asterisk users - Aug 2011 - Firewall Issue

Hi,

I seem to be facing an intrusion issue, inspite of firewall (script attached).

What am I missing ??

Any suggestions / recommendation are welcome pls.


Best regards,
Sans
-------------- next part --------------
#!/bin/bash

echo 0 > /proc/sys/net/ipv4/ip_forward


# Clear any existing firewall stuff before we start
/sbin/iptables --flush


# As the default policies, drop all incoming traffic but allow all
# outgoing traffic.  This will allow us to make outgoing connections
# from any port, but will only allow incoming connections on the ports
# specified below.
/sbin/iptables --policy INPUT DROP
/sbin/iptables --policy FORWARD DROP
/sbin/iptables --policy OUTPUT ACCEPT


# Allow all incoming traffic if it is coming from the local loopback device
/sbin/iptables -A INPUT -i lo -j ACCEPT


# Allow icmp input so that people can ping us
/sbin/iptables -A INPUT -p icmp --icmp-type 8 -m state --state NEW -j ACCEPT


# Allow returning packets
/sbin/iptables -A INPUT -i eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT


# Allow incoming traffic on port 8000 for web server & 2200 for SSh
/sbin/iptables -A INPUT -p tcp --dport 8000 -j ACCEPT
/sbin/iptables -A INPUT -p tcp --dport 2200 -j ACCEPT



#############################################################################
###################### RESTRICTED SIP ACCESS ################################
#############################################################################


# LAN
/sbin/iptables -A INPUT -p tcp -i eth0 -s 192.168.1.0/24 --dport 5060:5062   -j
ACCEPT
/sbin/iptables -A INPUT -p udp -i eth0 -s 192.168.1.0/24 --dport 5060:5062   -j
ACCEPT
/sbin/iptables -A INPUT -p udp -i eth0 -s 192.168.1.0/24 --dport 10000:20000 -j
ACCEPT



# Allow traffic from VoIP Service Provider
/sbin/iptables -A INPUT -p udp -i eth1 -s 11.11.11.11 --dport 5060:5062   -j
ACCEPT
/sbin/iptables -A INPUT -p tcp -i eth1 -s 11.11.11.11 --dport 5060:5062   -j
ACCEPT
/sbin/iptables -A INPUT -p udp -i eth1 -s 11.11.11.11 --dport 10000:20000 -j
ACCEPT





# Check new packets are SYN packets for syn-flood protection
/sbin/iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP

# Drop fragmented packets
/sbin/iptables -A INPUT -f -j DROP

# Drop malformed XMAS packets
/sbin/iptables -A INPUT -p tcp --tcp-flags ALL ALL -j DROP

# Drop null packets
/sbin/iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP

# Log and drop any packets that are not allowed. You will probably want to turn
off the logging
#/sbin/iptables -A INPUT -j LOG --log-level 4
/sbin/iptables -A INPUT -j REJECT

Why did you decide so? And what kind of intrusion? Any dump of sniffer will
be appreciated.

2011/8/6 RSCL Mumbai <rscl.mumbai at gmail.com>
> Hi,
>
> I seem to be facing an intrusion issue, inspite of firewall (script
> attached).
>
> What am I missing ??
>
> Any suggestions / recommendation are welcome pls.
>
>
> Best regards,
> Sans
>
> --
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
> New to Asterisk? Join us for a live introductory webinar every Thurs:
>               http://www.asterisk.org/hello
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>   http://lists.digium.com/mailman/listinfo/asterisk-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.digium.com/pipermail/asterisk-users/attachments/20110807/b6e08f74/attachment.htm>

Hi,

(1) Since a few days, I am seeing unexpected (unwanted) calls reaching my
asterisk server.
Please see attached log files.

(2) I believe the source IP of these calls is the IP mentioned under the
CHANNELS column.

(3) But as per my firewall, these calls should not have reached Asterisk.
The should have been dropped by the Firewall.


Please suggest if my thinking is in the correct direction, and what should
be my next step.

