Disclaimer - For lab use only. The following will void your warranty, render your instance unsupportable by TAC and probably cause your favorite pet to spontaneously combust. There are perfectly legitimate reasons why Cisco keeps the internal databases shielded from direct access by external applications. That being said, enjoy!
I got tired of going through the APIs to run queries on the CCM DB. Also got tired of having to have an SFTP server or using more APIs to look at CDR data. Here are the steps to give yourself direct access to both databases from a remote host. Keep in mind that they're not just separate databases, but on separate Informix instances. This method uses the temporary remote support credentials to make the ODBC connection. You can create a separate OS user and grant rights to that account instead. Using the remote support account here because this email is long enough as is. /* Enable remote support */ admin:utils remote_account enable Successful in enabling RemoteSupport admin:utils remote_account create myroot 30 Account Successfully created Account : myroot Passphrase : XXXXXXXXXX03 Expiry : 12-12-2018:19:00:00 (MM-DD-YYYY:Hr:Min:Sec) Decode Version : 3 admin:exit /* Connect as Remote Support */ Use UCOS Password Decrypter to decode passphrase SSH in using remote support account /* Get Instance Names */ [root@cucmpub myroot]# grep _ccm /etc/services ... cucmpub_ccm12_0_1_12000_1 1500/tcp # IDS on cucmpub ... [root@cucmpub myroot]# grep _car /etc/services ... cucmpub_car12_0_1_12000_1 1510/tcp # CAR IDS instance ... /* SU to Informix user */ [root@cucmpub myroot]# su - informix /* Get Database Names */ -bash-4.1$ echo 'select name from sysdatabases' | dbaccess sysmaster@cucmpub_ccm12_0_1_12000_1 ... name ccm12_0_1_12000_1 ... -bash-4.1$ echo 'select name from sysdatabases' | dbaccess sysmaster@cucmpub_car12_0_1_12000_1 ... name car ... /* Grant Informix Access */ -bash-4.1$ echo 'GRANT DBA TO myroot' | dbaccess ccm12_0_1_12000_1@cucmpub_ccm12_0_1_12000_1 -bash-4.1$ echo 'GRANT DBA TO myroot' | dbaccess car@cucmpub_car12_0_1_12000_1 -bash-4.1$ exit /* Open ports in firewall */ [root@cucmpub myroot]# iptables -A INPUT -p tcp -m tcp --dport 1510 --tcp-flags SYN SYN -j DROP [root@cucmpub myroot]# iptables -A INPUT -p tcp -m tcp --dport 1500 --tcp-flags SYN SYN -m hashlimit --hashlimit 35/second --hashlimit-burst 2000 --hashlimit-mode srcip,dstport --hashlimit-name TCP_1500_DOS -j ACCEPT [root@cucmpub myroot]# iptables -A INPUT -p tcp -m tcp --dport 1500 --tcp-flags SYN SYN -m limit --limit 1/minute --limit-burst 1 -j LOG --log-prefix " Exceeded hashlimit " --log-level warn [root@cucmpub myroot]# iptables -A INPUT -p tcp -m tcp --dport 1500 --tcp-flags SYN SYN -j DROP [root@cucmpub myroot]# iptables -A INPUT -p tcp -m tcp --dport 1510 --tcp-flags SYN SYN -m hashlimit --hashlimit 35/second --hashlimit-burst 2000 --hashlimit-mode srcip,dstport --hashlimit-name TCP_1510_DOS -j ACCEPT [root@cucmpub myroot]# iptables -A INPUT -p tcp -m tcp --dport 1510 --tcp-flags SYN SYN -m limit --limit 1/minute --limit-burst 1 -j LOG --log-prefix " Exceeded hashlimit " --log-level warn [root@cucmpub myroot]# iptables -A INPUT -p tcp -m tcp --dport 1510 --tcp-flags SYN SYN -j DROP Now you can use the myroot credentials along with the Informix Client SDK to connect directly to Informix. I loaded the 64 bit Windows client SDK (clientsdk.4.10.FC9DE.WIN.zip) so I could create a linked server in MSSQL and run queries via MS SQL Studio.
_______________________________________________ cisco-voip mailing list cisco-voip@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-voip
