Kannel auto startup problem with System error 13 Permission Denied

[with reference to following

DMASOFTLAB Radius Manager 4.0.4/4.1.x SMS Notification Configuration

https://aacable.wordpress.com/2012/11/26/howto-configure-your-local-http-gateway-using-kannel-on-ubuntu/ ]

Recently I configured KANNEL (again) for a client in KARBALA/IRAQ. The OS was UBUNTU 12.04.When we run the Bearerbox and SMSBOX manually in terminal, KANNEL HTTP API works fine. But when the box is restarted, SMS goes in QUEUE.

Result for manually executed bearerbox and smsbox in terminal (separate terminal for each command) like

bearerbox -v 0 /etc/kannel/kannel.conf

smsbox -v 0 /etc/kannel/kannel.conf

Sms via web works fine.

But when the system is rebooted ,  and I tried to send SMS , all messages were going in QUEUE and following message appear on browser.

---

3: Queued for later delivery

---

All kannel related services were starting properly, like bearerbox, smsbox etc. As showed below …

root@rm:~# ps aux |grep kannel
kannel    2964  0.0  0.0   7424   720 ?        Ss   09:47   0:00 /usr/sbin/run_kannel_box --pidfile /var/run/kannel/kannel_bearerbox.pid --no-extra-args /usr/sbin/bearerbox -v 4 -- /etc/kannel/kannel.conf
kannel    2966  0.0  0.2  82652  2784 ?        Sl   09:47   0:00 /usr/sbin/bearerbox -v 4 -- /etc/kannel/kannel.conf
kannel    2975  0.0  0.0   7424   720 ?        Ss   09:47   0:00 /usr/sbin/run_kannel_box --pidfile /var/run/kannel/kannel_wapbox.pid --no-extra-args /usr/sbin/wapbox -v 4 -- /etc/kannel/kannel.conf
kannel    2978  0.0  0.0   7424   724 ?        Ss   09:47   0:00 /usr/sbin/run_kannel_box --pidfile /var/run/kannel/kannel_smsbox.pid --no-extra-args /usr/sbin/smsbox -v 4 -- /etc/kannel/kannel.conf
kannel    2980  0.0  0.2  65948  2644 ?        Sl   09:47   0:00 /usr/sbin/smsbox -v 4 -- /etc/kannel/kannel.conf
root      2993  0.0  0.0   3328   876 pts/2    S+   09:47   0:00 grep --color=auto kannel

After checking the bearerbox.log, I saw following error

tail -f /var/log/kannel/bearerbox.log
***************************************************************************************
2014-11-21 10:41:55 [1912] [6] INFO: AT2[/dev/ttyACM0]: opening device
2014-11-21 10:41:55 [1912] [6] ERROR: AT2[/dev/ttyACM0]: open failed! ERRNO=13
2014-11-21 10:41:55 [1912] [6] ERROR: System error 13: Permission denied
2014-11-21 10:41:55 [1912] [6] ERROR: AT2[/dev/ttyACM0]: at2_device_thread: open_at2_device failed.
2014-11-21 10:41:55 [1912] [6] ERROR: System error 13: Permission denied
2014-11-21 10:41:55 [1912] [6] ERROR: AT2[/dev/ttyACM0]: Couldn't connect (retrying in 10 seconds).
***************************************************************************************

---

.

---

With the help of kannel users mailing list, I found that KANNEL user must be allowed to write access /dev/ttyACM0 (or your modem device name).

For ubuntu, simply add the user KANNEL to DIALOUT group.

usermod -a -G dialout kannel
chown  kannel  /dev/ttyACM0

---

Also remove the comment sign from START_SMSBOX in /etc/default/kannel so that smsbox may also start on system boot.

---

Alhamdolillah Problem Solved!

I am sharing this info because it took around 1 days of head banging with the wall, and I surely dont want anyone else to stuck in the same situation (if the issue is same)

Sample of config files

root@rm:/etc/kannel# cat /etc/default/kannel
START_WAPBOX=1
START_SMSBOX=1

my /etc/kannel/kannel.conf FILE

cat /etc/kannel/kannel.conf

# Syed Jahanzaib
# https://aacable.wordpress.com
# aacable [at] hotmail.com

group = core
admin-port = 13000
smsbox-port = 13001
admin-password = zaibadmin
status-password = zaibstatus
log-file = "/var/log/kannel/bearerbox.log"
log-level = 0
box-deny-ip = "*.*.*.*"
box-allow-ip = "127.0.0.1"

group = smsc
smsc = at
modemtype = teltonika
device = /dev/ttyACM0
# Change above port to match your port, it could ACM1 or USB0, if you dont set it correctly,  it will not work and you will get error in logs that unable to connect to device)
speed = 19200
my-number = 0333302100000 # (put your sim number, not necessary)

# for teltonkia only, if you are using other brand you may need to get there INIT strings
group = modems
id = teltonika
name = "Teltonika E12"
detect-string = "Undefined"
enable-mms = true
init-string = "AT+CNMI=2,2,0,1,1"
speed = 115200

