flameshot – a good alternative for Deepin Screenshot which seems to be unavailable in *buntu 23.10
flameshot
March 10th, 2024OpenSIPS dispatching algorithms
February 20th, 2024Just some explanation of dispatcher module argorithms.
hash over callid
– ensures that all requests within a dialog goes to same boxhash over from uri
– ensures that all requests from same user goes to same boxhash over to uri
– ensures that registrations of an AoR goes to same boxhash over request-uri
– ensures that requests to same destination are processes by same box#hash over config variable
– for different needs
NetBSD useful links
February 20th, 2024https://netbsd.org/docs/guide/en/chap-boot.html#chap-boot-keyboard-layout
https://netbsd.org/docs/guide/en/chap-boot.html#chap-boot-system-time
https://netbsd.org/docs/guide/en/chap-boot.html#chap-boot-mount-cdrom
https://netbsd.org/docs/guide/en/chap-boot.html#chap-boot-pkgsrc
https://netbsd.org/docs/misc/index.html#wifi
https://netbsd.org/docs/misc/index.html#package-management
https://netbsd.org/docs/misc/index.html#installing-rootcerts
https://netbsd.org/docs/misc/index.html#managing-services
https://netbsd.org/docs/misc/index.html#run-on-startup
https://netbsd.org/docs/misc/index.html#viewing-disks
https://netbsd.org/docs/guide/en/chap-rmmedia.html#using-usb-flash-drives
https://netbsd.org/docs/guide/en/chap-rmmedia.html#cdrom
https://netbsd.org/docs/guide/en/chap-rmmedia.html#cdrom-users
https://netbsd.org/docs/guide/en/chap-rmmedia.html#vnconfig
NPF: NetBSD Packet Filter:
https://rmind.github.io/npf/nat.html
fail2ban, wordpress, lighttpd
February 20th, 2024/etc/fail2ban/jail.local:
# WordPress Jail
[wordpress-auths]
enabled = true
port = http,https
filter = wordpress-auth
logpath = /var/log/lighttpd/access.log
/etc/fail2ban/filter.d/botsearch-common.conf:
[Init]
# Block is the actual non-found directories to block
block = \/?(<webmail>|<phpmyadmin>|<wordpress>|cgi-bin|mysqladmin)[^,]*
# These are just convient definitions
# that assist the blocking of stuff that
# isn't installed
webmail = roundcube|(ext)?mail|horde|(v-?)?webmail
phpmyadmin = (typo3/|xampp/|admin/|)(pma|(php)?[Mm]y[Aa]dmin)
wordpress = wp-(login|signup|admin)\.php
rsyslog: redirect logs from certain host to a separate file
November 30th, 2023Linksys PAP2T-NA phone adapter is configured to send logs to a remote syslog server 10.11.0.10.
Enable UDP listener in /etc/rsyslog.conf and allow in it’s config a remote ip/subnet address:
module(load="imudp") input(type="imudp" port="514") $AllowedSender TCP, 10.11.0.0/16
Here is how logs look like after this (and sure after configuring your server’s ip as a syslog server on the remote device). Most likely they will appear in /var/log/syslog :
Nov 25 15:39:19 10.11.13.102 [1: 0]RTP Tx Dn
Nov 25 15:39:19 10.11.13.102 [1: 0]ENC INIT 8
Nov 25 15:39:19 10.11.13.102 [1: 0]RTP Tx Up (pt=8->0a48000a:18076)
Nov 25 15:39:19 10.11.13.102 CC: Remote Resume
Nov 25 15:39:19 10.11.13.102 CC: Connected
Nov 25 15:39:19 10.11.13.102 RTP: SSRC changed 787a1882->1df25275
Nov 25 15:39:29 10.11.13.102 syscfg_update_hdlr!!!
Nov 25 15:39:29 10.11.13.102 syscfg_update_hdlr!!!
Nov 25 15:39:51 10.11.13.102 syscfg_update_hdlr!!!
To redirect logs from remote host with ip address 10.11.13.102 do the following:
Create /etc/rsyslog.d/11-linksys-gw.conf with the following lines:
if $fromhost-ip == '10.11.13.102' then /var/log/linksys-gw.log
& stop
Create /var/log/linksys-gw.log empty file. At least in Debian you need to chown root:adm for this file.
Finally, restart rsyslog daemon. After that all logs going from remote ip-address 10.11.13.102 will be stored in a separate file.
