1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
|
;
; AMI - The Asterisk Manager Interface
;
; Third party application call management support and PBX event supervision
;
; Use the "manager show commands" at the CLI to list available manager commands
; and their authorization levels.
;
; "manager show command <command>" will show a help text.
;
; ---------------------------- SECURITY NOTE -------------------------------
; Note that you should not enable the AMI on a public IP address. If needed,
; block this TCP port with iptables (or another FW software) and reach it
; with IPsec, SSH, or SSL vpn tunnel. You can also make the manager
; interface available over http/https if Asterisk's http server is enabled in
; http.conf and if both "enabled" and "webenabled" are set to yes in
; this file. Both default to no. httptimeout provides the maximum
; timeout in seconds before a web based session is discarded. The
; default is 60 seconds.
;
[general]
enabled = no
;webenabled = yes
port = 5038
bindaddr = 0.0.0.0
; Parameters that control AMI over TLS. ("enabled" must be set too).
; You can open a connection to this socket with e.g.
;
; openssl s_client -connect my_host:5039
;
;tlsenable=no ; set to YES to enable it
;tlsbindaddr=0.0.0.0:5039 ; address and port to bind to, default to bindaddr and port 5039
;tlscertfile=/tmp/asterisk.pem ; path to the certificate.
;tlsprivatekey=/tmp/private.pem ; path to the private key, if no private given,
; if no tlsprivatekey is given, default is to search
; tlscertfile for private key.
;tlscipher=<cipher string> ; string specifying which SSL ciphers to use or not use
;
;allowmultiplelogin = yes ; IF set to no, rejects manager logins that are already in use.
; ; The default is yes.
;
;displayconnects = yes
;
; Add a Unix epoch timestamp to events (not action responses)
;
;timestampevents = yes
;brokeneventsaction = yes ; Restore previous behavior that caused the events
; action to not return a response in certain
; circumstances. Defaults to 'no'.
;
; Display certain channel variables every time a channel-oriented
; event is emitted:
;
;channelvars = var1,var2,var3
; debug = on ; enable some debugging info in AMI messages (default off).
; Also accessible through the "manager debug" CLI command.
; authtimeout specifies the maximum number of seconds a client has to
; authenticate. If the client does not authenticate beofre this timeout
; expires, the client will be disconnected. (default: 30 seconds)
;authtimeout = 30
; authlimit specifies the maximum number of unauthenticated sessions that will
; be allowed to connect at any given time.
;authlimit = 50
;httptimeout = 60
; a) httptimeout sets the Max-Age of the http cookie
; b) httptimeout is the amount of time the webserver waits
; on a action=waitevent request (actually its httptimeout-10)
; c) httptimeout is also the amount of time the webserver keeps
; a http session alive after completing a successful action
;[mark]
;secret = mysecret
;deny=0.0.0.0/0.0.0.0
;permit=209.16.236.73/255.255.255.0
;acl=named_acl_example ; use a named ACL from acl.conf
;
;
;setvar=PBXACCOUNT=edvina
; The setvar option defines channel variables that will be set when this account
; originates a call. You can define multiple setvar= commands for one manager
; user.
;
;eventfilter=Event: Newchannel
;eventfilter=Channel: (PJ)?SIP/(james|jim|john)-
;eventfilter=!Channel: DAHDI/
; The eventfilter option is used to whitelist or blacklist events per user.
; A filter consists of an (unanchored) regular expression that is run on the
; entire event data. If the first character of the filter is an exclamation
; mark (!), the filter is appended to the blacklist instead of the whitelist.
; After first checking the read access below, the regular expression filters
; are processed as follows:
; - If no filters are configured all events are reported as normal.
; - If there are white filters only: implied black all filter processed first,
; then white filters.
; - If there are black filters only: implied white all filter processed first,
; then black filters.
; - If there are both white and black filters: implied black all filter processed
; first, then white filters, and lastly black filters.
;
; If the device connected via this user accepts input slowly,
; the timeout for writes to it can be increased to keep it
; from being disconnected (value is in milliseconds)
;
; writetimeout = 100
;
;displayconnects = yes ; Display on CLI user login/logoff
;
; Authorization for various classes
;
; Read authorization permits you to receive asynchronous events, in general.
; Write authorization permits you to send commands and get back responses. The
; following classes exist:
;
; all - All event classes below (including any we may have missed).
; system - General information about the system and ability to run system
; management commands, such as Shutdown, Restart, and Reload. This
; class also includes dialplan manipulation actions such as
; DialplanExtensionAdd and DialplanExtensionRemove.
; call - Information about channels and ability to set information in a
; running channel.
; log - Logging information. Read-only. (Defined but not yet used.)
; verbose - Verbose information. Read-only. (Defined but not yet used.)
; agent - Information about queues and agents and ability to add queue
; members to a queue.
; user - Permission to send and receive UserEvent.
; config - Ability to read and write configuration files.
; command - Permission to run CLI commands. Write-only.
; dtmf - Receive DTMF events. Read-only.
; reporting - Ability to get information about the system.
; cdr - Output of cdr_manager, if loaded. Read-only.
; dialplan - Receive NewExten and VarSet events. Read-only.
; originate - Permission to originate new calls. Write-only.
; agi - Output AGI commands executed. Input AGI command to execute.
; cc - Call Completion events. Read-only.
; aoc - Permission to send Advice Of Charge messages and receive Advice
; - Of Charge events.
; test - Ability to read TestEvent notifications sent to the Asterisk Test
; Suite. Note that this is only enabled when the TEST_FRAMEWORK
; compiler flag is defined.
; security - Security Events. Read-only.
; message - Permissions to send out of call messages. Write-only
;
;read = system,call,log,verbose,agent,user,config,dtmf,reporting,cdr,dialplan
;write = system,call,agent,user,config,command,reporting,originate,message
|
