diff options
Diffstat (limited to 'asterisk-conf')
| -rw-r--r-- | asterisk-conf/acl.conf | 96 | ||||
| -rw-r--r-- | asterisk-conf/extensions.conf | 233 | ||||
| -rw-r--r-- | asterisk-conf/iax.conf | 33 | ||||
| -rw-r--r-- | asterisk-conf/pjsip.conf | 278 | ||||
| -rw-r--r-- | asterisk-conf/rtp.conf | 162 | ||||
| -rw-r--r-- | asterisk-conf/sccp.conf | 182 | ||||
| -rw-r--r-- | asterisk-conf/voicemail.conf | 52 |
7 files changed, 1036 insertions, 0 deletions
diff --git a/asterisk-conf/acl.conf b/asterisk-conf/acl.conf new file mode 100644 index 0000000..7b7976c --- /dev/null +++ b/asterisk-conf/acl.conf @@ -0,0 +1,96 @@ +; +; Named Access Control Lists (ACLs) +; +; A convenient way to share acl definitions +; +; This configuration file is read on startup +; +; CLI Commands +; ----------------------------------------------------------- +; acl show Show all named ACLs configured +; acl show <name> Show contents of a particular named ACL +; reload acl Reload configuration file +; +; Any configuration that uses ACLs which has been made to be able to use named +; ACLs will specify a named ACL with the 'acl' option in its configuration in +; a similar fashion to the usual 'permit' and 'deny' options. Example: +; acl=my_named_acl +; +; Multiple named ACLs can be applied by either comma separating the arguments or +; just by adding additional ACL lines. Example: +; acl=my_named_acl +; acl=my_named_acl2 +; +; or +; +; acl=my_named_acl,my_named_acl2 +; +; ACLs specified by name are evaluated independently from the ACL specified via +; permit/deny. In order for an address to pass a given ACL, it must pass both +; the ACL specified by permit/deny for a given item as well as any named ACLs +; that were specified. +; +;[example_named_acl1] +;deny=0.0.0.0/0.0.0.0 +;permit=209.16.236.0 +;permit=209.16.236.1 +; +;[example_named_acl2] +;permit=0.0.0.0/0.0.0.0 +;deny=10.24.20.171 +;deny=10.24.20.103 +;deny=209.16.236.1 +; +; example_named_acl1 above shows an example of whitelisting. When whitelisting, the +; named ACLs should follow a deny that blocks everything (like deny=0.0.0.0/0.0.0.0) +; The following example explains how combining the ACLs works: +; <in another configuration> +; [example_item_with_acl] +; acl=example_named_acl1 +; acl=example_named_acl2 +; +; Suppose 209.16.236.0 tries to communicate and the ACL for that example is applied to it... +; First, example_named_acl1 is evaluated. The address is allowed by that ACL. +; Next, example_named_acl2 is evaluated. The address isn't blocked by example_named_acl2 +; either, so it passes. +; +; Suppose instead 209.16.236.1 tries to communicate and the same ACL is applied. +; First, example_named_acl1 is evaluated and the address is allowed. +; However, it is blocked by example_named_acl2, so the address is blocked from the combined +; ACL. +; +; Similarly, the permits/denies in specific configurations that make up an ACL definition +; are also treated as a separate ACL for evaluation. So if we change the example above to: +; <in another configuration> +; [example_item_with_acl] +; acl=example_named_acl1 +; acl=example_named_acl2 +; deny=209.16.236.0 +; +; Then 209.16.236.0 will be rejected by the non-named component of the combined ACL even +; though it passes the two named components. +; +; +; Named ACLs can use ipv6 addresses just like normal ACLs. +;[ipv6_example_1] +;deny = :: +;permit = ::1/128 +; +;[ipv6_example_2] +;permit = fe80::21d:bad:fad:2323 + +[internal] +deny=0.0.0.0/0.0.0.0 +permit=192.168.0.0/255.255.0.0 + +[external] +permit=0.0.0.0/0.0.0.0 + +[sdf] +deny=0.0.0.0 +permit=205.166.94.7/255.255.255.255 + +[pstn] +deny=0.0.0.0/0 +permit=176.56.119.0/255.255.255.0 + diff --git