Syed Jahanzaib Personnel Blog to Share Knowledge !

February 24, 2015

Table ‘conntrack.tabidx’ doesn’t exist

Filed under: Linux Related — Tags: , — Syed Jahanzaib / Pinochio~:) @ 11:32 AM


Short reference:

While accessing RM users section , received “Table ‘conntrack.tabidx‘ doesn’t exist” error.
As showed in the image below …



This is how I fixed it.

On your RM box, create a file in which we will add table information.

touch conntrack.sql
nano conntrack.sql

Paste the following table

-- phpMyAdmin SQL Dump
-- version 2.11.0
-- Host: localhost
-- Generation Time: Sep 03, 2008 at 11:57 AM
-- Server version: 5.0.18
-- PHP Version: 5.1.2


-- Database: `conntrack`

-- --------------------------------------------------------

-- Table structure for table `tabidx`

`date` date NOT NULL,
PRIMARY KEY  (`date`)



SAVE and exit.

Now use the following command to import table into mysql database ‘conntrack

mysql -h localhost -u root -pYOURPASS radius < conntrack.sql




The table code have been extracted from radius manager installation archive.  Example:

You can import any missing table from above file and import it in mysql.




Automated installation Script For DMASOFTLAB RADIUS MANAGER v4.1 in CENTOS

Filed under: Linux Related — Tags: — Syed Jahanzaib / Pinochio~:) @ 10:49 AM

[As demanded by few Humans ;) ]

Following is an customized script to install DMASOFTLAB Radius Manager ver 4.1 in CENTOS 6.x / 32bit

The aim of writing this script was to save some time and efforts every time I put in new RM installation. Since DMA don’t have any official support forum (except for there email support which is valid for paid customers only) , so I thought it might be helpful for others too  by sharing this info :)

I know very well that It is not a perfect script, it can be very well shorten as per the requirement, but still it does it’s job very nicely with out any user intervention :)

Suggestions are most welcome at  . . .
aacable @ hotmail . com


1- Fresh Installation of CENTOS 6.x 32bit  (script is well tested with 6.6 edition 32bit edition only)

2- good Internet access, off course ; )

3- Valid License files provided by DMASOFTLAB , valid with your physical (or virtual) interface MAC address [You can upload your license files in /temp folder as this script will try to copy the 2 licenses files required [lic.txt and mod.txt] from temp folder to appropriate place.


What components does this script add to the system ?

This script will install following in your system. (as per order nos.)

> Disable iptables service , ipv6 and selinux in centos

> Download Radius Manager from remote location (preferably Google Drive, adjustable in the script)

> Install necessary components like mysql , apache2, php5 etc

> Download and install dmasoftlab required components like libltd* , IONCUBE and add its entries in Apache’s php config file

> Download and compile freeradius-server-2.2.0-dma-patch-2 package

> Add Radius & Conntrack DB in mysql suing CLI (I have configured default password for mysql which is ‘zaib1234′ , you can change it later)

> Extract Radius Manager Installation file & install it accordingly.

> Restart Services like apache2, mysql, radius



Before accessing RM ACP , make sure you upload valid LICENSE files in /var/www/html/radiusmanager folder

2- This script will set mysql password to “zaib1234″ , you can change it later.

How-to Execute The Script  !!

There are several ways to do it, one is explained below . . .

Create a new script

touch /
chmod +x /
vi /

Now copy paste the following code.


echo "$COL_GREEN Radius Manager installer script for CENTOS 6.x 32bit"
echo "Copyright 2004-2013, DMA Softlab LLC"
echo "All right reserved.. $COL_RESET"
echo "$COL_GREEN Script modified by Syed Jahanzaib for CENTOS"

# Colors Config  . . . [[ JZ . . . ]]

# Variables & Paths [jz]

# MySQL ROOT Password , Change this variable according to your own setup if required. . . [[ JZ . . . ]]

# RM Installation Package Download URL , Change this variable according to your own setup , if required. . . [[ JZ . . . ]]
#Google Drive link is more reliable

# Temporary Folder where all software will be downloaded . . . [[ JZ . . . ]]

# Packages which will be installed as pre requisite and to make your life easier
PKG="nano wget curl net-tools lsof mc make gcc libtool-ltdl curl httpd mysql-server mysql-devel net-snmp net-snmp-utils php php-mysql php-gd php-snmp php-process"

# Turn off iptables and disabled
echo -e "$COL_GREEN Disabling iptables service, $COL_RESET"
service iptables stop
chkconfig iptables off

echo -e "$COL_GREEN Disabling IPv6 to avoid slow link issue $COL_RESET"
echo "net.ipv6.conf.all.disable_ipv6 = 1" >> /etc/sysctl.conf
echo "net.ipv6.conf.default.disable_ipv6 = 1" >> /etc/sysctl.conf
echo "net.ipv6.conf.lo.disable_ipv6 = 1" >> /etc/sysctl.conf

# Turn off SELINUX andd disable it on boot
echo -e "$COL_GREEN Disabling SELINUX & setting it disabled on boot ... $COL_RESET"
echo 0 > /selinux/enforce
sed -i "s/=enforcing/=disabled/g" /etc/selinux/config

# Installing WGET which is not in default installation of CENTOS 6.5 Minimal [jz]
sleep 3
echo -e "$COL_GREEN Installing WGET to fetch required tools later ... $COL_RESET"
yum install -y wget

# Checking if /temp folder is previously present or not . . .
if [ ! -d "/temp" ]; then
echo -e "$COL_RED /temp folder not found, Creating it so all downloads will be placed here  . . . $COL_RESET"
mkdir /$temp
echo -e "$COL_GREEN /temp folder is already present , so no need to create it, Proceeding further . . . $COL_RESET"

# Clearing Old downloads in /temp to avoid DUPLICATIONS . . .
echo -e "$COL_RED Clearing Old downloads in /temp to avoid DUPLICATIONS . . . $COL_RESET"

rm -fr /$temp/radiusmanager*.*
rm -fr /$temp/freeradius*.*
rm -fr /$temp/libltd*.*
rm -fr /$temp/ioncube*.*
rm -fr /$temp/php-my*
rm -fr /$temp/libmy*
rm -fr /$temp/rm4.txt

