Daily Archive for January 22nd, 2013

Asterisk & IPtables

A good starting place is a set of rules similar to this one:

iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -p udp --dport 5060 -j ACCEPT
iptables -A INPUT -p udp --dport 10000:20000 -j ACCEPT
iptables -A INPUT -i lo -j ACCEPT
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT
iptables -P INPUT DROP

Asterisk modules

My practice of manual loading of needed modules only.
Change ‘autoload=yes‘ to ‘autoload=no‘ in /etc/asterisk/modules.conf .
Restart Asterisk – Asterisk CLI> core restart now (remember that it will cancel all active calls).

Login into Asterisk console (root# asterisk -rvvvvvvv). Then load modules manually:
Asterisk CLI> module load app_dial.so
Asterisk CLI> module load app_playback.so
Asterisk CLI> module load chan_sip.so
Asterisk CLI> module load codec_alaw.so
Asterisk CLI> module load codec_gsm.so
Asterisk CLI> module load res_rtp_asterisk.so
Asterisk CLI> module load res_musiconhold.so
Asterisk CLI> module load func_dialplan.so
Asterisk CLI> module load pbx_config.so
Asterisk CLI> module load format_sln.so
Asterisk CLI> module load format_wav.so
Asterisk CLI> module load format_gsm.so
Asterisk CLI> module load app_record.so

A nice help for modules being used is ‘Asterisk CLI> module show‘ . This is mine:

Asterisk CLI> module show 
Module                         Description                              Use Count 
res_musiconhold.so             Music On Hold Resource                   0         
app_dial.so                    Dialing Application                      0         
app_playback.so                Sound File Playback Application          0         
chan_sip.so                    Session Initiation Protocol (SIP)        0         
codec_alaw.so                  A-law Coder/Decoder                      0         
codec_gsm.so                   GSM Coder/Decoder                        0         
res_rtp_asterisk.so            Asterisk RTP Stack                       0         
func_dialplan.so               Dialplan Context/Extension/Priority Chec 0         
pbx_config.so                  Text Extension Configuration             0         
format_sln.so                  Raw Signed Linear Audio support (SLN)    0         
app_record.so                  Trivial Record Application               0         
format_wav.so                  Microsoft WAV/WAV16 format (8kHz/16kHz S 0         
format_gsm.so                  Raw GSM data                             0         
13 modules loaded
Asterisk CLI> 

If you need AEL, you have to load 2 modules (in shown sequence):

Asterisk CLI> module load res_ael_share.so
Asterisk CLI> module load pbx_ael.so

The best practice is to configure /etc/asterisk/modules.conf according to its syntax, to prevent manual loading of modules each time your Asterisk PBX starts.

Your installation may need other modules as well.