a/asterisk-conf/extensions.conf b/asterisk-conf/extensions.conf new file mode 100644 index 0000000..47dfc20 --- /dev/null +++ b/asterisk-conf/extensions.conf @@ -0,0 +1,233 @@ +[globals] +tandmxkey=l2408fy4dlia3SqONVFSLD0LVkNmuerd209181Rl8228829DYIB +tandmxhostid=110 + +arf20=PJSIP/1051 +all=PJSIP/1001&PJSIP/1002&PJSIP/1051&SCCP/1101 + + +[from-internal] + +exten => _1XXX,1,Goto(internal-users,${EXTEN},1) ; 1xxx users +exten => _2XXX,1,Goto(internal-services,${EXTEN},1) ; 2xxx services +exten => _8XXXXXXX,1,Goto(tandmx,${EXTEN:1},1) ; tandmx prefixed by 8 +exten => _733XXXX,1,Set(number=${EXTEN:3}) ; SDF numbers prefixed by 733 + same => n,Goto(sdf,${EXTEN:3},1) + +; PSTN +exten => _0ZX,1,Goto(pstn,${EXTEN},1) ; emergency numbers (3 numbers starting with 0 followed by non-zero) +exten => _112,1,Goto(pstn,${EXTEN},1) ; emergency service (fixed) +exten => _XXXXXX,1,Goto(pstn,968${EXTEN},1) ; regional numbers (6 digits) +exten => _[6789]XXXXXXXX,1,Goto(pstn,${EXTEN},1) ; national numbers (9 digits) +exten => _0ZXXX,1,Goto(pstn,${EXTEN:1},1) ; short numbers prefixed by 0 +exten => _00ZX!,1,Goto(pstn,${EXTEN},1) ; international numbers prefixed by 00 + +; catch invalid extension +exten => _X!,1,Goto(bogons,s,1) + +; catch timeouts +exten => t,1,Playback(press-button-again) + same => n,Hangup() + + +[internal-users] + +; arf20 alias +exten => 1000,1,Progress() + same => n,Dial(${arf20}, 20) + same => n,Goto(fail-to-internal,${EXTEN},1) + +; internal calls between extensions (10xx SIP) +exten => _10XX,1,Progress() + same => n,Dial(PJSIP/${EXTEN}, 20) + same => n,Goto(fail-to-internal,${EXTEN},1) + +; internal calls between extensions (11xx SCCP) +exten => _11XX,1,Progress() + same => n,Dial(SCCP/${EXTEN}, 20) + same => n,Goto(fail-to-internal,${EXTEN},1}) + + +[internal-services] + +; test +exten = 2222,1,Answer() + same = n,Wait(1) + same = n,Playback(hello-world) + same = n,Hangup() +; test2 +exten = 2223,1,Answer() + same = n,Wait(1) + same = n,Playback(digits/10) + same = n,Hangup() +; Echo test +exten => 2101,1,NoOp(Echo test) +same => n,Playback(demo-echotest) +same => n,Echo() +same => n,Playback(demo-echodone) +same => n,Hangup() + + +; IVR +exten => 2000,1,Goto(ivr,s,1) +; conference +exten => 2001,1,Answer() + same => n,ConfBridge(1) +; asterisk time +exten => 2002,1,Answer() + same => n,DateTime() + same => n,Hangup() +; voicemail +exten => 2003,1,VoiceMailMain() + + +[ivr] +; prompt +exten => s,1,Answer(500) + same => n(loop),Background(arfnet/ivr_hello) + same => n,WaitExten() +; on 1 +exten => 1,1,Read(entered_ext,arfnet/please-enter-ext,4) + same => n,Goto(from-internal,${entered_ext},1) +; on 2 +exten => 2,1,Goto(internal-users,1000,1) +; on 3 +exten => 3,1,Goto(internal-services,2001,1) +; on 4 +exten => 4,1,VoiceMail(1000@default) + +exten = i,1,Playback(option-is-invalid) + same = n,Goto(ivr,s,1) + +exten = t,1,Playback(are-you-still-there) + same = n,Goto(ivr,s,1) + + +[from-external] + +exten => _1XXX,1,Goto(internal-users,${EXTEN},1) +exten => _2XXX,1,Goto(internal-services,${EXTEN},1) + +exten => _X!,1,Goto(bogons,s,1) + + +[from-anonymous] + +exten => _X!,1,Verbose(*** Anonymous direct IP inbound call from: ${CALLERID(all)}) + same => n,Goto(from-external,${EXTEN},1) + + +[sdf] + +; to SDF +exten => _XXXX,1,Verbose(*** Dialing outbound via SDF ${EXTEN}) + same => n,Set(CALLERID(num)=2063) + same => n,Dial(PJSIP/${EXTEN}@sdf) + same => n,Goto(fail-to-external,${EXTEN},1) + + +; external trunk calls from sdf +[from-sdf] + +exten => 2063,1,Answer() + same => n,Verbose(*** Inbound call via SDF from: ${CALLERID(all)}) + same => n,Dial(${arf20}) + same => n,Hangup() + + +[tandmx] + +; to Tandmx +exten => _XXXXXXX,1,Verbose(*** Dialing outbound