# Checking IF $rmurl is accessible m if YES then continue further , otherwise EXIT the script with ERROR ! [[ JZ .. . .]]
echo -e "$COL_GREEN Checking if zaib Google Drive or other URL to download requires  packages is accessible in order to proceed further. . .!! $COL_RESET"
sleep 3
cd /$temp
wget -q $rmurl/rm4.txt
if [ ! -f /$temp/rm4.txt ]; then
echo -e "$COL_RED ERROR: Unable to contact $rmurl, or possibly internet is not working or your IP is in black list at destination server  !! $COL_RESET"
echo -e "$COL_RED ERROR: Please check manual if $rmurl is accessible or not or if it have required files, JZ  !! $COL_RESET"
exit 0


echo -e "$COL_GREEN $url accessible $COL_RESET ......OK......"
echo -e "$COL_GREEN Downloading RADIUS MANAGER 4.1.0 package from INTERNET  .  (Press CTRL+C to stop any time) $COL_RESET"
wget $rmurl/radiusmanager-4.1.0.tgz
# Checking if RM installation file have been downloaded. if YES continue further , otherwise EXIT the script with ERRO ! [[ JZ .. . .]]
if [ ! -f /$temp/radiusmanager-4.1.0.tgz ]; then
echo .
echo -e "$COL_RED ERROR: RM Installation File could not be download or found in /$temp ! $COL_RESET"
exit 0

echo -e "$COL_GREEN Installing some tools and other rpe requisite for the application ... ! $COL_RESET"
yum install -y $PKG
echo -e "$COL_GREEN YUM install/update Done.! $COL_RESET"

echo -e "$COL_GREEN Installing LIBMYCRYPT and PHPMCRYPT ... ! $COL_RESET"
wget $rmurl/libmcrypt-2.5.8-9.el6.i686.rpm
wget $rmurl/php-mcrypt-5.3.2-3.el6.i686.rpm
rpm -i libmcrypt-2.5.8-9.el6.i686.rpm
rpm -i php-mcrypt-5.3.2-3.el6.i686.rpm
sleep 3

# IONCUBE Installation:
# Now Download ioncube library and add it to php  . . . [[ JZ . . . ]]
echo .
echo -e "$COL_GREEN Installing IONCUBE  .  (Press CTRL+C to stop any time) $COL_RESET"
wget $rmurl/ioncube_loaders_lin_x86.tar.gz

# Checking if IONCUBE installation file have been downloaded. if YEs continue further , otherwise EXIT the script with ERROR ! [[ JZ .. . .]]
if [ ! -f /$temp/ioncube_loaders_lin_x86.tar.gz ]; then
echo .
exit 0

tar zxvf ioncube_loaders_lin_x86.tar.gz
mkdir /usr/local/ioncube
cp -fr /$temp/ioncube/* /usr/local/ioncube/

# Now Add the appropriate ionCube loader to your php.ini . . . [JZ]
echo .
echo -e "$COL_GREEN Adding iONCUBE extension in PHP config file  .  (Press CTRL+C to stop any time) $COL_RESET"
echo "zend_extension=/usr/local/ioncube/" >> /etc/php.ini
echo .
echo -e "$COL_GREEN Downloading FREERADiUS 2.2.20-dma-patch-2 package  .  (Press CTRL+C to stop any time) $COL_RESET"
wget $rmurl/freeradius-server-2.2.0-dma-patch-2.tar.gz

# Checking if FREERADIUS is downloaded, just to make sure internet is working ,IF NOT, EXIT the script with ERROR ! [[ JZ .. . .]]
if [ ! -f /$temp/freeradius-server-2.2.0-dma-patch-2.tar.gz ]; then
echo .
echo -e "$COL_RED ERROR: COULD NOT DOWNLOAD FREERADIUS 2.2.20-dma-patch-2, possible INTERNET is not Working !!! EXITING . . .  $COL_RESET"
exit 0

echo .
echo -e "$COL_GREEN Starting to Compile FREERADIUS  ...  (Press CTRL+C to stop any time) $COL_RESET"
sleep 3

cd /$temp
tar zxvf freeradius-server-2.2.0-dma-patch-2.tar.gz
cd /$temp/freeradius-server-2.2.0/

### Now proceed with the compilation of FREERAIDUS , applicable for all
make install
echo -e "$COL_GREEN Starting FREERADIUS by radiusd -xx coommand & start radius service.  (Press CTRL+C to stop any time) $COL_RESET"
radiusd -xx
service radiusd start
sleep 3

# ================================================================
# Creating MySQL databases with MySQL command line tool . . . [JZ]
# ================================================================
# ** FROM CLI ** . . . [JZ]
echo -e "$COL_GREEN Starting MYSQLD servuce to create Radius Manager Database.  (Press CTRL+C to stop any time) $COL_RESET"
echo -e "$COL_GREEN MYSQL password is set to   'zaib1234'  $COL_RESET"
service mysqld start
mysqladmin -u root password 'zaib1234'
echo .
echo -e "$COL_GREEN adding RADIUS user & DB in MYSQL  .  (Press CTRL+C to stop any time) $COL_RESET"
mysql -u root -p$sqlpass -e "create database radius";
mysql -u root -p$sqlpass -e "create database conntrack";
mysql -u root -p$sqlpass -e "CREATE USER '$myusr_rad'@'$radhost' IDENTIFIED BY '$mypsw_radius';"
mysql -u root -p$sqlpass -e "CREATE USER '$myusr_cts'@'$radhost' IDENTIFIED BY '$mypsw_cts';"
mysql -u root -p$sqlpass -e "GRANT ALL ON radius.* TO radius@$radhost;"
mysql -u root -p$sqlpass -e "GRANT ALL ON conntrack.* TO conntrack@$radhost;"

# UNTAR Copy WEB content

echo "$COL_GREEN Copying Radius Manager WEB content to $wwwpath/radiusmanager $COL_RESET"
cd /$temp
tar zxvf radiusmanager-4.1.0.tgz
mkdir $wwwpath/radiusmanager
cp -fr /$temp/radiusmanager-4.1.0/www/radiusmanager $wwwpath
sleep 3

# rename .dist files

mv $wwwpath/radiusmanager/config/paypal_cfg.php.dist $wwwpath/radiusmanager/config/paypal_cfg.php
mv $wwwpath/radiusmanager/config/netcash_cfg.php.dist $wwwpath/radiusmanager/config/netcash_cfg.php
mv $wwwpath/radiusmanager/config/authorizenet_cfg.php.dist $wwwpath/radiusmanager/config/authorizenet_cfg.php
mv $wwwpath/radiusmanager/config/dps_cfg.php.dist $wwwpath/radiusmanager/config/dps_cfg.php
mv $wwwpath/radiusmanager/config/2co_cfg.php.dist $wwwpath/radiusmanager/config/2co_cfg.php
mv $wwwpath/radiusmanager/config/payfast_cfg.php.dist $wwwpath/radiusmanager/config/payfast_cfg.php

# set ownership and permissions

chown $httpusr $wwwpath/radiusmanager/config
chown $httpusr $wwwpath/radiusmanager/config/system_cfg.php
chown $httpusr $wwwpath/radiusmanager/config/paypal_cfg.php
chown $httpusr $wwwpath/radiusmanager/config/netcash_cfg.php
chown $httpusr $wwwpath/radiusmanager/config/authorizenet_cfg.php
chown $httpusr $wwwpath/radiusmanager/config/dps_cfg.php
chown $httpusr $wwwpath/radiusmanager/config/2co_cfg.php
chown $httpusr $wwwpath/radiusmanager/config/payfast_cfg.php
mkdir -p $wwwpath/radiusmanager/tmpimages
chown $httpusr $wwwpath/radiusmanager/tmpimages
chown $httpusr $wwwpath/radiusmanager/tftpboot
chmod 600 $wwwpath/radiusmanager/config/system_cfg.php
chmod 600 $wwwpath/radiusmanager/config/paypal_cfg.php
chmod 600 $wwwpath/radiusmanager/config/netcash_cfg.php
chmod 600 $wwwpath/radiusmanager/config/authorizenet_cfg.php
chmod 600 $wwwpath/radiusmanager/config/dps_cfg.php
chmod 600 $wwwpath/radiusmanager/config/2co_cfg.php
chmod 600 $wwwpath/radiusmanager/config/payfast_cfg.php
chmod 644 $wwwpath/radiusmanager/config/docsis_keyfile
chmod 644 $wwwpath/radiusmanager/config/docsis_template

