Asterisk-manager.conf

From 탱이의 잡동사니
Jump to navigation Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Overview

Asterisk manager.conf 내용 정리

Basic

Asterisk 에서 AMI(Asterisk Manager Interface)를 사용하기 위해서 필요한 설정파일이다. 사용여부 On/Off 와 사용자의 등록과 권한등의 설정이 할 수 있으며 Telnet/Web 접속시의 사용 포트등을 지정할 수 있다.

general

기본적인 manager 모듈의 동작방식을 설정한다. 

[general]
enabled = no
;webenabled = yes

port = 5038
bindaddr = 0.0.0.0

; Parameters that control AMI over TLS. ("enabled" must be set too).
; You can open a connection to this socket with e.g.
;
;	openssl s_client -connect my_host:5039
;
;tlsenable=no		; set to YES to enable it
;tlsbindaddr=0.0.0.0:5039		; address and port to bind to, default to bindaddr and port 5039
;tlscertfile=/tmp/asterisk.pem	; path to the certificate.
;tlsprivatekey=/tmp/private.pem ; path to the private key, if no private given,
                                ; if no tlsprivatekey is given, default is to search
								; tlscertfile for private key.
;tlscipher=<cipher string>      ; string specifying which SSL ciphers to use or not use
;
;allowmultiplelogin = yes		; IF set to no, rejects manager logins that are already in use.
;                               ; The default is yes.
;
;displayconnects = yes
;
; Add a Unix epoch timestamp to events (not action responses)
;
;timestampevents = yes

;brokeneventsaction = yes   ; Restore previous behavior that caused the events
                            ; action to not return a response in certain
                            ; circumstances.  Defaults to 'no'.

;
; Display certain channel variables every time a channel-oriented
; event is emitted:
;
;channelvars = var1,var2,var3

; debug = on	; enable some debugging info in AMI messages (default off).
		; Also accessible through the "manager debug" CLI command.

; authtimeout specifies the maximum number of seconds a client has to
; authenticate.  If the client does not authenticate beofre this timeout
; expires, the client will be disconnected. (default: 30 seconds)

;authtimeout = 30

; authlimit specifies the maximum number of unauthenticated sessions that will
; be allowed to connect at any given time.

;authlimit = 50

;httptimeout = 60
; a) httptimeout sets the Max-Age of the http cookie
; b) httptimeout is the amount of time the webserver waits
;    on a action=waitevent request (actually its httptimeout-10)
; c) httptimeout is also the amount of time the webserver keeps
;    a http session alive after completing a successful action

enabled

동작 여부를 설정한다. 

enabled = no

webenabled

Web 접속 가능 여부를 설정한다. 

;webenabled = yes

port

포트 번호를 설정한다. 

port = 5038

users

AMI 사용자 등록을 위한 부분이다. 사용자의 ID/Password, 권한(Permission), ACL(Access Control List) 등의 설정을 할 수 있다. 

;[mark]
;secret = mysecret
;deny=0.0.0.0/0.0.0.0
;permit=209.16.236.73/255.255.255.0
;acl=named_acl_example               ; use a named ACL from acl.conf
;
; 
;setvar=PBXACCOUNT=edvina
; The setvar option defines channel variables that will be set when this account
; originates a call. You can define multiple setvar= commands for one manager
; user.
;
;eventfilter=Event: Newchannel
;eventfilter=Channel: (PJ)?SIP/(james|jim|john)-
;eventfilter=!Channel: DAHDI/
; The eventfilter option is used to whitelist or blacklist events per user.
; A filter consists of an (unanchored) regular expression that is run on the
; entire event data. If the first character of the filter is an exclamation
; mark (!), the filter is appended to the blacklist instead of the whitelist.
; After first checking the read access below, the regular expression filters
; are processed as follows:
; - If no filters are configured all events are reported as normal.
; - If there are white filters only: implied black all filter processed first,
; then white filters.
; - If there are black filters only: implied white all filter processed first,
; then black filters.
; - If there are both white and black filters: implied black all filter processed
; first, then white filters, and lastly black filters.

;
; If the device connected via this user accepts input slowly,
; the timeout for writes to it can be increased to keep it
; from being disconnected (value is in milliseconds)
;
; writetimeout = 100
;
;displayconnects = yes	; Display on CLI user login/logoff
;
; Authorization for various classes
;
; Read authorization permits you to receive asynchronous events, in general.
; Write authorization permits you to send commands and get back responses.  The
; following classes exist:
;
; all       - All event classes below (including any we may have missed).
; system    - General information about the system and ability to run system
;             management commands, such as Shutdown, Restart, and Reload.
; call      - Information about channels and ability to set information in a
;             running channel.
; log       - Logging information.  Read-only. (Defined but not yet used.)
; verbose   - Verbose information.  Read-only. (Defined but not yet used.)
; agent     - Information about queues and agents and ability to add queue
;             members to a queue.
; user      - Permission to send and receive UserEvent.
; config    - Ability to read and write configuration files.
; command   - Permission to run CLI commands.  Write-only.
; dtmf      - Receive DTMF events.  Read-only.
; reporting - Ability to get information about the system.
; cdr       - Output of cdr_manager, if loaded.  Read-only.
; dialplan  - Receive NewExten and VarSet events.  Read-only.
; originate - Permission to originate new calls.  Write-only.
; agi       - Output AGI commands executed.  Input AGI command to execute.
; cc        - Call Completion events.  Read-only.
; aoc       - Permission to send Advice Of Charge messages and receive Advice
;           - Of Charge events.
; test      - Ability to read TestEvent notifications sent to the Asterisk Test
;             Suite.  Note that this is only enabled when the TEST_FRAMEWORK
;             compiler flag is defined.
; security  - Security Events.  Read-only.
; message   - Permissions to send out of call messages. Write-only
;
;read = system,call,log,verbose,agent,user,config,dtmf,reporting,cdr,dialplan
;write = system,call,agent,user,config,command,reporting,originate,message

Example

admin 사용자 등록 후 접속하는 예제이다.

manager.conf 에 설정한 주소와 포트로 telnet 접속 후, 로그인을 위해 Action: Login AMI Action 을 전송한다.

정상적으로 로그인이 되면 아래와 같은 로그인 성공 메시지와 Event 메시지들을 수신하게 된다. 

Response: Success
Message: Authentication accepted


사용자 정보 

[admin]
secret=admin
deny=0.0.0.0/0.0.0.0
permit=127.0.0.1/255.255.255.0
read=all
write=all

telnet AMI 접속 예제 

$ telnet localhost 5038

Trying ::1...
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
Asterisk Call Manager/2.8.0

Action: Login
Username: admin
Secret: admin

Response: Success
Message: Authentication accepted

Event: FullyBooted
Privilege: system,all
Status: Fully Booted

Event: SuccessfulAuth
Privilege: security,all
EventTV: 2016-10-03T09:26:30.333+0000
Severity: Informational
Service: AMI
EventVersion: 1
AccountID: admin
SessionID: 0x76403b1c
LocalAddress: IPV4/TCP/0.0.0.0/5038
RemoteAddress: IPV4/TCP/127.0.0.1/49452
UsingPassword: 0
SessionTV: 2016-10-03T09:26:30.333+0000
Retrieved from "http://wiki.pchero21.com/index.php?title=Asterisk-manager.conf&oldid=1634"