Best regards,
Sans
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.digium.com/pipermail/asterisk-users/attachments/20110808/6fbdc37b/attachment.htm>
-------------- next part --------------
+---------------------+------------------------------+----------+-----+------------+-----------------------------+------------+---------+----------+----------+---------+-------------+----------+-------------+-----------------+-----------+-----------------+
| calldate            | clid                         | src      | dst | dcontext
| channel                     | dstchannel | lastapp | lastdata | duration |
billsec | disposition | amaflags | accountcode | uniqueid        | userfield |
dnid            |
+---------------------+------------------------------+----------+-----+------------+-----------------------------+------------+---------+----------+----------+---------+-------------+----------+-------------+-----------------+-----------+-----------------+
| 2011-08-04 11:23:15 | "000441913561021" <asterisk> | asterisk
| s   | from-trunk | SIP/94.247.178.106-00000285 |            | Hangup  |       
|       19 |      19 | ANSWERED    |        3 |             | 1312471395.2207 | 
| 000441913561021 |
+---------------------+------------------------------+----------+-----+------------+-----------------------------+------------+---------+----------+----------+---------+-------------+----------+-------------+-----------------+-----------+-----------------+
+---------------------+------------------------------+----------+-----+------------+----------------------------+------------+---------+----------+----------+---------+-------------+----------+-------------+-----------------+-----------+-----------------+
| 2011-08-04 15:26:19 | "001441913561025" <asterisk> | asterisk
| s   | from-trunk | SIP/72.32.198.159-00000401 |            | Hangup  |        
|       18 |      18 | ANSWERED    |        3 |             | 1312485979.6667 | 
| 001441913561025 |
+---------------------+------------------------------+----------+-----+------------+----------------------------+------------+---------+----------+----------+---------+-------------+----------+-------------+-----------------+-----------+-----------------+
+---------------------+------------------------------+----------+-----+------------+-------------------------+------------+---------+----------+----------+---------+-------------+----------+-------------+-----------------+-----------+-----------------+
| 2011-08-04 17:51:12 | "002441913561017" <asterisk> | asterisk
| s   | from-trunk | SIP/50.28.9.55-000004b4 |            | Hangup  |          |
19 |      18 | ANSWERED    |        3 |             | 1312494672.7195 |         
| 002441913561017 |
+---------------------+------------------------------+----------+-----+------------+-------------------------+------------+---------+----------+----------+---------+-------------+----------+-------------+-----------------+-----------+-----------------+
+---------------------+----------------------------+----------+-----+------------+-----------------------------+------------+---------+----------+----------+---------+-------------+----------+-------------+-----------------+-----------+---------------+
| 2011-08-04 16:20:20 | "2441913561035" <asterisk> | asterisk |
s   | from-trunk | SIP/75.125.193.162-00000446 |            | Hangup  |         
|       16 |      16 | ANSWERED    |        3 |             | 1312489220.6866 | 
| 2441913561035 |
+---------------------+----------------------------+----------+-----+------------+-----------------------------+------------+---------+----------+----------+---------+-------------+----------+-------------+-----------------+-----------+---------------+

Hi,

Could you attach iptables-save output.

2011/8/8 RSCL Mumbai <rscl.mumbai at gmail.com>
> Hi,
>
> (1) Since a few days, I am seeing unexpected (unwanted) calls reaching my
> asterisk server.
> Please see attached log files.
>
> (2) I believe the source IP of these calls is the IP mentioned under the
> CHANNELS column.
>
> (3) But as per my firewall, these calls should not have reached Asterisk.
> The should have been dropped by the Firewall.
>
>
> Please suggest if my thinking is in the correct direction, and what should
> be my next step.
>
> Best regards,
> Sans
>
> --
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
> New to Asterisk? Join us for a live introductory webinar every Thurs:
>               http://www.asterisk.org/hello
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>   http://lists.digium.com/mailman/listinfo/asterisk-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.digium.com/pipermail/asterisk-users/attachments/20110808/114eacf8/attachment.htm>

On Mon, Aug 8, 2011 at 4:20 PM, ????? ????????? <anton.jugatsu at
gmail.com>wrote:
> Hi,
>
> Could you attach iptables-save output.
>
"iptables-save" output is blank -- no output.
Not sure why ?

Thx
Sans
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.digium.com/pipermail/asterisk-users/attachments/20110808/0adcefa1/attachment.htm>

For some unknown reason, the firewall script was not executed.
Now I get the output of iptables-save.

May be this is the reason why unwanted packets hit the system... a big
blunder.

Sans






On Mon, Aug 8, 2011 at 5:44 PM, RSCL Mumbai <rscl.mumbai at gmail.com>
wrote:
>
>
> On Mon, Aug 8, 2011 at 4:20 PM, ????? ????????? <anton.jugatsu at
gmail.com>wrote:
>
>> Hi,
>>
>> Could you attach iptables-save output.
>>
>
> "iptables-save" output is blank -- no output.
> Not sure why ?
>
> Thx
> Sans
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.digium.com/pipermail/asterisk-users/attachments/20110808/feda43b7/attachment.htm>
-------------- next part --------------
[root at e1 ~]# iptables-save
# Generated by iptables-save v1.3.5 on Mon Aug  8 08:19:37 2011
*filter
:INPUT DROP [1:78]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [2496:492015]
-A INPUT -i lo -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 8 -m state --state NEW -j ACCEPT
-A INPUT -i eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp --dport 3100 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 4142 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 4445 -j ACCEPT
-A INPUT -i eth1 -p tcp -m tcp --dport 4445 -j ACCEPT
-A INPUT -s 67.18.110.210 -i eth1 -p tcp -m tcp --dport 3306 -j ACCEPT
-A INPUT -s 192.168.1.0/255.255.255.0 -i eth0 -p tcp -m tcp --dport 5060:5062 -j
ACCEPT
-A INPUT -s 192.168.1.0/255.255.255.0 -i eth0 -p udp -m udp --dport 5060:5062 -j
ACCEPT
-A INPUT -s 192.168.1.0/255.255.255.0 -i eth0 -p udp -m udp --dport 10000:20000
-j ACCEPT
-A INPUT -s 61.16.181.9 -i eth1 -p udp -m udp --dport 5060:5062 -j ACCEPT
-A INPUT -s 61.16.181.9 -i eth1 -p tcp -m tcp --dport 5060:5062 -j ACCEPT
-A INPUT -s 61.16.181.9 -i eth1 -p udp -m udp --dport 10000:20000 -j ACCEPT
-A INPUT -s 203.109.120.65 -i eth1 -p udp -m udp --dport 5060:5062 -j ACCEPT
-A INPUT -s 203.109.120.65 -i eth1 -p tcp -m tcp --dport 5060:5062 -j ACCEPT
-A INPUT -s 203.109.120.65 -i eth1 -p udp -m udp --dport 10000:20000 -j ACCEPT
-A INPUT -s 81.201.82.128/255.255.255.192 -i eth1 -p udp -m udp --dport
5060:5062 -j ACCEPT
-A INPUT -s 81.201.82.128/255.255.255.192 -i eth1 -p tcp -m tcp --dport
5060:5062 -j ACCEPT
-A INPUT -s 81.201.82.128/255.255.255.192 -i eth1 -p udp -m udp --dport
10000:20000 -j ACCEPT
-A INPUT -s 81.201.83.0/255.255.255.192 -i eth1 -p udp -m udp --dport 5060:5062
-j ACCEPT
-A INPUT -s 81.201.83.0/255.255.255.192 -i eth1 -p tcp -m tcp --dport 5060:5062
-j ACCEPT
-A INPUT -s 81.201.83.0/255.255.255.192 -i eth1 -p udp -m udp --dport
10000:20000 -j ACCEPT
-A INPUT -s 81.201.84.0/255.255.255.0 -i eth1 -p udp -m udp --dport 5060:5062 -j
ACCEPT
-A INPUT -s 81.201.84.0/255.255.255.0 -i eth1 -p tcp -m tcp --dport 5060:5062 -j
ACCEPT
-A INPUT -s 81.201.84.0/255.255.255.0 -i eth1 -p udp -m udp --dport 10000:20000
-j ACCEPT
-A INPUT -s 81.201.86.0/255.255.255.192 -i eth1 -p udp -m udp --dport 5060:5062
-j ACCEPT
-A INPUT -s 81.201.86.0/255.255.255.192 -i eth1 -p tcp -m tcp --dport 5060:5062
-j ACCEPT
-A INPUT -s 81.201.86.0/255.255.255.192 -i eth1 -p udp -m udp --dport
10000:20000 -j ACCEPT
-A INPUT -s 74.55.98.122 -i eth1 -p udp -m udp --dport 5060:5062 -j ACCEPT
-A INPUT -s 74.55.98.122 -i eth1 -p tcp -m tcp --dport 5060:5062 -j ACCEPT
-A INPUT -s 74.55.98.122 -i eth1 -p udp -m udp --dport 10000:20000 -j ACCEPT
-A INPUT -s 74.55.98.120 -i eth1 -p udp -m udp --dport 5060:5062 -j ACCEPT
-A INPUT -s 74.55.98.120 -i eth1 -p tcp -m tcp --dport 5060:5062 -j ACCEPT
-A INPUT -s 74.55.98.120 -i eth1 -p udp -m udp --dport 10000:20000 -j ACCEPT
-A INPUT -s 64.154.41.150 -i eth1 -p udp -m udp --dport 5060:5062 -j ACCEPT
-A INPUT -s 64.154.41.150 -i eth1 -p tcp -m tcp --dport 5060:5062 -j ACCEPT
-A INPUT -s 64.154.41.150 -i eth1 -p udp -m udp --dport 10000:20000 -j ACCEPT
-A INPUT -s 64.154.41.100 -i eth1 -p udp -m udp --dport 5060:5062 -j ACCEPT
-A INPUT -s 64.154.41.100 -i eth1 -p tcp -m tcp --dport 5060:5062 -j ACCEPT
-A INPUT -s 64.154.41.100 -i eth1 -p udp -m udp --dport 10000:20000 -j ACCEPT
-A INPUT -s 46.19.209.8/255.255.255.248 -i eth1 -p udp -m udp --dport 5060:5062
-j ACCEPT
-A INPUT -s 46.19.209.8/255.255.255.248 -i eth1 -p tcp -m tcp --dport 5060:5062
-j ACCEPT
-A INPUT -s 46.19.209.72/255.255.255.248 -i eth1 -p udp -m udp --dport 5060:5062
-j ACCEPT
-A INPUT -s 46.19.209.72/255.255.255.248 -i eth1 -p tcp -m tcp --dport 5060:5062
-j ACCEPT
-A INPUT -s 46.19.210.8/255.255.255.248 -i eth1 -p udp -m udp --dport 5060:5062
-j ACCEPT
-A INPUT -s 46.19.210.8/255.255.255.248 -i eth1 -p tcp -m tcp --dport 5060:5062
-j ACCEPT
-A INPUT -s 46.19.210.72/255.255.255.248 -i eth1 -p udp -m udp --dport 5060:5062
-j ACCEPT
-A INPUT -s 46.19.210.72/255.255.255.248 -i eth1 -p tcp -m tcp --dport 5060:5062
-j ACCEPT
-A INPUT -s 81.85.224.40/255.255.255.254 -i eth1 -p udp -m udp --dport 5060:5062
-j ACCEPT
-A INPUT -s 81.85.224.40/255.255.255.254 -i eth1 -p tcp -m tcp --dport 5060:5062
-j ACCEPT
-A INPUT -s 212.150.88.20/255.255.255.252 -i eth1 -p udp -m udp --dport
5060:5062 -j ACCEPT
-A INPUT -s 212.150.88.20/255.255.255.252 -i eth1 -p tcp -m tcp --dport
5060:5062 -j ACCEPT
-A INPUT -s 46.19.209.0/255.255.255.128 -i eth1 -p udp -m udp --dport
10000:20000 -j ACCEPT
-A INPUT -s 46.19.210.0/255.255.255.128 -i eth1 -p udp -m udp --dport
10000:20000 -j ACCEPT
-A INPUT -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -j
DROP
-A INPUT -f -j DROP
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG
FIN,SYN,RST,PSH,ACK,URG -j DROP
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP
-A INPUT -j REJECT --reject-with icmp-port-unreachable
COMMIT
# Completed on Mon Aug  8 08:19:37 2011
# Generated by iptables-save v1.3.5 on Mon Aug  8 08:19:37 2011
*nat
:PREROUTING ACCEPT [374:75238]
:POSTROUTING ACCEPT [74:6988]
:OUTPUT ACCEPT [74:6988]
COMMIT
# Completed on Mon Aug  8 08:19:37 2011