# chmod and copy binaries
cd /$temp/radiusmanager-4.1.0/
echo "Copying binaries to /usr/local/bin"
chmod 755 bin/rm*
cp bin/rm* /usr/local/bin

echo "Copying rootexec to /usr/local/sbin"
cp bin/rootexec /usr/local/sbin
chmod 4755 /usr/local/sbin/rootexec

# chmod and copy radiusmanager.cfg

echo "Copying radiusmanager.cfg to /etc"
cp etc/radiusmanager.cfg /etc
chown $radusr /etc/radiusmanager.cfg
chmod 600 /etc/radiusmanager.cfg

# create Tables

echo -e "$COL_GREEN Creating MYSQL Table $COL_RESET"
mysql -h $radhost -u $myusr_rad -p$mypsw_radius radius < sql/radius.sql
mysql -h $radhost -u $myusr_cts -p$mypsw_cts conntrack < sql/conntrack.sql

# create rmpoller service
echo "Enabling rmpoller service at boot time"
cp rc.d/rmpoller /etc/init.d
chown root.root /etc/init.d/rmpoller
chmod 755 /etc/init.d/rmpoller
chkconfig --add rmpoller

# create rmconntrack service
echo "Enabling rmconntrack service at boot time"
cp rc.d/rmconntrack /etc/init.d
chown root.root /etc/init.d/rmconntrack
chmod 755 /etc/init.d/rmconntrack
chkconfig --add rmconntrack

# copy radiusd init script

echo "$COL_GREEN Enabling radiusd service at boot time $COL_RESET"
chmod 755 rc.d/redhat/radiusd
cp rc.d/redhat/radiusd /etc/init.d
chkconfig --add radiusd

# copy logrotate script
echo "Copying logrotate script"
cp etc/logrotate.d/radiusd /etc/logrotate.d/radiusd

# copy cron job script
echo "$COL_GREEN Copying cronjob script $COL_RESET"
cp etc/cron/radiusmanager /etc/cron.d/radiusmanager
chmod 644 /etc/cron.d/radiusmanager

# comment out the old style cron job
sed -i 's/02\ 0\ \*\ \*\ \*\ root\ \/usr\/bin\/php/#2\ 0\ \*\ \*\ \*\ root\ \/usr\/bin\/php/g' /etc/crontab

# set permission on raddb files
echo "$COL_GREEN Setting permission on raddb files $COL_RESET"
chown $httpusr /usr/local/etc/raddb
chown $httpusr /usr/local/etc/raddb/clients.conf
sleep 3

echo -e "$COL_GREEN Re-Starting Apache2, Radius Service & add them in startup... $COL_RESET"
service httpd restart
chkconfig --add mysqld
chkconfig --add httpd
chkconfig --add radiusd
chkconfig mysqld on
chkconfig httpd on
chkconfig radiusd on

cp /temp/lic.txt $wwwpath/radiusmanager
cp /temp/mod.txt $wwwpath/radiusmanager

echo .
echo .
echo .
echo .
echo .
echo -e "$COL_GREEN All Done. Kindly RESTART the system one time to maek sure everything is ok on reboot."
echo -e "Dont forget to upload the correct License files for your valid MAC address in /var/www/html/radiusmanager folder"
echo -e "Please access ADMIN panel via http://yourip/radiusmanager/admin.php $COL_RESET"
echo -e "DMASOFTLAB RM Installation script modified for CENTOS by $COL_RED SYED JAHANZAIB / $COL_RESET"


Save & Exit …



Now execute the script by



After the script ends, do make sure that you don’t see any Error’s  on the installation. Thats why I have added 3 Seconds delay in few section so you can view the results.

Now UPLOAD your valid License into /var/www/radiusmanager OTEHRWISE YOU WILL SEE BLANK PAGE ON ACCESSING RM ADMIN PANEL.


Now try to access RM ACP via browser by



If you get blank page, then use tail command to view Apache error log , example

tail -f /var/log/apache2/error.log


OR more specifically

tail -f /var/log/apache2/error.log |grep lic


If you see any error like showed in the image below . . . (for not valid license), then make sure your license files are valid for right version and with the right mac address interface.





To deploy Radius Manager Patch 5 (4.1.5) , Kindly see the following Link

I will add few snapshots and video as soon as I get some time.




Syed Jahanzaib

February 20, 2015

LEGACY OF CENTOS ! Continued …

Filed under: Linux Related — Tags: , , — Syed Jahanzaib / Pinochio~:) @ 3:14 PM

Some personnel notes /references for CENTOS , as my future R&D will be done mainly in centos dueto its preloaded options for ease of use.

1- Configuring Static IP address in CENTOS [6.x]

If you want to configure static IP address in CENTOS, then edit following file

vi /etc/sysconfig/network-scripts/ifcfg-eth0

Use following as sample

IPADDR=  # IP Address you want to fix
NETMAST=   # Netmask as per network
GATEWAY=   # Your Router/DLS Gateway
DNS1=   # Your ISP DNS or standard Google dns

Note: set following for sure


Save & Exit, and restart the network service or interface to take effect

service network restart


ifdown eth0
ifup eth0

Issue IFCONFIG command to verify the result.

centos7 is a mess :( so better to stick with 6

2- Change/Clone MAC address

To change mac address in CENTOS , edit your required ethernet network config file , Example …

nano /etc/sysconfig/network-scripts/ifcfg-eth0

here you will see HWADDR line with current mac address, dont modify it, just add another line above it, like following

MACADDR=00:11:11:11:11:11          < Add this line with your required mac address
HWADDR=00:22:22:22:22:22       < Your current mac address

An example of full cfg file for eth0


Save & Exit, and restart the network service or interface to take effect

service network restart


ifdown eth0
ifup eth0

Issue IFCONFIG command to verify the result.


use the sed shortcut ;)

sed -i -e ‘1iHere is my new top line\’ filename


3- Disabling default firewall SELINUX

To disable SELINUX temporary for the current session, use following…

echo 0 > /selinux/enforce


To disable builtin firewall permanently in centos, edit following

vi /etc/selinux/config

and change the




Save & Exit & reboot to take effect.

Or use the SED shortcut to replace the string within cli ;) # Zaib

sed -i "s/=enforcing/=disabled/g" /etc/selinux/config

4- Disabling IPTABLES

To disable iptables services

service iptables off
chkconfig iptables off

You can check the status with following

service iptables status

and you can also use following command to clear the current iptables (for the current session only)

iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT


5- Some must-have tools

yum install -y nano wget curl net-tools lsof

6- SERVICES Related

service --status-all

To disable service on startup , use

chkconfig httpd off

To always start any service on boot, use

chkconfig --add httpd on 

7- Excluding slow mirrors

When I was installing some packages in Centos and the YUm was doing it at painfully slow speed, I figured the mirror (indian and bangladeshi mirror sites) were very slow. So I disabled two mirrors domain it was selecting in start which were .in and .bd

use following file

nano /etc/yum/pluginconf.d/fastestmirror.conf

and add the slow mirror (to be excluded) like, .bd,

or use the cli command to add it in the file

echo ", .in, .vn," >> //etc/yum/pluginconf.d/fastestmirror.conf

 8- How to Check CentOS Version / kernel Number

cat /etc/centos-release
uname -a

9- Howto Disable IPV6 in CENTOS  [Tested on 6.x versions]

First edit sysctl.conf file in any editor , e.g:

nano /etc/sysctl.conf

and add following lines in the end

# IPv6
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1

Use following to add them directly to file using echo command

echo >> /etc/sysctl.conf  net.ipv6.conf.all.disable_ipv6 = 1
echo >> /etc/sysctl.conf net.ipv6.conf.default.disable_ipv6 = 1
echo >> /etc/sysctl.conf net.ipv6.conf.lo.disable_ipv6 = 1

Save and Exit and execute following to activate changes :)

sysctl -p


10- Howto install PHPMYADMIN in centos 6.x

To install PHPMYAMDIN which is a good tool to manage your mysql via GUI in centos, use following…

 cd /tmp
rpm -ivh epel-release-6-8.noarch.rpm

yum search phpmyadmin
yum -y install phpmyadmin

Now You need to edit /etc/httpd/conf.d/phpMyAdmin.conf file, enter:

vi /etc/httpd/conf.d/phpMyAdmin.conf

Replace your ip in

Require ip

Allow from

Change to your management pc ip from where you want to access phpmyadmin

after saving, restart the httpd service.

service httpd restart

Or use the SED shortcut to replace the string within cli ;) # Zaib

sed -i "s/" /etc/selinux/config

[replace with your management pc ip]

To be continued …


February 16, 2015

Expanding Possibilities / Howto add 3rd party packages in Mikrotik KVM/Metarouter!

Filed under: Mikrotik Related — Tags: , , , — Syed Jahanzaib / Pinochio~:) @ 2:22 PM

As asked by few friends, i thoughts its a good idea to share it with all.


1- Whatis Metarouter
2- Howto install Metarouter in Mikrotik Routerboard
3- Howto install APACHE web server in METAROUTER to host your web files.
4- Howto install ASTERISK 1.8 with GUI

1- What is METAROUTER?

as defined by Greg

Metarouter is a way to have logical routers running on your existing routerboard. In essence, you create a virtual router on your RB, then you assign some interfaces to it. You then can hand this virtual router off to a customer hand allow them to administer it without effecting any of the core functions necessary on the device. .”

Also on METAROUTER you can use openwrt image to host tiny linux and its few apps in it. like APACHE, asterisk etc. web server was in highly demand by local cable operator who wanted to host NON payment/reminder page to be shown at there clients.

Currently MetaRouter can be used on

  • RB4xx, RB7xx series, RB900 series, RB2011.xx boards
  • Listed PPC boards: RB1000, RB1100, RB1100AH and RB800.


Hardware Software Used in this guide:

Routerboard Model = RB2011UiAS-2HnD
Mikrotik ROS version = 6.27

2- Howto install METAROUTER in Mikrotik Routerboard

First download OPENWRT image into mikrotik. Open New Terminal, and issue following command …

/tool fetch url=

Now import the openwrt downloaded in above step,

As showed in the mage below …

2- Import Image

Now we need to add virtual network interface into this machine. We also have to provide valid network configuration with internet access so that it can download required software later. For this demonstration purposes I added manual IP , but you can use virtual bridge and use your mikrotik DHCP serve to allow internet access to the metarouter machine or whatever you prefer to establish network connectivity.

In the below pic, I selected ETHER2 which is LAN interface of mikrotik host.

add interface



Now double click on newly created machine and select CONSOLE and press enter key few times to get command prompt.

6- Open Metarouter CONSOLE zaib


Edit the network configuration file.

vi /etc/config/network

Press “i” to enter edit mode.

and configure the network as per your local need.



7- edit interface settings.

Add DNS server entry for resolving internet hosts …

vi /etc/resolv.conf



After setting network configuration, save and exit. enable/restart the network services so changes can take effect.

/etc/init.d/network enable
/etc/init.d/network restart

Now try to ping any internet site to verify the connectivity. On successful attempt, you should get reply.


8- ping successfull



3- Howto install APACHE web server in METAROUTER to host your files.

Install APACHE web server with OPKG (like yum or apt-get)

Edit the opkg file

vi /etc/opkg.conf

Change a string in first line, as it should be like below one …

src/gz snapshots

Now update opkg (like you do in ubuntu to update apt-get)

opkg update
opkg install apache

its better if you restart your mikrotik routerboard with reboot command so that all changes should take effect properly otherwise you MAY see few errors on accessing apache.

Now start apache service

apachctl start

(or restart as required)

Access via browser

10-apache works

html index files are placed at


4- Howto install ASTERISK 1.8 with GUI

Make metarouter machine with following image,and setup proper networking.

/tool fetch url=

Edit /etc/opkg.conf and use following repository

src/gz snapshots
dest root /
dest ram /tmp
lists_dir ext /var/opkg-lists
option overlay_root /jffs

Save and exit. then update opkg , install asterisk , and start it.

opkg update
opkg install asterisk18 asterisk18-codec-alaw asterisk18-chan-iax2 asterisk-gui
/etc/init.d/asterisk enable
/etc/init.d/asterisk start

Upon successful start you can see following ports (5038 and 8088 started) as showed below …

root@metarouter:~# netstat -l
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      0  *               LISTEN
tcp        0      0    *               LISTEN
tcp        0      0    *               LISTEN
tcp        0      0  *               LISTEN

Now you can access asterisk GUI via


Default ID Password is

Id = admin
Password = ast-owrt

You can change the password and other stuff in /etc/asterisk/manager.conf



To be continued ….

Syed Jahanzaib

January 13, 2015

SYGIC GPS Navigation System [With Offline Support]

Filed under: General IT Related — Tags: , , , , , , — Syed Jahanzaib / Pinochio~:) @ 12:10 PM

sygic-gps-navigation sygic2

Last  Updated:  4th February, 2015

1- Sygic Introduction
2- Download Link
3- Installation Instruction
4- Latest Release (14.7.7) Overview with screenshots [Latest Release as of late January, 2015]
5- 14.3.4 Overview with screenshots [Stable Release of 2014, *** RECOMMENDED *** ]
6- Pakistan MAP Last Updates
7- Backup Sygic Favorites/POI/Routes etc.



