My own fail to ban script for asterisk

This is script /usr/local/sbin/block_sip_ip.sh. It has some options, but i doubt if you really need all of them
you can just add it to your crontab:

*/3 * * * * /usr/local/sbin/block_sip_ip.sh -n 1000

where
-n 1000 - amount of las lines of asterisk log to parse. You need to adjust that part accordingly of intensity  of your calls. by default its only 200 lines.

-q - how many attempts allowed before IP will be banned. 3 by default

#!/bin/bash
# checking, is someone is getting "wrong password" in last 200 lines of asterisk log:
DEBUG=0
# email to notify about banned IPs
ADMIN_EMAIL="admin@domain.com"

# our internal network. First part only
LOCAL_NET="10.0.0"


# our own external IP:
OWNIP1="111.221.211.111"
LINES=200
INFO="Use: $0 -l /PATH/TO/LOG -q ATTEMPTS -n LINES"
while getopts ":dl:q:n:" optname
    do
      case "$optname" in
        "d")
             DEBUG=1
             echo "debugging is on"
          ;;
        "n")
             LINES=$OPTARG
          ;;
        "l")
             LOG_FILE=$OPTARG
          ;;
        "q")
            ATTEMPTS=$OPTARG
          ;;
        "?")
          echo "Unknown option $OPTARG"
                  echo $INFO
                  exit 0
          ;;
        ":")
          echo "No argument value for option $OPTARG"
                  echo $INFO
                  exit 0
          ;;
        *)
      echo "Unknown error while processing options"
          exit 0
          ;;
      esac
    done
if [ -z "$LOG_FILE" ]
then
  LOG_FILE="/var/log/sip_hackers_ips"
fi

[ "$DEBUG" -eq 1 ] &&  echo "logfile : $LOG_FILE"
[ "$DEBUG" -eq 1 ] &&  echo "lines : $LINES"

if [ -z "$ATTEMPTS" ]
then
    ATTEMPTS=2
fi

[ "$DEBUG" -eq 1 ] &&  echo "failed ext. allowed : $ATTEMPTS"

for i in `tail -$LINES /var/log/asterisk/full | grep -v $LOCAL_NET | grep -E '(Wrong password| failed for )' | grep -Eo '(([0-9]{1,3}\.){3}[0-9]{1,3})' | sort | uniq | grep -v "$OWNIP1"`
do
    # checking amount of attempted extensions
    EXT_CNT=$(tail -$LINES /var/log/asterisk/full | grep -oc "$i")
    # if its geater than 3, block it!!
    if [ "$EXT_CNT" -gt "$ATTEMPTS" ];
    then
       IPTABLES_CNT=$(/sbin/iptables -nvL | grep -c $i);
       if [ "$IPTABLES_CNT" -eq 0 ]; 
       then
            [ "$DEBUG" -eq 1 ] && echo "To BLOCK: $i";
            echo -n "[`date`]">> $LOG_FILE
            echo $i >> $LOG_FILE
            /sbin/iptables -I INPUT -s $i -j DROP
            /sbin/iptables -A OUTPUT -d $i -j DROP
            [ "$DEBUG" -eq 1 ] && echo "IP $i has been blocked"
            echo "VPBX: $i has been blocked" | mail -s "VPBX: $i has been blocked" $ADMIN_EMAIL
         fi
      fi
done

freepbx moving all .conf.old files back to original

Hi, all

Once by mistake I recompiled all .conf files from asterisk source, and some freepbx files were moved into <FILE>.conf.old. So this is the script to change it back :
mv <FILE>.conf to <FILE>.conf_orig
mv <FILE>.conf.old mv <FILE>.conf
just go to /etc/asterisk
and run:

for i in `ls | grep "\.old$"`;do echo "${i%.old} will be saved as ${i%.old}_orig"; mv ${i%.old} ${i%.old}_orig; echo " moving $i to ${i%.old}" ; mv $i ${i%.old};done

How to merge wav files in linux for asterisk IVR

For example, for lazy admins, its possible to combine some asterisk system sounds into IVR. This is how to merge them and insert a pause. And on the end - sending to specified email for checking:

# Making first part. After it we need a pause:
wavmerge good-morning.wav thank-you-for-calling.wav

# Renaming from default
mv -f merge.wav merge1.wav

# Inserting pause in 1 second:
sox merge1.wav "|sox our-business-hours.wav -p pad 1" merge2.wav


# Adding more files
wavmerge merge2.wav 9.wav hours.wav 12.wav hours.wav 13.wav hours.wav 18.wav hours.wav and.wav day-1.wav day-5.wav

# Renaming from default
mv -f merge.wav merge3.wav


# Inserting pause in 1 second:
sox merge3.wav "|sox this-call-may-be-monitored-or-recorded.wav -p pad 1" merge1_4.wav

# Sending by email:
echo "This is latest recording" | mutt -a "merge1_4.wav" -s "new recordimg out" -- youremail@gmail.com

cbpolicy email notifier

I come up with a script, that parses maillog and sends email notification to specified admin's email. take a look:

#!/bin/bash
# Usage:
# cbpolicy_notifier <LINES TO PARSE> <MAIL TO>

LINES=$1
MAIL_TO=$2

if [ -z "$2" ] || [ ! -z "$3" ];then
    echo ""
    echo "ERROR: $0 requires number munber of lines to parse and valid email to notify you"
    echo ""
    echo "Usage: $0 <LINES TO PARSE> <MAIL TO>"
    echo ""
    exit
fi

