Cannot install Asterisk on pfsense platform



  • Dear All,

    I am using the pfsense 1.2RC3 as captive portal and firewall and I am trying to install Asterisk 1.1.17 on the same machine. We would like just to use a single machine.  😞 It failed many times during the installation either install using package or port installation.

    Could anyone advise how to install asterisk (any version indeed) on pfsense and any SoftPBX component that can run and install on the same box as pfscense.

    Any advice is highly appreciated!



  • You really should  have a dedicated server runing asterisk and a software like freePBX.  Voice consume quite a lot of resources.
    I do not see pfsense as a “multipurpose” server, I think its use should be restricted to network security components only.



  • Agree if you really want to save money like that your best bet is to get VMachines on a box and do it that way.

    best bet is to get the firewall on its own machine that way if the firewall dies your pbx doesnt go with it!



  • Many thanks for all your advice. Our network is very small - a few machines indeed and a couple of IP phone and the server is quite big -I would say big enough for this. Could you please let me know how to install as it does not really work at all to install asterisk on the same box.

    Any advice is highly appreciated.

    Regards,



  • I think everybody’s crystal ball is broken.  You’ve not posted anything beyond “it doesn’t work” - maybe if you posted error messages people could help you.

    Alternatively, see my post in the following thread:

    http://forum.pfsense.org/index.php/topic,7556.msg42839.html#msg42839



  • First of all, it is never a good idea to implement other software on a firewall installation! A PBX is no exception here.

    Askozia (http://askozia.com/pbx) is derived from the m0n0wall sources as well as pfSense. Thereby it has the same FreeBSD OS. Asterisk is Linux based, IMHO.

    If you want/have to use the same beefy machine then go for virtualization and install pfSense and your PBX of choice in different VMs.

    Looking at the prices for current pfSense hardware like ALIX boards, to me it is a no brainer to separate it physically. If you’re not familiar with setting up VMs, then your time for this task or getting it to work simultaneously on the same OS (which, BTW, is not supported by pfSense developers) is way more expensive than dedicated hardware!



  • I have an old clunker PC I bought for 30$ sitting in a closet acting as an Asterisk server for 2 lines, it’s great. I would LOVE if I could get some PFsense action going on there as well. It’d route better than my Buffallo Airstation.

    What about power usage?

    If you calculate that 1 watt cost 2$ a year when using it 24 7 365 and your 30$ pc are using 100 watt.1 year later it will have cost you 200$, While a embedded board is using around 7 watt and will cost 14$.



  • Dear All,

    Many thanks for your responses. But anyway, we are keen to get all running in one box due to a small network and Asterisk is supposed on run on the BSD- pfsense has BSD. These are our installation error and could anyone advice why this does not work?

    Any advice is appreciated - we hope we can put everything together in a single box surely it will not overload due to machine capacity we have and the number of client machines we have. Hope the community can help with putting asterisk on pfsense box!

