/l3/users/igor-public/nt-voip-2013-11/linux0.unix.nt/root :1 :2 :3 :4 :5 |
|
#help | less
![]() |
#ls
![]() |
#ls
![]() |
#vim /etc/asterisk/cdr_mysql.conf
![]() |
#mysql -u root -p
![]() |
# s
![]() |
#history
![]() |
#apt-cache search openssl dev
![]() |
#make config
![]() |
#help | grep tone
history | grep 'apt-get install' | tail #./configure --disable-xmldoc --with-srtp --with- -ssl --with-pri --with-dahdi --with-tonezone-disable-xmldoc --with-srtp --with- |
#ssh 192.168.15.4
root@192.168.15.4's password: Linux liniux4 3.2.0-4-amd64 #1 SMP Debian 3.2.51-1 x86_64 The programs included with the Debian GNU/Linux system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright. Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. Last login: Fri Nov 22 15:19:09 2013 from linux0.local l3-agent is already running: pid=16715; pidfile=/root/.lilalo/l3-agent.pid root@liniux4:~# find / -name \*vaw ... liniux4*CLI> dahdi destroy restart set show liniux4*CLI> quit Asterisk cleanly ending (0). Executing last minute cleanups root@liniux4:~# root@liniux4:~# root@liniux4:~# exit logout Connection to 192.168.15.4 closed. |
#ssh 192.168.15.3
root@192.168.15.3's password: Linux linux3 3.2.0-4-amd64 #1 SMP Debian 3.2.51-1 x86_64 The programs included with the Debian GNU/Linux system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright. Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. Last login: Fri Nov 22 15:51:07 2013 from linux0.local l3-agent is already running: pid=3682; pidfile=/root/.lilalo/l3-agent.pid root@linux3:~# asterisk -rvvvv ... aspell/ asterisk/ root@linux3:~# ls /var/lib/asterisk/ agi-bin astdb.sqlite3 images phoneprov static-http astdb documentation keys sounds astdb.bak firmware moh sqlite.db root@linux3:~# ls /var/lib/asterisk/sounds/ en ru tts root@linux3:~# exit logout Connection to 192.168.15.3 closed. |
#ÑÑssh 192.168.15.1
#!/bin/sh for CHANNEL in `< channels.txt` file=/tmp/${RANDOM}.call do cat <<EOF > $file Channel: $CHANNEL Context: 123 Ext chown asterisk:asterisk $file mv $file /var/spool/asterisk/outgoing ~ ... root@linux1:/home/user# scp ::1: ff02::2: linux1: Pictures/ channels.txt img linux1.unix.nt: Public/ Desktop/ ip6-allnodes: localhost: Templates/ Documents/ ip6-allrouters: Music/ Videos/ Downloads/ ip6-localhost: pescyvsem.sh ff02::1: ip6-loopback: pescyvsem.txt root@linux1:/home/user# exit logout Connection to 192.168.15.1 closed. |
#ssh 192.168.15.4
[internal] exten => 5000,1,Answernels.txt` exten => 5000,n,Playback(demo-thanks) do cat <<EOF > $file exten => _80XX,1,Answer exten => _80XX,n,Record(/var/tmp/asterisk/records/record${EXTEN:2}:gsm) exten => _80XX,n,Playback(/var/tmp/asterisk/records/record${EXTEN:2}) exten => 8100,1,VoiceMailMain()le exten => 8101,1,MeetMe(101,r) ... [Nov 22 17:04:52] NOTICE[31787]: pbx_spool.c:402 attempt_thread: Call completed to SIP/liverpool/2302 == Spawn extension (local, 2191, 1) exited non-zero on 'SIP/manchester-00000035' [Nov 22 17:06:14] NOTICE[31775]: pbx_spool.c:402 attempt_thread: Call completed to SIP/manchester/2201 liniux4*CLI> Disconnected from Asterisk server Asterisk cleanly ending (0). Executing last minute cleanups root@liniux4:~# exit logout Connection to 192.168.15.4 closed. |
#vim /usr/local/bin/asterisk-block-users.pl
![]() --- /dev/null 2013-11-17 18:31:26.295171800 +0200 +++ /usr/local/bin/asterisk-block-users.pl 2013-11-22 17:13:17.780470637 +0200 @@ -0,0 +1,78 @@ +#!/usr/bin/perl -w +# Crontab Schedule - runs every 2 minutes and writes to log file +# */2 * * * * perl /root/check-failed-regs2.pl &> /var/log/fail.log 2>&1 +# +# IP Tables Configuration - do this first +# iptables -N asterisk +# iptables -A INPUT -j asterisk +# iptables -A FORWARD -j asterisk +# + +use strict; +use warnings; +my (@failhost); +my %currblocked; +my %addblocked; +my $action; + +# Set the path and filename for the Asterisk log file +open (MYINPUTFILE, "/var/log/asterisk/full") or die "\n", $!, "Does log file file exist\?