EMAILMESSAGE="/tmp/cbpolicy_notifier_`date +%Y-%m-%d_%H-%M`.txt"
HOST_NAME=$(hostname)
MAIL_FROM=postmaster@$HOST_NAME

for i in `tail -$LINES /var/log/maillog  | grep cbpolicy | grep reject | grep -v "from=root@" | grep "track=Sender" | grep -oP '(?<=from=).*?(?=,)' | uniq`;
do
        echo $i
        V_EMAIL=$i
        MSG_SUBJECT_ADMIN="$HOST_NAME::Outbound email quota was exceeded for $V_EMAIL"
        MSG_SUBJECT_USER="WARNING::Your outbound email hourly quota was exceeded"
        echo "We have encountered outbound email overlimiting for $V_EMAIL" > $EMAILMESSAGE
        echo "" >> $EMAILMESSAGE
        LOG_SAMPLE=$(tail -$LINES /var/log/maillog  | grep cbpolicy | grep reject | grep -v "from=root@" | grep $V_EMAIL )
        echo "This is the log sample" >> $EMAILMESSAGE
        echo "" >> $EMAILMESSAGE
        echo "$LOG_SAMPLE" >> $EMAILMESSAGE
        /bin/mailx -r "$MAIL_FROM" -s "$MSG_SUBJECT_ADMIN" "$MAIL_TO" < $EMAILMESSAGE

        echo "Dear customer." > $EMAILMESSAGE
        echo "" >> $EMAILMESSAGE
        echo "Your hourly outbound email quota was overlimited. Please reduce amount of emails you are sending out." >> $EMAILMESSAGE
        /bin/mailx -r "$MAIL_FROM" -s "$MSG_SUBJECT_USER" "$V_EMAIL" < $EMAILMESSAGE
done

add this to cron, just specify num of lines to parse and email. Like this:

*/15 * * * * /usr/local/sbin/cbpolicy_notifier 500 support@example.com

monitor HDD script via hpacucli

I have written some useful script to monitor HDD on HP server via hpacucli and send email notification

[root@hp-proliant]# cat /usr/local/sbin/hpacucli_mon
#!/bin/bash
# Usage:
# hpacucli_mon <NUM OF ARRAYS> <NUM OF PHISYCAL DISKS> <MAIL TO>
HP_SLOT=`/usr/sbin/hpacucli ctrl all show status | grep -o -P 'Slot.{0,2}'| awk -F" " '{print $2}'`
if [ "$3" = "" ] || [ "$4" != "" ];then
    echo ""
    echo "ERROR: hpacucli_mon requires number of arrays, disks and valid email"
    echo ""
    echo "Usage: hpacucli_mon <NUM OF ARRAYS> <NUM OF PHISYCAL DISKS> <MAIL TO>"
    echo ""
    echo "To find amount of arrays and disks you do have run:"
    echo "/usr/sbin/hpacucli ctrl slot=$HP_SLOT ld all show status"
    echo "and"
    echo "/usr/sbin/hpacucli ctrl slot=$HP_SLOT pd all show status"
    exit
fi
EMAILMESSAGE="/tmp/hpacucli_message.txt"
LOCAL_IP=`/sbin/ifconfig   eth0 | grep -Eo '(([0-9]{1,3}\.){3}[0-9]{1,3})' | grep -v ".255"`
MSG_SUBJECT="Smart HP array failure at $LOCAL_IP"
OK_ARRAY_CNT=`/usr/sbin/hpacucli ctrl slot=$HP_SLOT ld all show status | grep -o "OK" | wc -l`
OK_DISKS_CNT=`/usr/sbin/hpacucli ctrl slot=$HP_SLOT pd all show status | grep -o "OK" | wc -l`
if [ "$OK_ARRAY_CNT" -ne $1 ] || [ "$OK_DISKS_CNT" -ne $2 ]; then
    echo "We have encountered a problem at $LOCAL_IP" > $EMAILMESSAGE
    echo "Take look at this: " >> $EMAILMESSAGE
    /usr/sbin/hpacucli ctrl slot=$HP_SLOT ld all show status >> $EMAILMESSAGE
    /usr/sbin/hpacucli ctrl slot=$HP_SLOT pd all show status >> $EMAILMESSAGE
    echo "===============================================" >> $EMAILMESSAGE
    echo "INFORMATION PROVIDED BY SMARTCTL:"  >> $EMAILMESSAGE
    echo "" >> $EMAILMESSAGE
    for (( i=0; i<$2; i++ ))
    do
        /usr/sbin/smartctl -a -d cciss,$i /dev/cciss/c0d0 | grep -E '(Serial|Health)' >> $EMAILMESSAGE
        echo "" >> $EMAILMESSAGE
    done
    mail -s "$MSG_SUBJECT" "$3" < $EMAILMESSAGE
fi

To use this, just add to crontab:

00 */1 * * * /usr/local/sbin/hpacucli_mon <NUM OF LOGICAL HDD> <NUM OF PHYSICAL HDD> <YOUR@EMAIL> 

To find amount of disks, run

export HP_SLOT=$(/usr/sbin/hpacucli ctrl all show status | grep -o -P 'Slot.{0,2}'| awk -F" " '{print $2}') && /usr/sbin/hpacucli ctrl slot=$HP_SLOT ld all show status && /usr/sbin/hpacucli ctrl slot=$HP_SLOT pd all show status

Then count them

howto debug SIP and RTP

Low level debug:
tcpdump -A host 188.232.87.xxx

High level debug:
asterisk -r
CLI> sip set debug ip 188.232.87.xxx

RTP debug:
tcpdump -n dst portrange 10000-20000