    
    # make
    ===>   asterisk-1.4.17 depends on executable: mpg123 - found
    ===>   asterisk-1.4.17 depends on executable: gmake - found
    ===>   asterisk-1.4.17 depends on executable: bison - found
    ===>   asterisk-1.4.17 depends on shared library: speex.1 - found
    ===>   asterisk-1.4.17 depends on shared library: newt.51 - found
    ===>   asterisk-1.4.17 depends on shared library: gsm.1 - found
    ===>   asterisk-1.4.17 depends on shared library: curl.4 - found
    ===>   asterisk-1.4.17 depends on shared library: pt_r.1 - found
    ===>   asterisk-1.4.17 depends on shared library: h323_r.1 - found
    ===>   asterisk-1.4.17 depends on shared library: odbc.1 - found
    ===>   asterisk-1.4.17 depends on shared library: ltdl.4 - found
    ===>   asterisk-1.4.17 depends on shared library: tds.5 - found
    ===>   asterisk-1.4.17 depends on shared library: vorbis.4 - found
    ===>   asterisk-1.4.17 depends on shared library: radiusclient-ng.2 - found
    ===>   asterisk-1.4.17 depends on shared library: netsnmp.10 - found
    ===>   asterisk-1.4.17 depends on shared library: iksemel.4 - found
    ===>   asterisk-1.4.17 depends on shared library: sqlite - found
    ===>   asterisk-1.4.17 depends on shared library: pq.4 - found
    ===>  Configuring for asterisk-1.4.17
    configure: WARNING: you should use --build, --host, --target
    checking build system type... i386-portbld-freebsd6.2
    checking host system type... i386-portbld-freebsd6.2
    checking for i386-portbld-freebsd6.2-gcc... cc
    checking for C compiler default output file name... a.out
    checking whether the C compiler works... yes
    checking whether we are cross compiling... no
    checking for suffix of executables... 
    checking for suffix of object files... o
    checking whether we are using the GNU C compiler... yes
    checking whether cc accepts -g... yes
    checking for cc option to accept ISO C89... none needed
    checking how to run the C preprocessor... cc -E
    checking for grep that handles long lines and -e... /usr/bin/grep
    checking for egrep... /usr/bin/grep -E
    checking for AIX... no
    checking for ANSI C header files... yes
    checking for sys/types.h... yes
    checking for sys/stat.h... yes
    checking for stdlib.h... yes
    checking for string.h... yes
    checking for memory.h... yes
    checking for strings.h... yes
    checking for inttypes.h... yes
    checking for stdint.h... yes
    checking for unistd.h... yes
    checking minix/config.h usability... no
    checking minix/config.h presence... no
    checking for minix/config.h... no
    checking whether it is safe to define __EXTENSIONS__... yes
    checking for i386-portbld-freebsd6.2-uname... no
    checking for uname... /usr/bin/uname
    checking for i386-portbld-freebsd6.2-gcc... (cached) cc
    checking whether we are using the GNU C compiler... (cached) yes
    checking whether cc accepts -g... (cached) yes
    checking for cc option to accept ISO C89... (cached) none needed
    checking whether we are using the GNU C++ compiler... yes
    checking whether c++ accepts -g... yes
    checking how to run the C preprocessor... cc -E
    checking how to run the C++ preprocessor... c++ -E
    checking for a sed that does not truncate output... /usr/bin/sed
    checking for egrep... grep -E
    checking for ld used by cc... /usr/bin/ld
    checking if the linker (/usr/bin/ld) is GNU ld... yes
    checking for gawk... no
    checking for mawk... no
    checking for nawk... nawk
    checking for a BSD-compatible install... /usr/bin/install -c -o root -g wheel
    checking whether ln -s works... yes
    checking for i386-portbld-freebsd6.2-ranlib... no
    checking for ranlib... ranlib
    checking for GNU make... gmake
    checking for i386-portbld-freebsd6.2-strip... no
    checking for strip... /usr/bin/strip
    checking for i386-portbld-freebsd6.2-ar... no
    checking for ar... /usr/bin/ar
    checking for awk... /usr/bin/awk
    checking for grep... (cached) /usr/bin/grep
    checking for find... /usr/bin/find
    checking for compress... /usr/bin/compress
    checking for basename... /usr/bin/basename
    checking for id... /usr/bin/id
    checking for dirname... /usr/bin/dirname
    checking for sh... /bin/sh
    checking for ln... /bin/ln
    checking for dot... :
    checking for wget... :
    checking for fetch... /usr/bin/fetch
    checking for i386-portbld-freebsd6.2-soxmix... no
    checking for soxmix... no
    checking for the pthreads library -lpthreads... no
    checking whether pthreads work without any flags... no
    checking whether pthreads work with -Kthread... no
    checking whether pthreads work with -kthread... no
    checking for the pthreads library -llthread... no
    checking whether pthreads work with -pthread... yes
    checking for joinable pthread attribute... PTHREAD_CREATE_JOINABLE
    checking if more special flags are required for pthreads... -D_THREAD_SAFE
    checking for working alloca.h... no
    checking for alloca... yes
    checking for dirent.h that defines DIR... yes
    checking for library containing opendir... none required
    checking for ANSI C header files... (cached) yes
    checking for sys/wait.h that is POSIX.1 compatible... yes
    checking arpa/inet.h usability... yes
    checking arpa/inet.h presence... yes
    checking for arpa/inet.h... yes
    checking fcntl.h usability... yes
