VoIP Monitoring Installation

Building and installing package from source

voipmointor.spec

Name: voipmonitor
Version: 16.0.2
Release: 1
Summary: A live network packet sniffer which analyze SIP and RTP protocol

Group: Applications/Communications
License: GPLv2
URL: https://www.voipmonitor.org
Source: https://github.com/%{name}/sniffer/archive/b47e0d2.tar.gz

BuildRequires: curl-devel, json-c-devel, fftw-devel, gnutls-devel, libogg-devel
BuildRequires: libpcap-devel, libgcrypt-devel, libpng-devel, libssh-devel
BuildRequires: libxml2-devel, libvorbis-devel, lzo-devel, mariadb-devel
BuildRequires: rrdtool-devel, snappy-devel, unixODBC-devel, zlib-devel
Requires: curl, json-c, mariadb-server, rrdtool, snappy, unixODBC

%description
VoIPmonitor is open source live network packet sniffer which analyze SIP
and RTP protocol. It can run as daemon or analyzes already captured pcap
files. For each detected VoIP call voipmonitor calculates statistics about
loss, burstiness, latency and predicts MOS (Meaning Opinion Score) according
to ITU-T G.107 E-model. These statistics are saved to MySQL database and each
call is saved as pcap dump. Web PHP application (it is not part of open
source sniffer) filters data from database and graphs latency and loss
distribution. Voipmonitor also detects improperly terminated calls when
BYE or OK was not seen. To accuratly transform latency to loss packets,
voipmonitor simulates fixed and adaptive jitterbuffer.

%prep
%autosetup -n sniffer-b47e0d2cd9af01ec029601a4b6dd13d76edd7b91

%build
autoreconf -vfi
%configure
make %{?_smp_mflags}

%install
install -Dm755 %{name} %{buildroot}%{_bindir}/%{name}
install -Dm644 config/%{name}.conf %{buildroot}%{_sysconfdir}/%{name}.conf
install -Dm644 config/systemd/%{name}.service %{buildroot}%{_unitdir}/%{name}.service
install -d %{buildroot}%{_localstatedir}/spool/%{name}

%files
%{_bindir}/%{name}
%{_unitdir}/%{name}.service
%config(noreplace) %{_sysconfdir}/%{name}.conf
%dir %{_localstatedir}/spool/%{name}

%changelog
* Mon Jun 13 2016 Ole Ernst <olebowle@gmx.com> - 16.0.2-1
- Initial RPM release

Download latest voipmonitor release: b47e0d2.tar.gz

# prepare build environment
mkdir -p ~/rpmbuild/{BUILD,RPMS,SOURCES,SPECS,SRPMS}
echo '%_topdir %(echo $HOME)/rpmbuild' > ~/.rpmmacros
sudo yum group install "Development Tools"
cp voipmonitor.spec ~/rpmbuild/SPECS/
cp b47e0d2.tar.gz ~/rpmbuild/SOURCES/

# install dependencies
yum install -y curl-devel json-c-devel fftw-devel gnutls-devel libogg-devel libpcap-devel libgcrypt-devel libpng-devel libssh-devel libxml2-devel libvorbis-devel lzo-devel mariadb-devel rrdtool-devel snappy-devel unixODBC-devel zlib-devel curl json-c mariadb-server rrdtool snappy unixODBC glib2-devel

 # build rpm
cd ~/rpmbuild/SPECS
rpmbuild -ba voipmonitor.spec # on error install suggested dependencies

# check specfile and rpms
sudo yum install rpmlint
rpmlint voipmonitor.spec ../RPMS/*/voipmonitor-*.rpm ../SRPMS/voipmonitor-*

# install rpm
sudo rpm -iv ../RPMS/x86_64/voipmonitor-16.0-1.x86_64.rpm

# enable and start voipmonitor
systemctl enable voipmonitor.service
systemctl start voipmonitor.service

Voipmonitor can either run on the provisioning server itself or on a dedicated server. Only if it is run on a different (dedicated) server one needs to add a mysql user to allow remote access to the voipmonitor DB (which will be created by the Voipmon migration) on the provisioning server. To do so run the following commands on the provisioning server:

-- the wildcard char (%) allows connections from all IP addresses, this should be limited by firewalld
CREATE USER 'voipmonitor'@'%' IDENTIFIED BY 'secret_password';
-- user `voipmonitor` has all privileges on DB voipmonitor, none for the other DBs
GRANT ALL PRIVILEGES ON voipmonitor.* TO 'voipmonitor'@'%';
GRANT ALL PRIVILEGES ON voipmonitor.cdr TO 'nmsprime'@'%';
FLUSH PRIVILEGES;

Of course the mysql port needs to be allowed using firewalld on the provisioning server, e.g. only allow 80.243.X.Y (the dedicated voipmonitor server):

  <rule family="ipv4">
    <source address="80.243.X.Y"/>
    <service name="mysql"/>
    <log prefix="mysql" level="info"/>
    <accept/>
  </rule>

Add following entries to .env file of provisioning server (root directory of laravel framework):

.env

VOIPMONITOR_DB_HOST=localhost
VOIPMONITOR_DB_DATABASE=voipmonitor
VOIPMONITOR_DB_USERNAME=voipmonitor
VOIPMONITOR_DB_PASSWORD=secret_password

This is not strictly necessary, as the DB can be access via the root credentials used to access db_lara. But it's nice to divide power and limit access.

