) I do like my text config files though. The less network services I have to run (all of those GUIs are web based), the better.

skipfactor

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 3863250 posted 5:40 pm on Mar 5, 2009 (gmt 0)

>>but I didn't *get* it. I get it now! Asterisk is EXTREMELY powerful

Once you *get it*, it's like, ahh, wow, I've been paying the phoneco $5.99/month for a single option that's a single line of code for me. :)

Since installing an Asterisk box at the house, our telemarketing calls have dropped to ZERO.

I got one of those Everex $199 Wal Mart machines, a Digium TDM-400 (up to 4 RJ-11 ports) w/ 1 FXS module for our single incoming analog line, 1 FXO for the fax, 1 FXO for the wife, and 1 FXO for me. Obviously the card isn't mandatory, but the family still likes to use plain old fax machines & cordless phones.

Started w/ AsteriskNOW but was way too buggy and have moved on to Druid OS--the web-based user portal is great for the wife. Use VoicePulse and Broadvoice as providers and have been satisfied so far, though we're not heavy users.

An ultra-configurable VOIP/analog answering service, fax switcher, voicemail-to-email, etc. The possibilities are generally limited to how much time you have to spend on this 'home project'. I will be going straight Asterisk at our office one day (rock-solid Asterisk Appliance right now) and your post has definitely helped (slow on Linux), thanks.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Hardware and OS Related Technologies / Linux, Unix, and *nix like Operating Systems
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved