Discussion:
[Freeswitch-users] running mod_gsmopen on a separate system
Mietek Sześniak
2015-05-13 10:58:24 UTC
Permalink
I'd like to use FreeSWITCH as my private bridge between SIP and GSM.

However, I consider USB modems to be a security threat, since they
frequently have their own storage (can work as pendrives), have a black-box
baseband and are hardly ever patched.

For that reason, I'd like to connect my USB modem to a separate machine
(maybe an OpenWRT router) and connect that machine to my main FreeSWITCH
machine over Ethernet.

How would I set that up? Can mod_gsmopen be run alone, or would I have to
install a separate instance of FreeSWITCH on that second machine?

Thanks!

PS. I'm still trying to wrap my head around FreeSWITCH, so please be
forgiving. :)
Sergey Safarov
2015-05-13 11:31:34 UTC
Permalink
Thinking "install a separate instance of FreeSWITCH on that second machine"
is preferred.


On Wed, May 13, 2015 at 1:58 PM, Mietek Sześniak <
Post by Mietek Sześniak
I'd like to use FreeSWITCH as my private bridge between SIP and GSM.
However, I consider USB modems to be a security threat, since they
frequently have their own storage (can work as pendrives), have a black-box
baseband and are hardly ever patched.
For that reason, I'd like to connect my USB modem to a separate machine
(maybe an OpenWRT router) and connect that machine to my main FreeSWITCH
machine over Ethernet.
How would I set that up? Can mod_gsmopen be run alone, or would I have to
install a separate instance of FreeSWITCH on that second machine?
Thanks!
PS. I'm still trying to wrap my head around FreeSWITCH, so please be
forgiving. :)
_________________________________________________________________________
http://www.freeswitchsolutions.com
Official FreeSWITCH Sites
http://www.freeswitch.org
http://confluence.freeswitch.org
http://www.cluecon.com
FreeSWITCH-users mailing list
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org
Giovanni Maruzzelli
2015-05-13 11:32:02 UTC
Permalink
A separate instance of Freeswitch on second machine, and two machines talk
each other via sip.
-giovanni

sent from my mobile,
Giovanni Maruzzelli
cell: +39 347 266 56 18
Post by Mietek Sześniak
I'd like to use FreeSWITCH as my private bridge between SIP and GSM.
However, I consider USB modems to be a security threat, since they
frequently have their own storage (can work as pendrives), have a black-box
baseband and are hardly ever patched.
For that reason, I'd like to connect my USB modem to a separate machine
(maybe an OpenWRT router) and connect that machine to my main FreeSWITCH
machine over Ethernet.
How would I set that up? Can mod_gsmopen be run alone, or would I have to
install a separate instance of FreeSWITCH on that second machine?
Thanks!
PS. I'm still trying to wrap my head around FreeSWITCH, so please be
forgiving. :)
_________________________________________________________________________
http://www.freeswitchsolutions.com
Official FreeSWITCH Sites
http://www.freeswitch.org
http://confluence.freeswitch.org
http://www.cluecon.com
FreeSWITCH-users mailing list
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org
Daniel Ivanov
2015-05-13 13:02:04 UTC
Permalink
Yeah, that is what we do basically. Get our modems hooked to a raspberry pi
with freeswitch and route the calls&sms via sip to the endpoints.

Giving it a little thought though gave me that :
http://usbip.sourceforge.net/

It's a simple encapsulation of usb messaging over IP which is transferred
to a kernel module acting as a virtual host controller. Haven't tested it,
but be sure to post some feedback if you give it a spin.
Post by Giovanni Maruzzelli
A separate instance of Freeswitch on second machine, and two machines talk
each other via sip.
-giovanni
sent from my mobile,
Giovanni Maruzzelli
cell: +39 347 266 56 18
Post by Mietek Sześniak
I'd like to use FreeSWITCH as my private bridge between SIP and GSM.
However, I consider USB modems to be a security threat, since they
frequently have their own storage (can work as pendrives), have a black-box
baseband and are hardly ever patched.
For that reason, I'd like to connect my USB modem to a separate machine
(maybe an OpenWRT router) and connect that machine to my main FreeSWITCH
machine over Ethernet.
How would I set that up? Can mod_gsmopen be run alone, or would I have to
install a separate instance of FreeSWITCH on that second machine?
Thanks!
PS. I'm still trying to wrap my head around FreeSWITCH, so please be
forgiving. :)
_________________________________________________________________________
http://www.freeswitchsolutions.com
Official FreeSWITCH Sites
http://www.freeswitch.org
http://confluence.freeswitch.org
http://www.cluecon.com
FreeSWITCH-users mailing list
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org
_________________________________________________________________________
http://www.freeswitchsolutions.com
Official FreeSWITCH Sites
http://www.freeswitch.org
http://confluence.freeswitch.org
http://www.cluecon.com
FreeSWITCH-users mailing list
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org
Sergey Safarov
2015-05-13 13:19:46 UTC
Permalink
Passing USB messages via USBIP equal inserting dongle to FS host. It is not
solves security questions.

