FreeSWITCH package for pfSense 1.2.1 and 2.0 released. PBX or Proxy
- 
 Minor version update. Added commands to the 'Status' tab to start, stop, restart, rescan, reloaxml and flush inbound registrations. Also found and corrected 2 minor issues with syntax. 
- 
 Thanks mcrane…this package rocks. 
- 
 Thanks for the encouragement. New version is almost ready. I will try my best to get it out by sometime tomorrow (Saturday 29 Nov 2008). 
- 
 was this updated over the weekend? it looks like it wasnt based on my packages list. is there another way to check other than the packages list page within my pfsense? 
- 
 Sorry I missed my goal for weekend release still working on it. Should be soon. 
- 
 Any idea when this will be coming along Mcrane? My Linksy 941 clips the packet size of RTP and apparently there is a fix for this in the latest version of freeswitch. My phone in usable until this gets updated. Thanks, and sorry if im sounding pushy! 
- 
 I will be releasing this today Friday 5th December 2008. When its ready I will announce it here. 
- 
 Announcing the release of the new pfSense FreeSWITCH package version 0.3.2. The new package includes 
 1. Recordings
 2. IVR (Auto Attendant)
 3. 'Public' Tab
 4. 'Dialplan' Tab
 5. 'Gateways' Tab now has an advanced tab that hides options that are not used often simplifying the interface. Also has a tool that will make it easy to quickly add outbound dialplan rules for 7,10, and 11 digit dialing.
 6. Improved 'status' Tab
 Added a download button for 'call detail records' in csv format and for logs.
 Added better formatting for active calls and channels.
 7. New build of FreeSWITCH revision 10638 from 5 December 2008.In the previous versions after adding a new gateway, extension or some other change the configuration was automatically reloaded. However this took a little more extra time after each change. 0.3.2 no longer reloads the configuration automatically. To reload the configuration go to the 'Status' tab and click on 'reloadxml' if you adding a gateway then press rescan. Update a gateway then press 'restart' on the external profile. Added some documentation and links to the interface hopefully making things a bit easier. The 'Public' tab in the previous version was a text area that allowed you to modify the XML manually. This is still available under 'deprecated xml'. Please move your config to the new public GUI interface as the 'deprecated xml' will be available for a short period of time allowing anyone who has an older install a chance to move the config. Public tab routes inbound calls to the desired location. Example 'Public' config in the new interface: 
 Extension Name: inbound_did
 Enabled: true
 Order: 001
 Description: Inbound DIDDirects specific calls that are calling into the following DID. 
 Tag: Condition
 Type: destination_number
 Data: ^(12081231234)$Call is transferred to extension 1001. Can also use this to direct calls to the IVR. 
 Tag: Action
 Type: transfer
 Data: 1001 XML default–-- Upgrade Warning ------------ 
 If you are upgrading then backup your recordings and voicemail before starting. To be absolutely you have everything backup the /usr/local/freeswitch directory. You can do this by using the 'Command' tool under 'Diagnostics' to tar gzip the directory and then use copy the file to the /tmp directory or use the 'Download' to save a copy of the file.
 ---- Upgrade Warning ------------If you have any questions or problems please post a message here. Best Regards, 
 Mark J Crane
- 
 Last night (8 December 2008) fixed a bug or two that prevented hearing the prompts for recording on the 'Rec' tab. 
 Today (9 December 2008) fixed an issue with the auto attendant (IVR) saving correctly and the audio from playing.If you have installed the package make sure to back up /usr/local/freeswitch and then reinstall to the latest version. 
- 
 I reinstalled the package to upgrade to the latest version and ended up with some missing files…the IVR tab and Gateway tab both gave 404s. Uninstalled and reinstalled the package, and it works now. So, if you run into problems, just try uninstalling and reinstalling. 
- 
 mcrane, very nice job. I'm struggling a bit figuring out how everything interacts in the GUI, but this is awesome. Great job. One feature request when you have time would be to add controls to change the order of IVR\inbound conditions and actions, like there are for firewall rules…add below this, and insert here. 
- 
 mcrane, very nice job. I'm struggling a bit figuring out how everything interacts in the GUI, but this is awesome. Great job. As you figure out how it interacts post some tips here on the forum so that it can benefit others. If you have questions post them here and I will help. One feature request when you have time would be to add controls to change the order of IVR\inbound conditions and actions, like there are for firewall rules…add below this, and insert here. I agree ability to change the order would be useful. I will work on it when I get some time. 
