Hi!
I have a big problem with asterisk. Some days ago i have installed asterisk on my vps ( fortunately without any exit trunk). Today, when i open the log i see something that i don’t understand:
[Aug 10 12:55:20] VERBOSE[17544] loader.c: pbx_config.so => (Text Extension Configuration)
[Aug 10 12:55:20] VERBOSE[17544] pbx.c: == Registered application 'Exec'
[Aug 10 12:55:20] VERBOSE[17544] pbx.c: == Registered application 'TryExec'
[Aug 10 12:55:20] VERBOSE[17544] pbx.c: == Registered application 'ExecIf'
[Aug 10 12:55:20] VERBOSE[17544] loader.c: app_exec.so => (Executes dialplan applications)
[Aug 10 12:55:20] VERBOSE[17544] config.c: == Parsing '/etc/asterisk/cli_permissions.conf': [Aug 10 12:55:20] VERBOSE[17544] config.c: == Found
[Aug 10 12:55:20] VERBOSE[17544] asterisk.c: Asterisk Ready.
[Aug 10 12:55:20] VERBOSE[17544] config.c: == Parsing '/etc/asterisk/cli.conf': [Aug 10 12:55:20] VERBOSE[17544] config.c: == Found
[Aug 10 12:55:21] VERBOSE[17559] asterisk.c: -- Remote UNIX connection disconnected
[Aug 10 12:56:50] VERBOSE[17576] netsock.c: == Using SIP RTP CoS mark 5
[Aug 10 12:56:50] VERBOSE[17962] pbx.c: -- Executing [00972592113512@default:1] Answer("SIP/VPS_IP-00000000", "") in new stack
[Aug 10 12:56:50] VERBOSE[17962] pbx.c: == Spawn extension (default, 00972592113512, 1) exited non-zero on 'SIP/VPS_IP-00000000'
[Aug 10 12:56:50] VERBOSE[17962] pbx.c: -- Executing [h@default:1] Answer("SIP/VPS_IP-00000000", "") in new stack
[Aug 10 12:56:50] VERBOSE[17962] pbx.c: == Spawn extension (default, h, 1) exited non-zero on 'SIP/VPS_IP-00000000'
[Aug 10 12:56:50] VERBOSE[17576] netsock.c: == Using SIP RTP CoS mark 5
[Aug 10 12:56:50] VERBOSE[17963] pbx.c: -- Executing [000972592113512@default:1] Answer("SIP/VPS_IP-00000001", "") in new stack
[Aug 10 12:56:51] VERBOSE[17963] pbx.c: == Spawn extension (default, 000972592113512, 1) exited non-zero on 'SIP/VPS_IP-00000001'
[Aug 10 12:56:51] VERBOSE[17963] pbx.c: -- Executing [h@default:1] Answer("SIP/VPS_IP-00000001", "") in new stack
[Aug 10 12:56:51] VERBOSE[17963] pbx.c: == Spawn extension (default, h, 1) exited non-zero on 'SIP/VPS_IP-00000001'
[Aug 10 12:56:51] VERBOSE[17576] netsock.c: == Using SIP RTP CoS mark 5
[Aug 10 12:56:51] VERBOSE[17992] pbx.c: -- Executing [900972592113512@default:1] Answer("SIP/VPS_IP-00000002", "") in new stack
[Aug 10 12:56:52] VERBOSE[17992] pbx.c: == Spawn extension (default, 900972592113512, 1) exited non-zero on 'SIP/VPS_IP-00000002'
[Aug 10 12:56:52] VERBOSE[17992] pbx.c: -- Executing [h@default:1] Answer("SIP/VPS_IP-00000002", "") in new stack
[Aug 10 12:56:52] VERBOSE[17992] pbx.c: == Spawn extension (default, h, 1) exited non-zero on 'SIP/VPS_IP-00000002'
[Aug 10 12:56:53] VERBOSE[17576] netsock.c: == Using SIP RTP CoS mark 5
[Aug 10 12:56:53] VERBOSE[17994] pbx.c: -- Executing [700972592113512@default:1] Answer("SIP/VPS_IP-00000003", "") in new stack
[Aug 10 12:56:53] VERBOSE[17994] pbx.c: == Spawn extension (default, 700972592113512, 1) exited non-zero on 'SIP/VPS_IP-00000003'
[Aug 10 12:56:53] VERBOSE[17994] pbx.c: -- Executing [h@default:1] Answer("SIP/VPS_IP-00000003", "") in new stack
[Aug 10 12:56:53] VERBOSE[17994] pbx.c: == Spawn extension (default, h, 1) exited non-zero on 'SIP/VPS_IP-00000003'
I have no peers or friends in my sip.conf. I don’t know how but someone make call through my asterisk.