\n\n"; + +while (<MYINPUTFILE>) { + my ($line) = $_; + chomp($line); +# Test for no patching peer + if ($line =~ m/\' failed for \'(.*?)\' - No matching peer found/) { + push(@failhost,$1); + } +# Test for wrong password + if ($line =~ m/\' failed for \'(.*?)\' - Wrong password/) { + push(@failhost,$1); + } +} +# Loads the existing list of entries in the asterisk iptable. Check path. +my $blockedhosts = `/sbin/iptables -n -L asterisk`; + +while ($blockedhosts =~ /(.*)/g) { + my ($line2) = $1; + chomp($line2); + if ($line2 =~ m/(\d+\.\d+\.\d+\.\d+)(\s+)/) { + $currblocked{ $1 } = 'blocked'; + } +} + +if (@failhost) { + &count_unique(@failhost); + while (my ($ip, $count) = each(%addblocked)) { +# Already blocked - ignore + if (exists $currblocked{ $ip }) { + print "$ip already blocked\n"; + } else { +# Private network address, probably internal, fix the offending sip device + if ($ip =~ /^172\./) { + print "$ip is screwed up - fix the phone!\n"; + } else { +# block address with too many failed requests - tweak via $count >= 4 + if ($count >= 4) { + $action = `iptables -I asterisk -s $ip -j DROP`; + print "$ip blocked. Failed attempts: $count\n"; + } else { + print "$ip NOT blocked. Only $count failed attempt(s).\n"; + }} + } + } +} else { +# Uncomment next line for verification of operation/debugging +# print "no failed registrations.\n"; +} + +sub count_unique { + my @array = @_; + my %count; + map { $count{$_}++ } @array; + map {($addblocked{ $_ } = ${count{$_}})} sort keys(%count); +} + + + + |
#mv /usr/local/bin/asterisk-block-users.pl /usr
usr /local/bin/check-failed-regs.pl |
#ls -l /usr/local/bin/check-failed-regs.pl
-rw-r--r-- 1 root staff 2149 Nov 22 17:13 /usr/local/bin/check-failed-regs.pl |
#vim /usr/local/bin/check-failed-regs.pl
--- /tmp/l3-saved-14288.403.6336 2013-11-22 17:13:51.000000000 +0200 +++ /usr/local/bin/check-failed-regs.pl 2013-11-22 17:14:04.224471192 +0200 @@ -16,7 +16,7 @@ my $action; # Set the path and filename for the Asterisk log file -open (MYINPUTFILE, "/var/log/asterisk/full") or die "\n", $!, "Does log file file exist\?\n\n"; +open (MYINPUTFILE, "/var/log/asterisk/messages") or die "\n", $!, "Does log file file exist\?\n\n"; while (<MYINPUTFILE>) { my ($line) = $_; |
#ls /var/log/asterisk/
cdr-csv cdr-custom cel-custom messages |
#vim /usr/local/bin/check-failed-regs.pl
|
#!/usr/bin/perl -w
ile: /tmp/crontab.G6MYBE/crontab # Edit this file to introduce tasks to be run by cron. # # Each task to run has to be defined through a single line # indicating with different fields when the task will be run # and what command to run for the task # GNU nano 2.2.6 # To define the time you can provide concrete values for # minute (m), hour (h), day of month (dom), month (mon), # and day of week (dow) or use '*' in these fields (for 'any').# ... # # Output of the crontab jobs (including errors) is sent through # email to the user the crontab file belongs to (unless redirected). # # For example, you can run a backup of all your user accounts # at 5 a.m every week with: # 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/ # [ Read 22 lines ] No modification made |
#export EDITOR=vim
|
#crontab -e
# Edit this file to introduce tasks to be run by cron. # # Each task to run has to be defined through a single line # indicating with different fields when the task will be run # and what command to run for the task # # To define the time you can provide concrete values for # minute (m), hour (h), day of month (dom), month (mon), # and day of week (dow) or use '*' in these fields (for 'any').# # Notice that tasks will be started based on the cron's system ... # email to the user the crontab file belongs to (unless redirected). # # For example, you can run a backup of all your user accounts # at 5 a.m every week with: # 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/ # # For more information see the manual pages of crontab(5) and cron(8) # # m h dom mon dow command ~ |
#vim /usr/local/bin/check-failed-regs.pl
|
#crontab -l | tail -2