# for Huawei USB/GSM modem e155 i guess, remove hashes from below lines if u r using this model.
#group = modems
#id = huawei
#name = "Huawei"
#detect-string = "huawei"
#enable-mms = true
#init-string = "ATZ"
#init-string = "ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0"

group = smsbox
bearerbox-host = localhost
sendsms-port = 13013
global-sender = 13013
sendsms-chars = "0123456789 +-"
log-file = "/var/log/kannel/smsbox.log"
log-level = 0
access-log = "/var/log/kannel/access.log"

group = sendsms-user
username = kannel
password = kannel
concatenation = true
max-messages = 3

group = sms-service
keyword = default
get-url = "http://localhost/kannel/receivesms.php?sender=%p&text=%b"
accept-x-kannel-headers = true
max-messages = 3
concatenation = true
catch-all = true

🙂

Regard’s
Syed Jahanzaib

VPN/PPTP Static Routes Loose gateway when client reconnects

---

Recently i configured a site to site vpn connectivity (Head office to Branch office) at some place. Everything was working fine , both end clients could access each other with direct access as proper routes were setup, But strange issue was happening that if the branch office mikrotik goes offline or Re connects the pptp dialer,    static route at head office mikrotik becomes un-reachable

(manual route was added at H.O mikrotik to access branch offices via dynamic pptp interface).

---

As showed in the image below … (head office router)

---

It was happening because the route is looking at a dynamic interface. When the dynamic interface goes away (branch office mikrotik pptp disconnect-reconnect) the Route does not know which interface to point to. . To sort this issue, I added ROUTE in ppp/secret section @ Head Office mikrotik.

As showed in the image below ….

.

---

The above subnet 192.168.88.0/24 is branch office clients subnet. now whenever the branch will re connect the pptp, a dynamic route will add each time on H.O mikrotik, so it will know that from which route it should access B.O clients.

As showed in the image below.

---

TIP:

You can do it manually too by assigning static ip, and in route use that ip in gateway, But I prefer to use dynamic route , because the route will be created dynamically each time when user connected to the router and disappear when user disconnect. And so the route will work transparently even if changes are made in other sections.

---

Howto add permanent static route in windows by CMD

Destinations = 10.0.1.0 / 24
Local Gateway = 192.16.10.2
-p = permanent add

route -p ADD 10.0.1.0 MASK 255.255.255.0 192.168.10.2

Regard’s

---

Syed Jahanzaib

Howto add SEARCH/EDIT button on main page in Radius Manager

Following is a small tip to add SEARCH or EDIT function for DMASOFTLAB Radius Manager admin page , by Syed Jahanzaib.

Ideally you should have HTML editor software, I use Ms FRONTPAGE, but if you know the basics of html, you can even use any good text editor like NOTEPAD++

in /var/www/radiusmanager folder, open the adminmain_tpl.htm file in the html editor.
(for centos , use /var/www/html/radiusmanager/)

You will see something like following.

---

Now search for word {CONTENT} and after this line, paste the following html code

&nbsp;<table border="1" width="100%">
<tr>
<td><table width="100%" border="0" cellpadding="5" cellspacing="0" class="tb-bg">
<tr>
<td><form name="form2" method="post" action="admin.php?cont=list_users">
<p class="title2"><font color="#FF0000">{FNDUSR23} User
Database by Syed Jahanzaib</font></p>
<table border="0" align="center" cellpadding="2" cellspacing="2" width="421">
<tr>
<td nowrap class="normal" width="112"><div align="left">
{FNDUSR2}:
</div></td>
<td class="normal">&nbsp;<input name="username" type="text" class="normal" id="username" size="29" maxlength="32"></td>
</tr>
</table>
<p align="center">
<input type="submit" name="Submit2" value="{FNDUSR23}">
</p>
</form> </td>
</tr>
</table></td>

.

Now it will look like following after the edition.

.

Save this file. (If you are saving from windows, then after saving, upload the file backup to /var/www/radiusmanager/ folder [if you have Ubuntu.
[ If you have centos then copy to /var/www/html/radiusmanager/ ]

---

 

Now reload the admin page and you will see some thign like as below …

---

 

Regard’s
Syed Jahanzaib

SIP Poblem with Mikrotik

MIKROTIK VPN/PPTP FOR VOIP

---

 

Yesterday I was configuring a site to site VPN/pptp connectivity at a remote location,  As showed in the above diagram. All connectivity and functions were working fine. Ping from client to client behind each mikrotik was working fine, clients could see each other directly without NATTING, but strangely SIP/VOIP packets were not passing through. upon running TORCH , I could see the SIP traffic on UDP port 5060 was working but in very low volume , in bits. After running some sniffing, I found out that the problem was with the poor implementation at SIP protocol level on most commercial routers and the fact that this technology is just useful for outgoing calls, but not for incoming calls

After turning off SIP ALG (SIP Helper) ,everything start working .

Either by GUI or via CLI

---

GUI:

Goto IP > Firewall > Services > SIP [and disable it]

---

CLI:

/ip fi service-port disable sip

---

 

Now VoIP calls are working perfectly. Writing this, just in case some one else may face this issue with banging his head on the wall 😉

.

Regard’s
SYED JAHANZAIB