Asterisk-manager.conf

From 탱이의 잡동사니
Revision as of 09:34, 3 October 2016 by Pchero (talk | contribs) (→‎Example)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Overview

Asterisk manager.conf 내용 정리

Basic

Asterisk 에서 AMI(Asterisk Manager Interface)를 사용하기 위해서 필요한 설정파일이다. 사용여부 On/Off 와 사용자의 등록과 권한등의 설정이 할 수 있으며 Telnet/Web 접속시의 사용 포트등을 지정할 수 있다.

general

기본적인 manager 모듈의 동작방식을 설정한다.

[general]
enabled = no
;webenabled = yes

port = 5038
bindaddr = 0.0.0.0

; Parameters that control AMI over TLS. ("enabled" must be set too).
; You can open a connection to this socket with e.g.
;
;	openssl s_client -connect my_host:5039
;
;tlsenable=no		; set to YES to enable it
;tlsbindaddr=0.0.0.0:5039		; address and port to bind to, default to bindaddr and port 5039
;tlscertfile=/tmp/asterisk.pem	; path to the certificate.
;tlsprivatekey=/tmp/private.pem ; path to the private key, if no private given,
                                ; if no tlsprivatekey is given, default is to search
								; tlscertfile for private key.
;tlscipher=<cipher string>      ; string specifying which SSL ciphers to use or not use
;
;allowmultiplelogin = yes		; IF set to no, rejects manager logins that are already in use.
;                               ; The default is yes.
;
;displayconnects = yes
;
; Add a Unix epoch timestamp to events (not action responses)
;
;timestampevents = yes

;brokeneventsaction = yes   ; Restore previous behavior that caused the events
                            ; action to not return a response in certain
                            ; circumstances.  Defaults to 'no'.

;
; Display certain channel variables every time a channel-oriented
; event is emitted:
;
;channelvars = var1,var2,var3

; debug = on	; enable some debugging info in AMI messages (default off).
		; Also accessible through the "manager debug" CLI command.

; authtimeout specifies the maximum number of seconds a client has to
; authenticate.  If the client does not authenticate beofre this timeout
; expires, the client will be disconnected. (default: 30 seconds)

;authtimeout = 30

; authlimit specifies the maximum number of unauthenticated sessions that will
; be allowed to connect at any given time.

;authlimit = 50

;httptimeout = 60
; a) httptimeout sets the Max-Age of the http cookie
; b) httptimeout is the amount of time the webserver waits
;    on a action=waitevent request (actually its httptimeout-10)
; c) httptimeout is also the amount of time the webserver keeps
;    a http session alive after completing a successful action

enabled

동작 여부를 설정한다.

enabled = no

webenabled

Web 접속 가능 여부를 설정한다.

;webenabled = yes

port

포트 번호를 설정한다.

port = 5038

users

AMI 사용자 등록을 위한 부분이다. 사용자의 ID/Password, 권한(Permission), ACL(Access Control List) 등의 설정을 할 수 있다.

;[mark]
;secret = mysecret
;deny=0.0.0.0/0.0.0.0
;permit=209.16.236.73/255.255.255.0
;acl=named_acl_example               ; use a named ACL from acl.conf
;
; 
;setvar=PBXACCOUNT=edvina
; The setvar option defines channel variables that will be set when this account
; originates a call. You can define multiple setvar= commands for one manager
; user.
;
;eventfilter=Event: Newchannel
;eventfilter=Channel: (PJ)?SIP/(james|jim|john)-
;eventfilter=!Channel: DAHDI/
; The eventfilter option is used to whitelist or blacklist events per user.
; A filter consists of an (unanchored) regular expression that is run on the
; entire event data. If the first character of the filter is an exclamation
; mark (!), the filter is appended to the blacklist instead of the whitelist.
; After first checking the read access below, the regular expression filters
; are processed as follows:
; - If no filters are configured all events are reported as normal.
; - If there are white filters only: implied black all filter processed first,
; then white filters.
; - If there are black filters only: implied white all filter processed first,
; then black filters.
; - If there are both white and black filters: implied black all filter processed
; first, then white filters, and lastly black filters.

;
; If the device connected via this user accepts input slowly,
; the timeout for writes to it can be increased to keep it
; from being disconnected (value is in milliseconds)
;
; writetimeout = 100
;
;displayconnects = yes	; Display on CLI user login/logoff
;
; Authorization for various classes
;
; Read authorization permits you to receive asynchronous events, in general.
; Write authorization permits you to send commands and get back responses.  The
; following classes exist:
;
; all       - All event classes below (including any we may have missed).
; system    - General information about the system and ability to run system
;             management commands, such as Shutdown, Restart, and Reload.
; call      - Information about channels and ability to set information in a
;             running channel.
; log       - Logging information.  Read-only. (Defined but not yet used.)
; verbose   - Verbose information.  Read-only. (Defined but not yet used.)
; agent     - Information about queues and agents and ability to add queue
;             members to a queue.
; user      - Permission to send and receive UserEvent.
; config    - Ability to read and write configuration files.
; command   - Permission to run CLI commands.  Write-only.
; dtmf      - Receive DTMF events.  Read-only.
; reporting - Ability to get information about the system.
; cdr       - Output of cdr_manager, if loaded.  Read-only.
; dialplan  - Receive NewExten and VarSet events.  Read-only.
; originate - Permission to originate new calls.  Write-only.
; agi       - Output AGI commands executed.  Input AGI command to execute.
; cc        - Call Completion events.  Read-only.
; aoc       - Permission to send Advice Of Charge messages and receive Advice
;           - Of Charge events.
; test      - Ability to read TestEvent notifications sent to the Asterisk Test
;             Suite.  Note that this is only enabled when the TEST_FRAMEWORK
;             compiler flag is defined.
; security  - Security Events.  Read-only.
; message   - Permissions to send out of call messages. Write-only
;
;read = system,call,log,verbose,agent,user,config,dtmf,reporting,cdr,dialplan
;write = system,call,agent,user,config,command,reporting,originate,message

Example

admin 사용자 등록 후 접속하는 예제이다.

manager.conf 에 설정한 주소와 포트로 telnet 접속 후, 로그인을 위해 Action: Login AMI Action 을 전송한다.

정상적으로 로그인이 되면 아래와 같은 로그인 성공 메시지와 Event 메시지들을 수신하게 된다.

Response: Success
Message: Authentication accepted


사용자 정보

[admin]
secret=admin
deny=0.0.0.0/0.0.0.0
permit=127.0.0.1/255.255.255.0
read=all
write=all

telnet AMI 접속 예제

$ telnet localhost 5038

Trying ::1...
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
Asterisk Call Manager/2.8.0

Action: Login
Username: admin
Secret: admin

Response: Success
Message: Authentication accepted

Event: FullyBooted
Privilege: system,all
Status: Fully Booted

Event: SuccessfulAuth
Privilege: security,all
EventTV: 2016-10-03T09:26:30.333+0000
Severity: Informational
Service: AMI
EventVersion: 1
AccountID: admin
SessionID: 0x76403b1c
LocalAddress: IPV4/TCP/0.0.0.0/5038
RemoteAddress: IPV4/TCP/127.0.0.1/49452
UsingPassword: 0
SessionTV: 2016-10-03T09:26:30.333+0000