1- Sygic Introduction

I do have to admit that I have a very poor sense of direction and never quite trust myself that I know the best route. I use Google Maps to plan my route before leaving my place, even for around my home town. Google Maps/Navigation is fantastic. It’s easy to use, stays (mostly) up-to-date, and is built into Android’s core. However, it has one major flaw: Offline navigation simply doesn’t exist within Google Maps. Specially If you’re heading into uncharted territory where cell service may be sketchy or non-existent, you’re basically on your own. And getting lost is not a fun experience. (It happened with me frequently in the past. One horrible experience I still remember of getting lost at Karachi board office area, and in north Nazimabad, I spent more then 1 hour just to get on main road :P lol )

The solution? A third-party GPS application with offline support, like Sygic’s Maps & GPS Navigation. Sygic works by downloading and storing maps on your smartphone for offline use — so you can have a fully functioning GPS with no internet connection.  Be aware, Note that like any other CPU/resource hungry application or other navigation app m this one does use a heavy amount of battery. Make sure if you are using Sygic for android in car for longer time, you must have car mobile charger with you. I used SAMSUNG Galaxy S3 mobile charger (which coasted 400 Pak Rupees / original but slightly used)



2- Download Link

Download URL: [Pre_Activated]  http://xxxxxxxxxxxxxxxxxxxxxxx [Google Drive Link, ]

3- Installation Instructions

To install Sygic 14.x.x for android, follow instructions as below …

1- Unzip the sygic zip file, it will be extracted to a folder name SYGIC.
2- Now upload this SYGIC folder and sygic_xxxxx.apk file to root of your android (like in main root or in SD Card)
3- Open any File Explorer on your android set, browse to main root folder (or sd card where you uploaded the .apk file and sygic folder)  and execute sygic_xxxxx.apk and follow the on screen instructions and it will install sygic application.
4- By default it will not have map for Pakistan, Make sure you have some good internet connection (wifi)
Open Sygic application, and goto Settings, Manage Map , and download PAKISTAN (or your desired) map from MIDDLE EAST section. Download size would be around 80+ MB.


Example of Folder Structure:


I have included its manual in PDF format as well for some learning purposes.

Note: In my personnel experience, Sygic 14.3.4 is still very much stable release with easier search options and works better then all new releases, I suggest to stick with the 14.3.4 version until some really stable release.

4- 14.7.7 Overview with screenshots

Sygic 14.7.7

Sygic GPS Navigation released 14.7.7 version which have fixed occasional crashing and few minor bugs. using it my Samsung Galaxy S3 working good. For more information on Sygic, visit there web site at







CHANGE Log’s for 14.7.x versions …

Changelog: 14.7.7 r121036
– BT fix
– HTC android 5 fixr us now

Changelog: 14.7.5 r121030
– Fix for search
– Fix for signposts [for android 4.0]
– Some little fixes

Changelog: 14.7.4 r121032
Main change is support for Octa-core devices

Changelog: 14.7.3 -r121023
coming soon

Changelog: 14.7.2 -r121024
just two minor fixes

Changelog: 14.7.1 r121014
Triplog – show on map
New icon [launcher]
Navigate to photo from gallery
Fixed roundabout icon in left side driving countries
crash fixes

Changelog: 14.7.0 r120989
many fixes for crashes that we see in Google developer console and Crashlytics
New maps 2014.06
Poi subcategories are orders alphabetically
New widget manager with new widgets: Navigate to photo + SOS widget + Travel book [travel book – show on map will come little later]
Fixed auto close
optimization of dropbox
Search is enabled while navigating
Fix for internet connection after „log-out“
Route summary – avoiding instruction via overflow icon
Fixed crash after clicking home more times
BlackBox settings
reworked roundabout icon

5- 14.3.4 Overview with screenshots with Sidebar / Dashboard Options

[This is good and stable version in my personnel view]










Searching with GPS coordinates is now possible. (applicable with 14.x versions i guess)




Rudolf Wuscher (Sygic Support)
Jan 15 09:30
Hello Syed, Thank you for contacting Sygic.

The current map version for Pakistan is 2011.02. At the moment, we don’t have an update planned, although we will release an update as soon as we strike a deal from one of our map data providers.

Best regards,

Sygic Customer Support




Rudolf Wuscher (Sygic Support)

Feb 26, 15:17

Hello Syed,

Thank you for contacting Sygic.
Please accept our most sincere apologies for the late reply. Our support is currently tasked to capacity.

We are sorry, we currently don’t have a more actual map available for Pakistan, nor do we have any information available on an update. Unfortunately, we don’t have a release date for the new version of maps for Pakistan, we would therefore like to ask you for your patience.

If you have any other question, or need any further assistance, just reply to this message to open the ticket again.

Best regards,

Sygic Customer Support


Its true that SYGIC maps are a bit old (for Pakistan), but still they provide best navigation for general traveling. To overcome this issue, I usually use GOOGLE Map and plan the route according to my requirement, then I save its link and convert it with ITF converter tool. then I import it in SYGIC MAPS , and it works good.

If some is interested to know how to convert Google map route to android Sygic, let me know and I will post an guide for it. or read this link.

Import Route works fine with ver 14.3.x or older , but Not working with 14.7.x

 7- Backup Sygic Favorites / POI / Routes etc

If you need to remove sygic and re install again, then its a good idea to backup your custom POI / Routes and favories, because creating them again and again can be a real headache :s so here are the folders you should backup , and then can restore them in same location to get back the data :)

Howto Backup SYGIC Favorites / Routes / Custom POI / ICONS  =

– Favorites are stored in folder /Sygic/Res/db as items.dat

– Routes are saved in /Sygic/Res/Itinerary (one .itf file is one route).

– Custom POIs are stored in /Sygic/Maps/Rupi/<countries>. Points of Interest are stored for each country separately.
You need to make a backup of all these folders, otherwise they will be lost.

– Custom icons for Points of Interest are stored of in /Sygic/res/icons/rupi.

– Please make a backup of these folders. After a complete re-installation of the navigation, you need to copy them back to the same place.


Syed Jahanzaib

January 9, 2015

Mikrotik script to change PUBLIC ip from available pool

Filed under: Mikrotik Related — Tags: , — Syed Jahanzaib / Pinochio~:) @ 4:08 PM

This script is not for general public usage. sharing it just for a reference purpose.

The following script was made to help a usea in a very specific condition.It was a setup specific issue and a quick dirty temporary solution was made to deploy this script to solve the problem for a short period of time only. Its not very neat and clean and probably it could be done with more sophisticated code with fewer line. but no time :)


You have 8 public ip pool and only one ip is used at mikrotik wan. now problem is that your ISP blocks your Public ip for few minutes dueto some grey traffic passing and you cannot block the grey traffic for some reasons. This script will help in this situation that if your IP gets blocked by the ISP, it will immediately (or by scheduled) changes the ip to next available ip address. and then it will also email you the result or alert.

Scenario was discussed here.