lsmod | grep ipt
And what distribution do you use?

2011/8/8 RSCL Mumbai <rscl.mumbai at gmail.com>
>
>
> On Mon, Aug 8, 2011 at 4:20 PM, ????? ????????? <anton.jugatsu at
gmail.com>wrote:
>
>> Hi,
>>
>> Could you attach iptables-save output.
>>
>
> "iptables-save" output is blank -- no output.
> Not sure why ?
>
> Thx
> Sans
>
> --
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
> New to Asterisk? Join us for a live introductory webinar every Thurs:
>               http://www.asterisk.org/hello
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>   http://lists.digium.com/mailman/listinfo/asterisk-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.digium.com/pipermail/asterisk-users/attachments/20110808/a2919f81/attachment.htm>

Certainly YES, but how you run this script: rc.local, iptables-restore <
/etc/iptables or service iptables

2011/8/8 RSCL Mumbai <rscl.mumbai at gmail.com>
> For some unknown reason, the firewall script was not executed.
> Now I get the output of iptables-save.
>
> May be this is the reason why unwanted packets hit the system... a big
> blunder.
>
> Sans
>
>
>
>
>
>
> On Mon, Aug 8, 2011 at 5:44 PM, RSCL Mumbai <rscl.mumbai at
gmail.com> wrote:
>
>>
>>
>> On Mon, Aug 8, 2011 at 4:20 PM, ????? ????????? <anton.jugatsu at
gmail.com>wrote:
>>
>>> Hi,
>>>
>>> Could you attach iptables-save output.
>>>
>>
>> "iptables-save" output is blank -- no output.
>> Not sure why ?
>>
>> Thx
>> Sans
>>
>
>
> --
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
> New to Asterisk? Join us for a live introductory webinar every Thurs:
>               http://www.asterisk.org/hello
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>   http://lists.digium.com/mailman/listinfo/asterisk-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.digium.com/pipermail/asterisk-users/attachments/20110808/6648ccea/attachment.htm>

