Category: Telecom/VOIP

Posted on

Retiring servers as a way of life

I’ve been running a server at home for a lot of years. Over the past 2 or maybe 3 decades, our server has provided Windows network shares and workgroup services, a repository for DVR’ed TV shows and movies, PBX functions with Asterisk, DNS, email, and more. Before all cable Internet providers started blocking incoming port 80 and 443 traffic, it hosted our simple family web site and even webmail at one point. One by one I’ve moved on, migrated, or replaced all of those – except email. Postfix and Dovecot IMAP are really the last things I’ve been using the local server for in the last couple of years. I do still run an ad blocker function in a Raspberry Pi.

The server is on old hardware bought 13 years ago – an Intel Atom D525 motherboard and a similarly old 1TB Seagate hard drive. The Ubuntu OS is long out of support and I have very little confidence in the life left in the hard drive. It’s been weighing on my mind recently. On top of all that, if I get hit by a meteorite or a bus or whatever… it’s going to be a nightmare for someone to figure everything out. It’s high time I retired that box; it owes me nothing.

I looked at a number of options. I could move email to a hosted VM – but it’s really a nightmare maintaining and trying to work around the many companies that block ALL mail for most popular hosting companies, regardless of using SPF, DKIM, and DMARC. I looked into a Microsoft business basic account. I considered letting my domain registrar do it, since they’ll provide webmail service. Each of these has advantages and disadvantages, and some are more expensive than others.

In the end, I discovered that you can set up your own custom domain in iCloud and use iCloud email. I don’t see us going back to Android phones, so that’s fine with me. All it takes is a few minutes with iCloud settings and a few TXT and MX records in DNS, so everything is easily reversible should I decide on a new path later on.

Now we’ll see how well Apple filters SPAM and phishing emails. I have spent countless hours over the years trying to eliminate the torrent of this crap that we receive every day, with pretty good results. A combination of Postgrey and some pretty extensive Postfix header and body check filters have eliminated most of the unwanted crap. I’m hoping it doesn’t all reappear again.

Next on the block is moving my small Asterisk system out of my house. It works exceptionally well, but of course if we have an internet outage it’s off line. As I hope to provide VOIP phone service to a couple more family members, I’d like something more reliable.

Posted on

Using SIP Phones like home phones

For years now, I’ve been using Asterisk for our home phone line (as well as one for our rental property business). One persistent issue has been getting SIP phones to act like regular non-PBX extension phones. You know — where two people in different parts of the house can use two phones on the same call.

Asterisk has shared line appearance (SLA) features, but this is designed to make it work like an old key system PBX. Not really the way we want it to work. If John is on a phone call and Jane picks up another extension, Jane can’t join the call — she just gets a new outbound line. Most of this is by design. For one thing, in most non-home settings you really don’t want just anyone to be able to join your call. If you want to add someone, you use the conference feature to dial their phone and add them. In a home setup, though, it’s a hassle and it’s complicated — since you don’t necessarily know which extension a person is using, especially if you’re using cordless phones. Asterisk is really not developed for home use; for some pretty obvious reasons, it’s mostly used by businesses. It is, after all, a PBX.

The solution I’ve used thus far is a regular analog cordless phone system (Panasonic, Vtech, etc.) and an ATA adapter like the Grandstream HT801. That device connects your analog phones to Asterisk. This approach is good, but it’s not a perfect solution. You can’t do things like use your cordless phones to make more than one simultaneous call (unless you have a multiline cordless phone and an HT802). These are also typically consumer grade phones, with limited displays and battery life. The quality of cordless phone systems has most definitely not improved over the past few years.

I want to try out some of the new Wifi SIP phones for a number of reasons, but I want to do it without losing the basic advantages of the consumer type cordless phones. What I finally came up with is a decent solution that combines the best of both worlds. Now if John is on a call and Jane picks up the phone, she can place a new call without interrupting John. She can also, however, join John’s call if she wants.

In my Asterisk dial plan, I added a new extension to my internal context. Dialing *11 will join your call to an existing call if one is in progress. I do this with the BridgeAdd() application and the CHANNELS() function, like this: 

exten = _*11,1,NoOp(Join call)
 same = n,If(${CHANNELS(trunk)})
 same = n,BridgeAdd(${CHANNELS(trunk)})
 same = n,EndIf()
 same = n,Hangup()

CHANNELS(trunk) works because any channel that is created for an external call has that pattern in the channel ID. In my pjsip.conf file, I have my trunk connections configured with that string in the name – so it’s an easy target for the regex parameter passed to CHANNELS().

