FreePBX Extension Routing Module

FreePBX Extension Routing Made Easy…

Amongst the many requests that FreePBX continuously receives, one of the most common has been the ability to allow only certain routes to be used by specific extensions. A common but very complicated and incomplete solution often tried is the unsupported Custom Context module. There have been other modules and solutions used to address this need but as a general rule, they have been burdened with hard to understand and often incomplete solutions such as “security” loop holes where restricted phones could still provide call forwarding to routes they should not have access to.

Because the frequency of requests Schmooze Com has seen both in the forums and while providing paid support services to FreePBX customers, we’ve decided to leverage some of our commercial module technology we use to solve this problem. We have added a free module that provides simple and easy to understand configuration. We are excited to provide this not only on the 2.11 up-and-coming release but on the current 2.10 release as well!

The module is called the Extension Routing module and its focus has been very specific: allow any extension to be restricted to a subset of routes, including any calls launched by that extension whether from Call Forwarding, Follow-Me or VmX Locator.

This can be configured one of two ways. Once the module is installed, each extension (or user) will have a section that includes a list of Outbound Routes configured on the system. By default they are all enabled. From here you can restrict or include any route for each extension as seen in the screenshot.

Alternatively, under each route you will be provided with two boxes that list all the “Allowed Extensions” and “Blocked Extensions” for that route. You can simply drag and drop extensions between the boxes to make adjustments to the route!

It really is “that” easy and if that is not easy enough, then have a look at the [url=]Extension Routing PDF UserGuide[/url] that we prepared to step you through it. All other aspects of standard Outbound Routing and Trunks will work as configured and calls that are sent out from the system that do not belong to an extension will not be affected having access to all routes as normal, such as an external configured in a Ring Group or Queue.

As mentioned, the module is free but since it includes a lot of code from our commercial modules, you will have to make sure your PBX is registered in the [url=]Schmooze/FreePBX Portal[/url] where other commercial modules and FreePBX paid support business is conducted. If you need step by step instructions on how to register, check out our [url=]How to Register a Deployment.[/url] This process simply provides your deployment with a unique id which is needed to obtain the free license required to run this module. There is no limit to the number of deployments you can obtain licenses for!

Once registered just go and “purchase” a $0 license for any of your registered deployments, the module itself can be downloaded to any system through the online Module Admin by enabling the Commercial Repository in the GUI.

One small note, you’ll need a proper Zend environment to be able to run this module as is the case with many of the other commercial modules. If you are running the FreePBX Distro then you are covered and we’ve also worked with the PBXiaF team in the past to enable these modules for them as well, so as long as you have their version 2.0.6 or greater, you are also covered. Otherwise, sorry but you’re on your own as you’ll need the Zend environment in addition to the System Admin Module in FreePBX which includes some specific FreePBX Distro RPMs that must also be installed. It’s a bit complicated and why we do all the work for you on our nice, clean FreePBX Distro!

For now, enjoy and give us feedback if the module is meeting the needs that we see constantly being requested!

[b]Tony Lewis[/b] on behalf of the FreeBPX and Schmooze Team!

Seeking Feedback on New Website Design

This summer seems to be flying by so fast its been a while since I’ve blogged on the various activities back in “FreePBX Central.” In December we [url=/news/2011-12-14/server-progress-and-plans] took our first steps updating the website and mirror infrastructure[/url] and with over half a year behind us, the new and redundant environment has proven itself to be a great success! Thanks again to Schmoozecom Inc. for all the help and support on that big feat! With that behind us, we’re embarking on the second phase of our upgrade!

The current site is comprised of two primary components, the forums, blogs and documentation which reside on a very dated version of Drupal, and the ticketing and source code system running on trac. Our plan is to refresh the Drupal website with the newest version of Drupal and give it a compete facelift. On the trac side of things, we have some thoughts and plans for big changes but will focus on the website look and feel for this blog post!

In the spirit of this project, we want this facelift to be something that our community stands behind and has a lot of fun with! For those who don’t know him, we thought it was time for our favorite mascot, [url=/tango]tango[/url] to be a big part of the new design where we can start to have a lot of fun with him! So … without further ado we would love to hear your feedback on the following design concept generously offered up as a starting discussion point by Shaun, the VP of Creative Design at Schmooze Com, Inc.

Let us know what you think and any ideas or other feedback that comes to mind for this!

Reply here with your thoughts! Like it, don’t like it, feedback and suggestions about the concept, etc! We want to hear from you! Keep in mind this is a concept so don’t sweat the small stuff, there’ll be plenty of time to fine tune it, keep consistency, etc. Once we hear back we’ll take your feedback to move this in the right direction to a great and refreshing new look! Bring those comments on!

