Asterisk manager.conf 내용 정리
Asterisk 에서 AMI(Asterisk Manager Interface)를 사용하기 위해서 필요한 설정파일이다. 사용여부 On/Off 와 사용자의 등록과 권한등의 설정이 할 수 있으며 Telnet/Web 접속시의 사용 포트등을 지정할 수 있다.
기본적인 manager 모듈의 동작방식을 설정한다.
[general] enabled = no ;webenabled = yes port = 5038 bindaddr = 0.0.0.0 ; Parameters that control AMI over TLS. ("enabled" must be set too). ; You can open a connection to this socket with e.g. ; ; openssl s_client -connect my_host:5039 ; ;tlsenable=no ; set to YES to enable it ;tlsbindaddr=0.0.0.0:5039 ; address and port to bind to, default to bindaddr and port 5039 ;tlscertfile=/tmp/asterisk.pem ; path to the certificate. ;tlsprivatekey=/tmp/private.pem ; path to the private key, if no private given, ; if no tlsprivatekey is given, default is to search ; tlscertfile for private key. ;tlscipher=<cipher string> ; string specifying which SSL ciphers to use or not use ; ;allowmultiplelogin = yes ; IF set to no, rejects manager logins that are already in use. ; ; The default is yes. ; ;displayconnects = yes ; ; Add a Unix epoch timestamp to events (not action responses) ; ;timestampevents = yes ;brokeneventsaction = yes ; Restore previous behavior that caused the events ; action to not return a response in certain ; circumstances. Defaults to 'no'. ; ; Display certain channel variables every time a channel-oriented ; event is emitted: ; ;channelvars = var1,var2,var3 ; debug = on ; enable some debugging info in AMI messages (default off). ; Also accessible through the "manager debug" CLI command. ; authtimeout specifies the maximum number of seconds a client has to ; authenticate. If the client does not authenticate beofre this timeout ; expires, the client will be disconnected. (default: 30 seconds) ;authtimeout = 30 ; authlimit specifies the maximum number of unauthenticated sessions that will ; be allowed to connect at any given time. ;authlimit = 50 ;httptimeout = 60 ; a) httptimeout sets the Max-Age of the http cookie ; b) httptimeout is the amount of time the webserver waits ; on a action=waitevent request (actually its httptimeout-10) ; c) httptimeout is also the amount of time the webserver keeps ; a http session alive after completing a successful action
동작 여부를 설정한다.
enabled = no
Web 접속 가능 여부를 설정한다.
;webenabled = yes
포트 번호를 설정한다.
port = 5038
AMI 사용자 등록을 위한 부분이다. 사용자의 ID/Password, 권한(Permission), ACL(Access Control List) 등의 설정을 할 수 있다.
;[mark] ;secret = mysecret ;deny=0.0.0.0/0.0.0.0 ;permit=184.108.40.206/255.255.255.0 ;acl=named_acl_example ; use a named ACL from acl.conf ; ; ;setvar=PBXACCOUNT=edvina ; The setvar option defines channel variables that will be set when this account ; originates a call. You can define multiple setvar= commands for one manager ; user. ; ;eventfilter=Event: Newchannel ;eventfilter=Channel: (PJ)?SIP/(james|jim|john)- ;eventfilter=!Channel: DAHDI/ ; The eventfilter option is used to whitelist or blacklist events per user. ; A filter consists of an (unanchored) regular expression that is run on the ; entire event data. If the first character of the filter is an exclamation ; mark (!), the filter is appended to the blacklist instead of the whitelist. ; After first checking the read access below, the regular expression filters ; are processed as follows: ; - If no filters are configured all events are reported as normal. ; - If there are white filters only: implied black all filter processed first, ; then white filters. ; - If there are black filters only: implied white all filter processed first, ; then black filters. ; - If there are both white and black filters: implied black all filter processed ; first, then white filters, and lastly black filters. ; ; If the device connected via this user accepts input slowly, ; the timeout for writes to it can be increased to keep it ; from being disconnected (value is in milliseconds) ; ; writetimeout = 100 ; ;displayconnects = yes ; Display on CLI user login/logoff ; ; Authorization for various classes ; ; Read authorization permits you to receive asynchronous events, in general. ; Write authorization permits you to send commands and get back responses. The ; following classes exist: ; ; all - All event classes below (including any we may have missed). ; system - General information about the system and ability to run system ; management commands, such as Shutdown, Restart, and Reload. ; call - Information about channels and ability to set information in a ; running channel. ; log - Logging information. Read-only. (Defined but not yet used.) ; verbose - Verbose information. Read-only. (Defined but not yet used.) ; agent - Information about queues and agents and ability to add queue ; members to a queue. ; user - Permission to send and receive UserEvent. ; config - Ability to read and write configuration files. ; command - Permission to run CLI commands. Write-only. ; dtmf - Receive DTMF events. Read-only. ; reporting - Ability to get information about the system. ; cdr - Output of cdr_manager, if loaded. Read-only. ; dialplan - Receive NewExten and VarSet events. Read-only. ; originate - Permission to originate new calls. Write-only. ; agi - Output AGI commands executed. Input AGI command to execute. ; cc - Call Completion events. Read-only. ; aoc - Permission to send Advice Of Charge messages and receive Advice ; - Of Charge events. ; test - Ability to read TestEvent notifications sent to the Asterisk Test ; Suite. Note that this is only enabled when the TEST_FRAMEWORK ; compiler flag is defined. ; security - Security Events. Read-only. ; message - Permissions to send out of call messages. Write-only ; ;read = system,call,log,verbose,agent,user,config,dtmf,reporting,cdr,dialplan ;write = system,call,agent,user,config,command,reporting,originate,message
admin 사용자 등록 후 접속하는 예제이다.
manager.conf 에 설정한 주소와 포트로 telnet 접속 후, 로그인을 위해 Action: Login AMI Action 을 전송한다.
정상적으로 로그인이 되면 아래와 같은 로그인 성공 메시지와 Event 메시지들을 수신하게 된다.
Response: Success Message: Authentication accepted
[admin] secret=admin deny=0.0.0.0/0.0.0.0 permit=127.0.0.1/255.255.255.0 read=all write=all
telnet AMI 접속 예제
$ telnet localhost 5038 Trying ::1... Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. Asterisk Call Manager/2.8.0 Action: Login Username: admin Secret: admin Response: Success Message: Authentication accepted Event: FullyBooted Privilege: system,all Status: Fully Booted Event: SuccessfulAuth Privilege: security,all EventTV: 2016-10-03T09:26:30.333+0000 Severity: Informational Service: AMI EventVersion: 1 AccountID: admin SessionID: 0x76403b1c LocalAddress: IPV4/TCP/0.0.0.0/5038 RemoteAddress: IPV4/TCP/127.0.0.1/49452 UsingPassword: 0 SessionTV: 2016-10-03T09:26:30.333+0000