# 9th Jan, 2015
# Script Starts here ... Tested with Mikrotik 6.xx ...
# Internet Host to be checked You can modify them as per required, JZ
# Setting various variables to be used later in this script

# Host to be monitor, like google dns and opends servers
:local host1   ""
:local host2   ""
:global InternetStatus;
:global InternetLastChange;
:global gmailsmtp
:set gmailsmtp [:resolve ""];

# Set your Gmail ID and Password
:global sendermail
:global gmailpass YOUR_GMAIL_PASSWORD

# Do not modify data below without proper understanding.
:local i 0;
:local F 0;
:local date;
:local time;

# PING each host 2 times
:for i from=1 to=2 do={
if ([/ping $host1 count=1]=0) do={:set F ($F + 1)}
if ([/ping $host2 count=1]=0) do={:set F ($F + 1)}

# If both links are down and all replies are timeout, then link is considered down
:if (($F=4)) do={

:log error "ISP LINK SEEMS TO BE DOWN, Changing IP Address /jz"

:set InternetStatus "DOWN";
:set date [/system clock get date];
:set time [/system clock get time];
:set InternetLastChange ($time . " " . $date);
/ip address

:if ([get [find comment="ether1_wan_ip_1"] disabled] = false) do={
disable [find comment="ether1_wan_ip_1"]
enable [find comment="ether1_wan_ip_2"]

} else={
:if ([get [find comment="ether1_wan_ip_2"] disabled] = false) do={
disable [find comment="ether1_wan_ip_2"]
enable [find comment="ether1_wan_ip_3"]

} else={
:if ([get [find comment="ether1_wan_ip_3"] disabled] = false) do={
disable [find comment="ether1_wan_ip_3"]
enable [find comment="ether1_wan_ip_4"]

} else={
:if ([get [find comment="ether1_wan_ip_4"] disabled] = false) do={
disable [find comment="ether1_wan_ip_4"]
enable [find comment="ether1_wan_ip_5"]

} else={
:if ([get [find comment="ether1_wan_ip_5"] disabled] = false) do={
disable [find comment="ether1_wan_ip_5"]
enable [find comment="ether1_wan_ip_6"]

} else={
:if ([get [find comment="ether1_wan_ip_6"] disabled] = false) do={
disable [find comment="ether1_wan_ip_6"]
enable [find comment="ether1_wan_ip_7"]

} else={
:if ([get [find comment="ether1_wan_ip_7"] disabled] = false) do={
disable [find comment="ether1_wan_ip_7"]
enable [find comment="ether1_wan_ip_8"]

} else={
:if ([get [find comment="ether1_wan_ip_8"] disabled] = false) do={
disable [find comment="ether1_wan_ip_8"]
enable [find comment="ether1_wan_ip_1"]

} else={

##      If reply is received , then consider the Link is UP
:if (($InternetStatus="DOWN")) do={
:log warning "WARNING :The INTERNET link have been restored";
:set date [/system clock get date];
:set time [/system clock get time];
:set InternetLastChange ($time . " " . $date);
:set InternetStatus "UP";
:global wanip

# Fetch your PUBLIC ip address from dnsomatic so that its info can be used at required session for info purposes ...
/tool fetch url="" mode=http dst-path=mypublicip.txt
local ip [file get mypublicip.txt contents ]
:set wanip "$ip";
:log warning "Internet Monitor by ZAIB Report: Internet seems to be UP with ISP_NAME ip   $wanip"

/tool e-mail send to="" password=$gmailpass subject="ISP_NAME Link or IP was DOWN. Now new WAN IP address is $wanip" from=$sendermail server=$gmailsmtp start-tls=yes body="ISP_NAME Link or IP was DOWN. Now new WAN IP address is $wanip *******  Regard's > >>>>> Syed Jahanzaib ****** "


Syed Jahanzaib


December 31, 2014

Blocking HOTSPOT SHIELD in Mikrotik

Filed under: Mikrotik Related — Tags: , — Syed Jahanzaib / Pinochio~:) @ 4:51 PM


Last Updated: 6th JANUARY,  2015 / 16:10pm

Assalam Va Alaekum, I was receiving many complains from few network operators of being annoyed by an proxy application name HOTSPOT SHIELD which you can use to create tunnel between you and the ‘unknown’ location and then you can bypass all filtering of your local network and can do all the ‘dirty work’ which is normally blocked in general networks. Also usage of such tools results in blacklisting your or your Internet service provider public IP. It is a very common application here in Pakistan to open the Youtube or VOIP  (which are banned here officially). So I have done some lab testing for Mikrotik and found following IP Block lists and few ports which are used by HOTSPOT SHIELD. [but still you need to monitor via TORCH tool that what IP addresses pool HS is using and keep adding them in the list]

/ip firewall address-list
add address= disabled=no list=hotspotshield_zaib
add address= disabled=no list=hotspotshield_zaib
add address= disabled=no list=hotspotshield_zaib
add address= disabled=no list=hotspotshield_zaib
add address= disabled=no list=hotspotshield_zaib
add address= disabled=no list=hotspotshield_zaib
add address= disabled=no list=hotspotshield_zaib
add address= disabled=no list=hotspotshield_zaib
add address= disabled=no list=hotspotshield_zaib
add address= disabled=no list=hotspotshield_zaib
add address= disabled=no list=hotspotshield_zaib
add address= disabled=no list=hotspotshield_zaib
add address= disabled=no list=hotspotshield_zaib
add address= disabled=no list=hotspotshield_zaib
add address= disabled=no list=hotspotshield_zaib
add address= disabled=no list=hotspotshield_zaib
add address= disabled=no list=hotspotshield_zaib
add address= disabled=no list=hotspotshield_zaib
add address= disabled=no list=hotspotshield_zaib
add address= disabled=no list=hotspotshield_zaib
add address= disabled=no list=hotspotshield_zaib
add address= disabled=no list=hotspotshield_zaib
add address= disabled=no list=hotspotshield_zaib
add address= disabled=no list=hotspotshield_zaib
add address= disabled=no list=hotspotshield_zaib
add address= disabled=no list=hotspotshield_zaib
add address= disabled=no list=hotspotshield_zaib
add address= disabled=no list=hotspotshield_zaib
add address= disabled=no list=hotspotshield_zaib

# Now create Rules to block above address list and additional ports
/ip firewall filter
add action=drop chain=forward comment="Block_Hotspot_Shield_Addresses_(test phase_zaib)" disabled=no src-address-list=hotspotshield_zaib
add action=drop chain=forward comment="Block_Hotspot_Shield_Ports_(test phase_zaib)" disabled=no dst-port=990,179,105,706,5245,3451,15009 protocol=tcp

After applying rules, Hotspot Shield stopped connecting. hserror   . hss-error2

Note: It was observed that it is almost impossible to block it 100% but with above method, I got 99% success. Its impossible to block all the proxy tools/apps as there are thousands of them. but with some smart configuration you can only minimize the chances of there utilization. Make sure you use OPENDNS and if you have static public IP address, then create account and block all the proxy / anonymizer category. Make sure to forcefully redirects all the DNS traffic to your own dns server which should be using opendns or some filtering mechanism to block or POISON the BAD sites.   Also it was noted that I ahve used some large IP blocks like /8 or /16 (rather the just /24) because hotspot shield have thousands of IP addresses/blocks which it uses. So it is quite possible that some valid content also gets DROPPED/BLOCKED which falls in same subnet. More Tests would be required then by using any capturing tool or mikrotik own tool called TORCH. Example of torch in MT. client

Its still under testing and will post some confirmed reports after few days. It is requested that you if have List of IP addresses which are used by HSS or other proxy, post details in comments or email me.

