Capture Media IP In CDR (CDR)

Home » Asterisk Users » Capture Media IP In CDR (CDR)
Asterisk Users 7 Comments

I am quite surprised about the degree of surprise in the group. A few days ago, somebody called a school and issued a threat, through my network. The call came from China, but of course it was US caller. The DA wants to know where call came from. The caller ID is “Restricted”
and the chinese carrier is playing games. If I had a way to store the media IP, I would be able to pinpoint the offender in the US, or the company that touched the media last. As a result of Asterisk not having this functionality, many children are danger and this country at large is at a great peril, since Asterisk is the most widely used low-cost technology for telecommunications. I need digium to store this IP in the CDR. I will be honest with the government and let them know that my tool is incapable of saving lives or safeguarding our national security because nobody thought about this. PD: I am not paying for a patch, since this is huge burden on a small company like mine, with a single employee, and also because the whole world will enjoy the benefit. It is not fair that I would have to hire somebody to patch Asterisk. I appeal to Digium to patch Asterisk.

7 thoughts on - Capture Media IP In CDR (CDR)

  • I doubt that a media IP would really help, because there are proxies out there. If you need this kind of monitoring, then there are probably better ways to take care of this and they are independent of Asterisk.

    What you could do is to tap any traffic in the background, e.g. with tcpdump using the -G option and automatically delete the files after a certain period, unless there is a reason to keep the data. The pcap trace would contain a lot of relevant information, even if the traffic is encrypted (like timing data). Depending on national or local laws this might be even a more serious crime than threatening a school. It could still be justified to tap the traffic, like it is for other public authorities, but you would have to find out yourself whether you are or the school is allowed to do this.

    Actually, I tend to think that it is the school’s task to enforce a specific security and surveillance concept and this also applies particularly to their IT structure. You are certainly not in the position to decide whether you should monitor anything unless it is part of your contract.

    Besides this, it is easy to store any kind of information along with classical CDR data. Just search for “adaptive ODBC”, or read the Asterisk book.

    jg

  • Hi,

    I also doubt that the IP would do any good, anyway you store whatever you want in your cdr, just Set(CDR(something)=${SIP_HEADER(Contact)}); and then have the field something in your cdr storage

  • Don’t worry about it, I’ll step up and pay for the patch. No need for you to waste your profits on something this.

  • How do you think it works with regular telecomms?
    The police need to follow the trail. All you need to provide is that the call came in via carrier X and they will then go onto that carrier to see where the call originated.

    My advice would be to :-

    1) Add ${SIPCALLID} to your cdr records. This is the unique ID for the sip call which can be used later.

    2) Run “tcpdump -p -s 0 port 5060 -w $siptrace.pcap -C 10 -W 500”
    -C is how big the dump will be and -W is how many capture files to get before overwriting the old one. make the -C value (10 in this case) big enough so each file lasts 15 minutes or so and the ‘-W’ value big enough so you keep however many days records you need.

    3) Now when you get a request look in the cdr records for the callid. Assuming for example its qwertyuiop then look at the time and pick the pcap file covering that time range. Make sure you have the ‘wireshark’
    and ‘ngrep’ linux packages installed. Then :-
    tshark -t ad -r TRACEFILE -R ‘sip.Call-ID contains qwertyuiop’ -w – |
    ngrep -I – -W byline -t The standard output now contains a complete sip trace and you will be able to see all the media endpoints and exact timings.

    Thats basically what we do for getting call diagnostics.

  • I won’t comment any further on the technical aspects of what you are looking for; others have already pointed out how various portions of SIP
    messages can be stored in CDRs and how these portions of the SIP messages are (a) actually of more use than the media IP address in the SDP and (b)
    meet the requirements being levied by your use case.

    That aside, I do think it is important to note here that Asterisk does not, by default, have a warranty. This is clearly enumerated in sections 10 and
    11 of the GPLv2 license included with Asterisk [1]:

    NO WARRANTY

    11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
    FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
    OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
    PROVIDE THE PROGRAM “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
    OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
    MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
    TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
    PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.

    12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
    WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
    REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
    OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
    TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
    YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
    PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
    POSSIBILITY OF SUCH DAMAGES.

    END OF TERMS AND CONDITIONS

    As you are using software licensed free of charge under the GPLv2, there is no obligation by anyone in the community or at Digium to provide you with a patch. If you require assistance, there are many avenues you can choose to pursue to gain such assistance. Just as you profit by running Asterisk, others profit by customizing and supporting the Asterisk project. Asterisk is lucky to have many such talented developers who can assist you with such a development effort. If you really require this functionality, I highly suggest that you look to hire said developers to help you with this feature request [2].

    [1] http://svn.asterisk.org/svn/asterisk/branches/11/COPYING

    [2] https://wiki.asterisk.org/wiki/display/AST/Asterisk+Bug+Bounties

    Matt

  • –=-mn7vfnjjU2M9wgmKc5wO
    Content-Type: text/plain; charset=”UTF-8″
    Content-Transfer-Encoding: 7bit

    +1000 to Matt point.

    Many many talented developers who can assist in customizing your needs.

    <snip>

     

    I need Digium to store this IP in the CDR. I will be honest with the
    government and let them know that my tool is incapable of saving lives
    or safeguarding our national security because nobody thought about
    this.
    PD: I am not paying for a patch, since this is huge burden on a small
    company like mine, with a single employee, and also because the whole
    world will enjoy the benefit. It is not fair that I would have to hire
    somebody to patch Asterisk.
    I appeal to Digium to patch Asterisk.

    I won’t comment any further on the technical aspects of what you are looking for; others have already pointed out how various portions of SIP messages can be stored in CDRs and how these portions of the SIP messages are (a) actually of more use than the media IP address in the SDP and (b) meet the requirements being levied by your use case.

    That aside, I do think it is important to note here that Asterisk does not, by default, have a warranty. This is clearly enumerated in sections 10 and 11 of the GPLv2 license included with Asterisk [1]:

       NO WARRANTY

      11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY

    FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW.  EXCEPT WHEN

    OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES

    PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED

    OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF

    MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.  THE ENTIRE RISK AS

    TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU.  SHOULD THE

    PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,

    REPAIR OR CORRECTION.

      12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING

    WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR

    REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,

    INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING

    OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED

    TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY

    YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER

    PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE

    POSSIBILITY OF SUCH DAMAGES.

        END OF TERMS AND CONDITIONS

    As you are using software licensed free of charge under the GPLv2, there is no obligation by anyone in the community or at Digium to provide you with a patch. If you require assistance, there are many avenues you can choose to pursue to gain such assistance. Just as you profit by running Asterisk, others profit by customizing and supporting the Asterisk project. Asterisk is lucky to have many such talented developers who can assist you with such a development effort. If you really require this functionality, I highly suggest that you look to hire said developers to help you with this feature request [2].

    [1] http://svn.asterisk.org/svn/asterisk/branches/11/COPYING

    [2] https://wiki.asterisk.org/wiki/display/AST/Asterisk+Bug+Bounties

    Matt