Sergey
Post by Daniel Ivanov
Yeah, that is what we do basically. Get our modems hooked to a raspberry
pi with freeswitch and route the calls&sms via sip to the endpoints.
http://usbip.sourceforge.net/
It's a simple encapsulation of usb messaging over IP which is transferred
to a kernel module acting as a virtual host controller. Haven't tested it,
but be sure to post some feedback if you give it a spin.
Post by Giovanni Maruzzelli
A separate instance of Freeswitch on second machine, and two machines
talk each other via sip.
-giovanni
sent from my mobile,
Giovanni Maruzzelli
cell: +39 347 266 56 18
On May 13, 2015 1:22 PM, "Mietek Sześniak" <
Post by Mietek Sześniak
I'd like to use FreeSWITCH as my private bridge between SIP and GSM.
However, I consider USB modems to be a security threat, since they
frequently have their own storage (can work as pendrives), have a black-box
baseband and are hardly ever patched.
For that reason, I'd like to connect my USB modem to a separate machine
(maybe an OpenWRT router) and connect that machine to my main FreeSWITCH
machine over Ethernet.
How would I set that up? Can mod_gsmopen be run alone, or would I have
to install a separate instance of FreeSWITCH on that second machine?
Thanks!
PS. I'm still trying to wrap my head around FreeSWITCH, so please be
forgiving. :)
_________________________________________________________________________
http://www.freeswitchsolutions.com
Official FreeSWITCH Sites
http://www.freeswitch.org
http://confluence.freeswitch.org
http://www.cluecon.com
FreeSWITCH-users mailing list
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org
_________________________________________________________________________
http://www.freeswitchsolutions.com
Official FreeSWITCH Sites
http://www.freeswitch.org
http://confluence.freeswitch.org
http://www.cluecon.com
FreeSWITCH-users mailing list
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org
_________________________________________________________________________
http://www.freeswitchsolutions.com
Official FreeSWITCH Sites
http://www.freeswitch.org
http://confluence.freeswitch.org
http://www.cluecon.com
FreeSWITCH-users mailing list
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org
Daniel Ivanov
2015-05-13 13:33:04 UTC
Permalink
Yeah, you're correct but i can believe there can be some ACL or
whitelisting implemented on kernel module level. Keep in mind the USB modem
comm is just a bunch of serial consoles and you mitigate the problem of
DMA(direct memory access) if you just choose to relay that class.
Post by Sergey Safarov
Passing USB messages via USBIP equal inserting dongle to FS host. It is
not solves security questions.
Sergey
Post by Daniel Ivanov
Yeah, that is what we do basically. Get our modems hooked to a raspberry
pi with freeswitch and route the calls&sms via sip to the endpoints.
http://usbip.sourceforge.net/
It's a simple encapsulation of usb messaging over IP which is transferred
to a kernel module acting as a virtual host controller. Haven't tested it,
but be sure to post some feedback if you give it a spin.
Post by Giovanni Maruzzelli
A separate instance of Freeswitch on second machine, and two machines
talk each other via sip.
-giovanni
sent from my mobile,
Giovanni Maruzzelli
cell: +39 347 266 56 18
On May 13, 2015 1:22 PM, "Mietek Sześniak" <
Post by Mietek Sześniak
I'd like to use FreeSWITCH as my private bridge between SIP and GSM.
However, I consider USB modems to be a security threat, since they
frequently have their own storage (can work as pendrives), have a black-box
baseband and are hardly ever patched.
For that reason, I'd like to connect my USB modem to a separate machine
(maybe an OpenWRT router) and connect that machine to my main FreeSWITCH
machine over Ethernet.
How would I set that up? Can mod_gsmopen be run alone, or would I have
to install a separate instance of FreeSWITCH on that second machine?
Thanks!
PS. I'm still trying to wrap my head around FreeSWITCH, so please be
forgiving. :)
_________________________________________________________________________
http://www.freeswitchsolutions.com
Official FreeSWITCH Sites
http://www.freeswitch.org
http://confluence.freeswitch.org
http://www.cluecon.com
FreeSWITCH-users mailing list
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org
