Web Notebook: May 2009

Wednesday, May 27, 2009

PAM/LDAP authentication for webmin

In order to make it work, I have the following lines in /etc/webmin/miniserv.conf, which means it allows all unix users of admin group to login to webmin with their PAM password and act as root user of webmin or all unix users of user group to login with their PAM password and act as dnsmasq user of webmin.

unixauth=@admin=root @user=dnsmasq

pam=webmin

The following line in /etc/webmin/miniserv.users defines users of webmin (two users defined with name root and dnsmasq)

root:x:0::::::::

dnsmasq:x:0:::::::0:

The following lines in /etc/pam.d/webmin provides LDAP authentication for PAM password

auth       sufficient   pam_ldap.so

auth       include      system-auth



account    sufficient   pam_ldap.so

account    required     pam_nologin.so

account    include      system-auth



password   required     pam_ldap.so

password   include      system-auth



session    sufficient   pam_ldap.so

session    include      system-auth

Saturday, May 16, 2009

Reduce the number of ports opened by Asterisk

When I type the command netstat -lnp | grep asterisk as root, I found the following ports were opened by Asterisk.


tcp        0      0 192.168.0.1:5038            0.0.0.0:*                   LISTEN      2850/asterisk    
tcp        0      0 0.0.0.0:2000                0.0.0.0:*                   LISTEN      2850/asterisk    
tcp        0      0 192.168.0.1:8088            0.0.0.0:*                   LISTEN      2850/asterisk    
udp        0      0 0.0.0.0:4569                0.0.0.0:*                               2850/asterisk    
udp        0      0 0.0.0.0:2727                0.0.0.0:*                               2850/asterisk    
udp        0      0 0.0.0.0:4520                0.0.0.0:*                               2850/asterisk    
udp        0      0 0.0.0.0:5060                0.0.0.0:*                               2850/asterisk    
unix  2      [ ACC ]     STREAM     LISTENING     762262 2850/asterisk       /var/run/asterisk/asterisk.ctl

I know that the following ports are typically used by my Asterisk

tcp 5038 manager
tcp 8088 AsteriskNOW
udp 4569 iax2
udp 5060 sip
udp 18000-20000 rtp (rtp.conf)

Therefore I put the following lines into /etc/asterisk/modules.conf

; Don't load skinny (tcp port 2000)
noload => chan_skinny.so
; Don't load MGCP (udp port 2727)
noload => chan_mgcp.so
; Don't load dundi (udp port 4520)
noload => pbx_dundi.so

Upon restarting Asterisk, the command netstat -lnp | grep asterisk only shows the following:

tcp        0      0 192.168.0.1:5038            0.0.0.0:*                   LISTEN      3168/asterisk    
tcp        0      0 192.168.0.1:8088            0.0.0.0:*                   LISTEN      3168/asterisk    
udp        0      0 0.0.0.0:4569                0.0.0.0:*                               3168/asterisk    
udp        0      0 0.0.0.0:5060                0.0.0.0:*                               3168/asterisk    
unix  2      [ ACC ]     STREAM     LISTENING     764510 3168/asterisk       /var/run/asterisk/asterisk.ctl

Web Notebook

Wednesday, May 27, 2009

PAM/LDAP authentication for webmin

Saturday, May 16, 2009

Reduce the number of ports opened by Asterisk

About Me

Blog Archive