vicidial.org

Posted: **Thu Mar 07, 2013 7:37 pm**

Step By Step!

http://www.viciwiki.com/index.php/DGG

If your name is "Kumba" or "The Vicidial Group" you are free to copy and incorporate this without any residuals or "mention" of PoundTeam. Anyone else: Attribution-ShareAlike 3.0 Unported License: http://creativecommons.org/licenses/by-sa/3.0/us/

Posted: **Wed Mar 13, 2013 7:55 pm**

I didnt see anyone say thank you so let me be the first!
Thank you!

Nice guide. It should help a lot of people out there.

Posted: **Wed Mar 13, 2013 8:18 pm**

I like customers who want "customization". I do not like having to respond to customers whose servers have been hacked. It's expensive to rebuild and secure a server ... but nothing is "built" during this process. My coders like ... coding! 8-)

Posted: **Thu Mar 14, 2013 8:16 am**

wow this is great. Thank you williamconley

I just want to ask few things with
URL for Dynamic Good Guys Login:
http://xxx.xxx.xxx.xxx:81/xxxxxxxxxxxxx ... xxxxxx.php
agents can login to the server without any issue but what will be the link if you are the manager?

Posted: **Thu Mar 14, 2013 8:21 am**

Same link. Log in there first, then hit the /vicidial/admin.php page manually and you'll already be "allowed" past the firewall due to your successful login attempt at the :81 page.

Good question

Upon Request (ie: $$ or time) we could modify the :81 to bounce admins to the Welcome Page instead of the agent login page after completion (based on user level, of course).

Posted: **Thu Mar 14, 2013 8:30 am**

another question, I didn't able to read on the wiki that SIP connection will be allowed too. will SIP be allowed to also? I guess it should.

But what will be the process for this? I guess agent should start logging in to port 81 link first to allow their IP's then configure their softphones next?

Posted: **Thu Mar 14, 2013 8:34 am**

yes. As soon as the agent logs in via :81, their sip phone will be able to register as well.

Posted: **Thu Mar 14, 2013 8:46 am**

for this one
Enter FQDN or IP - whichever is used in URL - of this server for apache configuration:
I have enter the Public IP address of the server, what if I want to change the IP address? how can i change this?

Posted: **Thu Mar 14, 2013 9:38 am**

I believe that is used to create the link ... it will still work after you change your IP, but you'll need to modify the link in your browser.

Posted: **Wed Mar 20, 2013 8:51 pm**

Note: Sourceforge moved the repository for a "sub package" and we found out today. In theory this has been repaired. We'll be testing it tomorrow if we get a chance.

Posted: **Thu Jul 18, 2013 6:40 am**

Have DGG in production now, its pretty neat, thank you PoundTeam!

But I have a few things that you might want to look at:

In the wiki page http://www.viciwiki.com/index.php/DGG
after:
"Alt-Q" to quit and return to Command Line mode

you should add somehting like:
back in "yast firewall" again and select Custom Rules
Or something because that is not mentioned when the next step starts talking about Custom Rules

And I added "align=left" to the goodguys.php/phpmysqlezedit.php script to make the column name be aligned with the values (maybe it looks weird for me because I have a widescreen)
with all on the left side its much better

Code: Select all: --- phpmysqlezedit/phpmysqlezedit.php.orig 2013-07-18 02:23:24.000000000 +0200 +++ phpmysqlezedit/phpmysqlezedit.php 2013-07-18 02:23:57.000000000 +0200 @@ -342,7 +342,7 @@ $addstring="<a href='{$_SERVER['PHP_SELF']}?action=add&table=$table&limit=$limit'>Add</a>"; } print(' '."\n".'<table width='.$width.'% align="center">'."\n"); - print(" <tr><th colspan=$num_fields>View Table $table $addstring</th></tr>\n <tr><th>Del</th><th>Mod</th>\n"); + print(" <tr><th colspan=$num_fields>View Table $table $addstring</th></tr>\n <tr align=left><th>Del</th><th>Mod</th>\n"); while ($i < $num_fields) {

And I edited stage two to ask for the address for the mysql server + a fake prompt
and added a check to see if the mysql command succeed, if it fails then it asked if it should continue

Code: Select all: --- dgg/dgg_install_stage_two.sh.orig 2013-07-18 01:36:21.000000000 +0200 +++ dgg/dgg_install_stage_two.sh 2013-07-18 01:47:22.000000000 +0200 @@ -25,7 +25,16 @@ echo "Argument $((i)): ${args[$i]}" } +echo Enter ip address to the mysql server - blank if localhost +echo -n ">" +read -e HOST +if [[ ${#HOST} > 1 ]] +then + HOST=-h$HOST +fi + echo Enter root mysql password - blank if no password +echo -n ">" read -e PASS if [[ ${#PASS} > 1 ]] then @@ -34,7 +43,13 @@ #echo $PASS #@TODO: Get db name from conf echo "Installing Database" -mysql asterisk < $SVNREPOSITORY/dgg_mysql_setup.sql $PASS +mysql asterisk < $SVNREPOSITORY/dgg_mysql_setup.sql $PASS $HOST +if [[ $? -ne 0 ]] +then + echo -e "\nThe mysql import seams to have failed, you might want to Ctrl+C now and check it up and try again" + echo -n "Or else just press Enter" + read -e FAIL +fi #@TODO: Create Update version /bin/bash /usr/src/poundteam/dgg/dgg_install_stage_three.sh

(you could make this step try to get the login details from /etc/astguiclient.conf instead, that would be sweet!)

also added a fake prompt to stage four: echo -n ">"

Didn't bother messing with uploading patch files for these small changes

What I miss is a uninstall script, I know its pretty hard to do, but its not impossible.

And also write the script so it can be run again without adding duplicates to the files it writes to
because that happen to me when it failed to import the sql-file

Posted: **Mon Aug 12, 2013 11:13 pm**

back in "yast firewall" again and select Custom Rules

added

align=left

added

For the mysql, however, multi-server installation is merely accomplished on each server. So it can fail on the non-mysql boxes as long as it works on the real mysql server.

Our next upgrade to the package (if anyone funds it ...) will include multi-server either through http to the other instances or trust through apache to ssh commands. We perform these by hand now, because it's a bit complex to install the trust version and nobody wants to pay for development of the http version. But we've got many installs with trust allowing instant access to all servers regardless of which server you started on. Required by a few clients with load balancing that do not have apache running on any of their dialers.

Posted: **Tue Aug 13, 2013 8:43 am**

Nice!

Then I got an other patch for stage two:

Code: Select all: --- dgg_install_stage_two.sh.orig 2013-07-09 10:55:07.415359949 +0200 +++ dgg_install_stage_two.sh 2013-08-13 15:30:22.895547687 +0200 @@ -35 +35,2 @@ -#@TODO: Get db name from conf +#@TODO: Get db name from conf * Done +source <(sed 's/\ =>\ /=/g' /etc/astguiclient.conf) #parsing the astguiclient config file and use the VARDB variables @@ -37 +38 @@ -mysql asterisk < $SVNREPOSITORY/dgg_mysql_setup.sql $PASS +mysql $VARDB_database < $SVNREPOSITORY/dgg_mysql_setup.sql $PASS -h$VARDB_server

Then we are killing two birds with one stone, getting the database name and ip-address

I have only installed DGG on one of my servers, the one with asterisk and apache, because my standalone firewall stops all other traffic pointed to the other servers,
Seams line I'm the only one with this kind of setup

but the change in stage two will make the install work on server setups like mine and like yours,
its better that the database install works all the time instead of failing on all servers except the database server

Posted: **Tue Aug 13, 2013 9:00 am**

Code: Select all: source <(sed 's/\ =>\ /=/g' /etc/astguiclient.conf) #parsing the astguiclient config file and use the VARDB variables mysql $VARDB_database < $SVNREPOSITORY/dgg_mysql_setup.sql $PASS -h$VARDB_server

updated.

although we'll see if it creates a problem when multiple servers try to create the same table. LOL

Posted: **Wed Aug 14, 2013 7:11 am**

Cool

This is what's gonna happen:
the second server runs the dgg_mysql_setup.sql that will drop the goodguys table and recreate it.

if they already started adding ip-addresses with DGG then they will be surprised that their entries are removed when they installed the second server

code could be added to check the table structure and decide if it needs to be recreated or not, or maybe this can be done in sql,

or you can solve it by dumping the data to a temp table and insert it back in when the goodguys table is created

Code: Select all: --- dgg_mysql_setup.sql.orig 2013-07-09 10:55:07.413360151 +0200 +++ dgg_mysql_setup.sql 2013-08-14 14:10:14.399784846 +0200 @@ -1,3 +1,8 @@ +DROP TEMPORARY TABLE IF EXISTS goodguystemp; +CREATE TEMPORARY TABLE goodguystemp LIKE goodguys; +INSERT INTO goodguystemp SELECT * FROM goodguys; DROP TABLE IF EXISTS goodguys; CREATE TABLE IF NOT EXISTS goodguys ( id bigint(20) NOT NULL AUTO_INCREMENT, name varchar(50) COLLATE utf8_unicode_ci DEFAULT NULL, ip varchar(15) COLLATE utf8_unicode_ci NOT NULL COMMENT 'xxx.xxx.xxx.xxx', temporary enum('Y','N') COLLATE utf8_unicode_ci NOT NULL DEFAULT 'N' COMMENT 'temporary = dump at reboot', timestamp timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT 'entry date', PRIMARY KEY (id), UNIQUE KEY ip (ip) ) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci AUTO_INCREMENT=1 ; +INSERT INTO goodguys(id,name,ip,temporary,timestamp) SELECT id,name,ip,temporary,timestamp FROM goodguystemp; +DROP TEMPORARY TABLE goodguystemp;

