Hello everyone,
after a long time searching why my asterisk listens on port 4321 I found
the culprit: chan_ss7.
After looking at the code it turned out that chan_ss7 listens on port
4321 for clustering. That is not bad as it is, but if you don't use
clustering it is not needed. In fact every port opened which is not
needed is a security risc. Therefore I patched chan_ss7 to use a new
config option in the host section.
So now clustering is only started if in host
cluster => yes
is set. In any other cases it is not started until you do so manually in
the CLI. In the patch there are some other things changed, don't get
confused by this.
Regards,
Kai
--
Kai Militzer WESTEND GmbH | Internet-Business-Provider
Technik CISCO Systems Partner - Authorized Reseller
Lütticher Straße 10 Tel 0241/701333-14
[EMAIL PROTECTED] D-52064 Aachen Fax 0241/911879
--- /usr/local/src/asterisk/latest/chan_orig/Makefile 2006-03-16 16:45:39.000000000 +0100
+++ /usr/local/src/asterisk/latest/chan_ss7-0.8.3.mod/Makefile 2006-03-17 16:10:25.000000000 +0100
@@ -5,7 +5,7 @@
INCLUDE+=
CC=gcc
-CFLAGS=$(INCLUDE) -g -pipe -Wall -Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations -D_REENTRANT -D_GNU_SOURCE -DPIC -fpic
+CFLAGS=$(INCLUDE) -g -pipe -Wall -Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations -D_REENTRANT -D_GNU_SOURCE -DPIC -fpic
# -DMODULETEST
SOLINK=-shared -Xlinker -x
--- /usr/local/src/asterisk/latest/chan_orig/chan_ss7.c 2006-03-17 10:11:57.000000000 +0100
+++ /usr/local/src/asterisk/latest/chan_ss7-0.8.3.mod/chan_ss7.c 2006-04-10 15:37:49.237046824 +0200
@@ -642,7 +642,7 @@
if(pvt == NULL) {
ast_mutex_unlock(&glock);
- *cause = AST_CAUSE_BUSY;
+ *cause = AST_CAUSE_NORMAL_CIRCUIT_CONGESTION;
ast_log(LOG_WARNING, "SS7 requester: No idle circuit available.\n");
return NULL;
}
@@ -762,7 +762,8 @@
struct ss7_chan *pvt = arg;
ast_log(LOG_NOTICE, "T1 timeout (waiting for RLC) CIC=%d.\n", pvt->cic);
- isup_send_rel(pvt, pvt->owner->hangupcause);
+ // isup_send_rel(pvt, pvt->owner->hangupcause);
+ isup_send_rel(pvt, pvt->hangupcause);
return 1; /* Run us again the next period */
}
@@ -1335,19 +1336,23 @@
static void check_iam_sam(struct ss7_chan* pvt)
{
int complete = (pvt->link->linkset->enable_st && pvt->iam.dni.complete) ||
- ast_exists_extension(pvt->owner, pvt->context, pvt->iam.dni.num, 1, pvt->iam.rni.num);
+ ( ast_exists_extension(pvt->owner, pvt->context, pvt->iam.dni.num, 1, pvt->iam.rni.num) && (!pvt->link->linkset->t35_action) );
if (complete) {
pvt->iam.dni.complete = 1;
ast_log(LOG_DEBUG, "Setting iam.dni.complete\n");
handle_complete_address(pvt);
} else {
- if (ast_canmatch_extension(pvt->owner, pvt->context, pvt->iam.dni.num, 1, pvt->iam.rni.num) != 0) {
- ast_log(LOG_DEBUG, "Processing addr %s, incomplete, starting T35\n", pvt->iam.dni.num);
- t35_start(pvt);
+ if (pvt->link->linkset->t35_action) {
+ if (ast_canmatch_extension(pvt->owner, pvt->context, pvt->iam.dni.num, 1, pvt->iam.rni.num) != 0) {
+ ast_log(LOG_DEBUG, "Processing addr %s, incomplete, starting T35\n", pvt->iam.dni.num);
+ t35_start(pvt);
+ } else {
+ initiate_release_circuit(pvt, AST_CAUSE_UNALLOCATED);
