How to configure FreePBX for OVH’s SIP trunk

I’m still kind of an Asterisk/FreePBX noob so I took me a while to figure out how to configure OVH’s SIP trunk for inbound and outbound calls. I chose OVH since they offer a SIP trunk for €1/mo (depending on your country the price may be higher) which includes free landline calling to 40 countries: Argentina, Australia, Austria, Belgium, Brazil, Canada, Chile, China, Colombia, Cyprus, Denmark, France, Germany, Greece, Hong Kong, Hungary, Ireland, Israel, Italy, Kazakhstan, Luxembourg, Malaysia , Mexico, Norway, Netherlands, New Zealand, Panama, Peru, Poland, Portugal, Russia, Singapore, Slovakia, Spain, Sweden, Switzerland, Taiwan, Thailand, United Kingdom, USA and Venezuela to a maximum of 99 different numbers per month.
You can choose a phone number from various countries and for some countries, OVH even offers free number portability for your existing landline number. Continue reading

How to batch-import a phone number blacklist into Asterisk/FreePBX

Here’s a simple shell script sample on how to import a list of phone numbers into FreePBX’s blacklist module. The blacklist module is available for download in the FreePBX “Module Admin” menu. Unless you’re based in Switzerland, the call-center blacklist I’m using in the script below is probably not relevant to you – you’ll have to find one for your country. Continue reading

Call-Center Rufnummern-Sperrliste Schweiz / Telefon-Spam

Aus aktuellem Anlass wieder mal ein Post in Deutsch. Und zwar geht es dieses Mal um Belästigungen. Genauer gesagt um Meinungsforscher, Werbeanrufer und sonstige, gewerbliche Telefonterroristen, welche sich ungeniert über den *-Eintrag im Telefonbuch hinwegsetzen. Der Plan: Mittels einer Sperrliste bekannte Störenfriede automatisch abweisen. Was braucht man dazu:

  1. Eine Telefonanlage, welche mit einer Rufnummern-Sperrliste umgehen kann
  2. Eine maschinenlesbare Sperrliste mit Call-Center Nummern
  3. Irgendwelche Update-Skripts zwecks Automatisierung

Continue reading

Windows 8 clean install with upgrade license key error code 0xC004F061

Even though I’m a Mac person, I decided to give Windows 8 a try. I was able get a promo code (using an old but genuine Windows 7 serial and this loophole) and the price dropped to $14.99. I wanted to get rid of all the junk from my Windows 7 installation so I decided to wipe the drive and did a clean install. I entered my new Windows 8 license key at the beginning of the installation process and the rest of the installation went on smoothly. However, after playing around with Windows 8 I found out that it had not been activated. Trying to activate it always resulted in  error code 0xC004F061. Continue reading

Colocating a Raspberry Pi Debian server in a data center (follow up)

I mentioned in an earlier post that I’m planning to host this website on a colocated Raspberry Pi. Meanwhile, my RPi has arrived at EDIS’ data center in Graz, Austria. I transferred all relevant files and database tables from this WordPress installation to the new home on the RPi. I had to tweak my LAMP installation to reduce the memory footprint because the default settings for Apache and MySQL tend to eat quite a bit of RAM. When I started testing the WordPress installation, something interesting happened: it took more than 10 seconds to serve a page. Continue reading

ASUS P6T Hackintosh & OS X Mountain Lion

I just finished installing OS X Mountain Lion (latest preview) on my new Intel 520 SSD. The 520 is one of the fastest consumer SSD’s on the market today. Even though my 3 year old ASUS P6T mainboard doesn’t support SATA-3, the 520 still performs ridiculously fast. It takes a mere 6 seconds from the Apple logo to the desktop. The spinning Apple circle doesn’t even show up.

Installation went pretty smoothly using Tonymacx86’s UniBeast and MultiBeast.

Will somebody please teach the guys in Redmond about how to speed up an operating system boot?

Colocating a Raspberry Pi Debian server in a data center

After weeks of waiting I finally received my first (but certainly not last) Raspberry Pi last week. This one is going to be colocated in a data center in Austria and I’m planning to run this website on it. I sent it off today and it’s due to arrive at the data center later this week so I’d expect to move trick77.com to the Raspberry Pi (or short RPi) either this weekend or the weekend after.