* * * * * perl /usr/local/bin/check-failed-regs.pl &> /var/log/asterisk/fail.log 2>&1 |
#perl /usr/local/bin/check-failed-regs.pl
iptables: No chain/target/match by that name. 192.168.15.8:5060 NOT blocked. Only 1 failed attempt(s). |
#ls /var/log/asterisk/
cdr-csv cdr-custom cel-custom fail.log messages |
#ls -l /var/log/asterisk/
total 64 drwxr-xr-x 2 root root 4096 Nov 22 14:45 cdr-csv drwxr-xr-x 2 root root 4096 Nov 22 14:45 cdr-custom drwxr-xr-x 2 root root 4096 Nov 22 14:45 cel-custom -rw-r--r-- 1 root root 0 Nov 22 17:24 fail.log -rw-rw---- 1 asterisk asterisk 47390 Nov 21 15:41 messages |
#vim /usr/local/bin/check-failed-regs.pl
--- /tmp/l3-saved-14288.28092.2741 2013-11-22 17:24:52.000000000 +0200 +++ /usr/local/bin/check-failed-regs.pl 2013-11-22 17:25:07.756479045 +0200 @@ -53,7 +53,7 @@ print "$ip is screwed up - fix the phone!\n"; } else { # block address with too many failed requests - tweak via $count >= 4 - if ($count >= 4) { + if ($count >= 1) { $action = `iptables -I asterisk -s $ip -j DROP`; print "$ip blocked. Failed attempts: $count\n"; } else { |
#head /usr/local/bin/check-failed-regs.pl
#!/usr/bin/perl -w # Crontab Schedule - runs every 2 minutes and writes to log file # */2 * * * * perl /root/check-failed-regs2.pl &> /var/log/fail.log 2>&1 # # IP Tables Configuration - do this first # iptables -N asterisk # iptables -A INPUT -j asterisk # iptables -A FORWARD -j asterisk # |
#iptables -N asterisk
|
#su - user
l3-agent is already running: pid=15429; pidfile=/home/user/.lilalo/l3-agent.pid user@linux0:~$ for i in `seq 1 8`; do rsync -a /usr/local/bin/ root@192.168.1 5.$i:/usr/local/bin/; done user@linux0:~$ exit logout |
#grep 192.168.15.8 /var/log/asterisk/messages
[Nov 19 10:57:20] NOTICE[5058] chan_sip.c: Registration from '<sip:motreal@192.168.15.254>' failed for '192.168.15.8:5060' - Wrong password [Nov 21 11:10:24] NOTICE[6368] chan_sip.c: -- Registration for 'quebec@192.168.15.8' timed out, trying again (Attempt #2) [Nov 21 11:10:44] NOTICE[6368] chan_sip.c: -- Registration for 'quebec@192.168.15.8' timed out, trying again (Attempt #3) [Nov 21 11:11:04] NOTICE[6368] chan_sip.c: -- Registration for 'quebec@192.168.15.8' timed out, trying again (Attempt #4) [Nov 21 11:11:24] NOTICE[6368] chan_sip.c: -- Registration for 'quebec@192.168.15.8' timed out, trying again (Attempt #5) [Nov 21 11:11:44] NOTICE[6368] chan_sip.c: -- Registration for 'quebec@192.168.15.8' timed out, trying again (Attempt #6) [Nov 21 11:12:04] NOTICE[6368] chan_sip.c: -- Registration for 'quebec@192.168.15.8' timed out, trying again (Attempt #7) [Nov 21 14:34:34] NOTICE[6368] chan_sip.c: Call from 'quebec' (192.168.15.8:5060) to extension '3301' rejected because extension not found in context 'default'. |
#cat >> /var/log/asterisk/messages
[Nov 19 10:57:20] NOTICE[5058] chan_sip.c: Registration from '<sip:motreal@192 .168.15.254>' failed for '192.168.15.9:5060' - Wrong password |
#grep 192.168.15.9 /var/log/asterisk/messages
.168.15.254>' failed for '192.168.15.9:5060' - Wrong password |
#tail -1 /var/log/asterisk/messages
[Nov 19 10:57:20] NOTICE[5058] chan_sip.c: Registration from '<sip:motreal@192.168.15.254>' failed for '192.168.15.9:5060' - Wrong password |
#crontab -l
# Edit this file to introduce tasks to be run by cron. # # Each task to run has to be defined through a single line # indicating with different fields when the task will be run # and what command to run for the task # # To define the time you can provide concrete values for # minute (m), hour (h), day of month (dom), month (mon), # and day of week (dow) or use '*' in these fields (for 'any').# # Notice that tasks will be started based on the cron's system ... # email to the user the crontab file belongs to (unless redirected). # # For example, you can run a backup of all your user accounts # at 5 a.m every week with: # 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/ # # For more information see the manual pages of crontab(5) and cron(8) # # m h dom mon dow command * * * * * perl /usr/local/bin/check-failed-regs.pl &> /var/log/asterisk/fail.log 2>&1 |
#ls -l /var/log/asterisk/fail.log