Asterisk version is :
vps*CLI> core show version
Asterisk 1.6.2.9-2+squeeze10 built by pbuilder @ sweetmorn on a x86_64 running Linux on 2013-01-14 18:32:21 UTC
Also i don’t understand why the source channel is SIP/VPS_IP when VPS_IP is the public ip address of the server
sip.conf
[general]
context=default ; Default context for incoming calls
; 'username' field from the authentication line
; instead of the From: field.
allowoverlap=no ; Disable overlap dialing support. (Default is yes)
; Default is enabled. The Dial() options 't' and 'T' are not
; related as to whether SIP transfers are allowed or not.
; defaults to "asterisk". If you set a system name in
; asterisk.conf, it defaults to that system name
; Realms MUST be globally unique according to RFC 3261
; Set this to your host name or domain name
udpbindaddr=0.0.0.0 ; IP address to bind UDP listen socket to (0.0.0.0 binds to all)
; Optionally add a port number, 192.168.1.1:5062 (default is port 5060)
tcpenable=no ; Enable server for incoming TCP connections (default is no)
tcpbindaddr=0.0.0.0 ; IP address for TCP server to bind to (0.0.0.0 binds to all interfaces)
; Optionally add a port number, 192.168.1.1:5062 (default is port 5060)
; Optionally add a port number, 192.168.1.1:5063 (default is port 5061)
; Remember that the IP address must match the common name (hostname) in the
; certificate, so you don't want to bind a TLS socket to multiple IP addresses.
; For details how to construct a certificate for SIP see
; http://tools.ietf.org/html/draft-ietf-sip-domain-certs
; default is to look for "asterisk.pem" in current directory
; of seconds a client has to authenticate. If
; the client does not authenticate beofre this
; timeout expires, the client will be
; disconnected. (default: 30 seconds)
; unauthenticated sessions that will be allowed
; to connect at any given time. (default: 100)
srvlookup=yes ; Enable DNS SRV lookups on outbound calls
; Note: Asterisk only uses the first host
; in SRV records
; Disabling DNS SRV lookups disables the
; ability to place SIP calls based on domain
; names to some other SIP users on the Internet
; Specifying a port in a SIP peer definition or
; when dialing outbound calls will supress SRV
; lookups for that peer or call.
; international character conversions in URIs
; and multiline formatted headers for strict
; SIP compatibility (defaults to "no")
; and subscriptions (seconds)
; host to be up in seconds
; Set to low value if you use low timeout for
; NAT of UDP sessions
; fully. Enable this option to not get error messages
; when sending MWI to phones with this bug.
; Message-Account in the MWI notify message
; defaults to "asterisk"
; This may also be set for individual users/peers
; Parkinglots are configured in features.conf
; This may also be set for individual users/peers
; the call is in ringing or progress state. The SIP
; channel will then send 183 indicating early media
; which will be empty - thus users get no ring signal.
; Setting this to "no" will stop any media before we have
; call progress. Default is "yes".
; use 'never' to never use in-band signalling, even in cases
; where some buggy devices might not render it
; Valid values: yes, no, never Default: never
; The default user agent string also contains the Asterisk
; version. If you don't want to expose this, change the
; useragent string.
; Like the useragent parameter, the default user agent string
; also contains the Asterisk version.
; This field MUST NOT contain spaces
; Note that promiscredir when redirects are made to the
; local system will cause loops since Asterisk is incapable
; of performing a "hairpin" call.
; a valid phone number
; Other options:
; info : SIP INFO messages (application/dtmf-relay)
; shortinfo : SIP INFO messages (application/dtmf)
; inband : Inband audio (requires 64 kbit codec -alaw, ulaw)
; auto : Use rfc2833 if offered, inband otherwise
; on in this section to get any video support at all.
; You can turn it off on a per peer basis if the general
; video support is enabled, but you can't enable it for
; one peer only without enabling in the general section.