I went for Debian because of all available images for the RPi, Debian “Squeeze” seemed to be most stable version for a production server. I should have gone with the basic Squeeze ARM-Netinstall image but I didn’t have the nerve to compile a kernel for the RPi. However, the provided Squeeze image is not really suited for a production environment and needs to be heavily apt-get purged. For instance, I threw out all X-related software and using the netstat command, I made sure no unwanted ports were left in the open (even though I’m additionally firewalling it). To free up more RAM for Linux I set the CPU/GPU split to 224/32 because the default 50:50 split doesn’t leave enough RAM to run a LAMP installation. After upgrading to the latest RPi firmware even my 8GB Sandisk Extreme Pro UHS-I SD card started working properly. The rpi-update updater comes in handy!

Now, colocating a bunch of Raspberry Pi’s is certainly not a service every data center is providing (at least not yet :). I saw this offer from EDIS.at over at Lowendtalk and they’re even colo’ing the RPi for free. Yeah, for free! This includes power, an IPv4, multiple IPv6’s and 100GB/mo traffic on a 100mbit port. AFAIK the offer is still up, check this link: https://manage.edis.at/whmcs. Nope, looks like the offer has expired. Re-nope, here’s the sign-up link: https://manage.edis.at/whmcs/cart.php?gid=6

I expect that quite a few RPi’s are on their way to Austria right now and I’m really looking forward to see some photos of them once they’re installed in EDIS’s data center. It would be pretty cool to have the RPi’s lined up vertically in a 1U slot just like small blade servers. But since no such thing exists they probably just throw ’em on a table or something.

Please leave a comment if you’re going to colo your RPi too and what you’ll be using it for!

Best Ethernet network adapter/NIC for a Hackintosh

Added 8-15-2014: This post ist outdated, please see here for more information on natively supported PCI-e network cards for OS X.

My ASUS P6T motherboard features a gigabit-capable Realtek 8111C onboard NIC. There’s an official but old OS X driver for this network adapter available from Realtek, but it crashes my Hackintosh whenever I try to use an OpenVPN connection to a remote server. Luckily, there’s an alternate RTL 81xx driver from Lnx2Mac which doesn’t suffer from this limitation. However, when I did some network benchmarking using a remote Linux server, I wasn’t getting consistent results regarding throughput. It seemed that the further a remote server was away, the less consistent was the throughput I got. It even got worse when using a VPN. It took me quite a while until I found out that the culprit was the Lnx2Mac driver for my onboard network adapter. Don’t get me wrong, the Lnx2Mac driver is perfect if you just need some sort if Internet connection and I appreciate the efforts that have been put into it. But since I was looking for a high performance driver, it didn’t seem to be a good choice. Continue reading

Kindle Fire reboot loop problem – solved!

One day last week my Amazon Kindle Fire shut itself down because its battery was empty. I forgot about it for a few days but eventually I hooked it up to a USB charger and left it charging overnight. Next morning I found the Kindle Fire in a reboot loop. When connected to the USB charger, it would reboot itself every 5-10 seconds. When not connected to the USB charger it wouldn’t even turn on. It looked like the battery was so badly discharged that the Fire couldn’t even get to the point where it would start recharging the battery – even with the USB charger cable plugged in. I tried all suggestions I could find, including holding the power button for at least 20 seconds but the Fire still wouldn’t exit the reboot loop.

Sending it in for a replacement was no option since it displayed the yellow boot loader triangle for a few seconds while booting. A pretty obvious sign that this device had been rooted :-/

My plan B is to buy a so called factory cable on eBay in order to find out what’s going wrong with my Fire. Since it takes some time for the cable to arrive from Hongkong, I once again tried to get the Fire out of this cumbersome reboot loop. And guess what, this time it worked! Here’s what I did:

  1. Unplug the Kindle Fire from the USB charger cable
  2. Press and hold the power button (it should not turn on because the battery has run dry)
  3. While still holding the power button, plug the USB charger cable in (it should not turn on yet)
  4. Wait for at least 40 seconds while still holding the power button
  5. Once the kindle powers on, immediately let go of the power button and pray
In my case, the power light turned orange and the device started charging the battery. Problem solved! Most likely, this only works if the battery is completely discharged and not if there’s some other problem with the software on the device.