via Tandmx to: ${EXTEN}) + same => n,Set(number=${EXTEN}) + same => n,Set(CALLERID(num)=2736${CALLERID(num):1}) + same => n,Set(lookup=${SHELL(curl "http://api.tandmx.net/api/v1/?auth=${tandmxkey}&number=${number}&ani=${CALLERID(num)}&host=${tandmxhostid}")}) + same => n,Dial(${lookup}) + same => n,Goto(fail-to-external,${EXTEN},1) + + +[from-tandmx] + +exten => _2736XXX,1,Answer() + same => n,Verbose(*** Inbound call via Tandmx from: ${CALLERID(all)}) + same => n,Goto(internal-users,1${EXTEN:4},1) + +exten => _2737XXX,1,Answer() + same => n,Verbose(*** Inbound call via Tandmx from: ${CALLERID(all)}) + same => n,Goto(internal-services,2${EXTEN:4},1) + + +[pstn] + +; to PSTN +exten => _X!,1,Verbose(*** Dialing outbound via PSTN to: ${EXTEN}) + same => n,Set(CALLERID(all)=868925554) + same => n,Dial(PJSIP/${EXTEN}@pstn) + same => n,Goto(fail-to-external,${EXTEN},1) + +[from-pstn] + +exten => 868925554,1,Answer() + same => n,Verbose(*** Inbound call via PSTN from: ${CALLERID(all)}) + same => n,Progress() + same => n,Wait(1) + same => n,Ringing() + same => n,Dial(${all},45,d) + same => n,VoiceMail(1000@default,u) + same => n,Hangup() + +exten => 1,1,Goto(ivr,s,1) + + +[bogons] + +exten => s,1,Answer() + same => n,Playback(pbx-invalid) + same => n,Hangup() + + +[fail-to-external] + +exten => _X!,1,Goto(s-${DIALSTATUS},1) ; (NOANSWER,BUSY,CHANUNAVAIL,CONGESTION,ANSWER) + +exten => s-NOANSWER,1,Playback(vm-nobodyavail) + same => n,Hangup() + +exten => s-BUSY,1,Playback(all-circuits-busy-now) + same => 1,Busy(5) + same => n,Hangup() + +exten => s-CHANUNAVAIL,1,Playback(ss-noservice) + same => n,Hangup() + +exten => s-CONGESTION,1,Congestion(5) + same => n,Hangup() + +exten => _s-.,1,Goto(s-NOANSWER,1) + + +[fail-to-internal] + +exten => _X!,1,Set(MAILBOX=${EXTEN}) + same => n,Goto(s-${DIALSTATUS},1) ; (NOANSWER,BUSY,CHANUNAVAIL,CONGESTION,ANSWER) + +exten => s-NOANSWER,1,VoiceMail(1000@default,u) ; If unavailable, send to voicemail w/ unavail announce + same => n,Hangup() ; If they press #, return to start + +exten => s-BUSY,1,VoiceMail(1000@default,b) ; If busy, send to voicemail w/ busy announce + same => n,Hangup() ; If they press #, return to start + +exten => _s-.,1,Goto(s-NOANSWER,1) ; Treat anything else as no answer + +exten => a,1,VoicemailMain(${MAILBOX}) ; If they press *, send the user into VoicemailMain + + +[send-text] +exten => s,1,Verbose(*** Sending text to: ${ARG1}) + same => n,Set(PEER=${CUT(CUT(CUT(MESSAGE(from),@,1),<,2),:,2)}) + same => n,Set(FROM=${SHELL(asterisk -rx ‘pjsip show endpoint ${PEER}’ | grep ‘callerid ‘ | cut -d’:’ -f2- | sed ‘s/^ *//’ | tr -d ‘‘)}) + same => n,Set(CALLERID_NUM=${CUT(CUT(FROM,>,1),<,2)}) + same => n,Set(FROM_SIP=${STRREPLACE(MESSAGE(from), + same => n,MessageSend(pjsip:${ARG1},${FROM_SIP}) + same => n,Hangup() + diff --git a/asterisk-conf/iax.conf b/asterisk-conf/iax.conf new file mode 100644 index 0000000..56d73df --- /dev/null +++ b/asterisk-conf/iax.conf @@ -0,0 +1,33 @@ +;==========================================================================================================; +; These values define how IAX connections are made. Only adjust them if you know what you're doing ; +;==========================================================================================================; + +[general] +bindaddr=0.0.0.0 +bindport=4569 +qualify=1000 +relaxdtmf=yes +bandwidth=high +;disallow=all +;allow=g722 +;allow=ulaw +;allow=alaw +allow=all +jitterbuffer=no +tos=0x12 +calltokenoptional=0.0.0.0/0.0.0.0 +requirecalltoken=no +delayreject=yes +autokill=yes +encryption=yes + +;======================================================; +; Adjust this section as part of TandmX