nerdia.net

FreePBX multiple time conditions

May 14, 2021/0 Comments/in SIP /by Stefan Helander

The easiest way to get multiple time conditions in FreePBX is to daisy chain them. A common scenario is to have a standard time condition for normal opening hours and in addition to that, time conditions for holidays occuring on normal weekdays, like christmas and new year for example.

Create one time group for normal opening hours, for example monday to friday 08.00-17.00.
Create one time condition for the normal opening hours, using the above time group. If time matches, connect the destination to the open IVR or queue. If time doesn’t match, connect it to a closed IVR or a voice message saying you’re closed. This is going to be the last time condition in the chain.
Create time groups for each of the holidays. If time matches, connect the destination to a voice message saying you’re closed. If time condition doesn’t match connect it to the next time condition. Remember, the last time condition in the chain should be the one for normal opening hours.
Connect the inbound route to the first time condition in your chain.

Inbound route -> Time condition for holiday 1 -> Time condition for holiday 2 -> Time condition for normal opening hours

How to change mysql table engine MyISAM to InnoDB

May 14, 2021/0 Comments/in Linux/FreeBSD /by Erik Svensson

login to mysql shell as root.
locate the database where the tables are situated.
SET @DATABASE_NAME = ‘name_of_your_db’; // name_of_your_db = the database you want to change table engine.
SELECT CONCAT(‘ALTER TABLE ', table_name, ' ENGINE=InnoDB;’) AS sql_statements FROM information_schema.tables AS tb WHERE table_schema = @DATABASE_NAME AND ENGINE = ‘MyISAM’ AND TABLE_TYPE = ‘BASE TABLE’ ORDER BY table_name DESC;
The result will end up in a list of the tables that needs to be changed. Copy the list and do the following.
Shift to the database involved:

USE name_of_your_db
START TRANSACTION;
insert the copied list
COMMIT;
You have now changed the engine of the tables.

[ERROR] Fatal error: Can’t open and lock privilege tables: Table ‘mysql.user’ doesn’t exist

May 12, 2021/0 Comments/in Linux/FreeBSD /by Erik Svensson

This error ocurs then the database mysql is missing or corrupt.
Stop the mysql server “service mysql-server stop”
Make a backup of /var/db/mysql “mv /var/db/mysql /var/db/mysql.old”.
To rebuild the database execute “/usr/local/libexec/mysqld –initialize”
You will get a temporary password. Remember the password for later use.
Start the mysql server “service mysql-server start”
To start upp the new configuration “mysql_secure_installation”. Use the Password to start the configuration and step thru the wizzard.
Restore the mysql backup and the server is good as new.

“There has been a critical error on your website. Learn more about debugging in WordPress.” after updating to WordPress 5.7 (All in one WP security and firewall) [Solved]

March 10, 2021/0 Comments/in WordPress /by Stefan Helander

Investigating the error log reveals that the problem has to do with All in one WP security and firewall plugin:

Got error 'PHP message: PHP Fatal error:  Cannot redeclare retrieve_password() (previously declared in /www/wp-includes/user.php:2671) in /www/wp-content/plugins/all-in-one-wp-security-and-firewall/other-includes/wp-security-rename-login-feature.php on line 358'

The problem has been solved in All in one WP security and firewall plugin version 4.4.8, so it means your WordPress site was updated to 5.7 prior to updating the plugins.

To solve it, you need to update All in one WP security and firewall but not being able to login to your site you will need to solve this using FTP.

Using FTP, rename the folder wp-content/plugins/all-in-one-wp-security-and-firewall to something else. Now you can log into your site and reinstall All in one WP security and firewall. Make sure you get at least version 4.4.8.

ISPConfig3 localized ‘Welcome to your new email account’ mail not working [SOLUTION]

February 21, 2021/0 Comments/in Ispconfig /by Stefan Helander

I made a copy of the file welcome_email_en.txt from /usr/local/ispconfig/server/conf/mail to /usr/local/ispconfig/server/conf-custom/mail and named it welcome_email_se.txt and translated the content of the file, as I wanted my clients to be greeted to their new email account in Swedish. However, the client was still receiving the welcome email in English.

It turned out that the configuration file for ISPConfig has a parameter for language which controls what email templates to use. I thought it would use the country settings from the Client but it doesn’t.

In /usr/local/ispconfig/server/lib check if the file config.inc.local.php exists. If it doesn’t, create one (here is a template for it).

Add the line:

$conf['language'] = 'se';

By using config.inc.local.php and not directly editing config.inc.php you are making sure it doesn’t get overwritten in the next ISPConfig3 update.

In a multiserver setup (master/slaves) this must be done on all the slaves as the ‘Welcome to your new email account’-email is being generated on the server where the new mailbox is located.

Automatic restart of IPSec VPN on Teltonika RUT-950 / RUT-240

February 2, 2021/0 Comments/in Network /by Stefan Helander

On one location where I am using a Teltonika RUT-950 / RUT-240 router, the IPSec VPN can only be connected in one direction which is outbound. Normally both ends can initiate the connection. The reason for this is that the router is connecting using 3G/4G and the provider only allows outbound traffic (i.e. “surf the Internet”). I need to buy an extra service for “fixed IP-address” in order to get their firewall removed from my service.

My IPSec VPN setup is based on hostname updated through dynamic DNS. If the router reboots, it will get a new IP-address and sometimes the router tries to connect the VPN before the dynamic DNS has been updated, causing the VPN connection to fail. The router gives up and does not try anymore to connect the VPN. A manual workaround is to remote control a computer on the LAN side of the router, login to the router, disable the VPN profile, save, enable it and save again. Now the VPN connects.

The Teltonika products are wonderful in many ways but I lack a way of restarting IPSec VPN via SMS. It is only possible to restart OpenVPN connections using SMS.

To avoid manual actions to get the VPN up in a case like this I have created a small script. It checks if an IP-address on the other side of the tunnel is ping:able, if not it restarts IPSec VPN and it normally resolves the problem.

Log in to the Teltonika RUT-950 / RUT-240 using CLI or SSH.
Create a script in /root/chk_vpn.sh with the following content:

#!/bin/ash HOST=10.0.0.1 if ping -c5 $HOST > /dev/null; then echo "$HOST responded; VPN is up!" else echo "$HOST did not respond; trying to restart VPN" /usr/sbin/ipsec restart fi

Replace the IP-adress on the HOST= line to an IP-address on the other side of the tunnel that you know should be up at all times and responds only when the IPSec VPN is up, for example the LAN interface of the other router.
Check from the router commandline that you can ping the IP-address (if you mistakenly enter an IP-address that doesn’t respond to ping even thought IPSec VPN is up, your VPN will be disrupted 10 times per hour).
Enter crontab -e and add the following line:

*/6 * * * * /root/chk_vpn.sh

Exit vi (ESC then :wq and enter)

This will check the VPN connection 10 times per hour and if necessary restart it.

Prevent Mac OSX ssh from disconnecting (also on any Linux/BSD/*nix system)

January 7, 2021/0 Comments/in Apple Mac OS X, Linux/FreeBSD /by Stefan Helander

To prevent ssh from disconnecting while idle, add the following to ~/.ssh/config:

Host *
    ServerAliveInterval 30
    TCPKeepAlive no

This solution is alse useable in any Linux/BSD/*nix environment. If you want to implement this not only on your own user, as a sysadmin, add the above to /etc/ssh/ssh_config instead.

Cisco RV160 IPv6 configuration

December 28, 2020/1 Comment/in Network /by Stefan Helander

This is how I configured IPv6 address received dynamically from my ISP. This is not to be confused with using a 6to4 tunnel service which is something completely different. In this case, a real IPv6 address is received using DHCP6 or SLAAC from the ISP.

In this setup the IPv6 LAN side is bridged with the IPv6 WAN side, so the LAN subnet is a part of the larger WAN subnet. Firewall rules will apply even though it is a bridged, not routed setup.

Go to WAN -> WAN settings -> IPv6 Settings and select DHCP, check DHCP-PD and enter “0” for Prefix name. Apply.
Go to Status and Statistics -> IPv6 tab and verify that you get a IPv6 address from your provider (starting with 2a02 in my case).
Go to LAN -> VLAN Settings and select vlan 1, click edit button.

In the IPv6 sections, select prefix from WAN 0, in my case address beginning with 2a02 and /48 size.
Enter 0 for suffix, 64 for prefix length, leave DHCP Type disabled. Apply.
Go to LAN -> Router advertisment and click Enable, select Unicast, do not select Managed or Other. Make sure the IPv6 prefix is visible in the Prefix table.

Done.

WordPress displays “Connection Information” asking for FTP credentials

December 11, 2020/0 Comments/in WordPress /by Stefan Helander

WP displays “Connection Information” and a text “To perform the requested operation, WordPress needs to access your web server. Please enter your FTP credentials to proceed. If you do not remember your credentials, you should contact your web host.”

To solve this, add the following line to your wp-config.php:

define('FS_METHOD','direct');

If that doesn’t solve the problem you need to check the file access rights for the WordPress installation on the web server.

How to upgrade Windows 10 Enterprise Evaluation to full version

November 20, 2020/0 Comments/in Windows /by Stefan Helander

If you’ve tried the Windows 10 Enterprise Evaluation and decide to go on and buy the full version, Microsoft doesn’t support a simple way of just converting or upgrading.

This is how you do it.

You will need:

An ISO image of Windows 10 Enterprise, download it from Microsoft (link is not provided here because Microsoft has a tendency to change their URL:s and direct links usually ends up broken, so you just have to search for it at Microsoft). Note: It MUST be for the same language code as the one used when you installed the Evaluation.
A Windows 10 license key.

Start the upgrade using the ISO image but do not continue
Start the Registry Editor (i.e. run regedit)

Search for “CurrentVersion”, i.e:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion

In EditionID value data, change EnterpriseEval to Enterprise
In ProductName value, change Windows 10 Enterprise Evaluation to Windows 10 Enterprise
Immediately continue the upgrade while the Registry Editor is still open (otherwise the changed registry values will revert and you will not be able to upgrade).