    checking fcntl.h presence... yes
    checking for fcntl.h... yes
    checking for inttypes.h... (cached) yes
    checking libintl.h usability... yes
    checking libintl.h presence... yes
    checking for libintl.h... yes
    checking limits.h usability... yes
    checking limits.h presence... yes
    checking for limits.h... yes
    checking locale.h usability... yes
    checking locale.h presence... yes
    checking for locale.h... yes
    checking malloc.h usability... no
    checking malloc.h presence... no
    checking for malloc.h... no
    checking netdb.h usability... yes
    checking netdb.h presence... yes
    checking for netdb.h... yes
    checking netinet/in.h usability... yes
    checking netinet/in.h presence... yes
    checking for netinet/in.h... yes
    checking stddef.h usability... yes
    checking stddef.h presence... yes
    checking for stddef.h... yes
    checking for stdint.h... (cached) yes
    checking for stdlib.h... (cached) yes
    checking for string.h... (cached) yes
    checking for strings.h... (cached) yes
    checking sys/file.h usability... yes
    checking sys/file.h presence... yes
    checking for sys/file.h... yes
    checking sys/ioctl.h usability... yes
    checking sys/ioctl.h presence... yes
    checking for sys/ioctl.h... yes
    checking sys/param.h usability... yes
    checking sys/param.h presence... yes
    checking for sys/param.h... yes
    checking sys/socket.h usability... yes
    checking sys/socket.h presence... yes
    checking for sys/socket.h... yes
    checking sys/time.h usability... yes
    checking sys/time.h presence... yes
    checking for sys/time.h... yes
    checking syslog.h usability... yes
    checking syslog.h presence... yes
    checking for syslog.h... yes
    checking termios.h usability... yes
    checking termios.h presence... yes
    checking for termios.h... yes
    checking for unistd.h... (cached) yes
    checking utime.h usability... yes
    checking utime.h presence... yes
    checking for utime.h... yes
    checking for special C compiler options needed for large files... no
    checking for _FILE_OFFSET_BITS value needed for large files... no
    checking for stdbool.h that conforms to C99... yes
    checking for _Bool... yes
    checking for an ANSI C-conforming const... yes
    checking for uid_t in sys/types.h... yes
    checking for inline... inline
    checking for mode_t... yes
    checking for off_t... yes
    checking for pid_t... yes
    checking for size_t... yes
    checking for struct stat.st_blksize... yes
    checking whether time.h and sys/time.h may both be included... yes
    checking whether struct tm is in sys/time.h or time.h... time.h
    checking for working volatile... yes
    checking for ptrdiff_t... yes
    checking for unistd.h... (cached) yes
    checking for working chown... yes
    checking whether closedir returns void... no
    checking for error_at_line... no
    checking vfork.h usability... no
    checking vfork.h presence... no
    checking for vfork.h... no
    checking for fork... yes
    checking for vfork... yes
    checking for working fork... yes
    checking for working vfork... (cached) yes
    checking for _LARGEFILE_SOURCE value needed for large files... no
    checking whether cc needs -traditional... no
    checking for working memcmp... yes
    checking for sys/time.h... (cached) yes
    checking for unistd.h... (cached) yes
    checking for utime.h... (cached) yes
    checking for alarm... yes
    checking for working mktime... yes
    checking for stdlib.h... (cached) yes
    checking for unistd.h... (cached) yes
    checking for getpagesize... yes
    checking for working mmap... yes
    checking sys/select.h usability... yes
    checking sys/select.h presence... yes
    checking for sys/select.h... yes
    checking for sys/socket.h... (cached) yes
    checking types of arguments for select... int,fd_set *,struct timeval *
    checking for function prototypes... yes
    checking whether setvbuf arguments are reversed... no
    checking return type of signal handlers... void
    checking whether lstat dereferences a symlink specified with a trailing slash... no
    checking whether stat accepts an empty string... no
    checking for working strcoll... yes
    checking for strftime... yes
    checking for working strnlen... no
    checking for working strtod... yes
    checking whether utime accepts a null argument... yes
    checking for vprintf... yes
    checking for _doprnt... no
    checking for asprintf... yes
    checking for atexit... yes
    checking for bzero... yes
    checking for dup2... yes
    checking for endpwent... yes
    checking for floor... no
    checking for ftruncate... yes
    checking for getcwd... yes
    checking for gethostbyname... yes
    checking for gethostname... yes
    checking for getloadavg... yes
    checking for gettimeofday... yes
    checking for inet_ntoa... yes
    checking for isascii... yes
    checking for localtime_r... yes
    checking for memchr... yes
    checking for memmove... yes
    checking for memset... yes
    checking for mkdir... yes
    checking for munmap... yes
    checking for pow... no
    checking for putenv... yes
    checking for re_comp... no
    checking for regcomp... yes
    checking for rint... no
    checking for select... yes
    checking for setenv... yes
    checking for socket... yes
    checking for sqrt... no
    checking for strcasecmp... yes
