[Snippet] FreePBX – Strip Incoming Country Code

This short & simple dial-plan removes the 3 digit country code from incoming calls and then pushes it to our FPBX IVR.
nano /etc/asterisk/extensions_custom.conf
After opening the above ^, modify and paste the below into the bottom of the file.
Modify your SIP trunk context to reflect the name below.

exten=>_X.,1,Verbose(Incoming call via SIP Trunk)
same=>n,GotoIf(["${CALLERID(num):0:3}" != "263"]?:noCCatstart)
same=>n,Verbose(a CallerID is ${CALLERID(num)})
same=>n(noCCatstart),Verbose(b CallerID is ${CALLERID(num)})
; This is the freepbx IVR we used to handle incoming calls. Change to whatever is in use on your environment. (extension/queue/etc)

FreePBX – Yealink Phonebook generator.

After deploying a few PBX’s, you get bored of manually generating the required XML for remote phonebooks on Yealink Handsets.
Here’s the first version of the phonebook.xml creation script. (Works on FPBX without any hitches) Observe the notes in the code please.
If you’d like a more updated version, please check my github repo here.
Once configured, point your yealink phones Remote phonebook to http://freepbx-ipaddress/phonebook.xml
This might need to be modified for other FPBX derivatives. (Elastix, Farsouth, etc)
Feel free to add me on Linkedin, or like my facebook page.

#       FreePBX Phonebook Creation Script
#      (c) Keith Rose All Rights Reserved.
# Assumptions
# 1. Base FPBX install. Database in use = asterisk
# 2. Localhost requires no authentication
# 3. Standard Yealink XML Phonebook
# 4. Apache webdir = /var/www/html
# 5. CallerID format = EXTENSION - CALLERID. E.g 2000 - Keith Rose
echo "FreePBX Yealink Phonebook creation script."
echo "  (c) Keith Rose. All Rights Reserved."
echo ""
echo ""
echo ""
echo ""
# Export Extension List to CSV
echo "1....Exporting DB"
mysql -B -e  "select name,extension from users;" asterisk | sed "s/'/\'/;s/\t/\",\"/g;s/^/\"/;s/$/\"/;s/\n//g" > /tmp/exp1.csv
echo "2....Tidying up content"
# Remove first line
tail -n +2 /tmp/exp1.csv > /tmp/exp2.csv
# Remove content prior to hyphen. E.g "2000 - Keith Rose" becomes "Keith Rose"
awk 'BEGIN{FS=OFS="- "} NF>1{$1="";sub(/^- */, "")}'1 /tmp/exp2.csv > /tmp/exp3.csv
# Remove all double quotes
sed 's/\"//g' /tmp/exp3.csv > /tmp/exp4.csv
echo "3....Generating XML"
echo '<?xml version="1.0"?>' > $file_out
echo '<YealinkIPPhoneDirectory>' >> $file_out
while IFS=$',' read -r -a arry
  echo '  <DirectoryEntry>' >> $file_out
  echo '    <Name>'${arry[0]}'</Name>' >> $file_out
  echo '    <Telephone>'${arry[1]}'</Telephone>' >> $file_out
  echo '  </DirectoryEntry>' >> $file_out
done < $file_in
echo '</YealinkIPPhoneDirectory>' >> $file_out
echo "4....Copying phonebook to /var/www/html/phonebook.xml"
cp /tmp/exp5.xml /var/www/html/phonebook.xml
echo "5....Fixing permissions"
chmod 644 /var/www/html/phonebook.xml
echo "6....Tidying up"
# tidying up
rm /tmp/exp* -f
echo ""
echo ""
echo "    Export complete!!"

Sophos XG – Irremovable Interfaces!

Occasionally, I’ve found interfaces on the Sophos XG firewall that won’t or can’t be removed. (Sometimes the name shows blank, with nothing in it)


#1 – SSH into the appliance with the admin user
#2 – Select Option 5 “Device Management”
#3 – Select Option 3 “Advanced Shell”
#4 – Look at the configured interfaces in the Database, identify the one you want to remove. (In this example, we’ll select PortG.1046)

psql -U nobody -d corporate -c "select * from tblinterface;"

#5 – Delete the affected/faulty Interface. In this example, we remove PortG.1046

psql -U nobody -d corporate -c "delete from tblinterface where interface='PortG.1046'; "

#6 – Navigate back to the Web UI, your interface should be successfully removed.


Sophos – Captive Portal Excess Traffic Over WAN

I have noticed that Sophos 16 seems to have a problem with the way it’s captive portal works. If enabled (firewall policy set to drop), it seems to generate excessive amounts of traffic over my links to the remote branches.
Screenshot below shows the traffic when captive portal is enabled, and you can see the massive drop after disabling it. (The blue line reflects the traffic being sent TO the branches, over the WAN)

As an interim solution, I have done the following

  1.  Creating an external ‘landing page’ and a firewall policy matching unauthenticated traffic destined to it with the action set to DROP. (Displays the portal)
  2. Set the action on all other unauthenticated traffic to REJECT, thus eliminating the excessive traffic

Curious if anyone else has encountered this problem. If so, hit me up on mail or in the comments. This issue could likely affect previous versions as well.


Snippet – Nginx Wildcard Subdomain

This snippet works with Letsencrypt Wildcard certificates! Specify -d * to install the certificate when using certbot.

Insert into server block. Change to correct domain.

server_name ~^(?<subdomain>.+)\.domain\.com$; 

root /var/www/html/domain,com/$subdomain/htdocs;