Posted: **Wed Aug 14, 2013 1:17 pm**

why would you drop it if it exists? why not just leave it there? that's why the create command has "if not exists" in it, to avoid dumping the existing table.

Posted: **Thu Aug 15, 2013 2:15 am**

the row: "DROP TABLE IF EXISTS goodguys;" is not added by me, its in the svn,
and I would drop it because the existing table might have the wrong structure

Posted: **Thu Aug 15, 2013 10:46 am**

did you check this to see if it fails if there is no prior table "goodguys"? some of those commands appear to rely on it's previous existence without an "IF"

Posted: **Thu Aug 15, 2013 2:29 pm**

as long as the process starts with "DROP TABLE IF EXISTS" it will work in both ways, if it exists and if it does not exist

and as long as these columns are the same: id,name,ip,temporary,timestamp
it will be able to insert the old data even if the new goodguys have more columns, the new columns will default if they are not defined in the insert

Posted: **Thu Aug 15, 2013 2:49 pm**

CREATE TEMPORARY TABLE goodguystemp LIKE goodguys

if there is no "goodguys" won't this fail?

and my question wasn't "will it fail" it was "did you test". i'm assuming you didn't test ... you "decided"? 8-)

(or did you actually test it both ways?)

i'd hate to make an svn change and then find out it kills the script at this point

Posted: **Thu Aug 15, 2013 2:58 pm**

haha, right, that second line.. ops xD sorry !
Tested it, with and without a table structure change. but forgot the third and very important way

Posted: **Thu Aug 15, 2013 6:49 pm**

Well, keep tweaking it. It'll be better every time.

Posted: **Tue May 06, 2014 8:11 am**

Was helping ruben23 out with how to use DGG in a multiserver setup where you need to access several external ip-addresses and came up with a solution I would like to share.

With this change you need to login once on one server only

You will need to install DGG on the other servers the master server will access phpmysqlezedit/goodguys.php page on the other servers

on the "master"-server you add a few lines to the secret file on port 81
just above the line "header("Location: http://$locationbase/agc/vicidial.php?r ... phone_pass");"

Code: Select all: $url = 'http://NEXT_SERVER_IN_CLUSTER.LOCAL/phpmysqlezedit/goodguys.php?access=SECRET-STRING-TO-ACCESS-DGG-ADMIN&action=savenew'; $ch = curl_init($url); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, "name=$VD_login&ip=$add&temporary=Y"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $response = curl_exec($ch); curl_close($ch);

Change
NEXT_SERVER_IN_CLUSTER.LOCAL
to the IP or domain-name to the next server in the cluster,
if you got more servers just add all the rows a second time with the other server IP or domain-name
and change
SECRET-STRING-TO-ACCESS-DGG-ADMIN
to the secret access string to DGG admin you get when you install DGG

Posted: **Sun Jun 08, 2014 11:33 pm**

Excellent. I think we'll add a slightly modified version of that. We'll pull from the servers table to get a list on which to execute (excluding "me" on the server being executed, so it can be executed on any server). Adding this to the "after script" that activates the GOOD file addition will make it work when submit is pushed, and putting it in a loop will allow unlimited clustered servers. Also putting in a "no wait" directive will cause it to ignore any servers that don't have DGG installed.

Posted: **Fri Aug 15, 2014 1:20 pm**

I have successfully installed DGG on a single server setup, stock ViCibox.

Only my problem is that the editor URL is not working. The agent login works fine.

Here is an example of what my URL's look like:

This one works fine:

http://myserver.com:81/sdfhuwesdf-sdf92-ff224-23rh8g2l-dig9g73jd7.php

This one redirects to the poundteam.com page:

http://myserver.com/phpmysqlezedit/goodguys.php?access=sdfhuwesdf-sdf92-ff224-23rh8g2l-dig9g73jd7

What could be wrong?

Posted: **Fri Aug 15, 2014 2:14 pm**

Does the access = value match the access variable set in /etc/ ?

What is the path to the etc file created?