Lastly voipmonitor needs to be configured to use the remote DB instead of the local one:

--- a/etc/voipmonitor.conf
+++ b/etc/voipmonitor.conf
-mysqlhost = 127.0.0.1
+mysqlhost = 46.167.X.Y
-mysqlusername = root
-mysqlpassword =
+mysqlusername = voipmonitor
+mysqlpassword = secret_password
-interface = eth0
+interface = eno2
-ringbuffer = 50
+ringbuffer = 1000
-#cdronlyrtp = yes
+cdronlyrtp = yes
-savesip = yes
+savesip = no
-savertp = yes
+savertp = no
-savertcp = yes
+savertcp = no
-savegraph = yes
+savegraph = no
-maxpoolsize        = 102400
+maxpoolsize        = 40960

Using voipmonitor

to start/stop/enable/disable voipmonitor.service use systemctl
voipmonitor can be configured via /etc/voipmonitor.conf
to analyze a single captured pcap/pcapng use the following command (debug only):

$ voipmonitor -r test.pcap -P /tmp/voipmonitor.pid --config-file /etc/voipmonitor.conf

Example installation

mysql_voipmonitor_psw='...'

sed -i "s/^SELINUX=enforcing$/SELINUX=disabled/" /etc/sysconfig/selinux
sed -i "s/^SELINUX=enforcing$/SELINUX=disabled/" /etc/selinux/config
setenforce  0

yum install mariadb mariadb-server
systemctl start mariadb
systemctl enable mariadb
mysql_tzinfo_to_sql /usr/share/zoneinfo | mysql -u root mysql
echo "CREATE DATABASE voipmonitor CHARACTER SET 'utf8'; GRANT ALL ON voipmonitor.* TO voipmonitor@localhost IDENTIFIED BY '$mysql_voipmonitor_psw';" | mysql -u root
mysql_secure_installation

curl -o voipmonitor-16.0.2-1.x86_64.rpm https://repo.nmsprime.com/rpm/misc/voipmonitor-16.0.2-1.x86_64.rpm
yum install voipmonitor-16.0.2-1.x86_64.rpm
# adjust config /etc/voipmonitor.conf

systemctl start voipmonitor
systemctl enable voipmonitor

Migrating to remote voipmonitor instance

voipmon

useradd -m voipmonitor -s /bin/bash

sudo -u voipmonitor ssh-keygen

cat << EOF > /etc/systemd/system/mariadb-tunnel.service
[Unit]
Description=SSH tunnel for remote MariaDB
After=network.target
Wants=network.target

[Service]
User=voipmonitor
Group=voipmonitor
ExecStart=/usr/bin/ssh -NL 3307:localhost:3306 -o TCPKeepAlive=yes -o ServerAliveInterval=300 nms
Restart=on-failure
RestartSec=20s
TimeoutStartSec=20s

[Install]
WantedBy=multi-user.target
EOF

mkdir -p /etc/systemd/system/voipmonitor.service.d

cat << EOF > /etc/systemd/system/voipmonitor.service.d/wait-tunnel.conf
[Unit]
After=mariadb-tunnel.service
Requires=mariadb-tunnel.service
EOF

cat << EOF > /etc/systemd/system/voipmonitor.service.d/less-verbosity.conf
[Service]
ExecStart=
ExecStart=/usr/bin/voipmonitor --config-file /etc/voipmonitor.conf
Restart=on-failure
RestartSec=20s
TimeoutStartSec=20s
EOF

systemctl daemon-reload

nmsprime

useradd -m voipmonitor

mkdir -p /home/voipmonitor/.ssh

chmod 700 /home/voipmonitor/.ssh

echo 'command="/sbin/nologin",no-agent-forwarding,no-pty,no-user-rc,no-X11-forwarding,permitopen="localhost:3306" ssh-rsa <key> voipmonitor@voipmon' >> /home/voipmonitor/.ssh/authorized_keys

chmod 600 /home/voipmonitor/.ssh/authorized_keys

chown -R voipmonitor:voipmonitor /home/voipmonitor/.ssh

mysql -u root -p -e "GRANT ALL ON voipmonitor.* TO 'voipmonitor'@'%' IDENTIFIED BY '<password>';"

voipmon

sudo -u voipmonitor ssh -NL 3307:localhost:3306 -o TCPKeepAlive=yes -o ServerAliveInterval=300 nms

systemctl start mariadb-tunnel

vim /etc/voipmonitor.conf
	mysqlport = 3307
	mysqlpassword = <password>

systemctl restart voipmonitor