setup! ; +;======================================================; + +[from-tandmx] +type=user +context=from-tandmx +auth=md5 +secret=REDACTED + diff --git a/asterisk-conf/pjsip.conf b/asterisk-conf/pjsip.conf new file mode 100644 index 0000000..faf8575 --- /dev/null +++ b/asterisk-conf/pjsip.conf @@ -0,0 +1,278 @@ +;===============TRANSPORT + +[simpletrans] +type=transport +protocol=udp +bind=0.0.0.0 +local_net=192.168.4.0/24 +local_net=192.168.5.0/24 +local_net=192.168.6.0/24 +local_net=192.168.9.0/24 +external_media_address=2.59.235.35 +external_signaling_address=2.59.235.35 + + +;===============ENDPOINT TEMPLATES + +[endpoint-basic](!) +type=endpoint +context=from-internal +message_context=send-text +disallow=all +;allow=g722 +allow=ulaw +;allow=alaw +;allow=opus +;allow=all + +[auth-userpass](!) +type=auth +auth_type=userpass + +[aor-single-reg](!) +type=aor +max_contacts=1 + +;===============ATA site A port 1 + +[1001](endpoint-basic) +auth=auth1001 +aors=1001 +acl=internal + +[auth1001](auth-userpass) +password=REDACTED +username=1001 + +[1001](aor-single-reg) + +;===============ATA site A port 2 + +[1002](endpoint-basic) +auth=auth1002 +aors=1002 +acl=internal + +[auth1002](auth-userpass) +password=REDACTED +username=1002 + +[1002](aor-single-reg) + +;===============ATA site B port 1 + +[1011](endpoint-basic) +auth=auth1011 +aors=1011 +acl=internal + +[auth1011](auth-userpass) +password=REDACTED +username=1011 + +[1011](aor-single-reg) + +;===============ATA site B port 2 + +[1012](endpoint-basic) +auth=auth1012 +aors=1012 +acl=internal + +[auth1012](auth-userpass) +password=REDACTED +username=1012 + +[1012](aor-single-reg) + + +;===============soft phone 1 + +[1021](endpoint-basic) +auth=auth1021 +aors=1021 +acl=internal + +[auth1021](auth-userpass) +password=REDACTED +username=1021 + +[1021](aor-single-reg) + +;===============soft phone 2 + +[1022](endpoint-basic) +auth=auth1022 +aors=1022 +acl=internal + +[auth1022](auth-userpass) +password=REDACTED +username=1022 + +[1022](aor-single-reg) + + +;===============remote phone 1 + +[1031](endpoint-basic) +auth=auth1031 +aors=1031 +rtp_symmetric=yes +force_rport=yes +direct_media=no +rewrite_contact=yes +acl=internal ; these are currently disabled for external registration so they arent really remote + +[auth1031](auth-userpass) +password=REDACTED +username=1031 + +[1031](aor-single-reg) + +;===============remote phone 2 + +[1032](endpoint-basic) +auth=auth1032 +aors=1032 +rtp_symmetric=yes +force_rport=yes +direct_media=no +rewrite_contact=yes +acl=internal + +[auth1032](auth-userpass) +password=REDACTED +username=1032 + +[1032](aor-single-reg) + +;===============Cisco 3911 SIP phone 1 + +[1051](endpoint-basic) +auth=auth1051 +aors=1051 +rtp_symmetric=yes +force_rport=yes +direct_media=no +rewrite_contact=yes +;acl=internal + +[auth1051](auth-userpass) +password=REDACTED +username=1051 + +[1051](aor-single-reg) + + + + +; ============= anonymous inbound calls +[anonymous] +type=endpoint +context=from-anonymous +;disallow=all +;allow=speex,g726,g722,ilbc,gsm,alaw,ulaw +allow=all +acl=external + + + +;=============== SDF TRUNK + +[sdf] +type=registration +outbound_auth=sdf +server_uri=sip:sip.sdf.org +client_uri=sip:2063@sip.sdf.org +retry_interval=120 +forbidden_retry_interval=180 +auth_rejection_permanent=no +max_retries=3 +contact_user=2063 +expiration=1200 + +[sdf] +type=auth +auth_type=userpass +username=2063 +password=REDACTED + +[sdf] +type=aor +contact=sip:sip.sdf.org:5060 +qualify_frequency=58 + +[sdf] +type=endpoint +context=from-sdf +disallow=all +allow=ulaw +allow=g729 +allow=alaw +allow=opus +;allow=all +outbound_auth=sdf +aors=sdf +;rtp_symmetric=yes +;force_rport=yes +direct_media=no +;rewrite_contact=yes +acl=sdf + +[sdf] +type=identify +endpoint=sdf +match=sip.sdf.org + +;=============== AVANZA PSTN TRUNK + +[pstn] +type=registration +outbound_auth=pstn +server_uri=sip:sip.avanzafibra.net +client_uri=sip:mta69987-1@sip.avanzafibra.net +retry_interval=120 +forbidden_retry_interval=180 +auth_rejection_permanent=no +max_retries=3 +contact_user=868925554 +expiration=1200 + +[pstn] +type=auth +auth_type=userpass +username=mta69987-1 +password=REDACTED + +[pstn] +type=aor +contact=sip:sip.avanzafibra.net:5060 +qualify_frequency=58 + +[pstn] +type=endpoint +transport=simpletrans +context=from-pstn +disallow=all +allow=ulaw +allow=g729 +allow=alaw +allow=opus +;allow=all +outbound_auth=pstn +aors=pstn +;rtp_symmetric=yes +;force_rport=yes +direct_media=no +;rewrite_contact=yes +acl=pstn + +[pstn] +type=identify +endpoint=pstn +match=sip.avanzafibra.net + + + + diff --git a/asterisk-conf/rtp.conf b/asterisk-conf/rtp.conf new file mode 100644 index 0000000..19f3486 --- /dev/null +++ b/asterisk-conf/rtp.conf @@ -0,0 +1,162 @@ +; +; RTP Configuration +; +[general] +; +; RTP start and RTP end configure start and end addresses +; +; Defaults are rtpstart=5000 and rtpend=31000 +; +rtpstart=10000 +rtpend=10100 +; +; Whether to enable or disable UDP checksums on RTP traffic +; +;rtpchecksums=no +; +; The amount of time a DTMF digit with no 'end' marker should be +; allowed to continue (in 'samples', 1/8000 of a second) +; +;dtmftimeout=3000 +; rtcpinterval = 5000 ; Milliseconds between rtcp reports + ;(min 500, max 60000, default 5000) +; +; Enable strict RTP protection. This will drop RTP packets that do not come +; from the recognized source of the RTP stream. Strict RTP qualifies RTP +; packet stream sources before accepting them upon initial connection and +; when the connection is renegotiated (e.g., transfers and direct media). +; Initial connection and renegotiation starts a learning mode to qualify +; stream source addresses. Once Asterisk has recognized a stream it will +; allow other streams to qualify and replace the current stream for 5 +; seconds after starting learning mode. Once learning mode completes the +; current stream is locked in and cannot change until the next +; renegotiation. +; Valid options are "no" to disable strictrtp, "yes" to enable strictrtp, +; and "seqno", which does the same thing as strictrtp=yes, but only checks +; to make sure the sequence number is correct rather than checking the time +; interval as well. +; This option is enabled by default. +; strictrtp=yes +; +; Number of packets containing consecutive sequence values needed +; to change the RTP source socket address. This option only comes +; into play while using strictrtp=yes. Consider changing this value +; if rtp packets are dropped from one or both ends after a call is +; connected. This option is set to 4 by default. +; probation=8 +; +; Enable sRTP replay protection. Buggy SIP user agents (UAs) reset the +; sequence number (RTP-SEQ) on a re-INVITE, for example, with Session Timers +; or on Call Hold/Resume, but keep the synchronization source (RTP-SSRC). If +; the new RTP-SEQ is higher than the previous one, the call continues if the +; roll-over counter (sRTP-ROC) is zero (the call lasted less than 22 minutes). +; In all other cases, the call faces one-way audio or even no audio at all. +; "replay check failed (index too old)" gets printed continuously. This is a +; software bug. You have to report this to the creator of that UA. Until it is +; fixed, you could disable sRTP replay protection (see RFC 3711 section 3.3.2). +; This option is enabled by default. +; srtpreplayprotection=yes +; +; Whether to enable or disable ICE support. This option is