I’ve got a Wifi SIP phone on the way that has some programmable softkeys. I suspect I’ll find a good use for one of those to make operating them as simple as a Panasonic DECT phone.

Posted on

Using Nomorobo to block calls in Asterisk

Nomorobo is a fantastic service. It’s not perfect; plenty of illegal phone spammers are using throwaway numbers and/or illegally spoofing caller ID numbers to make calls that appear to be from random numbers — usually in your own area code. Short of using a strict whitelist, I don’t see a real way to get rid of those. Using Nomorobo, though, will dramatically cut down on the number of junk calls you will receive.

There’s a little problem, though… while many phone providers offer the service (we’ve been using Ooma), they don’t appear to offer the service to individuals or small businesses who run their own phones.

I ran my own Asterisk PBX for several years, supporting our home phones as well as a separate line I used for work, and even a toll-free number for my side business. Life was good for quite a while, but eventually it got to be quite a hassle trying to keep up with all the junk calls. Then my VOIP carrier changed their pricing to make them much less attractive from a cost standpoint. Eventually we switched to Ooma. They’ve been good, but not without issues. The Telo Air occasionally loses communication with the mothership, and if you don’t see the red light you won’t know that your phones aren’t working. The cost has gone up, now running over $20 per month for the Ooma Premier, which includes what I consider to be some pretty basic features — like call blocking, for example.

Now we have some family members who need a home phone, but I just can’t bear to see them get roped into paying really stupid monthly costs for a simple phone line. That, and our Ooma service is getting more expensive and (it seems) less reliable by the year. Time to switch back. But how can I keep Nomorobo? It would be a tough sell to do without that!

Well, Twilio to the rescue! They offer a Nomorobo lookup API that costs a tiny amount per lookup — $.003, or 0.3 cents per incoming call lookup. Conversely, that’s 333 lookups per dollar. Not bad, I’ll gladly pay that to avoid taking telemarketing or scam robocalls. Now, if only we could get Nomorobo to list all of the numbers used by political “push polls”, recorded messages, and other political campaign silliness!

Twilio’s call rates are not outrageously high either, and their monthly costs for DIDs (phone numbers) are pretty reasonable. The only thing I’ll fault them on is too much hassle to set up CNAM for your outbound calls, so unless you go through that process everything shows up as the number only with no CID name. Flowroute is MUCH better for this, so I route most of my outbound calls through them.

So — how to get Asterisk to do the lookup? After several hours of playing around with this, I found that it’s pretty easy to do. While it wouldn’t be terribly helpful (or smart) for me to post my entire dialplan here, I’ll include enough to get you going. I put this very near the top of the context I use for incoming calls from PSTN trunks. There’s no sense in burning CPU cycles on a call if you’re just going to drop it anyway.

First, you’ll need a Twilio account. They’re even nice enough to give you some credit on your account if you’re new, and it’s enough for quite a bit of learning and development work. I funded my account so I can use them for international calls — they’re ridiculously cheap for most destinations. They’re also a good solution if you want to get DIDs in countries outside the US.

Once you have a Twilio account established, use your account SID and auth token to set CURLOPT() with your username and password. This will be used in the next line to make the curl call to the API:

same = n,Set(CURLOPT(userpwd)=username:password)

Now, make the call to Twilio’s API to get the spam score. The result is a block of JSON that gets saved as TWILIO_RESULT:

same = n,Set(TWILIO_RESULT=${CURL("https://lookups.twilio.com/v1/PhoneNumbers/${CALLERID(num)}?AddOns=nomorobo_spamscore")})

Since we’ve got a block of JSON, we’ll need to extract the one wee bit we need. Fortunately Asterisk has a solution for that as well, so we don’t need to resort to anything drastic like a shell command:

same = n,Set(SPAMSCORE=${JSON_DECODE(TWILIO_RESULT,add_ons.results.nomorobo_spamscore.result.score)})

Now we use that result to drop the call if it’s spam. A simple Hangup(2) tells the caller that their call was rejected:

same = n,GotoIf($[ ${SPAMSCORE} = 1]?dropcall)

Later in the dialplan, after we’ve done the whole “call the user, drop to voicemail if they don’t answer, yadda yadda yadda” we have this:

same = n(dropcall),Hangup(21)

The Hangup(21) tells that their call was rejected. There are other, even more creative codes to use… like these (list courtesy of voip-info.org):

  • 1 – Unallocated number
  • 22 – Number changed
  • 27 – Destination out of order
  • 38 – Network out of order
Posted on

Cutting the cord? Or part of it…

So the Cox bill has been getting out of control.  After the latest package deal ran out, the bill bumped up to nearly $240 per month, mostly for crap (in the form of TV channels and phone features) that we don’t want.  That’s a ton of money.