    checking for strcasestr... yes
    checking for strchr... yes
    checking for strcspn... yes
    checking for strdup... yes
    checking for strerror... yes
    checking for strlcat... yes
    checking for strlcpy... yes
    checking for strncasecmp... yes
    checking for strndup... no
    checking for strnlen... no
    checking for strrchr... yes
    checking for strsep... yes
    checking for strspn... yes
    checking for strstr... yes
    checking for strtol... yes
    checking for strtoq... yes
    checking for unsetenv... yes
    checking for utime... yes
    checking for vasprintf... yes
    checking for library containing gethostbyname_r... none required
    checking for gethostbyname_r with 6 arguments... yes
    checking for gethostbyname_r with 5 arguments... no
    checking for PTHREAD_RWLOCK_INITIALIZER... yes
    checking for PTHREAD_RWLOCK_PREFER_WRITER_NP... no
    checking for compiler atomic operations... no
    checking for compiler 'attribute pure' support... yes
    checking for compiler 'attribute malloc' support... yes
    checking for compiler 'attribute const' support... yes
    checking for compiler 'attribute unused' support... yes
    checking for compiler 'attribute always_inline' support... yes
    checking for compiler 'attribute deprecated' support... yes
    checking for -ffunction-sections support... yes
    checking for --gc-sections support... yes
    checking for -Wdeclaration-after-statement support... yes
    checking for res_ninit... no
    checking for RTLD_NOLOAD... no
    checking for IP_MTU_DISCOVER... no
    checking libkern/OSAtomic.h usability... no
    checking libkern/OSAtomic.h presence... no
    checking for libkern/OSAtomic.h... no
    checking for int... yes
    checking size of int... 4
    checking for snd_spcm_init in -lasound... no
    checking for initscr in -lcurses... yes
    checking curses.h usability... yes
    checking curses.h presence... yes
    checking for curses.h... yes
    checking for gsm_create in -lgsm... yes
    checking /usr/local/include/gsm.h usability... yes
    checking /usr/local/include/gsm.h presence... yes
    checking for /usr/local/include/gsm.h... yes
    checking /usr/local/include/gsm/gsm.h usability... no
    checking /usr/local/include/gsm/gsm.h presence... no
    checking for /usr/local/include/gsm/gsm.h... no
    checking for iks_start_sasl in -liksemel... yes
    checking iksemel.h usability... yes
    checking iksemel.h presence... yes
    checking for iksemel.h... yes
    checking for gnutls_bye in -lgnutls... yes
    checking gnutls/gnutls.h usability... yes
    checking gnutls/gnutls.h presence... yes
    checking for gnutls/gnutls.h... yes
    checking for UW IMAP Toolkit c-client library... no
    checking for lt_dlinit in -lltdl... yes
    checking ltdl.h usability... yes
    checking ltdl.h presence... yes
    checking for ltdl.h... yes
    checking for crashHandler in -lkdecore... no
    checking for mISDN_open in -lmISDN... no
    checking for nbs_connect in -lnbs... no
    checking for initscr in -lncurses... yes
    checking for curses.h... (cached) yes
    checking for i386-portbld-freebsd6.2-net-snmp-config... no
    checking for net-snmp-config... /usr/local/bin/net-snmp-config
    checking for snmp_register_callback in -lnetsnmp... yes
    checking for newtBell in -lnewt... yes
    checking newt.h usability... yes
    checking newt.h presence... yes
    checking for newt.h... yes
    checking for SQLConnect in -lodbc... yes
    checking sql.h usability... yes
    checking sql.h presence... yes
    checking for sql.h... yes
    checking for ogg_sync_init in -logg... yes
    checking linux/soundcard.h usability... no
    checking linux/soundcard.h presence... no
    checking for linux/soundcard.h... no
    checking sys/soundcard.h usability... yes
    checking sys/soundcard.h presence... yes
    checking for sys/soundcard.h... yes
    checking for i386-portbld-freebsd6.2-pg_config... no
    checking for pg_config... /usr/local/bin/pg_config
    checking for PQescapeStringConn in -lpq... yes
    checking for poptStrerror in -lpopt... yes
    checking popt.h usability... yes
    checking popt.h presence... yes
    checking for popt.h... yes
    checking for pri_keypad_facility in -lpri... no
    checking /root/pwlib/include/ptlib.h usability... no
    checking /root/pwlib/include/ptlib.h presence... no
    checking for /root/pwlib/include/ptlib.h... no
    checking /usr/local/include/ptlib.h usability... yes
    checking /usr/local/include/ptlib.h presence... yes
    checking for /usr/local/include/ptlib.h... yes
    checking for ptlib-config... /usr/local/bin/ptlib-config
    11003
    10902
    checking if PWLib version 1.10.3 is compatible with chan_h323... yes
    checking PWLib installation validity... no
    configure: ***
    configure: *** The OPENH323 installation on this system appears to be broken.
    configure: *** Either correct the installation, or run configure
    configure: *** including --without-h323
    ===>  Script "configure" failed unexpectedly.
    Please report the problem to sobomax@FreeBSD.org [maintainer] and attach the
    "/usr/ports/net/asterisk/work/asterisk-1.4.17/config.log" including the output
    of the failure of your make command. Also, it might be a good idea to provide
    an overview of all packages installed on your system (e.g. an `ls
    /var/db/pkg`).
    *** Error code 1
    