; If you set videosupport to "always", then RTP ports will
; always be set up for video, even on clients that don't
; support it. This assists callfile-derived calls and
; certain transferred calls to use always use video when
; available. [yes|NO|always]
; Videosupport and maxcallbitrate is settable
; for peers and users as well
; performs events (e.g. hold)
; authenticate with Asterisk. Peerstatus will be "rejected".
; for any reason, always reject with an identical response
; equivalent to valid username and invalid password/hash
; instead of letting the requester know whether there was
; a matching user or peer for their request. This reduces
; the ability of an attacker to scan for valid SIP usernames.
; order instead of RFC3551 packing order (this is required
; for Sipura and Grandstream ATAs, among others). This is
; contrary to the RFC3551 specification, the peer _should_
; be negotiating AAL2-G726-32 instead :-(
; your localnet setting. Unless you have some sort of strange network
; setup you will not need to enable this.
; as any IP address used for staticly defined
; hosts. This helps avoid the configuration
; error of allowing your users to register at
; the same address as a SIP provider.
; register their phones.
; If you have qualify on and the peer becomes unreachable
; this setting will enforce inactivation of the regexten
; extension for the peer
; Defaults to 100 ms
; Defaults to 500 ms or the measured round-trip
; time to a peer (qualify=yes).
; in this amount of time, the call will autocongest
; Defaults to 64*timert1
; on the audio channel
; when we're not on hold. This is to be able to hangup
; a call in the case of a phone disappearing from the net,
; like a powerloss or grandma tripping over a cable.
; on the audio channel
; when we're on hold (must be > rtptimeout)
; (default is off - zero)
; the moment the channel loads this configuration
; (see sip history / sip no history)
; SIP history is output to the DEBUG logging channel
; Useful to limit subscriptions to local extensions
; Settable per peer/user also
; RINGING when another call is sent (default: yes)
; Turning on notifyringing and notifyhold will add a lot
; more database transactions if you are using realtime.
; dialog-info+xml notifications (supported by snom phones).
; Note that this feature will only work properly when the
; incoming call is using the same extension and context that
; is being used as the hint for the called extension. This means
; that it won't work when using subscribecontext for your sip
; user or peer (if subscribecontext is different than context).
; This is also limited to a single caller, meaning that if an
; extension is ringing because multiple calls are incoming,
; only one will be used as the source of caller ID. Specify
; 'ignore-context' to ignore the called context when looking
; for the caller's channel. The default value is 'no.' Setting
; notifycid to 'ignore-context' also causes call-pickups attempted
; via SNOM's NOTIFY mechanism to set the context for the call pickup
; to PICKUPMARK.
; device too.
; 0 = continue forever, hammering the other server
; until it accepts the registration
; Default is 0 tries, continue forever
; RTP media stream to go directly from
; the caller to the callee. Some devices do not
; support this (especially if one of them is behind a NAT).
; The default setting is YES. If you have all clients
; behind a NAT, or for some other reason want Asterisk to
; stay in the audio path, you may want to turn this off.
; This setting also affect direct RTP
; at call setup (a new feature in 1.4 - setting up the
; call directly between the endpoints instead of sending
; a re-INVITE).
; the call directly with media peer-2-peer without re-invites.
; Will not work for video and cases where the callee sends
; RTP payloads and fmtp headers in the 200 OK that does not match the
; callers INVITE. This will also fail if directmedia is enabled when
; the device is actually behind NAT.
; Additionally this option does not disable all reINVITE operations.
; It only controls Asterisk generating reINVITEs for the specific
; purpose of setting up a direct media path. If a reINVITE is
; needed to switch a media stream to inactive (when placed on
; hold) or to T.38, it will still be done, regardless of this
; setting. Note that direct T.38 is not supported.
; (reinvite) but only when the peer where the media is being
; sent is known to not be behind a NAT (as the RTP core can
; determine it based on the apparent IP address the media
; arrives from).
; instead of INVITE. This can be combined with 'nonat', as
; 'directmedia=update,nonat'. It implies 'yes'.
; number in SDP packets and will only modify the SDP
; session if the version number changes. This option will
; force asterisk to ignore the SDP session version number
; and treat all SDP data as new data. This is required
; for devices that send us non standard SDP packets
; (observed with Microsoft OCS). By default this option is
; off.
; just like friends added from the config file only on a
; as-needed basis? (yes|no)
; Default= no
; If set to yes, when a SIP UA registers successfully, the ip address,
; the origination port, the registration period, and the username of
; the UA will be set to database via realtime.