enabled by default. +; icesupport=false +; +; Hostname or address for the STUN server used when determining the external +; IP address and port an RTP session can be reached at. The port number is +; optional. If omitted the default value of 3478 will be used. This option is +; disabled by default. Name resolution will occur at load time, and if DNS is +; used, name resolution will occur repeatedly after the TTL expires. +; +; e.g. stundaddr=mystun.server.com:3478 +; +; stunaddr= +; +; Some multihomed servers have IP interfaces that cannot reach the STUN +; server specified by stunaddr. Blacklist those interface subnets from +; trying to send a STUN packet to find the external IP address. +; Attempting to send the STUN packet needlessly delays processing incoming +; and outgoing SIP INVITEs because we will wait for a response that can +; never come until we give up on the response. +; * Multiple subnets may be listed. +; * Blacklisting applies to IPv4 only. STUN isn't needed for IPv6. +; * Blacklisting applies when binding RTP to specific IP addresses and not +; the wildcard 0.0.0.0 address. e.g., A PJSIP endpoint binding RTP to a +; specific address using the bind_rtp_to_media_address and media_address +; options. Or the PJSIP endpoint specifies an explicit transport that binds +; to a specific IP address. Blacklisting is done via ACL infrastructure +; so it's possible to whitelist as well. +; +; stun_acl = named_acl +; stun_deny = 0.0.0.0/0 +; stun_permit = 1.2.3.4/32 +; +; For historic reasons stun_blacklist is an alias for stun_deny. +; +; Whether to report the PJSIP version in a SOFTWARE attribute for all +; outgoing STUN packets. This option is enabled by default. +; +; stun_software_attribute=yes +; +; Hostname or address for the TURN server to be used as a relay. The port +; number is optional. If omitted the default value of 3478 will be used. +; This option is disabled by default. +; +; e.g. turnaddr=myturn.server.com:34780 +; +; turnaddr= +; +; Username used to authenticate with TURN relay server. +; turnusername= +; +; Password used to authenticate with TURN relay server. +; turnpassword= +; +; An ACL can be used to determine which discovered addresses to include for +; ICE, srflx and relay discovery. This is useful to optimize the ICE process +; where a system has multiple host address ranges and/or physical interfaces +; and certain of them are not expected to be used for RTP. For example, VPNs +; and local interconnections may not be suitable or necessary for ICE. Multiple +; subnets may be listed. If left unconfigured, all discovered host addresses +; are used. +; +; ice_acl = named_acl +; ice_deny = 0.0.0.0/0 +; ice_permit = 1.2.3.4/32 +; +; For historic reasons ice_blacklist is an alias for ice_deny. +; +; The MTU to use for DTLS packet fragmentation. This option is set to 1200 +; by default. The minimum MTU is 256. +; dtls_mtu = 1200 +; +[ice_host_candidates] +; +; When Asterisk is behind a static one-to-one NAT and ICE is in use, ICE will +; expose the server's internal IP address as one of the host candidates. +; Although using STUN (see the 'stunaddr' configuration option) will provide a +; publicly accessible IP, the internal IP will still be sent to the remote +; peer. To help hide the topology of your internal network, you can override +; the host candidates that Asterisk will send to the remote peer. +; +; IMPORTANT: Only use this functionality when your Asterisk server is behind a +; one-to-one NAT and you know what you're doing. If you do define anything +; here, you almost certainly will NOT want to specify 'stunaddr' or 'turnaddr' +; above. +; +; The format for these overrides is: +; +; <local address> => <advertised