[b]Philippe[/b] – On behalf of the FreePBX Team!

FreePBX Distro Annoucement

We mentioned coming out with a full install ISO for the FreePBX Distro in the [url=]last blog[/url] so as promised here we are with the details! We’ll discuss that and some core changes that many of you have been asking for.

Over a year ago we set out to provide a clean and stable ISO after years of requests from all of you in the community for us to do so. The easiest way to do this at that time was to take the proven and stable build environment that Schmooze uses on the commercial products and modify them for the FreePBX ISO.

This process, using a netinstall, worked well. In fact, it worked so well in conjunction with the huge success of the FreePBX Distro to the point of over taxing our systems with many thousands of downloads each month! We have been super excited about this success but at the same time, it has become more and more painful for some of you to get access to the Distro especially outside of the US because the success is putting a big stain on the datacenter bandwidth!

I am excited to announce we spent the past few months refactoring everything on how the ISO is built and managed from the ground up and can now offer a Full ISO with 99% of the packages on the Disk in addition to the Net Installer just like we had before. The only difference in the new Net Installer is it includes the kickstart on the disk instead of pulling it from the website to keep things inline with how the Full ISO is built.

One of the other neat things we always did before and worked great for Schmooze as all of our hardware was identical and certified, was we would auto detect if you had more than 1 hard drive with no Hardware Raid Controller and we would auto setup software raid. Well this too would cause issues with some people since it would detect things like USB stick as a Hard Drive and try to add them to the raid array. In the new Net Installer we still do this but in the Full ISO you now get 3 options.

– Auto-detected raid arrays. This is the same way we have always done the Net Installer and will attempt to detect all the hard drives that you have and setup software raid.
– Simple partitions- This will just take the first hard drive it detects and set that drive up with standard linux partitions and install the ISO. This is the default behavior with text mode install in Centos
– Advanced mode- This will allow you to go into Centos Graphical Mode and setup your hard drives and drivers anyway you want just like you can in standard Centos Graphical Mode

Lastly there are a few items that the Full ISO has to do after install in the firstboot area. This is installing RPMs that can not be installed at the Installer time and updating all your modules in FreePBX to the latest version of the same release such as 2.10.

When this firstboot runs it detects if you have internet and if not it will exit and inform you that you need to get internet configured on the box and then a command to type to have it finish running through the firstboot installer stuff. This should solve the issue where network drivers are not supported in the default install but allow you to get 99% of everything installed resolve your network drivers and then run the firstboot scripts to finish it.

And for all the users who would would rather not be bothered or consumed with installing the software and making sure the hardware works well you can always visit the [url=]FreePBX Store[/url] and purchase a certified Hardware Appliance with the latest version of the Distro pre-installed for you.

A big thanks goes out to GamerGamer43 and all his hard work of helping track down issues with the RPMs and get everything playing nicely and to Jared Smith formerly Fedora Project Leader helping track down weird issues with the Andaconda Installer not setting up the loopback during install and causing the FreePBX RPM not to install in some scenarios

Please visit the Distro Page [url=]Here[/url] to download the version of the Distro that suites your needs

Tony – On behalf of the FreePBX Team

[url=]Get details on the FreePBX Appliance Here[/url] [url=]FreePBX Support Services including Great POMP Offerings[/url] [url=/open-telephony-training-seminar]Training Opportunities with OTTS[/url]

Update on 2.11 and Full ISO Distro

I’ve been back from Spring break for a week so time for an update. I’ll go over some of the CEL (Call Event Log) work, talk a bit about some security “auditing” additions I’ve been adding to Module Admin, and give you a preview on some great work towards a full FreePBX Distro ISO (vs. netinstall) that Tony has been working on! We also have a great [url=]FreePBX Appliance[/url] that has been added to the store and some new [url=]Support Peace of Mind (POMPS)[/url] service offerings to compliment the existing paid services. Lastly, if you are procrastinating registering for the next [url=/open-telephony-training-seminar]Open Telephony Training Seminar[/url] time is running out so [url=/open-telephony-training-seminar-register]go register now[/url] to assure your spot!