; If not present, defaults to 'yes'. Note: realtime peers will
; probably not function across reloads in the way that you expect, if
; you turn this option off.
; as if it had just registered? (yes|no|<seconds>)
; If set to yes, when the registration expires, the friend will
; vanish from the configuration until requested again. If set
; to an integer, friends expire within this number of seconds
; instead of the registration interval.
;
; For non-realtime peers, when their registration expires, the
; information will _not_ be removed from memory or the Asterisk database
; if you attempt to place a call to the peer, the existing information
; will be used in spite of it having expired
;
; For realtime peers, when the peer is retrieved from realtime storage,
; the registration information will be used regardless of whether
; it has expired or not; if it expires while the realtime peer
; is still in memory (due to caching or other reasons), the
; information will not be removed from realtime storage
; Add domain and configure incoming context
; for external calls to this domain
; You can have several "domain" settings
; Default is yes
; name and local IP to domain list.
; non-peers, use your primary domain "identity"
; for From: headers instead of just your IP
; address. This is to be polite and
; it may be a mandatory requirement for some
; destinations which do not have a prior
; account relationship with your server.
; SIP channel. Defaults to "no". An enabled jitterbuffer will
; be used only if the sending side can create and the receiving
; side can not accept jitter. The SIP channel can accept jitter,
; thus a jitterbuffer on the receive SIP side will be used only
; if it is forced and enabled.
; channel. Defaults to "no".
; resynchronized. Useful to improve the quality of the voice, with
; big jumps in/broken timestamps, usually sent from exotic devices
; and programs. Defaults to 1000.
; channel. Two implementations are currently available - "fixed"
; (with size always equals to jbmaxsize) and "adaptive" (with
; variable size, actually the new jb of IAX2). Defaults to fixed.
; The option represents the number of milliseconds by which the new jitter buffer
; will pad its size. the default is 40, so without modification, the new
; jitter buffer will set its size to the jitter value plus 40 milliseconds.
; increasing this value may help if your network normally has low jitter,
; but occasionally has spikes.
[authentication]
; Also used as "defaultport" in combination with "defaultip" settings
[basic-options](!) ; a template
dtmfmode=rfc2833
context=from-office
type=friend
[natted-phone](!,basic-options) ; another template inheriting basic-options
nat=yes
directmedia=no
host=dynamic
[public-phone](!,basic-options) ; another template inheriting basic-options
nat=no
directmedia=yes
[my-codecs](!) ; a template for my preferred codecs
disallow=all
allow=ilbc
allow=g729
allow=gsm
allow=g723
allow=ulaw
[ulaw-phone](!) ; and another one for ulaw-only
disallow=all
allow=ulaw
; on incoming calls to Asterisk
; No registration allowed
; from the phone to asterisk (deprecated)
; 1 for the explicit peer, 1 for the explicit user,
; remember that a friend equals 1 peer and 1 user in
; memory
; There is no combined call counter for a "friend"
; so there's currently no way in sip.conf to limit
; to one inbound or outbound call per phone. Use
; the group counters in the dial plan for that.
;
; listed with allow= does NOT matter!
; See README.callingpres for more information
; subscribes for mailbox notification
; sets the Message-Account in the MWI notify message
; defaults to global vmexten which defaults to "asterisk"
; Normally you do NOT need to set this parameter
; matching port number
; Helps with NAT session
; qualify=yes uses default value
; host to be up in seconds
; Set to low value if you use low timeout for
; NAT of UDP sessions
; Send SIP and RTP to the IP address that packet is
; received from instead of trusting SIP headers
; RTP media stream (audio) to go directly from
; the caller to the callee. Some devices do not
; support this (especially if one of them is
; behind a NAT).
; Normally you do NOT need to set this parameter
; cause the given audio file to
; be played upon completion of
; an attended transfer.
; You must have this turned on or DTMF reception will work improperly.
; if the nat option is enabled. If a single RTP packet is received Asterisk will know the
; external IP address of the remote device. If port forwarding is done at the client side
; then UDPTL will flow to the remote device.
users.conf
[general]
fullname = New User
userbase = 6000
hasvoicemail = yes
vmsecret = 1234
hassip = yes
hasiax = yes
hasmanager = no
callwaiting = yes
threewaycalling = yes
callwaitingcallerid = yes
transfer = yes
canpark = yes
cancallforward = yes
callreturn = yes
callgroup = 1
pickupgroup = 1