Or did you just hard-code it directly into the file instead of using the include method?

Posted: **Fri Aug 15, 2014 7:44 pm**

I note that your two values are the same: the one for the filename of the :81 is actually the same as the access= value. That's not likely correct. The system does not make them the same. So you likely "created" one of those links instead of copying it from the installer CLI output.

Can you post the CLI output? (note that if you did not copy it when it showed, it cannot be found in history, it's just gone ...). We can still find the values, of course, but that output (if you captured it) would likely show your problem quite clearly.

Posted: **Sat Aug 16, 2014 2:55 am**

No i don't have the CLI output. It didn't say that in the wiki article.

Can i run the installer again or will that mess things up?

Posted: **Sat Aug 16, 2014 12:33 pm**

Copy this information! It is easy to get now, but not so simple later unless you are very familiar with Linux.

Running the installer again will NOT get this information but will possibly break something ... and will not actually resolve anything.

The password in question will be stored in /etc/phpmysqlezedit/goodguys.php

Posted: **Sat Aug 16, 2014 3:20 pm**

Thanks found it and got it working :-)

So if i want do this on a cluster i'll have to buy the pound team addon?

Will adding an IP also open up port 4569 for IAX2?

Posted: **Sat Aug 16, 2014 4:32 pm**

No need to purchase unless you want "login on A to allow use of B immediately". Works nicely on a cluster, as long as your agents log in to the server they will be using for both Web and Dialer (if they use two different servers, they'll need to log in to both to gain access through the firewall of both immediately).

Posted: **Tue Nov 25, 2014 7:22 am**

I have installed and followed the directions above line by line on a fresh install. Site still appears in MegaProxy and I am able to ping the server.

Did I miss something?

Posted: **Tue Nov 25, 2014 9:00 am**

In yast firewall you turned off the allowed services under the advanced menu?

Posted: **Tue Nov 25, 2014 10:10 pm**

External zone only has port 81 listed for TCP all others have been deleted.

Posted: **Wed Nov 26, 2014 5:15 am**

Did you mind this:

NOTE: After installation, DO NOT use Yast Firewall ... Yast firewall deletes good guy entries upon saving/exiting from yast. Be sure to check all entries before final submission.

Is yast firewall actually running?

I don't know what else to look for, could be anything. Are the admin and authentication pages working properly for DDG?

Posted: **Thu Nov 27, 2014 5:21 pm**

HI guys any multi server guide in installing DGG somehow..? like 1 database/Web server and 2 asterisk Server. Thanks

Posted: **Thu Nov 27, 2014 7:31 pm**

I've seen it somewhere in the forums. Also you can pay poundteam to set it up for you.

Posted: **Fri Dec 12, 2014 7:27 am**

wrote about multiserver in this very topic

viewtopic.php?f=4&t=27329#p111442

Posted: **Thu Dec 18, 2014 7:43 am**

I did another DGG install but my colleague was unaware of this and used Yast firewall. But the admin page and authentication page still seem to work.

In the apache log i see this:

[Thu Dec 18 03:21:28 2014] [error] File does not exist: /srv/www/lockdown/myadmin
[Thu Dec 18 03:21:31 2014] [error] File does not exist: /srv/www/lockdown/phpMyAdmin-4.2.1-all-languages
[Thu Dec 18 03:21:34 2014] [error] File does not exist: /srv/www/lockdown/phpMyAdmin-4.2.1-english
[Thu Dec 18 03:21:39 2014] [error] File does not exist: /srv/www/lockdown/sqlite
[Thu Dec 18 03:21:42 2014] [error] File does not exist: /srv/www/lockdown/SQLite
[Thu Dec 18 03:21:45 2014] [error] File does not exist: /srv/www/lockdown/SQLiteManager-1.2.4
[Thu Dec 18 03:21:45 2014] [error] File does not exist: /srv/www/lockdown/sqlitemanager
[Thu Dec 18 03:21:46 2014] [error] File does not exist: /srv/www/lockdown/SQlite
[Thu Dec 18 03:21:46 2014] [error] File does not exist: /srv/www/lockdown/SQLiteManager
[Thu Dec 18 07:00:01 2014] [notice] Graceful restart requested, doing restart
[Thu Dec 18 07:00:01 2014] [notice] Apache/2.2.15 (Linux/SUSE) mod_ssl/2.2.15 OpenSSL/1.0.0 PHP/5.3.3 configured -- resuming normal operations
[Thu Dec 18 09:45:35 2014] [error] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.Win32:)
[Thu Dec 18 10:07:38 2014] [error] [ Directory index forbidden by Options directive: /srv/www/htdocs/agc_nl/
[Thu Dec 18 10:08:04 2014] [error] script '/srv/www/htdocs/agc_nl/vicidail.php' not found or unable to stat
[Thu Dec 18 10:17:14 2014] [error] File does not exist: /srv/www/lockdown/favicon.ico
[Thu Dec 18 10:17:14 2014] [error] File does not exist: /srv/www/lockdown/favicon.ico
[Thu Dec 18 10:17:28 2014] [error] File does not exist: /srv/www/htdocs/phpmysqlezedit/style.css, referer:
[Thu Dec 18 10:17:49 2014] [error] File does not exist: /srv/www/htdocs/phpmysqlezedit/style.css, referer:
[Thu Dec 18 10:17:52 2014] [error] File does not exist: /srv/www/htdocs/phpmysqlezedit/style.css, referer:
[Thu Dec 18 10:17:58 2014] [error] File does not exist: /srv/www/htdocs/phpmysqlezedit/style.css, referer:
[Thu Dec 18 10:18:06 2014] [error] File does not exist: /srv/www/htdocs/phpmysqlezedit/style.css, referer:
[Thu Dec 18 11:04:12 2014] [error] File does not exist: /srv/www/lockdown/favicon.ico