    Stop in /usr/ports/net/asterisk.
    *** Error code 1
    
    Stop in /usr/ports/net/asterisk.
    # 
    
    


  • Short version - you’re likely to break things trying this.

    Long version - unsurprisingly it looks like pfSense is missing bits of packages that it doesn’t need.  As such you’ll have to do full installs of any such packages.  Of course, if you ever updated pfSense then you may replace parts of your install with newer files, rendering the entire thing broken.

    If you really want to go down the single hardware route, see the suggestions you’ve already been given.



  • Many thanks for all your advices. If this is the case it might be hard to install asterisk on the same box with pfsense. Is there any alternative or can we run pfsense on other linux OS and then we install pfsense in? Is there anyway to do implement (pfsense on other OS) or it might be not possible as the pfsense already has its OS.

    Please advise



  • Best way to implement to implement this is to run everything in separate VM’s. Run pfsense under one VMware instance and then run asterisk on a second vmware instance with the host OS being linux/unix….I’d opt for FreeBSD as the host OS, install vmware server and then setup the two vmware installs. If the box has enough power for it that would work for a single box configuration.



  • Running pfSense in a vmware instance in production is an exceptionally bad idea.



  • I agree with pfsense commercial support advice as it might not be an good solution to use VMWare in the production. Could you please advise if teh Asterisk can be run on the same box with pfsense? Anyone has sucessfully installed this together in the same box? Could you please provide guidance or instructions or how to?

    Regards



  • Obviously we’re not reading the same thread 😉  If anybody had, or was able to provide guidance, they would have by now.

    You have 2 options:

    1. Have 2 separate boxes
    2. Use a full install of FreeBSD and accept that you can’t use pfSense


  • Yes, perhaps I have to accept that this cannot be done. Could anyone advice any good Captive Portal, DHCP, Firewall and package shaping together in a package that can be run on the Linux platform or full BSD platform?

    If having that I can move the captive portal set (Captive Portal, DHCP, Firewall, and Package Shaping) to that box so that I can fully run Asterisk.