I will update more as I get time… got to run home, Home Ministry calling ;) You know what I mean :D Regard’s Syed Jahanzaib

December 30, 2014

2014 in review

Filed under: Uncategorized — Syed Jahanzaib / Pinochio~:) @ 8:10 AM

The stats helper monkeys prepared a 2014 annual report for this blog.

Here’s an excerpt:

The Louvre Museum has 8.5 million visitors per year. This blog was viewed about 1,300,000 times in 2014. If it were an exhibit at the Louvre Museum, it would take about 56 days for that many people to see it.

Click here to see the complete report.

December 11, 2014

Create Your OWN GPS base Vehicle/Fleet Tracking Management System in Linux

Filed under: Linux Related — Tags: , , , , — Syed Jahanzaib / Pinochio~:) @ 2:17 PM

 یااللہ تیرا شُکر ہے میرے مالک  کہ تو نے مجھے وہ نعمتیں عطا فرمائیں

کہ جن کا میں مستحق نہ تھا , مجھ پر اپنا کرم کر مالک

ﯾﺎ ﺍﻟﻠﮧ ﮨﻤﯿﮟ ﻋﺎﺟﺰﯼ ،ﺍﻧﮑﺴﺎﺭﯼ، ﺩﺭﮔﺰﺭ ﺍﻭﺭ ﺗﻮﺑﮧ ﮐﺮﻧﮯ ﻭﺍﻟﻮﮞ ﻣﯿﮟ ﺷﺎﻣﻞ ﻓﺮﻣﺎ


 ~!~ Syed Jahanzaib ~!~



mapAssalam Va Alekum,
Greetings to all,

Recently I purchased an GPS tracking device for my car. As I can see its performance is very good, and it provides me quite accurate results of live or history track.of the vehicle movement, but the device has its costs and for web track there are annual charges too. So If I have few vehicles it will be costly to get them all monitored. So just for curiosity I did some R&D and found TRACCAR , which is a Linux base vehicle / fleet tracking management system , the best thign is its FREE ;) and we all love to have FREE lunch at anyplace, anywhere (if its Legal preferably :)

As I have made this or test purposes, if some is interested and have no experience in linux or want to first try it in easy way, simply install traccar client, and contact me, I will make one account for you on my web server which is live 24 hours, and you can then see its working and performance. Message me if required.

Benefits of TRACCAR and its possible usage …

– Any Vehicle Tracking / maintain history
– Can be used for personnel tracking
– Can be used as a commercial solution as well
– Can be used to track your lost mobile phone
– You can inquire about location by sending SMS to the device and it will return sms you the location with URL [this feature will be implemented later]
– Maintain History and Track of the device and speed of vehicles with addressess
– Many others …



Hardware Software used in this Guide.

1- Linux base System , I used Ubuntu 12.04 32 bit edition as an example (hardware specs can be anything, nothing fancy required) , The system should have static public ip or it can work port forwarding as wel (if you dont have one, it can be manipulate with some workarounds like ddns too)
2- TRACCAR application which will be used to store/update client data and web portal for management purposes.
3- For client side tracking, I used ANDROID base mobile phone with GPS and GPRS. (HTC DESIRE HD MODEL with Ufone base GPRS (for location update on server, so GPRS must be activated on the SIM in order to update data from client to server) and WiFi where its available (it can store data if no internet is available and will update when it will get access to internet)

First we will configure SERVER side.





[UBUNTU 12.04 32bit Edition]

Login to your linux server with root, and first update and install Java DK.

apt-get update
aptitude install openjdk-7-jre-headless


Now download TRACCAR server application in temp folder, unzip it and run its installer.

mkdir /temp
cd /temp


Now Start TRACCAR service

service traccar start
sudo /opt/traccar/bin/traccar start

You should see some thing like on successful startup …

traccar server status

You can see its logs as well for troubleshooting and information purposes.

tail -f /opt/traccar/logs/tracker-server.log
TRACCAR server logs

TRACCAR server logs

Now access it from the WEB by


It may take some times to load the page / plugin.
Login With following default credentials

ID = admin
Pass = admin

After successful login, you will see TRACCAR web panel with default map.
On left side you will see DEVICES menu, Click on ADD button, and enter details
As showed in the image below …

ADd device in Traccar Server Panel

ADd device in Traccar Server Panel

NAME = Your Device or Person Name

UNIQUE IDENTIFIER =  Enter your IMEI number, you can find it on your device properties.

Click on SAVE.

Now moving to CLIENT end configuration …




For test purposes, I am showing you howto add android mobile device for tracking (as most of android phones nowa days have GPS module. So basically what you need is a GPS capable Device with Internet Access, (your SIM OR mobile must have Internet access in order to update data like coordinates and others to the server. in case your mobile/device have no internet access, it will store data locally and will update as soon it gets internet access.

Download TRACCAR-CLIENT application on your mobile and install it,

or you can install it directly from Google play store like

Once its installed open it (traccar client)
As showed in the image below …

TRACCAR client on android

TRACCAR client on android


Now you must modify settings as shown, [pretty simple and common to understand :p ]

traccar client settings

traccar client settings

- DEVICE IDENTIFIER  =  In Device identifier, you will see you unique IMEI No. (International Mobile Equipment Identity number IMEI) you should add the same in your server section as well (In ADD device)

- SERVER ADDRESS   =  Enter your server IP address (traccar server) or if you dont have static ip, you can use DYNAMIC DNS on your dsl/router and do port forwarding of required ports like 8082 for web panel , and 5005 (it depend on device model)

- SERVER PORT  =  In general cases port may be same as for this model its 5002, (but it can vary from GPS device model)

- FREQUENCY  =  How often (in seconds) client should upload data to the server (For initial test purpose make this value less like 60 seconds)

- LOCATION PROVIDER  =  Select MIXED provider, so that if GPS is not working, it should update possible coordinates with the nearest mobile network tower. The exact location may not be accurate in network provider settings , but sometimes sufficient to get idea.GPS only settings provide more accurate position but it requires sky sight.