The requirements are:

  • Landline with caller ID
  • Live TV with the channels WE watch.  Local channels, Fox News, History, Discovery, AMC, HGTV, several others. 
  • Internet to support full time telecommuting

I already switched the phone service over to Ooma.  I bought a Telo and signed us up for Ooma Premeir service.  That gives us caller ID, voicemail, and unlimited calling in & out.  That will reduce the monthly phone service spend from $53.62 (I shit you not, that’s what Cox was charging me) to less than $20 per month — for more service.

Now, next up is cable TV. Cox’s bill comes to a little over $154, including taxes and fees and surcharges.  I could reduce that by about $24 by dropping HBO and Showtime, which suck anyway and we only have because they were included in the discount package that has expired.  Still WELL over $100 a month for, quite frankly, an awful lot of crap.  200+ channels, but of course they include crap we’d never watch in a hundred years just to try to justify the insane price. 

The last time I looked at alternatives like Hulu, Netflix, Sling, etc. — and it was not that long ago — they all fell woefully short of meeting any of our requirements.  We stuck with cable TV simply because there was no other way to watch, for example, The Walking Dead, or Fox News, or Nebraska football games, live.  A few hours or days or a year after the fact, sure.  Or not at all, depending on the service.  And we’d probably need to sign up for several, resulting in a total bill exceeding what we were paying for cable in the first place.  Oh, and get an antenna up that would work for the local channels, since NONE of them covered those.

Well, it seems the picture has changed significantly.  For about $40 a month Hulu will give you all their stuff, plus live TV covering all the channels we watch (BTN for Husker football included, woohoo!) and a DVR service.  It’s worth a try.  We already have Amazon Prime, mostly for the shipping.  The decision to go with a Fire TV Cube was pretty simple.  I received and installed that yesterday, and signed up for a free trial week of Hulu with live TV.  Oh, and as a side benefit…  it looks like this may also negate the need to try and find yet another “universal” remote control, potentially saving another few rubles.

Last night was our first night watching Hulu on the Fire TV Cube.  Overall the user interface ranges from “fair, needs improvement” to “frustratingly clunky” to “ridiculously obtuse”.  Some of that’s the Fire TV, some is Hulu.  It’s bearable, and I hope it improved with future app updates.  We also had not one, but THREE screwups while trying to watch live TV.  The first was innocuous and not a big deal — watching the news, but the program guide listed it as some oddball foreign cartoon name.  OK, no big deal.  Then we tried watching Vikings on History Channel.  Several minutes into the episode it restarted,  restarted again, and when we tried to get back to the live stream it switched to some episode of “Forged in Fire”.  Horrifically frustrating.  10-15 minutes later we got back to Vikings, but of course missed part of the episode.   We’ll have to watch it again.

Then we tried watching another show, “Curse of Oak Island”.  What we got was an old episode of “Stargate SG-1”, which most definitely has not improved with age.  It would have been funny if it were not for the fact that we couldn’t watch the damn show we wanted to watch.

I will say that non-live streams seem to work perfectly, and the video quality seems to be great.  And we can watch some channels for hours with zero issues.  I chatted with Hulu support today, and the agent says it’s a “known issue” that they’re working to resolve.  IF they resolve it soon, and completely, we’ll have a winner.  If they do not, we’ll need to decide whether we stick with Hulu and adapt (watch things delayed a little), or scrap it and pare our Cox cable back to the minimums and deal with the expense.  Or something else entirely. 

Once we have a final solution to this question, I’ll post a monthly spend and savings analysis.  I think we can probably save about $100 a month, to be honest.  I’m glad I don’t own stock in Cox or any other cable company.  We’ll still have to use them cor Internet access, of course, but who knows how long that will be true?


Posted on

Into the dark side. Or whatever.

apple-logoMy Droid 3 has been giving me fits for a while.  The phone itself is fine…  there doesn’t seem to be a hardware problem.  A couple of months ago, though, it started nagging me daily to install a slew of app updates, including “Google Play Services”.  Half the apps I use regularly finally refused to run at all until I installed Google Play, which I resisted because it wanted access to everything on my phone.  All data, all history, location, email, everything.  I finally had no choice but to dump the phone or install the damn thing, so I installed it (and the subsequent dozen or so other app updates).  Since that time the phone has been plagued with odd behavior.  It will periodically freeze up, require reboots, not be able to place a call for several minutes after a restart, and I’ve had to pull the back off and remove the battery a couple of times when it froze up and started getting uncomfortably hot.