OS X 10.7.4 update breaks Asus P6T X58 compatibility

For the first time ever, an OS X update breaks compatibility with the X58 chipset. After applying the 10.7.4 update most X58-based Hackintoshs will see (if booted with the -v option) an ACPI related kernel panic or the kernel will just hang early in the boot process with a message like

IOAPIC: Version 0x20 Vectors 64:87
IOAPIC: Version 0x20 Vectors 88:111

Reverting  back to an older AppleACPIPlatform.kext will most likely bring the Hackintosh back from the dead. In order to get access to the disk you’ll need some sort of OS X boot/recovery drive. Make sure you rebuild the kext-cache or temporarily disable support for kernelcache in Chimera/Chameleon.

See this thread on insanelymac.com for a working AppleACPIPlatform.kext. Hopefully, someone finds out what changes need to be made in the boot loader and/or DSDT.

About low end VPS network performance benchmarking

One thing most folks do with their newly rented low end Linux VPS (virtual private server) is to run some benchmarks. Wildly popular are the “Cachefly test” for network performance, dd for disk IO and UnixBench for overall system performance analysis including the CPU. The results are then posted in threads on web hosting communities like webhostingtalk or lowendtalk just to name a few. What most enthusiasts miss when comparing VPS’, and in particular low end VPS’, is that it’s just a snapshot. There are dozens of virtual servers cramped into one physical server and anything that goes on in those other virtual servers automatically has an impact on a performance test. That’s why the results should be taken with a grain of salt – unless they’re consistent over time. Time in the sense of weeks and months.

The most popular benchmark for network connectivity seems to be the Cachefly test. Cachefly is a content delivery network (CDN) and is well interconnected in the western hemisphere. To show off their capability to deliver content they’ve set up a test file which can be downloaded using wget:

wget -O /dev/null http://cachefly.cachefly.net/100mb.test

The download speed shown from wget basically indicates two things: how good is the routing/peering to Cachfly’s CDN network from your VPS providers’ data center. And as a by-product it may show what speed the Ethernet port had been capped at.

Here’s a sample result of a capped Ethernet port:


wget -O /dev/null http://cachefly.cachefly.net/100mb.test
--2012-02-20 22:15:08-- http://cachefly.cachefly.net/100mb.test
Resolving cachefly.cachefly.net... 205.234.175.175
Connecting to cachefly.cachefly.net|205.234.175.175|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 104857600 (100M) [application/octet-stream]
Saving to: `/dev/null'

100%[==================================================================================================>] 104,857,600 10.7M/s in 8.9s

2012-02-20 22:15:17 (11.2 MB/s) - `/dev/null' saved [104857600/104857600]

You can’t see this in the static output shown above but while downloading, the rate shoots up straight to 11-12M/s from the beginning and stays there. Obviously, this provider has capped the port speed to 100Mbps.

The next sample shows the wget result of a different low end VPS with excellent routing to Cachefly’s CDN:


wget -O /dev/null http://cachefly.cachefly.net/100mb.test
--2012-02-20 22:21:55-- http://cachefly.cachefly.net/100mb.test
Resolving cachefly.cachefly.net... 140.99.93.175
Connecting to cachefly.cachefly.net|140.99.93.175|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 104857600 (100M) [application/octet-stream]
Saving to: `/dev/null'

100%[==================================================================================================>] 104,857,600 43.6M/s in 2.3s

2012-02-20 22:21:58 (43.6 MB/s) - `/dev/null' saved [104857600/104857600]

Even though the second server is able to download from Cachefly at a much higher rate, that doesn’t indicate that network connectivity is superior to the first server in general. Downloading from Cachefly doesn’t say one thing about general network connectivity from your VPS to the rest of the internet – which usually is more important than just a fast route to Cachefly’s CDN. It even gets more complex: Cachefly is using directional (Anycast) DNS. Depending on your server’s geographic location, it may be routed to a completely different CDN server (as you can see in the samples above).

If you really want to get a picture of a VPS’ network connectivity, the Cachefly test should be just one indicator. You will have to include a whole range of test files from other hosts. One way to find test file URLs is to google for +VPS +test +files. You also find test URLs on low end VPS review sites, blogs, forums and data center web sites.

I’m deliberately not coming up with a list since I don’t want to cause bandwidth issues to anyone.