+ }
}
else {
- ast_log(LOG_DEBUG, "Unable to match extension, context: %s, dni: %s, rni: %s\n", pvt->context, pvt->iam.dni.num, pvt->iam.rni.num);
- initiate_release_circuit(pvt, AST_CAUSE_UNALLOCATED);
+ ast_log(LOG_DEBUG, "Processing addr %s, incomplete, starting T35\n", pvt->iam.dni.num);
+ t35_start(pvt);
}
}
}
@@ -2315,6 +2320,9 @@
return;
}
strcat(pvt->iam.dni.num, inmsg->sam.sni.num);
+ if (inmsg->sam.sni.complete) {
+ pvt->iam.dni.complete = 1;
+ }
check_iam_sam(pvt);
}
@@ -2326,7 +2334,6 @@
/* Q.764 (2.1.4.6 a): When receiving ACM, stop T7 and start T9. */
t7_clear(pvt);
- t9_start(chan);
if(pvt->state != ST_SENT_IAM) {
ast_log(LOG_NOTICE, "Got ACM message, but sent no IAM, on CIC=%d?!?",
@@ -2341,6 +2348,7 @@
ast_log(LOG_NOTICE, "Missing chan pointer for CIC=%d, processing ACM?!?\n", pvt->cic);
return;
}
+ t9_start(chan);
/* Q.764 (2.1.4.6 a): Alert if called_party_status is "subscriber free". */
if(inmsg->acm.back_ind.called_party_status == 1) {
@@ -4481,9 +4489,11 @@
mtp_send_fifo = mtp_get_send_fifo();
}
#else
- if(cluster_init(isup_event_handler, isup_block_handler)) {
- ast_log(LOG_ERROR, "Unable to initialize cluster.\n");
- return -1;
+ if(this_host->cluster) {
+ if(cluster_init(isup_event_handler, isup_block_handler)) {
+ ast_log(LOG_ERROR, "Unable to initialize cluster.\n");
+ return -1;
+ }
}
if(mtp_init()) {
ast_log(LOG_ERROR, "Unable to initialize MTP.\n");
--- /usr/local/src/asterisk/latest/chan_orig/config.c 2006-03-16 11:59:37.000000000 +0100
+++ /usr/local/src/asterisk/latest/chan_ss7-0.8.3.mod/config.c 2006-04-10 15:37:15.486177736 +0200
@@ -480,7 +480,7 @@
char *host_name = &cat[strlen("host-")];
struct host* host = &hosts[n_hosts];
char links_spec_buf[100] = {0,};
- int has_opc = 0, has_dpc = 0, has_links = 0, has_enabled = 0, has_if = 0;
+ int has_opc = 0, has_dpc = 0, has_links = 0, has_enabled = 0, has_if = 0, has_cluster = 0;
if (n_hosts == MAX_HOSTS) {
ast_log(LOG_ERROR, "Too many hosts defined while parsing config for host '%s' (max %d).\n", host_name, MAX_HOSTS);
@@ -534,6 +534,13 @@
p = strsep(&spec, ",");
}
has_dpc = 1;
+ } else if(0 == strcasecmp(v->name, "cluster")) {
+ if ((strcasecmp(v->value, "yes") != 0) && (strcasecmp(v->value, "no") != 0)) {
+ ast_log(LOG_ERROR, "Invalid value '%s' for cluster entry for host '%s'.\n", v->value, host_name);
+ return -1;
+ }
+ host->cluster = strcasecmp(v->value, "yes") == 0;
+ has_cluster = 1;
} else if(0 == strcasecmp(v->name, "enabled")) {
if ((strcasecmp(v->value, "yes") != 0) && (strcasecmp(v->value, "no") != 0)) {
ast_log(LOG_ERROR, "Invalid value '%s' for enabled entry for host '%s'.\n", v->value, host_name);
--- /usr/local/src/asterisk/latest/chan_orig/config.h 2006-03-16 11:52:59.000000000 +0100
+++ /usr/local/src/asterisk/latest/chan_ss7-0.8.3.mod/config.h 2006-04-10 15:36:03.650098480 +0200
@@ -119,6 +119,7 @@
alivestate state;
int has_signalling_receivers;
int enabled;
+ int cluster;
};
extern int n_linksets;
_______________________________________________
--Bandwidth and Colocation provided by Easynews.com --
asterisk-ss7 mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-ss7