VirtualBox: if VM does not start from console
September 18th, 2023Trying to start VM from console, but unsuccessful:
lexus@lexus-H110M-S2H:~$ vboxmanage startvm 21eaceac-f85e-4622-a52b-c586352aa9eb Waiting for VM "21eaceac-f85e-4622-a52b-c586352aa9eb" to power on... VBoxManage: error: The virtual machine 'centos7-ast-16' has terminated unexpectedly during startup because of signal 6 VBoxManage: error: Details: code NS_ERROR_FAILURE (0x80004005), component MachineWrap, interface IMachine
The solution is "--type headless"
option:
lexus@lexus-H110M-S2H:~$ vboxmanage startvm 21eaceac-f85e-4622-a52b-c586352aa9eb --type headless Waiting for VM "21eaceac-f85e-4622-a52b-c586352aa9eb" to power on... VM "21eaceac-f85e-4622-a52b-c586352aa9eb" has been successfully started.
VirtualBox: mastering console usage, starting/stopping/restarting VMs, getting VM’s IP addresses
April 9th, 2023A new post after nearly a year of lull!
Imagine the situation when there is some remote host machine with several VMs. You have an SSH access to host machine, but no VNC to manage easily those VMs, even doing the most elementary actions.
Listing all your VMs:
alexey@amd:~$ vboxmanage list vms "centos7-orig" {e4077fae-1be5-42f4-ae40-b399f98c6e3d} "debian9.rtpengine" {d2fb6655-29ab-4103-a70c-b7234c835a79} "debian9.opensips1" {757f6235-27d4-470d-a461-c12fbfe0cfd7} "debian9.opensips2" {09b11945-d696-409d-b90b-e5f2b5af6c4a} "centos7-ast-16" {21eaceac-f85e-4622-a52b-c586352aa9eb} "centos7-rtpengine8" {935a0191-a17e-4c95-8cf4-022f7ad1a398} "centos7.osips3.2" {e39ddc59-70cc-4bcb-8f6d-3b6bd9e78d3d} "centos7.osips3.2_node2" {ecb64a86-aa90-4f53-bd12-5bb253d02058}
Listing all your running VMs:
alexey@amd:~$ vboxmanage list runningvms
Starting VM (vm remains working even if you log out from host machine):
alexey@amd:~$ vboxmanage startvm centos7-ast-16 Waiting for VM "centos7-ast-16" to power on... VM "centos7-ast-16" has been successfully started.
Stopping VM:
alexey@amd:~$ vboxmanage controlvm centos7-ast-16 poweroff 0%...10%...20%...30%...40%...50%...60%...70%...80%...90%...100%
The more the better.
Now I would like to get the IP address of some VM. But there is no any way to do it until we use GuestAdditions. I mean that you’ve already started your VM with the appropriate console command and now need to log in via SSH, but you don’t know it’s IP address (e.g. in case of bridged network settings of the VM).
To be able to see VM’s IP address from host’s machine console, you have to install VitualBox to your guest machine. Then you need to “insert” an .iso containing GuestAdditions to your guest machine (the easiest way is to do it using VirtualBox GUI, but I’m sure there is also a console command).
If the VM’s cd-rom with this .iso is not mounted automatically, do it manually:
[root@flexisip ~]# mount /dev/cdrom /mnt/cdrom/
After that the .iso’s files are available:
[root@flexisip cdrom]# ls -l /mnt/cdrom/ total 47008 -r--r--r--. 1 root root 763 feb 20 2020 AUTORUN.INF -r-xr-xr-x. 1 root root 6384 jan 14 2022 autorun.sh dr-xr-xr-x. 2 root root 792 jan 14 2022 cert dr-xr-xr-x. 2 root root 1824 jan 14 2022 NT3x dr-xr-xr-x. 2 root root 2652 jan 14 2022 OS2 -r-xr-xr-x. 1 root root 4821 jan 14 2022 runasroot.sh -r--r--r--. 1 root root 592 jan 14 2022 TRANS.TBL -r--r--r--. 1 root root 4029558 jan 14 2022 VBoxDarwinAdditions.pkg -r-xr-xr-x. 1 root root 3949 jan 14 2022 VBoxDarwinAdditionsUninstall.tool -r-xr-xr-x. 1 root root 7474611 jan 14 2022 VBoxLinuxAdditions.run -r--r--r--. 1 root root 9439232 jan 14 2022 VBoxSolarisAdditions.pkg -r-xr-xr-x. 1 root root 16895432 jan 14 2022 VBoxWindowsAdditions-amd64.exe -r-xr-xr-x. 1 root root 270840 jan 14 2022 VBoxWindowsAdditions.exe -r-xr-xr-x. 1 root root 10000520 jan 14 2022 VBoxWindowsAdditions-x86.exe -r--r--r--. 1 root root 259 oct 4 2021 windows11-bypass.reg
Now we need to install GuestAdditions to the guest machine (VM):
[root@flexisip ~]# cd /mnt/cdrom [root@flexisip cdrom]# sh ./VBoxLinuxAdditions.run Verifying archive integrity... All good. Uncompressing VirtualBox 6.1.32 Guest Additions for Linux........ VirtualBox Guest Additions installer Copying additional installer modules ... Installing additional modules ... VirtualBox Guest Additions: Starting. VirtualBox Guest Additions: Building the VirtualBox Guest Additions kernel modules. This may take a while. VirtualBox Guest Additions: To build modules for other installed kernels, run VirtualBox Guest Additions: /sbin/rcvboxadd quicksetup <version> VirtualBox Guest Additions: or VirtualBox Guest Additions: /sbin/rcvboxadd quicksetup all VirtualBox Guest Additions: Building the modules for kernel 3.10.0-1160.88.1.el7.x86_64.