- 
 Does anybody have a pointer ? 
 We already are running a PFSense Box as the main Firewall in our test environment. We now what to add a separate PFSense box with the Freeswitch package, and running just for that purpose.Do I need to setup a "Transparent Firewall" 
 b "Bridge w/th Outbound NAT'
 c "Router [Disable Firewall] + Bridge]" ?Sorry if these options don't make sense, but hopelly they will make you smile :). Point being is that I should be able to work all on the WAN as a single network device and not need all the extra NATing, Unfortunately my alternative if I cant get moving forward is to use askozia. I only have 5 days applied to this test. 3 to go. 
- 
 Does anybody have a pointer ? 
 We already are running a PFSense Box as the main Firewall in our test environment. We now what to add a separate PFSense box with the Freeswitch package, and running just for that purpose.Sounds good. a "Transparent Firewall" 
 b "Bridge w/th Outbound NAT'
 c "Router [Disable Firewall] + Bridge]" ?What you do for choice a, b, or c is dependent on you are trying to accomplish. For example if your phones are always going to be in the same network, and or you are using a point to point vpn between locations then setting the FreeSWITCH machine inside NAT should work fine. However if you want to have FreeSWITCH work inside your office and phones work outside the office without a VPN then the easiest way would be to give the FreeSWITCH machine a real world IP on the WAN. If it is static you can use the IP address or a domain. If the IP is dynamic then use a dynamic dns provider to provide a domain name. If you choose to use a domain name then you will need to set the domain= from the 'var' tab to the domain you are wanting to use. You can disable the firewall if you have a firewall in front of the FreeSWITCH machine. However my preference still leans toward a higher level of security by leaving the firewall on so that it firewalls itself. Really this depends on if its has a public IP then yes I would leave the firewall in tact. If FreeSWITCH machine is on the LAN IP and there are only a few people connected to the LAN then you might be okay with the firewall disabled. Sorry if these options don't make sense, but hopelly they will make you smile :). Point being is that I should be able to work all on the WAN as a single network device and not need all the extra NATing, At this moment you still need the LAN port. I have PHP communicating with the FreeSWITCH package over the LAN interface. However I be changing this soon so that it will work with one or more interfaces. Unfortunately my alternative if I cant get moving forward is to use askozia. I only have 5 days applied to this test. 3 to go. I will attempt to help you get this working before your deadline. 
- 
 Announcing a few more features that I stayed up all night to add. 1. Auto Attendant timeout. The recording plays one time and then the timeout is used to allow more time for dtmf to be detected. If no dtmf is detected during that time the system will direct the call to the timeout out option 't'. 2. Backup and Restore feature I felt was an important feature. 
 I have added a backup and restore buttons to the 'Status' tab. When you click on the backup button a /usr/local/freeswitch directory is tar gzipped and saved into /tmp/ directory as freeswitch.bak.tgz. When the file exists then the 'restore' button will be visible.The restore currently leaves the config directory alone allowing pfSense configuration to store all the configuration. 
 However the restore does extract the backup files to the following folders.Internal Database files keep track of registrations, voicemail details, and more. 
 /usr/local/freeswitch/db/Logs 
 /usr/local/freeswitch/log/Recordings from the 'Rec' tab are saved here. 
 /usr/local/freeswitch/recordings/Saves the javascript files most usefull if you have any custom scripts in this directory. 
 /usr/local/freeswitch/scripts/Voicemail audio files are stored in this location 
 /usr/local/freeswitch/storage/–----------------------------------------------------- 
 If you are using a version less than 0.4.1 then you should
 manually create the backup before upgrading using the
 following command.Diagnostics->Command->PHP Execute->Command 
 system('cd /usr/local/;tar cvzf /tmp/freeswitch.bak.tgz freeswitch');After you have upgraded to 0.4.1 or higher then you will have the 
 backup button that you can use at any time.If /tmp/freeswitch.bak.tgz file exists during the install then the 
 restore will automatically run directory content to /usr/local/freeswitch.
 Upgrading the FreeSWITCH pfSense package: System-> Package Manager-> Installed Packages 
 Updateat this time the any of the 'Reinstall' buttons will not likely work.Its working nowAt this time the upgrade procedure is to make the backup and then remove the FreeSWITCH package. 
 Then install the package again. During the installation it will detect the backup and restore the additional directories.
- 
 Thanks for the advise, so let me understand For now I will setup the FreeSwitch box behind the NAT [ Other pfsense box ] inside the LAN network. - I can have Firewall on … got that ...