-rw-r--r-- 1 root root 0 Nov 22 17:30 /var/log/asterisk/fail.log |
#dae
![]() l3script: dae: command not found |
#date
Fri Nov 22 17:30:30 EET 2013 |
#date
Fri Nov 22 17:30:59 EET 2013 |
#date
Fri Nov 22 17:31:02 EET 2013 |
#date
Fri Nov 22 17:31:03 EET 2013 |
#iptables -L asterisk -n
Chain asterisk (0 references) target prot opt source destination DROP all -- 192.168.15.8 0.0.0.0/0 |
#ls /var/log/
![]() alternatives.log dpkg.log mail.info syslog.1 apt/ exim4/ mail.log syslog.2.gz aptitude faillog mail.warn syslog.3.gz asterisk/ fontconfig.log messages syslog.4.gz auth.log fsck/ mysql/ user.log btmp gdm3/ mysql.err wtmp ConsoleKit/ installer/ mysql.log Xorg.0.log daemon.log kern.log news/ Xorg.1.log debug lastlog pm-powersave.log Xorg.1.log.old dmesg lpr.log speech-dispatcher/ dmesg.0 mail.err syslog |
#less /var/log/messages
|
#iptables -A INPUT -j asterisk
|
#ping 192.168.15.8
![]() PING 192.168.15.8 (192.168.15.8) 56(84) bytes of data. ^C --- 192.168.15.8 ping statistics --- 3 packets transmitted, 0 received, 100% packet loss, time 2016ms |
#iptables -D INPUT -j asterisk
|
#ping 192.168.15.8
PING 192.168.15.8 (192.168.15.8) 56(84) bytes of data. 64 bytes from 192.168.15.8: icmp_req=1 ttl=64 time=0.413 ms 64 bytes from 192.168.15.8: icmp_req=2 ttl=64 time=0.180 ms ^C --- 192.168.15.8 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 999ms rtt min/avg/max/mdev = 0.180/0.296/0.413/0.117 ms |
#vim /etc/asterisk/sip.conf
|
#[3301]
[default] ; CHANNEL(secure_signalling) ; CHANNEL(secure_media) [menu] exten => s,1,Answer exten => s,n,Background(/var/tmp/asterisk/records/record00) exten => s,n,WaitExten(3) exten => s,n(main),Background(/var/tmp/asterisk/records/record01) exten => s,n,WaitExten(3) exten => s,n,Background(/var/tmp/asterisk/records/record02) ... -- INSERT -- 2,1 Top -- INSERT -- 2,1 Top exten => s,n,Hangup exten => 0,1,Playback(/var/tmp/asterisk/records/record11) exten => 0,n,Hangup exten => 1,1,Goto(submenu,s,1) exten => 2,1,Read(ORDER,/var/tmp/asterisk/records/record05) exten => 2,n,SayDigits(${ORDER}) exten => 2,n,GotoIf($[ "${DB(order/${ORDER})}" = "" ]?invalid_order) exten => 2,n,Playback(/var/tmp/asterisk/records/record0${DB(order/${ORDER})}) |
#vim /etc/asterisk/extensions.ael
|
#//
|
#cd
|
#ls
|
[Nov 19 10:57:20] NOTICE[5058] chan_sip.c: Registration from '<sip:motreal@192 .168.15.254>' failed for '192.168.15.9:5060' - Wrong password
Время первой команды журнала | 15:39:00 2013-11-22 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Время последней команды журнала | 17:06:32 2013-11-22 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Количество командных строк в журнале | 57 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Процент команд с ненулевым кодом завершения, % | 3.51 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Процент синтаксически неверно набранных команд, % | 1.75 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Суммарное время работы с терминалом *, час | 1.46 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Количество командных строк в единицу времени, команда/мин | 0.65 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Частота использования команд |
|
В журнал автоматически попадают все команды, данные в любом терминале системы.
Для того чтобы убедиться, что журнал на текущем терминале ведётся, и команды записываются, дайте команду w. В поле WHAT, соответствующем текущему терминалу, должна быть указана программа script.
Команды, при наборе которых были допущены синтаксические ошибки, выводятся перечёркнутым текстом:
$ l s-l bash: l: command not found |
Если код завершения команды равен нулю, команда была выполнена без ошибок. Команды, код завершения которых отличен от нуля, выделяются цветом.
$ test 5 -lt 4 |
Команды, ход выполнения которых был прерван пользователем, выделяются цветом.
$ find / -name abc find: /home/devi-orig/.gnome2: Keine Berecht |