Friday, December 4, 2015

Opening multiple ports on Microsoft Azure (e.g. for an Asterisk deployment)


http://azurespeaks.azurewebsites.net/
 

If you publish an Asterisk servers on Azure, you might find it a daunting task to open multiple ports (called endpoints) on Azure, the task is simply slow if you use the web (portal or the old one). And we RTP folks, need a lot of ports to get a single call going (at least 3 ports required)

So, let's say you're gonna create a default Asterisk installation and open the usual ports such as;

IAX2- UDP4569
SIP - UDP5060
RTP-UDP10000 to UDP20000 (in this article, i only needed 100 ports)

Here's how you can open all those ports in under 10 minutes.

1) Download and install the Azure Powershell extensions.
https://github.com/Azure/azure-powershell/releases/download/v1.0.1-November2015/azure-powershell.1.0.1.msi

2) Start it up - it should be called Windows Azure Powershell (this is not the usual powershell, it must read Azure Powershell). You may need to run this as admin.

3) Once in there, copy paste the following (modify where applicable)

Task inside powershell (copy paste will do)
1) Add an azure account (this will launch the authentication windows, do your thing and authenticate)

Add-AzureAccount

2) Now, declare which subscription this VM is tied to (My subscription is called Visual Studio Premium with MSDN)

Select-AzureSubscription -SubscriptionName "Visual Studio Premium with MSDN"

3) Declare the name of the VM you wish to setup
$vm = Get-AzureVM -ServiceName myazurebox -Name myazurebox;

NOTE: ServiceName is the cloud service, if it is not part of a cloud service, just enter the actual VM name, repeat that in NAME variable like above. If you get certificates errors at this point run this;

$vm | Update-AzureVM

You would need to rerun from step 1. This command also clears everything incase you messed up and want to restart.

4) Add for IAX2
$VM | Add-AzureEndpoint -Name IAX2 UDP -LocalPort 4569 -PublicPort 4569

5) Add for SIP (UDP)
$VM | Add-AzureEndpoint -Name SIPUDP UDP -LocalPort 5060 -PublicPort 5060

Add for SIP TCP (if using)
$VM | Add-AzureEndpoint -Name SIPTCP TCP -LocalPort 5060 -PublicPort 5060

6) Add for RTP
Now, since RTP is a bunch of ports that needed to be opened, in a default setup would be 10000 to 20000, you can do a loop and add them like this; Note, you can only open up to 150 ports at a time, apparently. So add more into the loop if needed.

10000..10100| ForEach { $VM | Add-AzureEndpoint -Name RTP$_ -Protocol UDP -LocalPort $_ -PublicPort $_} ; $vm | Update-AzureVM

This will add ports 10000 to 10100, name them RTP10000...and so on with UDP as the protocol. You don't really need that many RTP ports opened on Asterisk unless you have a ridiculous amount of concurrency on SIP. Otherwise, you don't really need that many ports opened.

Guides: http://www.asteriskdocs.org/en/2nd_Edition/asterisk-book-html-chunk/asterisk-APP-D-SECT-37.html

Freepbx: Use the GUI, look under Settings | Asterisk Sip Settings, look for RTP port range. *You might need to restart Asterisk.

7) Finally, update the VM (this is when you will see the changes on Azure's web management portals)

$vm | Update-AzureVM

And you're done!

Sunday, November 15, 2015

Apple MacBook 2015 Bootcamp/Drivers

Image from www.apple.com

If you were in my position that you had to have some drivers and couldn't find them cause you wiped out the OSX partition etc and there's literally nothing on Apple's website to point you to a way to independently download drivers, well, here they are;

Download Apple Bootcamp 6.0 for MacBook Pro 2015 here:
https://goo.gl/yZjHvp (approximately 1.44GB)

Until Apple makes their bootcamp software and drivers public, here's all of it.

This particular set is for the MBP Retina early 2015 edition. (Mine had the AMD Radeon graphics card).

I do not have any rights to these, nor claiming any rights, its from Apple and is only posted here for people's convenience.

All files scanned with Norton Internet Security 2015 edition with latest signatures as of 15Nov2015.

Have fun and all credit for drivers/software to Apple Inc.

Thanks


Thursday, January 29, 2015

GHOST Vulnerability check and fix for Debian 6 or 7

More info on the GHOST vulnerability by Qualys | More from debian’s security tracker here

IMPORTANT

  • USETHIS GUIDE AT YOUR OWN RISK, we are not responsible for any broken apps/programs etc etc.
  • We do not know the extent of the vulnerability/fixes this is from best knowledge and effort, you are advised to research of your own too and not completely rely on these below. Some of these methods are also described in many online articles, i put them together mainly for our customers and people using Deb6/7.
  • This article is to be done/performed by those who have sufficient knowledge in these apps/software
  • Please read more articles and follow online security resources for updates should there be any.

Check for vulnerability against GHOST by running the following

1) wget http://goo.gl/MgtleY --no-check-certificate -O gistfile1.c
2) gcc gistfile1.c -o GCHECKER
3) ./GCHECKER

To check which services/software that’s probably vulnerable (for restarting affected services, instead of rebooting)
1) lsof | grep libc | awk '{print $1}' | sort | uniq

 

Fix for Debian 6 Squeeze

1) Add the following repos into /etc/apt/sources.list (Add them at the end is fine)
deb http://http.debian.net/debian/ squeeze-lts main contrib non-free
deb-src
http://http.debian.net/debian/ squeeze-lts main contrib non-free

2) apt-get update

3) apt-get install libc6

4) Reboot (i didn’t have to reboot, some do say to reboot, some say just restart services that use glibc/libc6)

5) Check again as shown above to verify.

Fix for Debian 7 Wheezy

1) apt-get update

2) apt-get install libc6

3) Reboot (i didn’t have to reboot, some do say to reboot, some say just restart services that use glibc/libc6)

4) Check again as shown above to verify.


All the best and do advice if you find problems or suggestions to improve this guide above.

Thanks!