    Any advice is highly appreciated!



  • @submicron:

    Running pfSense in a vmware instance in production is an exceptionally bad idea.

    true, never said it was a good idea but it should work. I have heard of some people doing something similar on their home connections but you talking 2 or 3 SIP phones and three computers……not a typical office enviroment.



  • Why would it be an “exceptionally bad idea” to use Vmware in a production environment?
    And are you referring to this specific product or virtual machines in general?

    Granted, I will always separate my pfSense physically.



  • I would say I will not go for VMWare in the production even the smallest network. We need to ensure quality. Anyway, any ideas to put them together in a high performance machine or any way to have pfsense or other recommended captive portal to run on the Linux OS?

    Regards



  • @dmz:

    …to run on the Linux OS?

    pfSense (and m0n0wall) are FreeBSD based. This is not Linux!



  • I am also trying to do the same thing - large server, small number of phones and machines behind a captive portal.

    Most peoples comments here seem to be “don’t put stuff on a firewall or it stops being a firewall”.  Normally I would agree, but in my case (and I suspect the originators case) the firewall aspect is only tertiary - the SIP gateway and captive portal are what is important.  If the SIP gateway is not doing any codec translation it uses hardly any resources whatsoever, and the captive portal is the same.  In my case I don’t even need a “big honking server”.

    So for those of you who are maybe not so paranoid, I will make this work this evening and will post my results.

    Cheers,

    j



  • Ok, I have asterisk 1.4.17 running on the pfsense platform.  It is happily gateing 50 SIP phones with no codec translation (gsm) onto an IAX trunk to our main switch.  It is also a captive portal for 20 Internet Cafe machines and a handful of wifi routers.  This is all running on an Acer Celeron 2.4Ghz with 1GB RAM.  Load average with traffic has yet to go over 0.1 .  I haven’t done any exhaustive tests, but I have no reason to believe that my actions have crippled pfsense in any way.

    This is not easy to do.  You must have a fully installed 6.2-RELEASE machine available on the net to pull files from.  pfsense has been severely stripped!  Some bizarre things were removed (split? comm? those two probably saved about 10k of space ;).  You must be able to read the compile output and fix things as you go along, by pulling missing files from your fully loaded box.  I wish I had made a list of everything I pulled over.  Almost all in /usr/bin.

    The hurdles were as follows:

    1. used sysinstall to get at online packages, and installed the latest gcc and gmake
    2. mv /usr/bin/cc and /usr/bin/cpp out of the way, then symlink to /usr/local/bin/gcc and /usr/local/bin/gpp respectively
    3. download the latest ports tree and unpack
    4. cvsup the latest asterisk source into the ports tree (was 1.4.17 for me yesterday)
    5. make install!

    As I said above, you will have to be able to read the errors in the build output and pull missing files.  Thats the biggest issue.  But it IS possible, and I am quite happy with the result so far.  Granted I am not using any zaptel interfaces and it is pretty much exclusively for outbound calls, so I am not stressing asterisk much, or pfsense for that matter.

    Want to hear more craziness?  I got X running on this beast too.  Long live FreeBSD.

    Cheers,

    j



  • @lacoursj:

    This is not easy to do.  You must have a fully installed 6.2-RELEASE machine available on the net to pull files from.  pfsense has been severely stripped!  Some bizarre things were removed (split? comm? those two probably saved about 10k of space ;).  You must be able to read the compile output and fix things as you go along, by pulling missing files from your fully loaded box.  I wish I had made a list of everything I pulled over.  Almost all in /usr/bin.

    This is all great and all, but when pfSense puts out a new release are you going to want to do that every time? The reason I use pfSense is due to the config being an xml file. I can grab the newest release, restore the xml file, and be on my way. Just buy a separate box for pfSense or Asterik. It will save you many headaches.



  • dmz, why dont you go with the suggestion of running pfsense and any asterisk VM appliance as VMs on your server? From security point of view this is not good, but if you are OK with that then this is probably easiest to get working. asterisk is exceptionally difficult to compile, configure and run, and if you have not done it before then getting it to work on FreeBSD is not likely to happen.


Locked
 

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy