Problems with IAX Clients in Realtime Asterisk - mysql

I have a problem with the iax clients when I try to used them with dynamic realtime, I can stablish a call with an extension
I'am using Centos 6, asterisk 11 and mysql
The only visible problem is when a iax client try to register asterisk log this:
CLI> ...WARNING: chan_iax2.c:4452 realtime_peer: Failed to parse sockaddr '(null)' for ipaddr of realtime peer 'ipaddr'
I use this table for iax clients:
+------+----------+--------+---------+--------+---------+----------+-------+
| name | username | type | host | secret | context | disallow | allow |
+------+----------+--------+---------+--------+---------+----------+-------+
| 1001 | 1001 | friend | dynamic | 1001 | agents | all | ulaw |
| 1002 | 1002 | friend | dynamic | 1002 | agents | all | ulaw |
+------+----------+--------+---------+--------+---------+----------+-------+
regards

The warning message stop when is establish the parameter rtcachefriends in the general section of iax.con file:
/etc/asterisk/iax.conf
[general]
rtcachefriends=yes
The call could not be establish because a mistake in the extconfig.conf:
Different from 'sip' for 'iax' one have to explicitly specify 'peers' and 'users'
/etc/asterisk/extconfig.conf:
sippeers => mysql,asterisk,sippeers
extensions => mysql,asterisk,extensions
iaxpeers => mysql,asterisk,iaxfriends
iaxusers => mysql,asterisk,iaxfriends

Related

Implementing an enrichment using Spark with MySQL is bad idea?

I am trying to build one giant schema that makes data users to query easier, in order to achieve that, streaming events have to be joined with User Metadata by USER_ID and ID. In data engineering, This operation is called "Data Enrichment" right? the tables below are the example.
# `Event` (Stream)
+---------+--------------+---------------------+
| UERR_ID | EVENT | TIMESTAMP |
+---------+--------------+---------------------+
| 1 | page_view | 2020-04-10T12:00:11 |
| 2 | button_click | 2020-04-10T12:01:23 |
| 3 | page_view | 2020-04-10T12:01:44 |
+---------+--------------+---------------------+
# `User Metadata` (Static)
+----+-------+--------+
| ID | NAME | GENDER |
+----+-------+--------+
| 1 | Matt | MALE |
| 2 | John | MALE |
| 3 | Alice | FEMALE |
+----+-------+--------+
==> # Result
+---------+--------------+---------------------+-------+--------+
| UERR_ID | EVENT | TIMESTAMP | NAME | GENDER |
+---------+--------------+---------------------+-------+--------+
| 1 | page_view | 2020-04-10T12:00:11 | Matt | MALE |
| 2 | button_click | 2020-04-10T12:01:23 | John | MALE |
| 3 | page_view | 2020-04-10T12:01:44 | Alice | FEMALE |
+---------+--------------+---------------------+-------+--------+
I was developing this using Spark, and User Metadata is stored in MySQL, then I realized it would be waste of parallelism of Spark if the spark code includes joining with MySQL tables right?
The bottleneck will be happening on MySQL if traffic will be increased I guess..
Should I store those table to key-value store and update it periodically?
Can you give me some idea to tackle this problem? How you usually handle this type of operations?
Solution 1 :
As you suggested you can keep a local cache copy of in key-value pair on your local and updated the cache as regular interval.
Solution 2 :
You can use a MySql to Kafka Connector as below,
https://debezium.io/documentation/reference/1.1/connectors/mysql.html
For every DML or table alter operations on your User Metadata Table there will be a respective event fired to a Kafka topic (e.g. db_events). You can run a thread in parallel in your Spark streaming job which polls db_events and updates your local cache key-value.
This solution would make your application a near-real time application in true sense.
One over head I can see is that there will be need to run a Kafka Connect service with Mysql Connector (i.e. Debezium) as a plugin.

find_in_set and find_in_set unexpected result

USE mysql;
DROP PROCEDURE IF EXISTS ShowUsers;
DELIMITER $
CREATE PROCEDURE `ShowUsers`(IN KnownUsers varchar(500), IN KnownHosts varchar(500))
BEGIN
SELECT
user,host
FROM
user
WHERE
NOT FIND_IN_SET(host, KnownHosts)
AND
NOT FIND_IN_SET(user, KnownUsers)
ORDER BY user, host ASC;
END $
DELIMITER ;
Example complete data to work with:
+-------------+-------------+
| user | host |
+-------------+-------------+
| knownuser1 | 192.168.1.5 |
| knownuser2 | 192.168.1.5 |
| unknownuser | 192.168.1.5 | # I want this result to show
| someuser1 | 192.168.1.6 |
| someuser2 | 192.168.1.6 |
| someuser3 | 192.168.1.6 |
| root | localhost |
+-------------+-------------+
I have marked the result I would want to show from running the procedure, basically the two IN parameters are known users, and known hosts those that should be have a user record on this database.
Calling the function like this
# users and hostnames(ips) to match for exclusion from results.
SET #Usernames = 'knownuser1,knownuser2';
SET #Hostnames = '192.168.1.5';
CALL ShowUsers(#Usernames, #Hostnames);
Expected Result:
+-------------+-------------+
| user | host |
+-------------+-------------+
| unknownuser | 192.168.1.5 | # I want this result to show
| someuser1 | 192.168.1.6 |
| someuser2 | 192.168.1.6 |
| someuser3 | 192.168.1.6 |
| root | localhost |
+-------------+-------------+
Actual Result:
+-------------+-------------+
| user | host |
+-------------+-------------+
| someuser1 | 192.168.1.6 |
| someuser2 | 192.168.1.6 |
| someuser3 | 192.168.1.6 |
| root | localhost |
+-------------+-------------+
Explanation (off this topic but I think I should clarify) The reason I want this procedure to work, I have a master server with multiple remote slaves, the slaves need to have access to the masters database which means they also have to have "root" access, they can create/reconfigure their own access credentials. The problem with this is if one of those servers were ever compromised it would leave open the chance to have a new user added with credentials to basically all of the database. Wide open and free to take.
I could lock the slaves out after initial configuration and manually open up the door, run an update and then lock it again which would be pretty laborious for the application and make the application virtually useless.
The idea I'm going with right now is to run this procedure via cron run script and check for unknown users/hosts and lock that slave server out of the database until I accept or reject the user from the main application.
The condition in the WHERE clause is:
NOT FIND_IN_SET(host, KnownHosts) AND NOT FIND_IN_SET(user, KnownUsers)
which is equivalent to:
NOT (FIND_IN_SET(host, KnownHosts) OR FIND_IN_SET(user, KnownUsers))
which means that you want to exclude the rows for which:
host is included in KnownHosts or user is included in KnownUsers.
So for your sample data, the row:
unknownuser | 192.168.1.5
will not be returned, because host = '192.168.1.5' and it is included in KnownHosts (= '192.168.1.5').
Maybe change the logical operator to OR, if this is the logic that you want to apply:
NOT FIND_IN_SET(host, KnownHosts) OR NOT FIND_IN_SET(user, KnownUsers)

iOS -Is Write Denied Error In Firebase Security Rules Or In The Rules Simulator?

My Database structure is:
root
|
#-users
| |
| #-uid
| |
| #-registration
| | |
| | |-completed: true
| |
| #-sneakersPath//registered users post/write sneaker for sale to this path
| |
| |
| #-autoID//i.e. xyz123
| |-sneakercondition: "used"
| |-sneakername: "nike"
|
|
#searchSnkPath//registered and anonymous users can search/read the sneakers for sale here
|
#-autoID//xyz123
|-sneakercondition: "used"
|-sneakername: "nike"
I'm developing an iOS app only logged in users can use and I'm using Firebase as my backend. I'm using 2 of the Firebase Sign-In Methods: Email/Password and Anonymous. I have a login scene with a email/password field and a button to enter in as an anonymous user.
There are 2 scenarios:
A user creates an account using the Email/Password method. They have to fill out email and password fields. Once they do that this user gets a permanent uid and a registration path is created. At that registration path I add a key/value pair of completed:true. From that point on the user presses a login in button to enter the app (they're logged in with their permanent uid). This user can post(write) sneakers for sale to a sneakersPath. They can also search(read) for sneakers that they or other users posted for sale.
An anonymous user uses the app without creating an account using the Anonymous method which is an anonymous button. They press the anonymous entry button and they can enter the app. Once they press that button they get a temporary uid that is unique to their visit (they're logged in with a temporary uid). Since this user is anonymous the only thing this user can do is search(read) what other users from the 1st scenario posted for sale. Once they logout if they log back in anonymously they get a different temporary uid.
In both situations I run checks on the client side to verify if a user is logged in as registered user or if they are an anonymously user. Based on those checks I can prevent an anonymous user from posting sneakers anonymously. Everything is working properly.
Even though I run the checks on the iOS side I want to had some extra enforcement in my Firebase Rules to make sure an anonymous user can't post anything and I want to run a check on the kvp completed:true specifically:
root.child('users').child($uid).child('registration').child('completed').val() === true"
Right now my security rules are:
{
"rules": {
"users": {
"$uid": {
".read": "$uid === auth.uid && auth != null"
".write": "$uid === auth.uid && auth != null && root.child('users').child($uid).child('registration').child('completed').val() === true"
}
}
}
}
When I go to the Firebase Rules Simulator and try to write I get:
In the below picture I have Authenticated switched to the right to "on" and the only choices I got were Anonymous, Google, Facebook, Twitter, and Custom. Since I'm using Email/Password and it's not listed I chose Custom. I also don't have the Admin box checked because I don't know what it is for.
Am I doing something wrong in my Json Security Rules or am I using the Rules Simulator incorrectly?
The problem was that inside the Firebase Database I had to add the same exact foo uid data that Firebase had given me inside the simulator.
root
|
#-users
| |
| #-uid//this is another user's uid
| | |
| | #-registration
| | | |
| | | |-completed: true
| | |
| | #-sneakersPath
| | |
| | |
| | #-autoID
| | |-sneakercondition: "used"
| | |-sneakername: "nike"
| |
| |
| #59c96197-7cf9-44d3-bfbc-8d4f3324461//this is the foo uid the simulator provided. It must be added in the db so it can read it
| | |
| | #-registration
| | | |
| | | |-completed: true
| | |
| | #-sneakersPath
| | |
| | |
| | #-autoID//abc789
| | |-sneakercondition: "new"
| | |-sneakername: "reebok"
|
#searchSnkPath
|
#-autoID//xyz123
| |-sneakercondition: "used"
| |-sneakername: "nike"
|
|
|
#-autoID//abc789
|-sneakercondition: "new"
|-sneakername: "reebok"
Here is the foo path/uid data that the simulator provided:
Note the foo uid is also inside the token payload:
If your going to use real data that's inside your database to test in the simulator make sure you delete the foo path/uid the simulator provides and replace it with whatever path/uid is in your database or you'll keep getting a Simulated Write Denied response.
Inside the token payload you can keep the "provider" : "anonymous" to use with your the real data from your database but be sure to replace the foo uid with whichever one your using

MySQL -> HTML Report, Styled like a Pivot Table

Ok, I'd like to start off by apologizing (profusely), since this seems to be a common question. Most of the examples seem to be somewhat similar, as well, but - for the life of me, I cannot wrap my brain around how to apply the myriad of quality responses to my specific table. And, I'm sure it's probably just the easiest thing in the world, what with all the very thorough responses/examples/links to resources with explanations/etc.
So, I suppose I'll just get right to it. The basics:
We host off-site copies of our clients' backups.
We need to know how much space they're using.
We are not at all consistent in Naming Convention, folder vs. disk per client, etc.
We need to automate a 'report', monthly, with data as follows:
-[C.Srv 01]---Size(GB)--Free(%)
Client 01 [Total] [AVG]
Server 01 109.43 25
Server 02 415.19 25
WHERE C.Srv = [Specified Cloud Server]
Clients Get a Total Size(GB) and an Average Free(%)
My MySQL table is this:
# Name DataType Length/Set Unsigned Allow NULL ZeroFill Default
1. ID INT 11 AUTO_INCREMENT
2. Client TEXT
3. Server TEXT
4. C.Srv TEXT
5. Size DECIMAL 10,2
6. Free DECIMAL 10,4
So, for Example, let's say I have this...
___ ________ ________ _________ _________ _______
ID | CLIENT | SERVER | C.SRV | SIZE | FREE
---|--------|--------|---------|---------|-------
1 | a | adc | cs_01 | 109.43 | 0.2504
2 | a | asql | cs_01 | 415.19 | 0.2504
3 | b | bdc | cs_01 | 583.91 | 0.1930
4 | b | bdev | cs_01 | 316.52 | 0.1930
5 | b | bsql | cs_01 | 1259.56 | 0.1930
6 | c | cdc | cs_01 | 355.30 | 0.7631
7 | d | ddc | cs_01 | 398.21 | 0.5808
Is it possible to get something pretty, in HTML (preferably), that has the basic structure of this...
_______ __________ ________
CS_01 | Size(GB) | Free(%)
-------|----------|--------
-a | 524.62 | 25.04%
-------|----------|--------
adc | 109.43 | 25.04%
asql | 415.19 | 25.04%
-b | 2178.88 | 19.30%
-------|----------|--------
bdc | 583.91 | 19.30%
bdev | 316.52 | 19.30%
bsql | 1259.56 | 19.30%
+c | 355.30 | 76.31%
-------|----------|--------
+d | 398.21 | 58.08%
_______|__________|________
Or, am I just S.O.L.? Format, I can mess with in CSS, or whatever (I hope), just so long as it's in that basic structure. (I don't know if it matters, but the final goal will be to collapse at the Client Level; in case that somehow factors into the approach/data-gathering.)

Unauthenticated user in mysql processes list - hack attempt?

I see frequently when I run mysqladmin proc or when I review the MySQL Server process list a user marked with: unauthenticated user trying to connect.
+-----+----------------------+--------------+-----------------+---------+------+------------------+------------------+-----------+---------------+-----------+
| Id | User | Host | db | Command | Time | State | Info | Rows_sent | Rows_examined | Rows_read |
+-----+----------------------+--------------+-----------------+---------+------+------------------+------------------+-----------+---------------+-----------+
| 40 | unauthenticated user | x.x.x.x:xxxx | | Connect | | Reading from net | | 0 | 0 | 0 |
What may causes such thing?
Is that normal, or should I investigate my system for any vulnerability or security breach?
Thanks
unauthenticated user is the user connected and not yet sent authentication credentials. Doesn't look like a hack attempt to me.