Controlling teenagers phone use

I have adopted and foster teenagers at home and want to add to * support for controlling access by time and user.

Some have suggested using asterisk2billing but that is way overkill. Although I may go that way just because I don’t want to re-invent something that already exists. *2billing has ‘prepaid’ card numbers for all to use. It also has 8 digit numbers and that can get old at usage for the other adults (wife test) in the house.

So, is anyone experimenting with timing controls and / or user access controls based on a family or tiny business ?

with a2billing you can change the PIN code length. It’s not in the web UI, but in the text setup somewhere.

You could also dialplan script a bit to create something else that might work–

put all phones (that get access controlled) into a context (that can’t dial out). Have your phones set to hotline dial (something) when picked up- this can be done in zapata.conf for zap channels, and most IP phones and ATAs support it.

This exten when called GoTo()'s the s,1 priority in another context, which Background()'s a short instruction telling user to type in their code (say 4 digit). It then WaitExten()'s for about 30sec.

The only extensions in this new context are the security codes, which each ExecIfTime()-- if the time matches, they DISA with no password to a context that CAN dial out. If the time does not match it goes to an error message.

to script this out a bit–

[unprivelaged-phones] ; Put your phones in this context. Have them hotline dial 1234 if they can.
exten => 1234,1,Goto(s,1)

exten => s,1,Goto(access-control,s,1)

exten => 911,1,Dial(SIP/provider/${EXTEN}) ; can ALWAYS dial 911

exten => s,1,Background(instructions) ; tell user to enter code
exten => s,2,WaitExten(30) ; user has 30sec to enter code

exten => 911,1,Dial(SIP/provider/${EXTEN}) ; can ALWAYS dial 911

exten => 5555,1,ExecIfTime(9:00-17:00|mon-fri||?DISA,no-password,dial-out)
exten => 6666,1,ExecIfTime(9:00-17:00|mon-fri||?DISA,no-password,dial-out)

exten => _1NXXNXXXXXX,1,Dial(SIP/provider/${EXTEN})

; following two lines if your provider requires 11 digit numbers
exten => _NXXNXXXXXX,1,Goto(dial-out,1${EXTEN},1) ; 10 digit number, it adds 1 and sends back so above pattern is used.
exten => _NXXXXXX,1,Goto(dial-out,1YYY${EXTEN},1) ; same as above but replace YYY with your area code.

exten => 911,1,Dial(SIP/provider/${EXTEN}) ; can ALWAYS dial 911

The above code should work. Hope it helps!

This is real clever straight forward and also simple to do. I’ll be busy for a few evenings getting that idea incorporated into my *.conf files.

I think there is a way to log all calls into a log file, but I have not seen how to turn that on. If you know which reference (O’Reiley etc.), give reference and pg no. When I do get it to log incoming, outgoing, and internal calling traffic, how may I get the “name” of each security code recorded along with the normal log data ? i.e. you had 55555 & 66666 as codes. One could be “Tom” and other “Mary”. That way the log file could be read by others without anyone finding out others security access code (PIN code)

this is actually already done- it’s called CDR, Call Detail Record. Check /var/log/asterisk/cdr-csv/Master.csv.

Theoretically the codes above shouldn’t be recorded in the CDR I don’t think.

As far as something to attach for identifying a user, try account code-


or user field


You can also use a macro to make your life easy.


exten => s,1,Background(instructions) ; tell user to enter code
exten => s,2,WaitExten(30) ; user has 30sec to enter code

exten => 911,1,Dial(SIP/provider/${EXTEN}) ; can ALWAYS dial 911

exten => 5555,1,Set(CDR(userfield)=tom)
exten => 5555,2,ExecIfTime(9:00-17:00|mon-fri||?DISA,no-password,dial-out)

exten => 6666,1,Set(CDR(userfield)=fred)
exten => 6666,2,ExecIfTime(9:00-17:00|mon-fri||?DISA,no-password,dial-out)

thus first (priority 1) we set the account code to be something friendly, then (priority 2) we check to see if the time matches and if so it goes to DISA and lets them dial.

There are also a number of ways to make CDR easier to use, by storing it to mysql and/or giving it a web interface. check for a number of those.

hoep this helps!

Your code snippets really help me go a long ways. Now I need a week of 1/2 hours to get all the coding the way I want it to be.