FreePBX 2.11

Version 2.11 is still very much in an “alpha” phase with no tarball available yet. We’ll work on branching trunk to 2.11 shortly and make it a bit easier to start reviewing. Some work has started with the Asterisk CEL technology and I made some checkins yesterday into the 2.11 branch of the CDR reporting module. Unix ODBC, Asterisk ODBC, CEL and CEL ODBC support are all required in order to get the module working the way it has been initially implemented. All the required RPMs are available through [i]yum[/i] on the Distro though no configuration work has yet been done. Much of this is at the Distro level which we have not attacked at this time, but we’ve included a zipped file with instructions in the 2.11 CDR module that makes it pretty easy to configure if you want to start playing with it. We would like early adopters who are very interested in CEL to get their hands dirty and provide feedback and suggestions before we move forward heavily on an implementation path.

Once you’ve configured CEL, the current CDR Reports module will allow you to click on any CDR record resulting in a full list of CEL events associated with that record, as well as a display of all the CDR records that are part of the same call. You can now have fun with call pickups, transfers, parking, etc. and see all the events that make up that single call, as well as all the CDR records which are in fact the same call.

The CELs are ultimately designed around getting more accurate billing data but our initial goal is to simply get the technology out and into FreePBX hoping this results in creative ideas or third party modules taking advantage of this and delivering some very useful functionality.

Security is always a critical area that gets people’s attention. We [url=/news/2012-03-26/security-concerns-2-11-updates-and-expiring-early-bird-specials]patched a serious security vulnerability[/url] several weeks ago but despite that, we continued to see reports of people being hacked well after the fixes were available for easy detection and installation from the online repository. We decided to embark on some ideas that may help highlight vulnerable modules installed on a system that are known to contain security vulnerabilities. When this work is finished, Module Admin will highlight known vulnerable modules so they are very obvious and add security notifications into the notification panel. If you are setup to receive emails from Module Admin, then these security issues will also be emailed to you. We’ll blog more details about this in the coming weeks since there’s a lot more to talk about and this blog is already getting pretty long!

FreePBX Distro and Appliance

The FreePBX Distro has been a great success and the endless work from Tony and the Schmooze Com, Inc team has been awesome! Up until now loading the Distro requires a [i]netInstall[/i] which works fine for most situations but has resulted in a lot of requests for a full ISO download. Tony has tackled this problem and will tell you a lot more about this in the next blog so stay tuned. As always, he’s gone the extra mile to deliver you more then just a basic ISO!

[float=left] FreePBX Appliance
[/float] We’ll take a moment to point you at the absolute and simplest way to load up your system, which would be with the [url=]FreePBX Appliance[/url] that has been sitting in the [url=]FreePBX Store[/url] for some time with a lot of happy customers. The [url=]FreePBX Classic[/url] is a great solution for most installations including standard features such as dual mirrored (RAID1) drives, a fantastic form factor with minimal moving parts and even [url=]FreePBX Support Credits[/url] to get you started. For a really beefy and/or rack mountable solution that won’t run you much more there’s the [url=]FreePBX Xtreme[/url] which packs higher CPU, memory, expandability and more. You can get much more details on these great appliance [url=]in the store[/url] and they all come pre configured with the FreePBX Distro on top of high quality hardware components!

If a fully supported appliance from the world class team that brings you this great project doesn’t give you all the [url=]Peace of Mind[/url] you require, have a look at the new [url=]POMPS[/url] support contracts now available from the [url=/freepbx-official-paid-support]FreePBX Support and Services[/url] team! With these offerings SLA levels up to 24×7 support are now available whether running your own hardware or one of these great appliances! Check the [url=]Store[/url] to get all the details.

Open Telephony Training Seminar

The next [url=/open-telephony-training-seminar]OTTS[/url] event is coming up in less than 4 weeks and the last two seminars completely sold out! If you are thinking of joining us in the Twin Cities next month then make sure to [url=/open-telephony-training-seminar-register]register now![/url] We look forward to seeing some of you there!

Back to coding for now, we’ll be back shortly with more details on the ISO and the Security Notification work that is being worked on!

Philippe – On behalf of the FreePBX Team

[url=]Get details on the FreePBX Appliance Here[/url] [url=]FreePBX Support Services including Great POMP Offerings[/url] [url=/open-telephony-training-seminar]Training Opportunities with OTTS[/url]

Security Concerns, 2.11 Updates and Expiring Early Bird Specials

We continue to make progress playing with the various technology efforts that we have planned for 2.11, mentioned in the [url=/news/2012-03-13/what-are-we-thinking-about-for-2-11]last blog post.[/url] While at it we also continue to plug the miscellaneous bugs that always surface after a final release, and just in general. For as much as we changed in 2.10, it’s been pretty smooth sailing! In addition to updating you on the 2.11 efforts, we’ll update you on a recent Security Vulnerability that has been addressed and some thoughts it provoked on the subject. Lastly, if you’re thinking about OTTS, the [url=/open-telephony-training-seminar-register]Early Bird Special expires Saturday[/url] so don’t procrastinate too long if you would like to save a few hundred dollars!

