VoIP Monitoring Installation
- Torsten Schmidt
- Ole Ernst
- Robin Sachse
Owned by Torsten Schmidt
Building and installing package from source
Download latest voipmonitor release: b47e0d2.tar.gz
# prepare build environment
mkdir -p ~/rpmbuild/{BUILD,RPMS,SOURCES,SPECS,SRPMS}
echo '%_topdir %(echo $HOME)/rpmbuild' > ~/.rpmmacros
sudo yum group install "Development Tools"
cp voipmonitor.spec ~/rpmbuild/SPECS/
cp b47e0d2.tar.gz ~/rpmbuild/SOURCES/
# install dependencies
yum install -y curl-devel json-c-devel fftw-devel gnutls-devel libogg-devel libpcap-devel libgcrypt-devel libpng-devel libssh-devel libxml2-devel libvorbis-devel lzo-devel mariadb-devel rrdtool-devel snappy-devel unixODBC-devel zlib-devel curl json-c mariadb-server rrdtool snappy unixODBC glib2-devel
 # build rpm
cd ~/rpmbuild/SPECS
rpmbuild -ba voipmonitor.spec # on error install suggested dependencies
# check specfile and rpms
sudo yum install rpmlint
rpmlint voipmonitor.spec ../RPMS/*/voipmonitor-*.rpm ../SRPMS/voipmonitor-*
# install rpm
sudo rpm -iv ../RPMS/x86_64/voipmonitor-16.0-1.x86_64.rpm
# enable and start voipmonitor
systemctl enable voipmonitor.service
systemctl start voipmonitor.service
Voipmonitor can either run on the provisioning server itself or on a dedicated server. Only if it is run on a different (dedicated) server one needs to add a mysql user to allow remote access to the voipmonitor DB (which will be created by the Voipmon migration) on the provisioning server. To do so run the following commands on the provisioning server:
-- the wildcard char (%) allows connections from all IP addresses, this should be limited by firewalld CREATE USER 'voipmonitor'@'%' IDENTIFIED BY 'secret_password'; -- user `voipmonitor` has all privileges on DB voipmonitor, none for the other DBs GRANT ALL PRIVILEGES ON voipmonitor.* TO 'voipmonitor'@'%'; GRANT ALL PRIVILEGES ON voipmonitor.cdr TO 'nmsprime'@'%'; FLUSH PRIVILEGES;
Of course the mysql port needs to be allowed using firewalld on the provisioning server, e.g. only allow 80.243.X.Y (the dedicated voipmonitor server):
<rule family="ipv4">
<source address="80.243.X.Y"/>
<service name="mysql"/>
<log prefix="mysql" level="info"/>
<accept/>
</rule>
Add following entries to .env file of provisioning server (root directory of laravel framework):
.env
VOIPMONITOR_DB_HOST=localhost VOIPMONITOR_DB_DATABASE=voipmonitor VOIPMONITOR_DB_USERNAME=voipmonitor VOIPMONITOR_DB_PASSWORD=secret_password
This is not strictly necessary, as the DB can be access via the root credentials used to access db_lara. But it's nice to divide power and limit access.
Lastly voipmonitor needs to be configured to use the remote DB instead of the local one:
--- a/etc/voipmonitor.conf +++ b/etc/voipmonitor.conf -mysqlhost = 127.0.0.1 +mysqlhost = 46.167.X.Y -mysqlusername = root -mysqlpassword = +mysqlusername = voipmonitor +mysqlpassword = secret_password -interface = eth0 +interface = eno2 -ringbuffer = 50 +ringbuffer = 1000 -#cdronlyrtp = yes +cdronlyrtp = yes -savesip = yes +savesip = no -savertp = yes +savertp = no -savertcp = yes +savertcp = no -savegraph = yes +savegraph = no -maxpoolsize = 102400 +maxpoolsize = 40960
Using voipmonitor
- to start/stop/enable/disable voipmonitor.service use systemctl
- voipmonitor can be configured via /etc/voipmonitor.conf
- to analyze a single captured pcap/pcapng use the following command (debug only):
$ voipmonitor -r test.pcap -P /tmp/voipmonitor.pid --config-file /etc/voipmonitor.conf
Example installation
mysql_voipmonitor_psw='...' sed -i "s/^SELINUX=enforcing$/SELINUX=disabled/" /etc/sysconfig/selinux sed -i "s/^SELINUX=enforcing$/SELINUX=disabled/" /etc/selinux/config setenforce 0 yum install mariadb mariadb-server systemctl start mariadb systemctl enable mariadb mysql_tzinfo_to_sql /usr/share/zoneinfo | mysql -u root mysql echo "CREATE DATABASE voipmonitor CHARACTER SET 'utf8'; GRANT ALL ON voipmonitor.* TO voipmonitor@localhost IDENTIFIED BY '$mysql_voipmonitor_psw';" | mysql -u root mysql_secure_installation curl -o voipmonitor-16.0.2-1.x86_64.rpm https://repo.nmsprime.com/rpm/misc/voipmonitor-16.0.2-1.x86_64.rpm yum install voipmonitor-16.0.2-1.x86_64.rpm # adjust config /etc/voipmonitor.conf systemctl start voipmonitor systemctl enable voipmonitor
Migrating to remote voipmonitor instance
voipmon
useradd -m voipmonitor -s /bin/bash sudo -u voipmonitor ssh-keygen cat << EOF > /etc/systemd/system/mariadb-tunnel.service [Unit] Description=SSH tunnel for remote MariaDB After=network.target Wants=network.target [Service] User=voipmonitor Group=voipmonitor ExecStart=/usr/bin/ssh -NL 3307:localhost:3306 -o TCPKeepAlive=yes -o ServerAliveInterval=300 nms Restart=on-failure RestartSec=20s TimeoutStartSec=20s [Install] WantedBy=multi-user.target EOF mkdir -p /etc/systemd/system/voipmonitor.service.d cat << EOF > /etc/systemd/system/voipmonitor.service.d/wait-tunnel.conf [Unit] After=mariadb-tunnel.service Requires=mariadb-tunnel.service EOF cat << EOF > /etc/systemd/system/voipmonitor.service.d/less-verbosity.conf [Service] ExecStart= ExecStart=/usr/bin/voipmonitor --config-file /etc/voipmonitor.conf Restart=on-failure RestartSec=20s TimeoutStartSec=20s EOF systemctl daemon-reload
nmsprime
useradd -m voipmonitor mkdir -p /home/voipmonitor/.ssh chmod 700 /home/voipmonitor/.ssh echo 'command="/sbin/nologin",no-agent-forwarding,no-pty,no-user-rc,no-X11-forwarding,permitopen="localhost:3306" ssh-rsa <key> voipmonitor@voipmon' >> /home/voipmonitor/.ssh/authorized_keys chmod 600 /home/voipmonitor/.ssh/authorized_keys chown -R voipmonitor:voipmonitor /home/voipmonitor/.ssh mysql -u root -p -e "GRANT ALL ON voipmonitor.* TO 'voipmonitor'@'%' IDENTIFIED BY '<password>';"
voipmon
sudo -u voipmonitor ssh -NL 3307:localhost:3306 -o TCPKeepAlive=yes -o ServerAliveInterval=300 nms systemctl start mariadb-tunnel vim /etc/voipmonitor.conf mysqlport = 3307 mysqlpassword = <password> systemctl restart voipmonitor