Use a VPN to selectively cloak your IP address to access Pandora, Netflix, and the like

There are certain situations on the internet when you need to pretend to be someone you’re not. For instance, if you want to listen to Pandora. If Pandora detects that your IP address is not originating from the U.S., you will politely be told that licensing agreements prevent them from making their internet radio station available to you. Same with Netflix, Google voice, Hulu, parts of Youtube, just to name a few. To access these services from outside the U.S. all you need is a U.S. based VPN. The easiest way to get a U.S. based IP address is to subscribe to a U.S. based VPN service (like HideMyAss‘ Pro VPN) and route all your computer’s network traffic through a VPN tunnel as long as you need it. This wasn’t flexible enough for me. I wanted to go the extra mile and build my own VPN service, and set up a centralized network routing on my DSL router (a Fritz!Box 7390). That way, all traffic from my internal home network (be it from an Apple TV, iPhone, iPad, a Mac, or even a Windows PC) that I want to originate from an foreign IP address will automatically use the VPN, and all other traffic will use my usual WAN IP address from my DSL service provider. Continue reading

Adobe Digital Enterprise Platform (ADEP 10) installation woes

If you’re trying to setup Adobe’s Digital Enterprise Platform (ADEP 10) and the ADEP configuration manager reports any of the following errors while bootstrapping, then I might have the solution for you.

com.adobe.pof.schema.ObjectTypeNotFoundException: Object Type: dsc.sc_property_editor not found

com.adobe.pof.schema.ObjectTypeNotFoundException: Object Type: dsc.sc_service_configuration not found

It took me days of experimenting until I figured this out by sheer luck. If you select UDP based cluster caching in the configuration manager, the document service component will use the specified UDP port while bootstrapping the core configuration. If another cluster is communicating over the same multicast port, bootstrapping the core component will fail with obscure error messages.

The official documentation says:

Note: The value for <port number> can be any available port between 1025 and 65535. The multicast port must be unique to the Document Services cluster (that is, the port must not be used by any other cluster on the same network, any attempt to use the same port by any other cluster on the same network would result in bootstrap failure). It is recommended that you configure the same <port number>
on all nodes in the Document Services cluster, as in this example: -Dadobe.cache.multicast-port=33456

I missed this section (as real programmers don’t read manuals :) and assumed that it is okay to use the same UDP cluster cache port number for different clusters in the same network. Obviously that’s not the case. I’m now using different port numbers for every ADEP cluster and haven’t seen a bootstrapping problem ever since.

If the configuration manager reports this error (Oracle WebLogic only):

weblogic.management.NoAccessRuntimeException: Access not allowed for subject: principals=[], on Resource AdobeService
Operation: set , Target: EnableSSL

Try to hit the initialize button again. I was able to get rid of the error this way. A more proper way would be to adjust the JMX security policies in WebLogic’s security realm configuration in the JMX Policy Editor. The affected properties are “Attributes: Permission to Write” and “Unregister instances of this
MBean using MBean server”, both need to have its role set to Anonymous. The exact steps are detailed in the ADEP installation instructions using WebLogic (see “Creating JMX policies for database initialization”). Make sure you remove those properties after the installation went through. Looks like a security hole to me if you leave them in.

Windows 7: Setup was unable to create a new system partition

Gosh, Windows 7 was giving me a really hard time when I tried to install it on a OCZ RevoDrive 3 PCI-Express SSD drive. Every installation attempt was greeted with this error message:

“Setup was unable to create a new system partition or locate an existing system partition”

Strangely, the drive was working perfectly as a non-boot drive under an existing Windows 7 installation and also visible as a SCSI drive in the BIOS drive list. Here are the steps which finally worked for me:

  1. Extract the RevoDrive 3 drivers on a FAT32-formatted USB flash drive
  2. Disconnect any disk drives (except the DVD drive) by unplugging the SATA cables
  3. Disconnect any USB devices (except for keyboard and mouse obviously)
  4. Boot Windows using the Windows 7 installation DVD
  5. When prompted for the target installation drive, choose “Load driver” (your list of available drives should be empty)
  6. Plug in the USB flash drive containing the drivers (don’t plug it in earlier!)
  7. Let Windows 7 load the driver from the flash drive
  8. Unplug the USB flash drive
  9. Choose the RevoDrive 3 as the installation drive and continue the Windows 7 installation
  10. Once Windows 7 is installed, reconnect all your SATA and USB devices

This PCIe SSD is ridiculously fast! Being a Mac person this drive even makes me like Windows a tiny bit more ;-) Unfortunately, there are no drivers available for OS X Lion and according to OCZ there never will be. This super fast SSD would be such a wonderful addition to any Mac Pro or Hackintosh setup.