2011/8/8 ????? ????????? <anton.jugatsu at gmail.com>
> lsmod | grep ipt
> And what distribution do you use?
>
>
[root at e1 ~]# lsmod | grep ipt
ipt_REJECT             38977  1
iptable_filter         36161  1
iptable_nat            40773  0
ip_nat                 53101  1 iptable_nat
ip_conntrack           91621  3 xt_state,iptable_nat,ip_nat
ip_tables              55201  2 iptable_filter,iptable_nat
x_tables               50505  5
ipt_REJECT,xt_tcpudp,xt_state,iptable_nat,ip_tables
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.digium.com/pipermail/asterisk-users/attachments/20110808/d638649c/attachment.htm>

Ok, run your script and then do this:
service iptables save

And by the way, list "chkconfig --list iptables" output.

2011/8/8 RSCL Mumbai <rscl.mumbai at gmail.com>
>
> On Mon, Aug 8, 2011 at 6:03 PM, Faisal Hanif <faisal at vopium.com>
wrote:
>
>> If you take a bit deep analyses on SIP packet you will be able to
>> understand the issue,****
>>
>> ** **
>>
>> Iptables filter on layer-3 while SIP is on layer-7. It is easily
possible
>> to generate a SIP packet with different source-ip than physical
interface.
>> ****
>>
>> ** **
>>
>> You can also simulate it if you set external-ip=some-else-ip in SIP.com
in
>> asterisk. All you SIP packets will contain new some-else-ip while
layer-3
>> headers will still have actual physical interface IP.****
>>
>>
>>
> I am usingOS (Elastix distribution).
> I am not really a champ at system administration.... hence this went over
> the top.
>
> I will observe the system tonight and send my feedback tomorrow.
>
> Thx to everyone for being with me on this.
> Sans
>
> --
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
> New to Asterisk? Join us for a live introductory webinar every Thurs:
>               http://www.asterisk.org/hello
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>   http://lists.digium.com/mailman/listinfo/asterisk-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.digium.com/pipermail/asterisk-users/attachments/20110808/d7feb1f4/attachment.htm>

Update:
Yesterday I did not observe any unexpected traffic.

So far so good.

Thx
Sans




On Mon, Aug 8, 2011 at 9:24 PM, ????? ????????? <anton.jugatsu at
gmail.com>wrote:
> Ok, run your script and then do this:
> service iptables save
>
> And by the way, list "chkconfig --list iptables" output.
>
> 2011/8/8 RSCL Mumbai <rscl.mumbai at gmail.com>
>
>>
>> On Mon, Aug 8, 2011 at 6:03 PM, Faisal Hanif <faisal at
vopium.com> wrote:
>>
>>> If you take a bit deep analyses on SIP packet you will be able to
>>> understand the issue,****
>>>
>>> ** **
>>>
>>> Iptables filter on layer-3 while SIP is on layer-7. It is easily
possible
>>> to generate a SIP packet with different source-ip than physical
interface.
>>> ****
>>>
>>> ** **
>>>
>>> You can also simulate it if you set external-ip=some-else-ip in
SIP.com
>>> in asterisk. All you SIP packets will contain new some-else-ip
while layer-3
>>> headers will still have actual physical interface IP.****
>>>
>>>
>>>
>> I am usingOS (Elastix distribution).
>> I am not really a champ at system administration.... hence this went
over
>> the top.
>>
>> I will observe the system tonight and send my feedback tomorrow.
>>
>> Thx to everyone for being with me on this.
>> Sans
>>
>> --
>> _____________________________________________________________________
>> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>> New to Asterisk? Join us for a live introductory webinar every Thurs:
>>               http://www.asterisk.org/hello
>>
>> asterisk-users mailing list
>> To UNSUBSCRIBE or update options visit:
>>   http://lists.digium.com/mailman/listinfo/asterisk-users
>>
>
>
> --
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
> New to Asterisk? Join us for a live introductory webinar every Thurs:
>               http://www.asterisk.org/hello
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>   http://lists.digium.com/mailman/listinfo/asterisk-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.digium.com/pipermail/asterisk-users/attachments/20110809/02e167d8/attachment.htm>