Differences

This shows you the differences between two versions of the page.

--- voice:pbx:piaf [2011/11/26 09:28]
gcooper created
+++ voice:pbx:piaf [2016/08/18 13:02] (current)
gcooper
@@ Line 1: / Line 1: @@
 ====== PBX in a Flash (PIAF) ======
+PIAF is an Asterisk-based PBX built on Centos 5.
 http://www.pbxinaflash.com/
+http://knol.google.com/k/pbx-in-a-flash
 http://pbxinaflash.com/wiki
@@ Line 7: / Line 11: @@
 http://pbxinaflash.com/forum
-====== PBX in a Flash ======
+===== PIAF in a Virtual Machine =====
-http://pve.proxmox.com/wiki/PBX_in_a_Flash
+[[voice:pbx:piaf_virtual|PBX in a Flash - Virtual Machine]]
-http://knol.google.com/k/pbx-in-a-flash
-**Help**
+===== Resources =====
+<file>
 help-pbx
+</file>
-**[[Asterisk]]**** PBX based on Centos 5**
+**PBX in a Flash for Newbies**: http://www.cadvision.com/blanchas/Asterisk/index.html
+**PiaF without Tears**: http://members.optusnet.com.au/bsharif/contributions.htm
+**Ringdale PBX Administrator's Guide**: http://voicefidelity.com/files/pbx-administrators-guide.pdf
+===== Networking =====
+==== Firewall ====
+=== Trusted Networks Method ===
+This configuration blocks most everything from everywhere, then allows trusted IP subnets.
+Edit ''/etc/sysconfig/iptables'':
+To remove access to dangerous ports, change:
+<file>
+-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 113 -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 21 -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 9001 -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 9080 -j ACCEPT
+-A INPUT -p udp -m udp --dport 4569 -j ACCEPT
+-A INPUT -p udp -m udp --dport 5000:5082 -j ACCEPT
+-A INPUT -p udp -m udp --dport 10000:20000 -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 4445 -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 5038 -j ACCEPT
+</file>
+to this:
+<file>
+#-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
+#-A INPUT -p tcp -m tcp --dport 113 -j ACCEPT
+#-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
+#-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
+#-A INPUT -p tcp -m tcp --dport 21 -j ACCEPT
+#-A INPUT -p tcp -m tcp --dport 9001 -j ACCEPT
+#-A INPUT -p tcp -m tcp --dport 9080 -j ACCEPT
+#-A INPUT -p udp -m udp --dport 4569 -j ACCEPT
+#-A INPUT -p udp -m udp --dport 5000:5082 -j ACCEPT
+#-A INPUT -p udp -m udp --dport 10000:20000 -j ACCEPT
+#-A INPUT -p tcp -m tcp --dport 4445 -j ACCEPT
+#-A INPUT -p tcp -m tcp --dport 5038 -j ACCEPT
+</file>
+To add WhiteList IP addresses for sites from which you need access to the server for admin or phones, find the section of the file that looks like this:
+<file>
+-A INPUT -s 192.168.0.0/255.255.0.0 -j ACCEPT
+-A INPUT -s 172.16.0.0/255.240.0.0 -j ACCEPT
+-A INPUT -s 10.0.0.0/255.0.0.0 -j ACCEPT
+-A INPUT -s 127.0.0.0/255.0.0.0 -j ACCEPT
+</file>
+Add entries just below the existing series that look like this using your actual IP addresses:
+<file>
+-A INPUT -s 111.222.111.222 -j ACCEPT
+</file>
+=== Checklist ===
+  - Be sure you have added a WhiteList entry for the IP address you're using to access your server, or you will lock yourself out!
+  - Restart your firewall to load the new settings:
+      * ''service iptables restart''
+  - Verify that your new settings are working and are what you expected to see:
+      * ''iptables -nL''
+  - Attempt to access your virtual machine's web interface using the browser on your cellphone (assuming it is not in your WhiteList). This will validate that the firewall is working properly by denying you access.
+===== Installation =====
 Download and burn the PiaF 1.6 ISO image.  It will run on Atom-based (newer) hardware.
@@ Line 22: / Line 101: @@
 Log in as root:
+<file>
 genzaptelconf
@@ Line 34: / Line 114: @@
 passwd-master
+</file>
-([[FreePBX]] default login with user 'maint' and password 'password')
+FreePBX default login with user 'maint' and password 'password')
 Other passwords can be set in your system with these commands:
-passwd... reset your root user password
+|''passwd''          |reset your root user password            |
-passwd-maint... reset your [[FreePBX]] maint password
+|''passwd-maint''    |reset your FreePBX maint password        |
-passwd-wwwadmin... for users needing FOP and MeetMe access
+|''passwd-wwwadmin'' |for users needing FOP and MeetMe access  |
-passwd-meetme... for users needing only MeetMe access
+|''passwd-meetme''   |for users needing only MeetMe access     |
-passwd-[[webmin]]... for users needing [[WebMin]] access to your server (very dangerous!)
+|''passwd-webmin''   |for users needing WebMin access to their server (very dangerous!) |
 **E-Mail Message Delivery**
+<file>
 nano -w /etc/hosts
 .0.0.1     pbx.dyndns.org pbx.local pbx localhost.localdomain localhost
+</file>
+<file>
 nano -w /etc/asterisk/vm_general.inc
 serveremail=voicemail@pbx.dyndns.org
+</file>
+<file>
 service network restart
 amportal restart
-echo "[[test]]" | mail -s testmessage yourname@gmail.com
+echo "test" | mail -s testmessage yourname@gmail.com
-#setup-mail
+setup-mail
+</file>
 **Centos Updates**
@@ Line 70: / Line 155: @@
 **PiaF Updates**
+<file>
 update-source
+</file>
-Last changed (in Tomboy): 2011-05-13
-Note created (in Tomboy): 2009-10-22

Virtual Architects Support Wiki

User Tools

Site Tools

Differences

Page Tools