First, a quick word on the Security issue since that usually peeks people’s interests. There were a couple threads in the forums about a security report that included a handful of XSS (Cross Site Scripting) vulnerabilities and one RCE (Remote Command Execution) one. First of all, if you have all your modules up-to-date then you are safe from these specific vulnerabilities as they have been addressed. All but one of the XSS ones had already been removed in 2.10 already. Our standard policy is to fix the currently supported releases (2.9 and 2.10) as well as the previous two releases though in this case I pushed the fixes back to 2.6.

A few words on the RCE vulnerability. This was a breach that would allow an attacker to penetrate your system and run any arbitrary Linux command. In most installations, including the FreePBX Distro, this means that they could get access to any command that user asterisk has privileges to run thus allowing significant damage to be done. Some Distros, such as trixbox systems (for those of you still running trixbox) and Elastix, allow user asterisk to [i]sudo[/i] (change) to root for some commands and as such, the exploit could get access to the root user. Whether penetrated as the asterisk user or the root user, both are very bad though as root even more damage can be done. I will stress that a system properly protected such that http access is not allowed without a secure VPN was not at risk from the internet, though still vulnerable from a malicious user with local access. (Technically, one could do an XSS style attack to trick a local user into triggering the RCE vulnerability as well.) This issue has been fixed, but the potential for damage is again echoed that allowing http access poses significant risk. Though now fixed, there are certainly other dormant vulnerabilities not yet discovered so think twice before exposing http access outside of VPN protection.

If you go to Module Admin, or have it run automatically, you will have seen (or will see if you haven’t done it yet) that there are module updates available and if you review the changelogs for the modules, you will see references to this recent security issue. If you are happy just updating all your modules, which is usually a fairly safe thing to do, then you are covered. However, this got us thinking of ways that we might help to better bring to your attention any critical updates that are necessary to address known vulnerabilities. The FreePBX notification systems currently has the ability to post very visible security updates in the panel, and in the case where you have provided an email address to be notified of module updates, it will also send an email notifying you of these issues. What we are looking at doing in 2.11 is adding additional information to the Module Admin XML data that get’s retrieved when that would allow your PBX to do an analysis of your current module versions and properly warn you through these mechanisms if it detects that you have vulnerable versions of any modules known to be fixed. This would provide those of you more cautious in applying updates with prompt warnings without having to actively dig through all the module changelogs each time one is published.

Security aside, back to looking forward. One of the areas discussed is the CEL (Call Event Logging) subsystem in Asterisk. I’ve been playing around with this a bit and it does provide for some interesting and very voluminous data if you enable all the events that Asterisk has to offer, and that doesn’t include any user defined events which we will be sure to add into FreePBX. It’s still very early so we’ve only started playing with the technology. Some of the current talk for initial introduction is to simply allow for any current CDR record to be clicked and by doing such, you will receive the full set of CEL records that make up that call. In some cases, there can be multiple CDR records that are all from a single call. In those cases, regardless of which of those you clicked on, you would still receive the full CEL thread related to that single call. At this point we’ve determined how to obtain that full list consistently. What’s left are many more decisions to be made from how to best log the transactions, which events to log, which fields to log, how to best present the data and more. The main goal for this release is going to be getting this exposed. Once exposed and easily configured in FreePBX, more ideas from you and great third party tools are sure to follow.

The User Portal efforts headed up by Schmooze Com, Inc is also quite in it’s infancy. At this point the things we are running into this early in the game are flushing out some of those dark and aging areas inside of FreePBX that are well due to be replaced in order to further facilitate the new work we want to do. This has always been referred to as the various ‘internal plumbing’ that over time we continue to replace; something that is usually not very visible to the end user but critical and necessary to assure FreePBX continues to be the great product that we are all so happy with.

I did not sync up with Ward before writing this blog to determine if any progress has been made on the XMPP enabled “remote hints” that I mentioned in the last blog post. Hopefully we’ll know if work has been done in that space next time we have some updates!

As a quick reminder, the next [url=/open-telephony-training-seminar]Open Telephony Training Seminar[/url] is quickly approaching and with the [url=/open-telephony-training-seminar-register]Early Bird Special[/url] ending Saturday, March 31st, now’s the time to save yourselves a few hundred dollars and make sure you have an opportunity be part of our upcoming training!

[b]Philippe[/b] – On Behalf of the FreePBX Team!