- I can connect just the LAN of FreeSwitch Box and give it a static private IP part of our existing network and move on, no need for bridging or anything else
- I suppose when you update the package we can choose which network port to use. In either case with just the LAN network port and an ethernet cable I should be fine, ... but what about NATing on that box ? will that interfere ?
 Thanks in advance 
- 
 To clarify the previous message about NAT it is possible to setup FreeSwitch behind NAT as well have phones on the inside and the outside of the network. However there is more of a learning curve for to do it for starters you would want to configure NAT to direct the traffic to the FreeSwitch Server, configure Rules to allow the traffic, and then finally there are additional changes required to make FreeSWITCH work. See wiki.freeswitch.org for additional NAT details. - I can connect just the LAN of FreeSwitch Box and give it a static private IP part of our existing network and move on, no need for bridging or anything else
 Honestly I have not tried it from the LAN. When I have run it as a dedicated device I ran it on the WAN with the IP on the WAN using a local network IP. Then on the LAN I left that interface unplugged. If you use the static IP on the LAN make sure to go to the 'var' tab as previously described and set the domain = to the lan ip. 
 Then restart the FreeSWITCH service.- I suppose when you update the package we can choose which network port to use. In either case with just the LAN network port and an ethernet cable I should be fine, … but what about NATing on that box ? will that interfere ?
 If you use the WAN interface only then no traffic travels from the WAN to the LAN and so there is no NAT involved. This may be the case with the using only the LAN interface I haven't tried it. I think you might run into a problem on the LAN side with the LAN trying to find the Gateway to the internet that is defined on the WAN in pfSense 1.2.1. 
- 
 I'm pretty sure the sip useragent binds to all interfaces, so it won't matter what interface you have plugged in… 
- 
 First off thank you for all the help. I think that once this is all setup and tested it may make sense to provide you documentation of how we have set it up and add your settings to it and present it as a tutorial to share to others for configuring Freeswitch with this case scenario. So after reading your response I will follow your direction and plug the Ethernet into the WAN network interface, as you explained that it will eliminate that whole NAT stuff. So… 
 We have a PFSENSE firewall and then in the network we have a PFSENSE / Freeswitch device with 2 Network interfaces but we use just the WAN set with DHCP [ the address is static given from the DHCP Server ]Now I suppose that we still need to open ports and add port forwarders to direct traffic to the FREESwitch box… 
 Where can I find all that Jazz ? and do I need to follow the steps of implementing the sipproxy package on either the PFSENSE box or the Freeswitch box ?Regards, 
- 
 First off thank you for all the help. I think that once this is all setup and tested it may make sense to provide you documentation of how we have set it up and add your settings to it and present it as a tutorial to share to others for configuring Freeswitch with this case scenario. A variety of tutorials is a good thing. No one is likely to complain about too much documentation. Keep in mind much of the information at wiki.freeswitch.org still applies to this package. So after reading your response I will follow your direction and plug the Ethernet into the WAN network interface, as you explained that it will eliminate that whole NAT stuff. Ok. So… 
 We have a PFSENSE firewall and then in the network we have a PFSENSE / Freeswitch device with 2 Network interfaces but we use just the WAN set with DHCP [ the address is static given from the DHCP Server ]DHCP is fine as long as its is reserved static IP. Now I suppose that we still need to open ports and add port forwarders to direct traffic to the FREESwitch box… 
 Where can I find all that Jazz ? and do I need to follow the steps of implementing the sipproxy package on either the PFSENSE box or the Freeswitch box ?You don't need to over complicate things add more complexity if you need it. So for example siproxd may not be needed. I would only through it in the mix if I needed it. Your phones will all be talking to the phone system as in the pfSense FreeSWITCH box. It is the only thing that will talk outside of the network to a VoIP provider (ITSP). If there is someone that knows Siproxd better than me feel free to share your knowledge but as far as I'm aware siproxd is most useful for situations where you have multiple devices in one network going out to an offsite PBX or VoIP provider. On the machine that is the dedicated pfSense FreeSWITCH box set some 'Rules' on it to allow the VoIP traffic to the WAN interface. SIP protocol on FreeSWITCH uses 5060 - 5090 and can communicate over TCP or UDP. RTP (Real time protocol) uses ports 16384 - 32768 UDP. You do not need to configure NAT. It is not necessary to configure because FreeSWITCH will bind to the WAN a translation of the WAN address to LAN is not needed in this case unless you make FreeSWITCH bind to the LAN.