Bash: Target Directory

A nice article about target directory, moving and copying files/directories.

Asterisk 13: chan_sip sip_write Can’t send 10 type frames with SIP write

Centos 7
Asterisk 13.1

Noticed a WARNING which filled Asterisk’s messages logfile:

To get rid of it, use module instead of
Thanks to Lenar Daminov from our team for research.

Asterisk 11: some required modules

Asterisk 11, modules, which have to be loaded for other basic modules to work properly.

preload =>	; for load
preload =>		; for load
preload =>			; for load
preload =>		; for correct load
preload =>		; for correct load // also works without this,
                                        ; but WARNING while loading

Linux: limit CPU usage by running process

Use cpulimit for this.

We have a 8-core CPU (it means the total CPU usage can be 800%, and 100% for 1 core respectively).
Our process is ‘raid-check’.

/usr/bin/cpulimit --exe /usr/sbin/raid-check --limit 600

I added this line to crontab config. The reason is that my Asterisk stops accepting calls when the CPU load is too high. Of course you can also use asterisk.conf settings to achieve the desired results.

[root@voip-ge ~]# cat /etc/cron.d/raid-check
# Run system wide raid-check once a week on Sunday at 1am by default
0 1 * * Mon root /usr/sbin/raid-check

# limit the CPU usage by executable name
1 1 * * Mon root /usr/bin/cpulimit --exe /usr/sbin/raid-check --limit 600

SSH port forwarding

Assuming, MySQL is running on ‘remoteserver’ on, and you have only SSH access to the remote server.

lexus@lexus:~$ ssh user@remote-server -L 3306: -N
support@remote-server’s password: (press Ctrl-Z)
[1]+ Stopped ssh user@remote-server -L 3306: -N
lexus@lexus:~$ bg
[1]+ ssh user@remote-server -L 3306: -N &
lexus@lexus:~$ mysql -h -p -u sqluser
Enter password:

Ubuntu: old releases repositories

If your Ubuntu is too old and aptitude stopped working, showing 404 not found.

Add this to /etc/apt/sources.list, changing the CODENAME to your Ubuntu version.

## EOL upgrade sources.list
# Required
deb CODENAME main restricted universe multiverse
deb CODENAME-updates main restricted universe multiverse
deb CODENAME-security main restricted universe multiverse

# Optional
#deb CODENAME-backports main restricted universe multiverse

That’s enough.
Read more if you’re interested in.

Asterisk: ODBC configuration files relations


Description = ODBC for MySQL
Driver = /usr/lib/odbc/
Setup = /usr/lib/odbc/
FileUsage = 1


Description	= MySQL connection to 'asterisk' database
Driver = MySQL
Database = asterisk
Server = localhost
Port = 3306
Socket = /var/lib/mysqld/mysqld.sock


enabled => yes
dsn => asterisk-connector	// points to DB connection in odbc.ini
username => asterisk
password => welcome
pooling => no
limit => 1
pre-connect => yes


connection = asterisk // The database connection to be used. This is a reference 
                      // to the configured connection in res_odbc.conf. This field is required.
table = // The table name. This field is required.

AcmePacket: go on rejecting!

One more post about INVITE rejecting.

The task: reject malicious SIP traffic coming from some country to our number. All INVITEs contain a From: header with 12-digits number starting with 666. The may also contain a plus sign at the beginning or 810, or +810.

It is also important to set a ‘new-value’ parameter, containing a status code and SIP description (in form of “Code:Description”), as some (or maybe most) PBXses/softswitches/proxies go on sending INVITEs if we just do ‘action reject’. After answering from AcmePacket with something like “403 Forbidden” the remote side stops sending endless INVITEs to AcmePacket.


Part of sip-manipulation:

                name                                    dropHACKERS
                header-name                             From
                action                                  manipulate
                comparison-type                         pattern-rule
                msg-type                                any
                methods                                 INVITE
                        name                                    dropHACKERS1
                        parameter-name                          From
                        type                                    uri-phone-number-only
                        action                                  reject
                        match-val-type                          any
                        comparison-type                         pattern-rule
                        match-value                             666[0-9]{9}$
                        new-value                               403:Forbidden

This is how it looks like after rejecting malicious INVITE with “403 Forbidden”:

SQL: get the database size

I’m going on writing primitive posts about the fascinating world of relational database management systems. :)

MySQL, size of all databases:

mysql> SELECT table_schema \
       "Database name", \
       sum( data_length + index_length ) / 1024 / 1024 \
       "Data Base Size in MB" FROM \
       information_schema.TABLES GROUP BY table_schema;
| Database name      | Data Base Size in MB |
| fluxbb             |           0.04585648 |
| information_schema |           0.00781250 |
| mysql              |           0.60614872 |
| wordpress          |           2.22493362 |
4 rows in set (0.13 sec)

PostgreSQL, size of all databases:

cdr=> SELECT pg_database.datname,pg_size_pretty(pg_database_size(pg_database.datname)) \
      AS size FROM pg_database;
  datname  |  size   
 template1 | 6705 kB
 template0 | 6697 kB
 postgres  | 6820 kB
 cdr       | 28 GB

Size of ‘acme_cdr’ table:

cdr=> SELECT pg_size_pretty(pg_total_relation_size('acme_cdr'));
 28 GB

ngrep: SIP traffic analyze

tcpdump is a nice tool, but some filters seem to be too complicated for usage.

It’s quite simple to look at SIP traffic between our server and remote server with tcpdump:

tcpdump -pni eth0 udp and port 5060 and host

… or a little bit more verbose:

tcpdump -pni eth0 -v udp and port 5060 and host

… or even:

tcpdump -pni eth0 -v -As0 udp and port 5060 and host

But how to capture only INVITE messages?
This is the case to use ngrep:

root@voip-ge:~# ngrep -W byline "INVITE sip" port 5060 and host zz.nn.159.114
interface: eth0 (
filter: (ip or ip6) and ( port 5060 and host zz.nn.159.114 )
match: INVITE sip
U xx.yy.94.130:5060 -> zz.nn.159.114:5060
INVITE sip:412753@zz.nn.159.114 SIP/2.0.
v: SIP/2.0/UDP xx.yy.94.130:5060;branch=z9hG4bK51d42193.
Max-Forwards: 70.
f: "SomeCallerID" sip:0606@xx.yy.94.130;tag=as07e569d2.
t: sip:412753@zz.nn.159.114.
m: sip:0606@xx.yy.94.130:5060.
i: 795031de44fe066e3751fdc6218368e7@xx.yy.94.130:5060.
CSeq: 102 INVITE.
User-Agent: Cisco-SIPGateway/IOS-12.x.
Date: Tue, 01 Mar 2016 07:05:13 GMT.
k: replaces.
c: application/sdp.
l: 299.
o=CiscoSystemsSIP-GW-UserAgent 886157825 886157825 IN IP4 xx.yy.94.130.
s=SIP Call.
c=IN IP4 xx.yy.94.130.
t=0 0.
m=audio 19504 RTP/AVP 8 0 101.
a=rtpmap:8 PCMA/8000.
a=rtpmap:0 PCMU/8000.
a=rtpmap:101 telephone-event/8000.
a=fmtp:101 0-16.
a=silenceSupp:off - - - -.