And now you can see VM’s IP address from your host machine console (NAT network settings):
alexey@amd:~$ VBoxManage guestproperty get centos-flexisip "/VirtualBox/GuestInfo/Net/0/V4/IP" Value: 10.0.2.15
The same for bridged networking:
alexey@amd:~$ VBoxManage guestproperty get centos-flexisip "/VirtualBox/GuestInfo/Net/0/V4/IP" Value: 192.168.88.239
More VM properties:
alexey@amd:~$ VBoxManage guestproperty enumerate centos-flexisip
But this command still does not show the IP address of the VM, though it shows its MAC:
alexey@amd:~$ vboxmanage showvminfo centos-flexisip
After this you may unattach an .iso from your VM cd-rom.
How long the process is running?
April 18th, 2022voip-sipgw02 ~ # ps --pid `pidof rsyslogd` -o etime,pid,user,args ELAPSED PID USER COMMAND 261-20:58:45 1228 root /usr/sbin/rsyslogd -n
The etime option means elapsed time since the process was started, in the form [[DD-]hh:]mm:ss.
RTPEngine 10: rpm compilation in Centos 7
March 31st, 2022This is a note without detailed examples.
Main idea: 1) update kernel, 2) add RPM Fusion repository and install ffmpeg from it.
If trying to compile RTPEngine 10 in CentOS 7 with ffmpeg installed from some other repository (e.g. nux-desktop, as I had) – you’ll get an error! (see screenshot)
Update kernel (my system had 3.10.0-957.el7.x86_64 after installation):
[root@localhost ~]# uname -a Linux localhost.localdomain 3.10.0-957.el7.x86_64 #1 SMP Thu Nov 8 23:39:32 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux [root@localhost ~]# cat /etc/centos-release CentOS Linux release 7.6.1810 (Core)
Updated to the newest available from standard repository (3.10.0-1160.59.1.el7.x86_64):
yum --showduplicates list available kernel.x86_64 yum install kernel-3.10.0-1160.59.1.el7 reboot [root@localhost ~]]# uname -a Linux localhost.localdomain 3.10.0-1160.59.1.el7.x86_64 #1 SMP Wed Feb 23 16:47:03 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux
Add RPM Fusion repository as described here: https://rpmfusion.org/Configuration
I’ll duplicate instructions:
yum install dnf dnf install --nogpgcheck https://dl.fedoraproject.org/pub/epel/epel-release-latest-$(rpm -E %rhel).noarch.rpm dnf install --nogpgcheck https://mirrors.rpmfusion.org/free/el/rpmfusion-free-release-$(rpm -E %rhel).noarch.rpm https://mirrors.rpmfusion.org/nonfree/el/rpmfusion-nonfree-release-$(rpm -E %rhel).noarch.rpm
Then disable nux-desktop (if you previously installed ffmpeg from it) repository (‘enabled=0’ in /etc/yum.repos.d/nux-dextop.repo).
Ensure that ffmpeg and ffmpeg-devel now are available from just added RPM Fusion repository and install them (you’ll see repo name in the yum output, not shown here):
yum --showduplicates list available ffmpeg yum check-update yum install ffmpeg ffmpeg-devel
Then create build directory structure (use rpmbuild tool).
Download version 10 ZIP archive from RTPEngine git, somewhere from here https://github.com/sipwise/rtpengine/tree/mr10.4 . Unzip it.