Any recommendations?

Posted: **Wed Feb 03, 2016 5:15 pm**

hello Guys,

I am new to vicibox. I am having an issue with the DGG install. When i access from the vicibox from an external ip it puts the router wan IP address in the good guys list. Does this mean that i am opening up ports to the internet?

Please help.

Vicibox 7 standard single install. No Dial Hardware,

vicidial.org

Dynamic Good Guys Firewall for Stock Vicibox Servers

Dynamic Good Guys Firewall for Stock Vicibox Servers

Re: Dynamic Good Guys Firewall for Stock Vicibox Servers

Re: Dynamic Good Guys Firewall for Stock Vicibox Servers

Re: Dynamic Good Guys Firewall for Stock Vicibox Servers

Re: Dynamic Good Guys Firewall for Stock Vicibox Servers

Re: Dynamic Good Guys Firewall for Stock Vicibox Servers

Re: Dynamic Good Guys Firewall for Stock Vicibox Servers

Re: Dynamic Good Guys Firewall for Stock Vicibox Servers

Re: Dynamic Good Guys Firewall for Stock Vicibox Servers

Re: Dynamic Good Guys Firewall for Stock Vicibox Servers

Re: Dynamic Good Guys Firewall for Stock Vicibox Servers

Re: Dynamic Good Guys Firewall for Stock Vicibox Servers

Re: Dynamic Good Guys Firewall for Stock Vicibox Servers

Re: Dynamic Good Guys Firewall for Stock Vicibox Servers

Re: Dynamic Good Guys Firewall for Stock Vicibox Servers

Re: Dynamic Good Guys Firewall for Stock Vicibox Servers

Re: Dynamic Good Guys Firewall for Stock Vicibox Servers

Re: Dynamic Good Guys Firewall for Stock Vicibox Servers

Re: Dynamic Good Guys Firewall for Stock Vicibox Servers

Re: Dynamic Good Guys Firewall for Stock Vicibox Servers

Re: Dynamic Good Guys Firewall for Stock Vicibox Servers

Re: Dynamic Good Guys Firewall for Stock Vicibox Servers

Re: Dynamic Good Guys Firewall for Stock Vicibox Servers

Re: Dynamic Good Guys Firewall for Stock Vicibox Servers

Re: Dynamic Good Guys Firewall for Stock Vicibox Servers

Re: Dynamic Good Guys Firewall for Stock Vicibox Servers

Re: Dynamic Good Guys Firewall for Stock Vicibox Servers

Re: Dynamic Good Guys Firewall for Stock Vicibox Servers

Re: Dynamic Good Guys Firewall for Stock Vicibox Servers

Re: Dynamic Good Guys Firewall for Stock Vicibox Servers

Re: Dynamic Good Guys Firewall for Stock Vicibox Servers

Re: Dynamic Good Guys Firewall for Stock Vicibox Servers

Re: Dynamic Good Guys Firewall for Stock Vicibox Servers

Re: Dynamic Good Guys Firewall for Stock Vicibox Servers

Re: Dynamic Good Guys Firewall for Stock Vicibox Servers

Re: Dynamic Good Guys Firewall for Stock Vicibox Servers

Re: Dynamic Good Guys Firewall for Stock Vicibox Servers

Re: Dynamic Good Guys Firewall for Stock Vicibox Servers

Re: Dynamic Good Guys Firewall for Stock Vicibox Servers

Re: Dynamic Good Guys Firewall for Stock Vicibox Servers