My employer offers me the option of having a corporate owned cell phone.  We’ve currently got a choice between Blackberry and iPhone.  I can understand their refusal to allow Android phones to connect to the corporate network — the ease with which an Android can be rooted and bent to the owner’s will is great for experimenters, developer and hackers (a term used in the proper, good sense here) – but it also removes any surety that an app can actually be trusted.  Anyway, the Blackberry phones are locked down tight and everything (web, email, etc) goes through the corporate proxies.  The iPhone situation is different; there’s a secure VPN app that handles all the corporate traffic, but outside of that app web browsing and email don’t pass through company servers.

I opted for the iPhone, so as of yesterday afternoon I have a shiny new iPhone 5S.  It is, I believe, the first Apple product I have ever owned, aside from a garage full of Lisas that passed through my hands back in the late 1990s. I have not used any Apple products for more than a few minutes since the Apple ][e.  No iPod, iPad, iPhone, Macs, iMacs, nuthin’ more than a passing familiarity.

So far I’m impressed.  The phone itself is a thing of beauty, which is to be expected of any new cell phone.  The Samsung Galaxy S III that Lisa carries (and the IV and V, I assume) are nice too.  So no big surprise there.  The thing is quite responsive, and almost everything is simple and intuitive.  I especially like being able to uninstall an app without having to wade through setup menus to do it, and the ability to effortlessly pull up the flashlight, timer, camera and calculator without even unlocking the phone — very nice.  It will even show me text messages and the first couple lines of new emails without unlocking the screen.

There are several areas in which iOS seems to really outshine Android OS.  The email client is a bit nicer than any I have used on the Droid.  iBooks has far and away the best PDF reader I have used on any platform.  The voicemail management is so well integrated with Verizon voicemail that I honestly didn’t realize it was there at first.  I see that there is a built-in flashlight app (lacking on the Droids) and timer/stopwatch.  The camera and its app is much better than anything I have seen on a phone before.  Overall, the UI seems a little smoother, a little quicker, a little more intuitive.  I can see why people rave about their iThingies.  And Siri works pretty well.  I even like the Lightning connector, though the cable they included could have stood to be about a foot longer — easily and cheaply remedied on Fleabay.  And while more of a hardware thing, the fingerprint scanning button is slick as all hell.

A few areas could use improvement.  For one, I do miss the “back” button.  I really do.  I get the whole single-button idea, but I’m constantly reaching for the back button.  A nightstand/dock mode like my Droid has would be awfully nice (maybe I just haven’t found it yet).  And for the love of all that’s good in the world, why can’t I just drag and drop files from my PC??  Using iTunes to copy PDFs to the phone is just plain stupid.

Anyway, the message here is really twofold.  First, kudos to Apple — the iPhone is really, really nice.  I don’t know that I would ever have bought one if I had to spend my own money on it, but it’s nice.  Second, shame on Google.  It took a lot to drive me away from Android, a platform I loved for what it was and what it represented.  They just couldn’t leave well enough alone.  They have managed to make it so intrusive and so inhospitable that even I had to walk away in disgust.

Now, about that Macbook Air…  hmmm.

 

Posted on

Updating the anti-SIP attack script

The anti-SIP attack script has been doing a great job, but I did note a few shortcomings I wanted to fix.  For one thing, I was noticing a few “clusters” of networks that justified (to me) blocking larger networks.  No one outside the US has any reason to connect to my server, for example.  I can block entire /8 networks…  but doing so manually was cluttering up the iptables rule sets.

I modified the script to store a little more information in the text file, so i can go through it manually from time to time and make changes.  It’s easy to run the file through sort -n and see if it’s time to block a /16 or /8 network.

#!/bin/bash
/bin/grep "No matching peer found" /var/log/asterisk/messages|cut -d "'" -f 4 | \
   cut -d "." -f 1-3 |sort -n |/usr/bin/uniq >> \
   /root/anti-sip-attack.tmp
for d in `cat /root/anti-sip-attack.tmp`
do
  if [ `/sbin/iptables -L -n | grep -c $d` = "0" ]; then
    /sbin/iptables -I INPUT -s $d.0/24 -j DROP
    echo $d.0/24 >> /root/anti-sip-attack.txt
  fi
done
rm /root/anti-sip-attack.tmp
Posted on

Our first month all-VOIP

It was about a month ago that I switched our land line number, which we have had for many years, to VOIP.  After running my work and Hamgadgets numbers over VOIP for a couple of years, I figured I had things worked out well enough to handle the home line without hassles as well.