Put rtpengine/el/rtpengine.spec to rpmbuild/SPECS/
Then archive again into tar.gz format with such name (according to settings in .spec file!):
tar czvf ngcp-rtpengine-10.4.0.0+0~mr10.4.0.0.tar.gz rtpengine-mr10.Y.Z/
Put ngcp-rtpengine-10.4.0.0+0~mr10.4.0.0.tar.gz to rpmbuild/SOURCES/
Fire!
rpmbuild -ta rpmbuild/SOURCES/ngcp-rtpengine-10.4.0.0+0~mr10.4.0.0.tar.gz
Ready rpms will be under rpmbuild/RPMS/ .
Install them in this sequence: ngcp-rtpengine-dkms, ngcp-rtpengine, ngcp-rtpengine-debuginfo, ngcp-rtpengine-kernel, ngcp-rtpengine-recording .
OpenSIPS: monitoring with Zabbix: HTTP Agent, JSONPath
March 24th, 2022This guide will help you to understand how OpenSIPS can be monitored with Zabbix, sharing its statistic data via HTTP interface in JSON format. This article assumes using OpenSIPS 3.2 and Zabbix 6.
Enable embedded HTTP server and HTTP support for Management Interface in your OpenSIPS:
loadmodule "httpd.so" modparam("httpd", "ip", "192.168.88.244") modparam("httpd", "port", 8888) # :8888/mi loadmodule "mi_http.so" modparam("mi_http", "root", "mi")
Now we may try to send a JSON-RPC OpenSIPS MI command from the command-line, using curl (official example at the very bottom of the page):
/usr/bin/curl -X POST 192.168.88.244:8888/mi -H 'Content-Type: application/json' -d '{"jsonrpc": "2.0", "id": "1", "method": "uptime"}'
The official documentation does not have other more complicated examples, e.g. “get_statistics sl:”, that’s why I decided to write this article, maybe it’s more about JSON, JSONPath and working with all this in Zabbix.
As an example, we’ll get stateless replier module statistics, like shown by invoking a CLI command “opensips-cli -x mi get_statistics sl:” .
/usr/bin/curl -X POST 192.168.88.244:8888/mi -H 'Content-Type: application/json' -d '{"jsonrpc": "2.0", "id": "1", "method": "get_statistics", "params": {"statistics": ["sl:"]}}'
I’ll also duplicate the command with a screenshot (to be sure that you see it in a right way, because markup may cut some special characters):
Tip: if you need statistics from several groups, for example several modules (not only SL), the request will be as follows:
/usr/bin/curl -X POST 192.168.88.244:8888/mi -H 'Content-Type: application/json' -d '{"jsonrpc": "2.0", "id": "1", "method": "get_statistics", "params": {"statistics": ["sl:", "tm:"]}}'
OpenSIPS will answer and you’ll see SL module statistics after sending this request with CURL.
But the responce is a one-liner, so we need to convert this one line to JSON format and then to create a JSONPath, to be able to extract the value we need.
Let’s monitor not all SL module statistics received from OpenSIPS, but the number of 2xx replies only.
I use https://www.jsonformatter.io/ for JSON formatting and https://jsonpath.com/ for creating JSONPath. After formatting and specifying JSONPath we can configure Zabbix.
Now it’s time to add items to your OpenSIPS host in Zabbix. Item parameters:
Type: HTTP Agent Type of information: Numeric (unsigned) Request type: POST Request body type: JSON data Request body: {"jsonrpc": "2.0", "id": "1", "method": "get_statistics", "params": {"statistics": ["sl:"]}} Retrieve mode: Body Convert to JSON (enabled)
Screenshots as usual:
Item Preprocessing parameters:
1st step - JSONPath Parameters: $.body.result.["sl:2xx_replies"] Type of information: Numeric (unsigned)
Screen – item Preprocessing and successful testing:
Now we add a graph with this item (I hope you know how to create graphs in Zabbix) and it’s time to test. I will generate thousands of OPTIONS requests to my OpenSIPS with the sipp tool (I also recommend this sipp cheatsheet).
Download OPTIONS.xml scenario file, and generate 10000 OPTIONS requests with call rate of 10 (I assume that your OpenSIPS, like mine, answers “200 OK”):
sipp 192.168.88.244 -sf OPTIONS.xml -l 10000 -m 10000 -r 10
Finally, here is the graph showing your OpenSIPS SL module 2xx processed replies statistics:
This is how you can monitor OpenSIPS with Zabbix using JSON.
Have fun!