This week we’ll finish up our introduction of Incredible PBX® 16-15 for the Raspberry Pi with a quick look at some of the additional features that are offered on this new platform and that were not covered in our first and second articles. These include text-to-speech apps for news, weather, and today in history as well as the sample ODBC apps for speed dialing and employee data base lookups. We’ll also walk you through the conferencing setup and document the easiest way to deploy an Interactive Voice Response (IVR) system or a Stealth AutoAttendant with or without Direct Inward System Access (DISA) which provides a way to call into your PBX from anywhere and obtain dial tone to make calls or access features just as if you were using a local phone connected to your PBX. We’ll finish up with a review of the Incredible PBX security model: Travelin’ Man 3 IPtables firewall, Fail2Ban, and PortKnocker.

Introduction to Incredible PBX TTS Apps

Text-to-Speech (TTS) applications are included in Incredible PBX for two reasons. First, they provide useful information by phone. Second, they document the procedure required to build your own TTS applications using Asterisk®. That process typically includes a dialplan code addition to /etc/asterisk/extensions_custom.conf plus a PHP/AGI script which must be stored in /var/lib/asterisk/agi-bin. The actual interaction with the caller is handled in the dialplan code using a TTS engine to convert the text results of the PHP/AGI query into audio suitable for playback over the telephone. The (free) PicoTTS engine is included in the Incredible PBX image for the Raspberry Pi. The commercial IBM TTS engine is also available.

The job of the dialplan code is to answer the incoming call and prompt the caller for any necessary information that needs to be passed to the PHP/AGI script to obtain the information sought by the caller. For example, with the Weather by ZIP code app, the caller dials Z-I-P (947) and the dial plan code prompts the caller for the ZIP code of the desired weather report. This ZIP code is then passed to the nv-weather-zip.php AGI script to retrieve the requested weather forecast. The text results of the query then are passed back to the dialplan code which plays back the results to the caller using the PicoTTS engine.

Three sample TTS applications are included. Dial 951 for the latest Yahoo News headlines. Dial 947 to obtain a weather report for any American city using its ZIP code. Dial T-O-D-A-Y to listen to Today in History events for the current day of the year.

Introduction to Incredible PBX ODBC Apps

As with TTS apps, sample ODBC apps are included in Incredible PBX to provide useful information to callers and to document the procedure required to build your own ODBC applications with Asterisk. For those unfamiliar with ODBC, it is a middleware component that lets you build generic database applications that will work with almost any data base management system. In our case, we are using the MySQL clone, MariDB, as the backend database. But the same ODBC API could be used with a database stored in SQLite, or SQL Server, or PostgreSQL. To interact with your own database, the first step is to install an ODBC connector for your particular database so that it can "talk" to Linux and to Asterisk. On the Linux side, take a look at /etc/odbc.ini for examples of how this is done for individual databases. If you’re using a backend database other than MySQL/MariaDB, then the driver must be installed and added to /etc/odbcinst.ini. On the Asterisk side, there are three pieces that need to be put in place in /etc/asterisk. res_odbc_custom.conf houses the actual linkages to the ODBC databases defined in /etc/odbc.ini. func_odbc.conf houses the actual ODBC queries that will be used to read and write information from and to your databases. Finally, odbc.conf contains the dialplan code that will be used to interact with the caller. It answers the incoming calls, prompts the caller for necessary data to complete the query, executes the query defined in func_odbc.conf, and then converts the text results to audio and passes the results back to the caller using the PicoTTS app.

Two sample ODBC applications are included. Dial 222 to obtain an employee name lookup from the employee timeclock database by entering the employee number, e.g. 12345. Dial 223 for a speed dial application using the AsteriDex dialcode (the first 3 letters of a name). For example, enter D-E-L to obtain phone number of Delta Airlines and optionally place the call.

Introduction to Incredible PBX Conference Bridge

The Incredible PBX platform includes a preconfigured conference application which makes it easy for two or more parties to confer regarding any subject matter of common interest. Those with a local extension on the PBX can join the conference by dialing C-O-N-F (2663). For callers outside the PBX to participate, you would need to add a DID that points to the conference number. We’ve made it easy by including this option in the sample IVR created by Allison Smith. Simply designate the IVR as the destination for a DID and tell users to choose option 2. Local users can call D-E-M-O (3366) and choose option 2.

Before using the conference application, you will want to reset the conference passwords. There’s one for users and a second one for the conference leader. After logging into your server as root, issue the command: ./reset-conference-pins. You can display most of the passwords on your PBX including the conference PINs: ./show-passwords.

The conference bridge setup is configured in the GUI: Applications -> Conferences. Here you can decide whether to require the conference administrator to be present before users can join the conference, you can force termination of the conference when the admin leaves, you can enable the menus for users and administrators by pressing *, you can choose whether to record the conference, you can set the maximum number of conference participants, and much more. Simply click on the ? icons for explanations of the various features. CAUTION: Be advised that saving new settings for the conference bridge will reset the conference PINs to the entries shown or entered into the template, e.g. 1234 and 4321 as shown above!