When testing, how should the extension progress from when user picks up to dial something.

  1. hear dial tone
  2. dial something
  3. be prompted for PIN
  4. ring destination etc.

OR ----

  1. prompt for PIN ( no dial tone?)
  2. DISA throws dial tone to user
  3. user dials number
  4. destination is ringing, etc.

OR something different from above.

depends. If your phones can do hotline (dial something when taken off hook) it will work like this-
pick up phone (which autodials 1234 and is goto’d to access-control,s,1
hear message asking for pin (access-control,s,1)
type in PIN (goes to that exten in access-control, user can also dial 911)
if pin and time matches, gets dialtone (DISA) and can dial out

if your phones dont have hotline it will work like this
pick up phone and get dialtone (can only dial 1234 or 911)
user dials 1234 (and gets the above process)

I have Sipura ATAs and suspect I can’t do hotline… But I really don’t want to either. Here is what I came up with after reading up on the commands and finding more to suit me better.
Here is how user sees it: She picks up phone and hears dial tone. Dials phone no. THEN hears prompt for PIN to be entered. After entering, number originally dialed will dial, ring, and continue. The disa wasn’t quite what I wanted. I use FIGERO to store the EXTEN no until needed.

I looked into the CDR file. /var/log/asterisk/cdr-csv/Master.csv and found the accountcode was UNused. It was all " " throughout the csv file.

Now all I need to get done is fix the timeclock. It reads out UTC time in England. I am in Eastern zone and find +5 or +4 hours messy and would rather all the math done by computer. I prefer the times in the gotoif statements ought to be the local Eastern time clock.

In the sip.conf file I have:
blabla=dododo etc. and so on
context=access-control ; formally default

exten => _X.,1,Set(FIGERO=${EXTEN})
;exten => _X.,2,GoTo(s,1)
exten => _X.,n,Background(custom/pls-ntr-your-pin) ; instructions - tell user to enter code
exten => _X.,n,WaitExten(30) ; user has 30sec to enter code

;exten => s,7,Set(EXTEN=${FIGERO})
;exten => s,8,GoTo(default,${FIGERO},1)

exten => 911,1,Dial(SIP/PSTN/${EXTEN}) ; can ALWAYS dial 911

exten => 5555,1,Set(CDR(accountcode)=karen)
;exten => 5555,n,Saydigits(${FIGERO})
exten => 5555,n,GoToIfTime(1:00-13:50|sun,sat||?default,${FIGERO},1)
exten => 5555,n,GoToIfTime(1:00-13:50|mon-fri||?default,${FIGERO},1)
exten => 5555,n,GoToIfTime(10:00-23:50||nov|7?default,${FIGERO},1)
exten => 5555,n,GoToIfTime(23:00-8:00|
exten => 5555,n,Playback(custom/bedtime)
exten => 5555,n,Hangup()

exten => 5555,10,Playback(custom/nottime)
exten => 5555,n,Hangup()
exten => 6666,1,Set(CDR(accountcode)=tony)
;exten => 6666,2,ExecIfTime(9:00-17:00|sun-sat||?DISA,no-password,default)
exten => 6666,n,GoToIfTime(1:00-13:50|sun,sat||?default,${FIGERO},1)
exten => 6666,n,GoToIfTime(1:00-13:50|mon-fri||?default,${FIGERO},1)
exten => 6666,n,GoToIfTime(10:00-23:50||nov|7?default,${FIGERO},1)
exten => 6666,n,GoToIfTime(23:00-8:00|
exten => 6666,n,Playback(custom/bedtime)
exten => 6666,n,Hangup()

exten => 6666,10,Playback(custom/nottime)
exten => 6666,n,Hangup()
exten => 1024,1,Set(CDR(accountcode)=popa)
exten => 1024,n,GoToIfTime(|||?default,${FIGERO},1)
exten => 1024,n,Hangup()
exten => 5683,1,Set(CDR(accountcode)=moma)
exten => 5683,n,GoToIfTime(|||?default,${FIGERO},1)
exten => 5683,n,Hangup()

that looks pretty good… you could also do it that way so you can always call internally (between phones in the house) w/out a code… just put the internal extens in a context and include it in the one below.

to set the local time zone do system-config-clock at the linux prompt (for redhat derivative systems eg centos fedora etc). that sets your time zone. Then set the correct system time in your computer’s bios or use ntpdate…