Setup Asterisk@Home As a Firewall, Router, DHCP Server and Gateway

  • Asterisk@Home
    • Install Asterisk@Home
    • Setup Asterisk@Home (Default User = root, Default Password = password)
      • system-config-date
      • passwd-maint
      • passwd admin
      • passwd
    • Network Setup
      • netconfig --device=eth0 --bootproto=dhcp
      • netconfig --device=eth1 --ip=192.168.1.254 --netmask=255.255.255.0
      • reboot
    • From this point you can use PuTTY and WinSCP
  • Update Centos
    • yum -y update
    • reboot
  • Fix ZAP
    • Fix UDEV
      • cd /usr/src/zaptel
      • make install-udev
    • Rebuild zaptel
      • rebuild_zaptel
  • Shorewall
    • Download and Install Shorewall
      • cd /tmp
      • wget http://www1.shorewall.net/pub/shorewall/3.0/shorewall-3.0.4/shorewall-3.0.4-1.noarch.rpm
      • rpm -ivh shorewall-3.0.4-1.noarch.rpm
    • Move Sample Configuration
      • mv -fv /usr/share/doc/packages/shorewall/Samples/two-interfaces/* /etc/shorewall
    • Modify Configuration Files (/etc/shorewall):
      • policy
        • Remove the comment from
          • #$FW    net   ACCEPT
        • Add the following Before the last line
          • # Allow All Traffic From Local To Firewall
          • loc    $FW    ACCEPT
          • # Allow All Traffic From Firewall To Local
          • $FW    loc    ACCEPT    ULOG
        • Replace info with ULOG
      • rules
        • Add the following Before the last line
          • # Allow IAX2, SIP and RTP To Firewall
          • ACCEPT:ULOG     net    $FW    udp    4569,5060,10000:20000
          • # Accept SSH connections from the Internet for administration
          • SSH/ACCEPT:ULOG net    $FW
        • Add ULOG as desired
      • shorewall.conf
        • Replace STARTUP_ENABLED=No with STARTUP_ENABLED=Yes
        • Replace LOGFILE=/var/log/messages with LOGFILE=/var/log/ulog/ulogd.log
        • Replace =info with =ULOG (Several Times)
      • start
        • Add ulogd d Before the last line
  • ulogd
    • Download and Install ulogd
      • cd /usr/src
      • wget http://ftp.netfilter.org/pub/ulogd/ulogd-1.23.tar.bz2
      • bzip2 -dc ulogd-1.23.tar.bz2| tar xvf -
      • cd /usr/src/ulogd-1.23
      • ./configure --with-mysql
      • make install
    • Create Logrotate
      • touch /etc/logrotate.d/ulogd
    • Add to /etc/logrotate.d/ulogd
      • /var/log/ulog/ulogd.log /var/log/ulog/ulogd.syslogemu /var/log/ulog/ulogd.pktlog /var/log/ulog/ulogd.pcap {
      • missingok
      • sharedscripts
      • postrotate
      • /bin/killall -HUP ulogd 2> /dev/null || true
      • /usr/local/sbin/ulogd -d
      • endscript
      • daily
      • }
    • Modify /usr/local/etc/ulogd.conf
      • Replace loglevel=5 with loglevel=3
      • Replace /var/log/ with /var/log/ulog/ (Several Times)
    • Create Log Files
      • mkdir /var/log/ulog
      • touch /var/log/ulog/ulogd.log
      • touch /var/log/ulog/ulogd.syslogemu
  • DHCP Server
    • Primary Setup
      • setup-dhcp
    • Modify Configuration Files
      • /etc/dhcpd
        • Add this in First Line
          • option routers 192.168.1.254;
        • Modify
          • option routers 192.168.1.254;
          • option domain-name-servers Your.ISP.Primary.DNS,Your.ISP.Secondary.DNS;
          • range dynamic-bootp 192.168.1.100 192.168.1.199;
        • Mark with #
          • option time-offset -18000; # Eastern Standard Time
          • option ntp-servers xxx.xxx.xxx.xxx;
          • option tftp-server-name "xxx.xxx.xxx.xxx";
      • /etc/sysconfig/dhcpd
        • DHCPDARGS=eth1
  • Reboot and DONE