Configuring Incredible PBX IVRs and AutoAttendants

We’ve included a sample IVR and the Stealth AutoAttendant as part of the Incredible PBX install. The easiest way to master the process of building these is to examine the included samples and try them out: Applications -> IVR -> DemoIVR. The demo IVR comes with all the options preconfigured. Be very careful exposing this through a DID unless you have hardened the passwords, especially for the Telephone Reminders app since this application allows any caller to set up calls to external phone numbers which may cost you money!

The IVR options themselves are self-explanatory and well-documented under the ? icon. The IVR Entries at the bottom of the template define the destinations for caller button presses during a call. The Stealth AutoAttendant is worth examining further since it does not include predefined destinations. You would need to add these yourself. The idea behind a Stealth AutoAttendant is to provide options to a caller which are not explained when the AutoAttendant answers the call. In this way, it allows you to "hide" certain features of your PBX from the average caller. While standing alone, it’s obviously not secure since anyone can press a number on their phone after being connected, it does at least obscure the existence of the options. One good use for this is a DISA option which would let you call into your PBX to obtain dialtone to perform other functions on the PBX with an appropriate password, of course. This is documented in the next section and would need to be set up BEFORE adding the option as a choice on the AutoAttendant.

Configuring DISA with Incredible PBX

Before setting up a DISA option with Incredible PBX, be aware of the risks. Anyone that guesses your DISA password basically gets a blank check to perform any function that could be executed from any phone registered to your PBX. If you’ve decided to proceed anyway, access the GUI and choose Applications -> DISA -> Add DISA. Here’s what a typical DISA setup would look like. You’d obviously want a much more secure PIN!

Once you have saved the template and reloaded your dialplan, you then can add DISA as an option in your IVR or AutoAttendant. Be sure to test it carefully before exposing it for public access. You’ve been warned!

Incredible PBX Security Model Overview

Unlike most other free PBX offerings, Incredible PBX is always deployed as a secure platform. Attempts to access Incredible PBX from outside your local area network will fail unless the IP address has been whitelisted in the IPtables firewall using one of the Travelin’ Man 3 utilities: add-ip or add-fqdn. Repeated attempts to access the PBX will be blocked by Fail2Ban and subsequent attempts to whitelist a blocked IP address will not be successful until the Fail2Ban quarantine expires. Thus, it is important to set up Incredible PBX initially using a desktop PC from which you will subsequently manage the PBX. This assures that at least this desktop PC’s IP address is whitelisted.

To whitelist a static IP address, log into your server as root and issue the following command: ./add-ip my-log-cabin 12.34.56.78 where my-log-cabin is the descriptive name you wish to associate with the whitelisted IP address and 12.34.56.78 is the actual IP address.

Obviously, everyone doesn’t have a static IP address. That’s what the add-fqdn utility is for. It allows you to use a dynamic DNS service to assign an FQDN to a dynamic IP address and rely upon the dynamic IP address provider to keep the FQDN synchronized as the IP address changes. Search your favorite search engine, search for "free dynamic dns raspberry pi" to find available providers. On the Incredible PBX, the setup is much the same except you’ll use the FQDN assigned to the IP address: ./add-fqdn my-log-cabin logcabin.myip.com. Incredible PBX actually runs a script every 10 minutes to keep dynamic IP addresses synchronized. Don’t make any changes to /root/ipchecker. If you’d prefer to have the script run more frequently, adjust the 10 entry in the ipchecker line in /etc/crontab.

Last but not least, Incredible PBX includes the PortKnocker utility which provides an emergency "back door" into your PBX if you ever find yourself locked out by the firewall rules. The idea behind PortKnocker is that you send a packet to three random, pre-defined ports in a particular sequence and, if there’s a match, PortKnocker whitelists your IP address for further access to the server until the firewall is restarted or the server is rebooted. You’ll find your credentials and documentation in /root/knock.FAQ. If your PBX is sitting behind a hardware-based router or firewall, be sure to map the three TCP ports to the LAN IP address of your PBX. Enjoy!

Originally published: Wednesday, August 28, 2019



Need help with Asterisk? Visit the PBX in a Flash Forum.


 

Special Thanks to Our Generous Sponsors

FULL DISCLOSURE: RentPBX, Amazon, Skyetel, Vitelity, DigitalOcean, Vultr, Digium, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls plus quadruple data center redundancy assures that you’ll never have a failed call. Tutorial and sign up details are here.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously offered to provide a customized White Label version of Incredible PBX that is specifically tailored for use with Incredible PBX and VitalPBX custom applications. Soon!
 

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 


RentPBX, a long-time partner and supporter of PIAF project, is offering generous discounts for Nerd Vittles readers. For all of your Incredible PBX hosting needs, sign up at www.RentPBX.com and use code NOGOTCHAS to get the special pricing. The code will lower the price to $14.99/month, originally $24.99/month. It’s less than 50¢/day.


Print Friendly, PDF & Email

Be Sociable, Share!

Tags:

Leave a comment

Your email address will not be published. Required fields are marked *

*