_________________________________________________________________________
http://www.freeswitchsolutions.com
Official FreeSWITCH Sites
http://www.freeswitch.org
http://confluence.freeswitch.org
http://www.cluecon.com
FreeSWITCH-users mailing list
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org
_________________________________________________________________________
http://www.freeswitchsolutions.com
Official FreeSWITCH Sites
http://www.freeswitch.org
http://confluence.freeswitch.org
http://www.cluecon.com
FreeSWITCH-users mailing list
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org
_________________________________________________________________________
http://www.freeswitchsolutions.com
Official FreeSWITCH Sites
http://www.freeswitch.org
http://confluence.freeswitch.org
http://www.cluecon.com
FreeSWITCH-users mailing list
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org
Mietek Sześniak
2015-05-13 14:10:28 UTC
Permalink
Thanks a lot, guys!
Post by Daniel Ivanov
Yeah, you're correct but i can believe there can be some ACL or
whitelisting implemented on kernel module level. Keep in mind the USB modem
comm is just a bunch of serial consoles and you mitigate the problem of
DMA(direct memory access) if you just choose to relay that class.
Post by Sergey Safarov
Passing USB messages via USBIP equal inserting dongle to FS host. It is
not solves security questions.
Sergey
Post by Daniel Ivanov
Yeah, that is what we do basically. Get our modems hooked to a raspberry
pi with freeswitch and route the calls&sms via sip to the endpoints.
http://usbip.sourceforge.net/
It's a simple encapsulation of usb messaging over IP which is
transferred to a kernel module acting as a virtual host controller. Haven't
tested it, but be sure to post some feedback if you give it a spin.
Post by Giovanni Maruzzelli
A separate instance of Freeswitch on second machine, and two machines
talk each other via sip.
-giovanni
sent from my mobile,
Giovanni Maruzzelli
cell: +39 347 266 56 18
On May 13, 2015 1:22 PM, "Mietek Sześniak" <
Post by Mietek Sześniak
I'd like to use FreeSWITCH as my private bridge between SIP and GSM.
However, I consider USB modems to be a security threat, since they
frequently have their own storage (can work as pendrives), have a black-box
baseband and are hardly ever patched.
For that reason, I'd like to connect my USB modem to a separate
machine (maybe an OpenWRT router) and connect that machine to my main
FreeSWITCH machine over Ethernet.
How would I set that up? Can mod_gsmopen be run alone, or would I have
to install a separate instance of FreeSWITCH on that second machine?
Thanks!
PS. I'm still trying to wrap my head around FreeSWITCH, so please be
forgiving. :)
_________________________________________________________________________
http://www.freeswitchsolutions.com
Official FreeSWITCH Sites
http://www.freeswitch.org
http://confluence.freeswitch.org
http://www.cluecon.com
FreeSWITCH-users mailing list
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org
_________________________________________________________________________
http://www.freeswitchsolutions.com
Official FreeSWITCH Sites
http://www.freeswitch.org
http://confluence.freeswitch.org
http://www.cluecon.com
FreeSWITCH-users mailing list
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org
_________________________________________________________________________
http://www.freeswitchsolutions.com
Official FreeSWITCH Sites
http://www.freeswitch.org
http://confluence.freeswitch.org
http://www.cluecon.com
FreeSWITCH-users mailing list
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org
_________________________________________________________________________
http://www.freeswitchsolutions.com
Official FreeSWITCH Sites
http://www.freeswitch.org
http://confluence.freeswitch.org
http://www.cluecon.com
FreeSWITCH-users mailing list
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org
_________________________________________________________________________
http://www.freeswitchsolutions.com
Official FreeSWITCH Sites
http://www.freeswitch.org
http://confluence.freeswitch.org
http://www.cluecon.com
FreeSWITCH-users mailing list
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org
Loading...