address>,[include_local_address] +; +; The following will replace 192.168.1.10 with 1.2.3.4 during ICE +; negotiation: +; +;192.168.1.10 => 1.2.3.4 +; +; The following will include BOTH 192.168.1.10 and 1.2.3.4 during ICE +; negotiation instead of replacing 192.168.1.10. This can make it easier +; to serve both local and remote clients. +; +;192.168.1.10 => 1.2.3.4,include_local_address +; +; You can define an override for more than 1 interface if you have a multihomed +; server. Any local interface that is not matched will be passed through +; unaltered. Both IPv4 and IPv6 addresses are supported. diff --git a/asterisk-conf/sccp.conf b/asterisk-conf/sccp.conf new file mode 100644 index 0000000..4c94ef0 --- /dev/null +++ b/asterisk-conf/sccp.conf @@ -0,0 +1,182 @@ +;========================================================================================= +; +; general definitions +; +;========================================================================================= +[general] +debug = core, config, action, socket, device, line, channel +servername = Asterisk +keepalive = 60 +context = default +dateformat = D.M.Y +bindaddr = 0.0.0.0 +port = 2000 +disallow=all +allow=alaw +allow=ulaw +allow=g729 +firstdigittimeout = 16 +digittimeout = 8 +autoanswer_ring_time = 1 +autoanswer_tone = Zip +remotehangup_tone = Zip +transfer=on +transfer_tone = 0 +transfer_on_hangup = off +dnd_tone = 0x0 +callwaiting_tone = Call Waiting Tone +musicclass=default +language=en +deny=0.0.0.0/0.0.0.0 +permit=internal ; 'internal' is automatically converted to these private cidr address: + ; 127.0.0.0/255.0.0.0, 10.0.0.0/255.0.0.0, + ; 172.0.0.0/255.224.0.0, 192.168.0.0/255.255.0.0 +;permit=192.168.1.0/255.255.255.0 +localnet = internal ; (MULTI-ENTRY) All RFC 1918 addresses are local networks, example '192.168.1.0/255.255.255.0' +;externip = 77.44.22.33 ; External IP Address of the firewall, required in case the PBX is running on a seperate host behind it. IP Address that we're going to notify in RTP media stream as the pbx source address. +dndFeature = on +sccp_tos = 0x68 +sccp_cos = 4 +audio_tos = 0xB8 +audio_cos = 6 +video_tos = 0x88 +video_cos = 5 +echocancel = on +silencesuppression = off +private = on +callanswerorder=oldestfirst +pickup_modeanswer = on +hotline_enabled=yes ;can devices without configuration register +hotline_context=default ; context for hotline +hotline_extension=111 ; extension will be dialed on offHook + +;========================================================================================= +; +; actual definitions +; +;========================================================================================= +[SEP001BD4C70670] +description = Cisco estudio +addon = 7941 +devicetype = 7941 +park = off +button = speeddial, IVR, 2000, 1101@hints ; Add SpeedDial to Helpdesk +button = line, 1101, default ; Assign Line 1101 to Device and use this as default line +button = empty ; Assign an Empty Button +button = line, 1102 ; Assign Line 1102 to Device +button = speeddial, ATA A p1, 1001, 1001@hints ; Add SpeedDial to Phone Number Two Line 1 (button labels allow special characters like 'é') +cfwdall = off +type = device +keepalive = 60 +;tzoffset = +2 +transfer = on +park = on +cfwdall = off +cfwdbusy = off +cfwdnoanswer = off +deny=0.0.0.0/0.0.0.0 +permit=192.168.0.0/255.255.0.0 +dndFeature = on +dnd = off +directrtp=off +earlyrtp = progress +private = on +mwilamp = on +mwioncall = off +setvar=testvar=value +cfwdall = on + +[1101] +id = 1101 +type = line +;pin = 1234 +label = Cisco estudio +description = 1101 estudio +mailbox = 1101 +cid_name = 1101 +cid_num = 1101 +accountcode=1101 +;callgroup=1,3-4 +;pickupgroup=1,3-5 +directed_pickup = on +directed_pickup_context = "" +pickup_modeanswer = on +;amaflags = +context = from-internal +incominglimit = 2 +transfer = on +vmnum = 2003 +meetme = on +meetmeopts = qxd +meetmenum = 700 +trnsfvm = 1000 +secondary_dialtone_digits = 9 +secondary_dialtone_tone = Outside Dial Tone +musicclass=default +language=en +echocancel = on +silencesuppression = off +setvar=testvar2=my value +dnd = reject +parkinglot = myparkspace + +[1102] +id = 1102 +type = line +;pin = 1102 +label = Cisco estudio 2 +description = 1102 estudio +mailbox = 1102 +cid_name = 1102 +cid_num = 1102 +accountcode=1102 +;callgroup=1,4-9 +;pickupgroup=1,3-9 +directed_pickup = on +directed_pickup_context = "another" +pickup_modeanswer = on +echocancel = off +context = from-internal +incominglimit = 2 +transfer = on +vmnum = 600 +trnsfvm = 1000 +secondary_dialtone_digits = 9 +secondary_dialtone_tone = Outside Dial Tone +musicclass=default +language=en +echocancel = on +silencesuppression = off +silencesuppression = on +dnd = silent + + + + + +;----------------------------------------------------------------------------------- +;create a user defined softkeyset +; - if not softkey is not specified in device the chan-sccp-b default mapping will be used +; - multiple softkeysets are possible +; +;valid softkeys: +;redial, newcall, cfwdall, cfwdbusy, cfwdnoanswer, pickup, gpickup, conflist, dnd, hold, endcall, park, select +;idivert, resume, newcall, transfer, dirtrfr, answer, transvm, private, meetme, barge, cbarge, conf, back, join, empty, dial, vidmode + +; using this softkey set on the 69xx phones solves transfer issues using the +; hard key on the phone. +[69xxsoftkeys] +type=softkeyset +onhook=redial,newcall,cfwdall,dnd,pickup,gpickup,private +offhook=redial,endcall,cfwdall,dnd,pickup,gpickup,private +offhookfeat=redial,endcall +digitsfoll=back,endcall,dial +ringout=empty,endcall,transfer +connected=hold,endcall,transfer,idivert,conf,conflist,park,monitor,vidmode +conntrans=empty,endcall,transfer,monitor +connconf=hold,endcall,conf,conflist,join,vidmode,monitor +onhold=resume,newcall,endcall,idivert +ringin=answer,idivert +onhint=barge,newcall,redial,pickup,gpickup +onstealable=redial,newcall,cfwdall,pickup,gpickup,dnd,intrcpt +holdconf=resume,newcall,endcall,join diff --git a/asterisk-conf/voicemail.conf b/asterisk-conf/voicemail.conf new file mode 100644 index 0000000..77b2202 --- /dev/null +++ b/asterisk-conf/voicemail.conf @@ -0,0 +1,52 @@ +[general] +format=wav49|gsm|wav +serveremail=asterisk@arf20.com +attach=yes +;maxmsg=100 +;maxsecs=180 +;minsecs=3 +;maxgreet=60 +skipms=3000 +maxsilence=10 +silencethreshold=128 +maxlogins=3 +;moveheard=yes +;forward_urgent_auto=no +;userscontext=default +aliasescontext=aliases +charset=UTF-8 +pbxskip=no +fromstring=ARFNET PBX +usedirectory=yes +;odbcstorage=asterisk +;odbctable=voicemessages +emaildateformat=%A, %d %B %Y at %H:%M:%S +pagerdateformat=%A, %B %d, %Y at %r +;mailcmd=/usr/sbin/sendmail -t +sendvoicemail=yes ; Allow the user to compose and send a voicemail while inside + +[zonemessages] +eastern=America/New_York|'vm-received' Q 'digits/at' IMp +central=America/Chicago|'vm-received' Q 'digits/at' IMp +central24=America/Chicago|'vm-received' q 'digits/at' H N 'hours' +military=Zulu|'vm-received' q 'digits/at' H N 'hours' 'phonetic/z_p' +european=Europe/Copenhagen|'vm-received' a d b 'digits/at' HM + +[default] +1000 => 1000,arf20,arf20@arf20.com + +[aliases] +1000 => 1000@default +1001 => 1000@default +1002 => 1000@default +1011 => 1000@default +1012 => 1000@default +1021 => 1000@default +1022 => 1000@default +1031 => 1000@default +1032 => 1000@default +1051 => 1000@default +1052 => 1000@default +1101 => 1000@default + + |