The only complication that arose prior to making the switch was due to the Linux distribution I’m running.  I decided on CentOS a couple of years ago because of its long term support; I didn’t want to have to rebuild my server every year or so.  Well, great — but just because the base OS is supported doesn’t mean anything else will be.  The DAHDI kmod (kernel drivers for the analog phone line interface card) packages stopped getting updated about a year or so ago.  So, I could either run an increasingly out of date kernel, build the kernel modules by hand (every time the kernel gets updated), rebuild the entire server, or just dump DAHDI.

I settled on the last option.  After some cursory research I ordered an Obihai OBi200.  This little hockey puck sized device has one POTS line jack, one POTS phone jack, an Ethernet port and a USB port.  There’s a USB wifi dongle for it that I also ordered.  It’s been a perfect solution.  Now our household cordless phones are seamlessly connected to the Asterisk server over wifi.

So far there have been zero complaints from anyone, including myself.  Incoming calls to our house number arrive via VOIP and ring both the household cordless phones, and the Cisco phone on my desk.  I have Asterisk voicemail turned on with a delay long enough that the caller will get the phone’s answering machine if we aren’t home, but if we’re on the phone the Asterisk system will take a message.  The only thing I really want to change: I can’t pick up the house line on my office phone if the call has already been answered on the house cordless phone, and vice versa.  It’s not as easy a fix as you’d think, but it’s also not a big deal.  I can transfer the call if needed.

The real story is told by  two things.  First, our total cost for phone service with Cox was $41.59 per month (assuming no long distance charges at all).  The first month on Flowroute cost us less than $11 (including long distance), not counting the $7.50 charge to port the number.  Second, if I had not told her about the change, I don’t think Lisa would have even known…  except that caller ID no longer shows up on the TV when a call comes in.  I don’t miss it.

So aside from saving $30 a month, what do we gain?  Well, a few nice things.  We have quite a few blacklisted numbers from telemarketers and scam callers.  Before the switch the cordless phone would recognize up to 30 of them and drop the call AFTER it rang a couple of times.  Now the call gets silently refused and we never even know it happened.  I can also re-route calls to our cell phones, either in place of or instead of the house phones.  FAX reception is automatic, with received FAXes emailed to Lisa and I both in PDF format.  The list goes on, but overall — it’s a win.

So, our first month since about 1980 or so without a wired phone line, and no regrets.

 

Posted on

End of the Straight Talk experiment

I’m letting the Straight Talk Wireless lapse, and will sell or give away the phone.  Overall impression: The service is fine, just not the right direction for me right now.  The phone is not without its faults, but is good as a very basic smart phone.

The only real annoyance I’ve had is Straight Talk texting the phone a few times with upsells, and calling the house number to “remind” me that the service is expiring in a few days.  I suppose I can forgive the reminder calls (though I do wish they could be stopped without calling in to talk to a salesdroid).  The texts were a little annoying, though.

Posted on

Straight Talk Wireless / Huawei Ascend Y

I’ve been carrying a cheap little Huawei Ascend Y on Straight Talk Wireless for a couple of weeks now.  The short story is, I’ve gone back to my Droid 3.

STW is OK as far as service goes.  Fine, in fact.  I do get an occasional text message from them trying to upsell, which is a little annoying, but not overly so.  Aside from that, it’s regular Verizon coverage, which is to say excellent.  So…  no complaints there.

The Huawei phone…  well…  what a POS, for one thing.  As an Android phone, it’s as close to the bottom of the barrel as you can get.  The web browser is next to useless — it frequently seems to just lose its mind, followed by a crash.  The phone has VERY little internal memory, and a lot of the apps can’t be moved to the SD card.  Some pretty basic features, like a flash for the camera, are missing, and some firmware features are inexplicably missing.  Like…  no quick way to silence the ringer.  The phone cost me less than $18, I think, and it’s about worth what it cost and no more.  So…  POS, but not a ripoff.  Want it?  I don’t need it.

So, will I drop Verizon for Straight Talk?  Not immediately.  With discounts, my phone costs us $43 and change per month.  Our overall bill is ridiculously high, but dropping my phone for STW would actually cost us a little more.  I’ll continue to look for a less expensive way to keep them on Verizon, but I’m not anticipating that will work.  We may just drop Verizon, pay the early termination fee, and move – or maybe we can find two separate plans under VW that will eb cheaper.  Time will tell.

 

Posted on

Got a new phone

I decided I would try out Straight Talk Wireless, so now I have a new phone. It’s a cheap little Chinese Huawei Ascend Android phone, but it’s doing okay for the less than $20 I spent on it.  So right now I’m just trying out the WordPress Android app, & a new voice keyboard plugin. This is being posted from my phone, using voice input.  Maybe now I’ll post more. Maybe not.