- SERVICE STATUS  =  select this option so that the client starts sending data. (this service be running all the time )

If you click on MENU and then on STATUS, you can see the LOGS
As showed in the image below …





Some more snaps of settings for android client, just for reference purposes

Android Base Mobile - Location Settings

Android Base Mobile – Location Settings

ANDROID = Traccar-client Configuration

ANDROID = Traccar-client Configuration


Android - traccar-client location provider settings

Android – traccar-client location provider settings

Traccar-client LOGS, on successful connection

Traccar-client LOGS, on successful connection




Now at server end… select the device you added earlier and you will start seeing its status. For a better tracking view, Go outside with your device and have a 4-5 kilometers walk or running (its good for health too you know but I myself is so lazy that even with over weight, I dont walk much :P )
Now see the view IN DIFFERENT STYLE ;)





UPDATING TRACCAR-WEB.WAR for new features enhancements

To add some features and enhancements to your previous traccar web portal by Anton Tananaev, update it with Mr.Vitaly Litvak version.
Here are instructions:

> Download the updated .war file


Now stop traccar service and replace the war file in installed folder.

service traccar stop
cp traccar-web.war /opt/traccar/
service traccar start

Now you will see new enhanced featured like which don’t exist in original traccar-web project:

See following FEATURES list at



Howto show Address field:

This column displays address value from archived positions. It is hidden by default, to make it visible use controls of archive grid (available by clicking down arrow button in any column header):

Columns settings

Please note that by default traccar does not fill that column. To make it work the ‘reverse geocoding’ must be enabled in traccar configuration file:

<!-- Geocoder options -->
<entry key='geocoder.enable'>true</entry>
<entry key='geocoder.type'>nominatim</entry>
<entry key='geocoder.url'></entry>

Thanks to Mr. Vitaly Litvak for pointing me in the right direction :)

If time will allow , I will add some more snaps and customizations that can be made. Its a open source application, you can make your contribution as well.


You can get more details on this project from following link



Syed Jahanzaib

November 21, 2014

Kannel auto startup problem with System error 13 Permission Denied

Filed under: Linux Related — Tags: , — Syed Jahanzaib / Pinochio~:) @ 12:04 PM

[with reference to following ]

Recently I configured KANNEL (again) for a client in KARBALA/IRAQ. The OS was UBUNTU 12.04.When we run the Bearerbox and SMSBOX manually in terminal, KANNEL HTTP API works fine. But when the box is restarted, SMS goes in QUEUE.

Result for manually executed bearerbox and smsbox in terminal (separate terminal for each command) like

bearerbox -v 0 /etc/kannel/kannel.conf

smsbox -v 0 /etc/kannel/kannel.conf

Sms via web works fine.

But when the system is rebooted ,  and I tried to send SMS , all messages were going in QUEUE and following message appear on browser.

3: Queued for later delivery

All kannel related services were starting properly, like bearerbox, smsbox etc. As showed below …

root@rm:~# ps aux |grep kannel
kannel    2964  0.0  0.0   7424   720 ?        Ss   09:47   0:00 /usr/sbin/run_kannel_box --pidfile /var/run/kannel/ --no-extra-args /usr/sbin/bearerbox -v 4 -- /etc/kannel/kannel.conf
kannel    2966  0.0  0.2  82652  2784 ?        Sl   09:47   0:00 /usr/sbin/bearerbox -v 4 -- /etc/kannel/kannel.conf
kannel    2975  0.0  0.0   7424   720 ?        Ss   09:47   0:00 /usr/sbin/run_kannel_box --pidfile /var/run/kannel/ --no-extra-args /usr/sbin/wapbox -v 4 -- /etc/kannel/kannel.conf
kannel    2978  0.0  0.0   7424   724 ?        Ss   09:47   0:00 /usr/sbin/run_kannel_box --pidfile /var/run/kannel/ --no-extra-args /usr/sbin/smsbox -v 4 -- /etc/kannel/kannel.conf
kannel    2980  0.0  0.2  65948  2644 ?        Sl   09:47   0:00 /usr/sbin/smsbox -v 4 -- /etc/kannel/kannel.conf
root      2993  0.0  0.0   3328   876 pts/2    S+   09:47   0:00 grep --color=auto kannel

After checking the bearerbox.log, I saw following error

tail -f /var/log/kannel/bearerbox.log
2014-11-21 10:41:55 [1912] [6] INFO: AT2[/dev/ttyACM0]: opening device
2014-11-21 10:41:55 [1912] [6] ERROR: AT2[/dev/ttyACM0]: open failed! ERRNO=13
2014-11-21 10:41:55 [1912] [6] ERROR: System error 13: Permission denied
2014-11-21 10:41:55 [1912] [6] ERROR: AT2[/dev/ttyACM0]: at2_device_thread: open_at2_device failed.
2014-11-21 10:41:55 [1912] [6] ERROR: System error 13: Permission denied
2014-11-21 10:41:55 [1912] [6] ERROR: AT2[/dev/ttyACM0]: Couldn't connect (retrying in 10 seconds).


With the help of kannel users mailing list, I found that KANNEL user must be allowed to write access /dev/ttyACM0 (or your modem device name).

For ubuntu, simply add the user KANNEL to DIALOUT group.

usermod -a -G dialout kannel
chown  kannel  /dev/ttyACM0

Also remove the comment sign from START_SMSBOX in /etc/default/kannel so that smsbox may also start on system boot.

Alhamdolillah Problem Solved!

2014-11-21 11.38.05

I am sharing this info because it took around 1 days of head banging with the wall, and I surely dont want anyone else to stuck in the same situation (if the issue is same)

Sample of config files

root@rm:/etc/kannel# cat /etc/default/kannel

my /etc/kannel/kannel.conf FILE

cat /etc/kannel/kannel.conf

# Syed Jahanzaib
# aacable [at]

group = core
admin-port = 13000
smsbox-port = 13001
admin-password = zaibadmin
status-password = zaibstatus
log-file = "/var/log/kannel/bearerbox.log"
log-level = 0
box-deny-ip = "*.*.*.*"
box-allow-ip = ""

group = smsc
smsc = at
modemtype = teltonika
device = /dev/ttyACM0
# Change above port to match your port, it could ACM1 or USB0, if you dont set it correctly,  it will not work and you will get error in logs that unable to connect to device)
speed = 19200
my-number = 0333302100000 # (put your sim number, not necessary)

# for teltonkia only, if you are using other brand you may need to get there INIT strings
group = modems
id = teltonika
name = "Teltonika E12"
detect-string = "Undefined"
enable-mms = true
init-string = "AT+CNMI=2,2,0,1,1"
speed = 115200

# for Huawei USB/GSM modem e155 i guess, remove hashes from below lines if u r using this model.
#group = modems
#id = huawei
#name = "Huawei"
#detect-string = "huawei"
#enable-mms = true
#init-string = "ATZ"
#init-string = "ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0"

group = smsbox
bearerbox-host = localhost
sendsms-port = 13013
global-sender = 13013
sendsms-chars = "0123456789 +-"
log-file = "/var/log/kannel/smsbox.log"
log-level = 0
access-log = "/var/log/kannel/access.log"

group = sendsms-user
username = kannel
password = kannel
concatenation = true
max-messages = 3

group = sms-service
keyword = default
get-url = "http://localhost/kannel/receivesms.php?sender=%p&text=%b"
accept-x-kannel-headers = true
max-messages = 3
concatenation = true
catch-all = true


Syed Jahanzaib

Older Posts »

The Silver is the New Black Theme. Blog at


Get every new post delivered to your Inbox.

Join 2,648 other followers