Asterisk who is calling every minute? - asterisk

I know the basics of Asterisk . When I go into the console by running the command asterisk -rvvv I see the following:
If you notice I first get a notice:
[Aug 24 19:14:43] NOTICE[5097][C-00000036]: chan_sip.c:25877
handle_request_invite: Call from '' (62.210.26.82:5079) to extension
'011972599166454' rejected because extension not found in context
'default'.
and then I get a warning and this happens every minute.
So my question is who is dailing extension 011972599166454 ? If I add:
[default]
exten => _X.66454,1,NoOp(Hanging up call)
same => n, Hangup
to my extensions.conf file this solves the problem. But why is someone making a call every minute? to open the NAT? Should I stop this?

I'd just ban the IP address with your firewall and forget it.
If you are curious, you can set sip set debug ip <ip> and check SIP headers, maybe you could find some info about callee in the headers.
Also you can trace the IP with whois and try to find admins' contact to discuss the issue.

This is scanning bot looking for free calls.
Just disable guest calling sip.conf: allowguest=no. Then any not authenticated connections will be ignored. It will help with new IPs also.
http://www.voip-info.org/wiki/view/Asterisk+sip+allowguest

It seems that this is an attempt of hacking...
Use Fail2Ban for blocking any suspected attempts to call.

Related

Asterisk not playing audio

I installed Asterisk 13 on Debian 9, and I tried in several different ways to play an audio file and I call, asterisk answers but it doesn't play the file. Here is my extensions.conf:
[ivr1]
exten => s,1,NoOp(IVR1)
same => n,Answer
same => n,Read(/var/lib/asterisk/sounds/custom/welcome)
same => n,WaitExten(5)
exten => 6598,1,Goto(ivr1,s,1)
Asterisk shows:
-- Executing [6598#ivr1:1] Goto("SIP/user-cc-0000001c", "ivr1,s,1") in new stack
-- Goto (ivr1,s,1)
-- Executing [s#ivr1:1] NoOp("SIP/user-cc-0000001c", "IVR1") in new stack
-- Executing [s#ivr1:2] Answer("SIP/user-cc-0000001c", "") in new stack
-- Executing [s#ivr1:3] Read("SIP/user-cc-0000001c", "/var/lib/asterisk/sounds/custom/welcome") in new stack
-- User disconnected
I tried with 2 different SIP Clients and the sounds doesn't play. I tried with different codecs and still doesn't play.
Any ideas what could it be the problem?
Thanks
You should open rtp ports(default 10000-20000) in your firewall.
Also need ensure you have correct nat settings for your network type.
It seems you are using read function in a wrong way, it has to be something like this.
read(variable_name,sound_file)
please check link for further information
https://wiki.asterisk.org/wiki/display/AST/The+Read+Application
You should run a pcap at your client and on the asterisk server. Use wireshark to perform the capture. You should see signalling for the call setup and then the associate RTP. If you see RTP sent by asterisk and not received at your client then you have a firewall issue. You should be able to see the SDP in the SIP signalling to determine what ports are being requested by the client and asterisk. Compare that with your firewall settings. Generally speaking if your client is behind a NAT then you will need to make sure that comedia is enabled in asterisk (nat settings). You will also want to make sure to disable SIP ALG on your client-side firewall too.
This could be a NAT issue, so open your sip.conf and add the following on your peers
nat=yes ;for older asterisks versions
or
nat=force_rport,comedia ;for newer versions of asterisk
then on your CLI run sip reload

Testing Asterisk SIP and DAHDI local calls

I am a real beginner in asterisk, so please tolerate my question :)
I tried to configure asterisk for realtime and it is working fine for local sip calls. Now, I am trying to make the following test with dahdi calls:
I connected an analog phone to an FXS channel of my Digium card and tried to call this phone (exten 124) from a sip softphone (X-lite).
I get the following error:
-- Executing [124#from-sip:1] Dial("SIP/2000-00000004", "SIP/124")
[May 31 10:24:22] WARNING[5457]: chan_sip.c:5667 create_addr: Purely numeric hostname (124), and not a peer--rejecting
my extensions.conf:
[from-sip]
switch =>Realtime
[from-pstn]
exten => 124,1,Dial(DAHDI/3)
It seems that the dial is done using from-sip context not from-pstn context as required.
Anyone to advise or correct my understanding?
Thanks million
Zak
In Asterisk realtime and not realtime you can configure where to send calls from particular extension, this should be configured in "context"(for realtime check context column), so I believe in your case it is "from-sip". This means all calls from that extension will hit this context, you can't send one call from same extension to one context and other to another, all calls will hit "from-sip" context.

Asterisk: Call dropped after 15mn

I'm getting a weird behavior on my Asterisk.
Calls are dropped after 15mn.
I'm getting the following error on the log file:
NOTICE[6301] chan_sip.c: Failed to authenticate on INVITE to '<sip:41907736445#188.32.64.1>;tag=ef7143klc9'
I'm using Asterisk Realtime. Calls a received from an operator and forwarded to external numbers throught an outbound trunk provided by anther operator.
Thanks in advance
In your sip.conf, try setting qualify=yes or keepalive=yes globally or for the trunk. Make sure to reload or just restart the service.
What version of Asterisk are you running?
Some carriers may send "confirmation" invite every X minutes.
You can see more by enable sip debug
Also if exactly at 15 min calls get dropped, then i would check the firewall to see whether there is timer set there that closes the connection after 15 min. I am speaking from experience.

When to reload sip

I have faced this issue many times, when I call on my sip line the server responds that the line is busy, though no call is going on when I see with asterisk -vvvr command. When I reload it, it starts working.
Is there a way to troubleshoot this problem or at least get a trigger form some command that sip needs to be reloaded.
Thanks in Advance
Asterisk work for years without reload.
Try update it to latest system or find bug in your config(like no dns, nat settings changed, bad router etc).
Asterisk have no any triggers for such case. You can use external monitoring system(like nagios) which will check sip channel and reload if needed. But better find issue and fix it.
Watch the CLI with a high debug/verbosity to see what's going wrong.
Set verbosity to a high value:
core set verbose 10
Set Debug to a high value:
core set debug 10
You can also check the status of the SIP endpoint with:
sip show peer <extension> (Replace with the number you'd use to dial the endpoint).
If you add verbose CLI output and the output of sip show peer to your question we'll be able to tell you how to fix the issue. Use pastebin or a similar site if the output is very long.

Request timeouts due to register/unregister conflicts in asterisk

I have installed asterisk 11.5.1, and I have Bria on iPhone as the sip client. username/passwords are set in sip.conf, and the default dialplan (used by the clients) is
exten => _X.,1,Dial(SIP/${EXTEN},20)
exten => _X.,n,Hangup()
I have two iphones, say A and B, and I attached to the running asterisk with asterisk -rvvvv. When I hit 'Register' button from A, I see
Registered SIP 'A' at ww.xx.yy.zz:mmmm
message on the asterisk cli. When I hit 'Register' button from B, I see
Registered SIP 'B' at aa.bb.cc.dd:nnnn
Unregistered SIP 'B' <== HERE IS THE PROBLEM
although I do not hit Unregister from client B. Besides, B seems registered at the client. From now on, any call from B results in 'request timeout'. And if I call B from A, I see 'subscriber absent' message on the asterisk cli.
Why is asterisk unregistering client B? Any suggestion?
p.s.: I see the following error in asterisk cli:
chan_sip.c:3905 __sip_xmit: sip_xmit of 0x7f7df4027b00 (len 622) to aa.bb.cc.dd:nnnn returned -2: Interrupted system call
EDIT: My sip.conf file is as following
[myConf](!)
disallow=all
allow=g729
allow=gsm
allow=g723
allow=ulaw
allow=ilbc
directmedia=no
host=dynamic
dtmfmode=rfc2833
context=default
type=friend
transport=tls,tcp
qualify=4000
nat=force_rport,comedia
encryption=yes
[A](myConf)
secret=AAAA
[B](myConf)
secret=BBBB
I can't give you the exact solution but I can point to where it may can be the problem.
The documentated part of the code from where you hit the problem in chan_sip.c says
* \return length of transmitted message, XMIT_ERROR on know network failures -1 on other failures
In your case you fall on the other failures as Interrupted system call. That message led me to an open bug suspended due to lack of activity here. So my bid is that this error is more related to operating system than Asterisk itself.
My following question is, if you invert the order (first register B and then register A) is the last one who gets the error? If yes then you may start looking at the selinux or any other security tool that is killing the connection after is established. Otherwise you may need to update the bug and let the people from Asterisk fix the bug.
Let us know the result, is always nice to find posts with fixes :)
I think you need deal with NAT
http://www.voip-info.org/wiki/view/Asterisk+SIP+NAT+solutions
OR you have check that your B can got message from asterisk and answer it correctly. More info can be got using sip debug
asterisk -r
sip set debug on

Resources