本文旨在解决asterisk电话录音后wav转mp3以及加密录音文件问题
首先上拨号规则(/etc/asterisk/extensions.conf):
[macro-Monitor]
exten => s,1,Set(PATH=/var/spool/asterisk/monitor/${STRFTIME(${EPOCH},,%Y-%m-%d)})
exten => s,n,Set(FILENAME=${STRFTIME(${EPOCH},,%Y-%m-%d-@-%H:%M:%S)}--${CALLERID(num)}-${DIALEDPEERNUMBER:2})
exten => s,n,Set(MONITOR_EXEC=/etc/asterisk/scripts/mce ${PATH} ${FILENAME})
exten => s,n,Monitor(wav,${PATH}/${FILENAME},mb)
然后你需要在/etc/asterisk/features.conf添加几条新规则:
Monitor => #1,caller,Macro,Monitor ;Allow the caller to initialize a calling monitor
pauseMonitor => #2,self/caller,PauseMonitor ;Allow the caller to pause monitoring on their channel
unpauseMonitor => #3,self/caller,UnPauseMonitor ;Allow the caller to unpause monitoring on their channel
这样你就可以在通话时按电话机的#1,#2,#3组合键来实现:录音,暂停录音,继续录音功能了
怎么调用这些功能呢,去你想要这些功能生效的context,在context的第一行插入如下命令:
exten => s,1,Set(DYNAMIC_FEATURES=Monitor#pauseMonitor#unpauseMonitor)
如果想对每个通话都录音,那么你需要这么一个宏:
[macro-outbound]
exten => s,1,Set(PATH=/var/spool/asterisk/monitor/${STRFTIME(${EPOCH},,%Y-%m-%d)})
exten => s,n,Set(FILENAME=${STRFTIME(${EPOCH},,%Y-%m-%d-%H%M%S)}--${CALLERID(num)}-${ARG2})
exten => s,n,Set(MONITOR_EXEC=/etc/asterisk/scripts/mce ${PATH} ${FILENAME})
exten => s,n,Monitor(wav,${PATH}/${FILENAME},mb)
exten => s,n,Dial(${ARG1}/${ARG2},,tTm)
调用这个宏:
exten => _NXXXXXXX,1,Macro(outbound,DAHDI/1,${EXTEN})
exten => _NXXXXXXX,n,Macro(outbound,DAHDI/2,${EXTEN})
exten => _NXXXXXXX,n,Macro(outbound,DAHDI/3,${EXTEN})
exten => _NXXXXXXX,n,Macro(outbound,SIP/T,008621${EXTEN})
exten => _NXXXXXXX,n,Macro(outbound,SIP/S,008621${EXTEN})
exten => _NXXXXXXX,n,Congestion()
下面给出monitor_exec执行的脚本,在/etc/asterisk 目录下建个新目录用于存放脚本,此脚本名为mce(意为mix convert encrypt)
继续之前请确认你安装了以下软件包及其依赖关系包,它们是:gnupg、lame、sox
脚本正文:
# /bin/bash
KEY='Asterisk Server'
#you should never change the variables below
GPG=/usr/bin/gpg
LAME=/usr/bin/lame
RM=/bin/rm
SOX=/usr/bin/sox
PATH=$1
FILENAME=$2
mix() {
$SOX -m "$PATH/$FILENAME-in.wav" "$PATH/$FILENAME-out.wav" "$PATH/$FILENAME.wav"
$RM $PATH/$FILENAME-*.wav
}
convert() {
$LAME -b16 --noshort -S $PATH/$FILENAME.wav $PATH/$FILENAME.mp3
$RM $PATH/$FILENAME.wav
}
encrypt() {
$GPG --homedir /var/lib/asterisk/\.gnupg -r "$KEY" --yes -o $PATH/$FILENAME.mp3.asc -e $PATH/$FILENAME.mp3
$RM $PATH/$FILENAME.mp3
}
#this function seems doesn't run properly, so we don't use it now, but kept it and debug later.
mce() {
$SOX -m "$PATH/$FILENAME-in.wav" "$PATH/$FILENAME-out.wav" -t wav -q - | $LAME -S - - | $GPG -r $KEY --yes -o $PATH/$FILENAME.mp3.asc -e -
$RM $FILENAME-*.wav
}
mix
convert
encrypt
下说说如何配置加密,当然如果你感觉加密没有必要或者太麻烦不想弄,直接将上面脚本最后一行用#注释掉即可。
先面说说gpg的用法:
创建一对密匙对:
gpg --gen-key
你将会交互式的回答一些问题,然后gpg将会在你的匙扣上生成它们
导出公匙到纯ASCII码文件:
gpg -a --export KEYNAME > KEYFILE
导入公匙:
gpg --import KEYFILE
修改公私匙的信任度:
gpg --edit-key KEYNAME
你将会进入交互式修改模式
导出私匙到纯ASCII码文件:
gpg -a --export-secret-keys KEYNAME > yourprivatekey.asc
从你的匙扣上删除一个公匙:
gpg --delete-keys KEYNAME
从你的匙扣上删除一个私匙:
gpg --delete-secret-key KEYNAME
加密一个文件:
gpg -r KEYNAME --output OUTFILE.asc --encrypt INFILE
解密一个文件:
gpg -r KEYNAME --output OUTFILE --decrypt INFILE.asc
现在先让我们去你的工作机上创建一对gpg密匙对:
ubuntu@Simon:~$ gpg --gen-key
gpg (GnuPG) 1.4.9; Copyright (C) 2008 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Please select what kind of key you want:
(1) DSA and Elgamal (default)
(2) DSA (sign only)
(5) RSA (sign only)
Your selection? 1
DSA keypair will have 1024 bits.
ELG-E keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 4096
Requested keysize is 4096 bits
Please specify how long the key should be valid.
0 = key does not expire
<n> = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years
Key is valid for? (0) 0
Key does not expire at all
Is this correct? (y/N) y
You need a user ID to identify your key; the software constructs the user ID
from the Real Name, Comment and Email Address in this form:
"Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>"
Real name: Simon Zhang
Email address: simon.zhang@domain
Comment:
You selected this USER-ID:
"Simon Zhang <simon.zhang@domain>"
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
You need a Passphrase to protect your secret key.
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
++++++++++++++++++++.+++++.++++++++++.+++++++++++++++.+++++++++++++++++++++++++++++++++++++++++++++++++++++++..++++++++++++++++++++..+++++>++++++++++..............................+++++
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
++++++++++++++++++++++++++++++.+++++.+++++.+++++....+++++.+++++.....++++++++++.++++++++++..+++++.+++++.+++++..+++++.+++++...++++++++++.+++++++++++++++.+++++....+++++.+++++..+++++..+++++.+++++....+++++..+++++>.+++++++++++++++...+++++.+++++.....+++++++++++++++.+++++.+++++>+++++>..+++++.....>.+++++.................................................................................................+++++^^^
gpg: key 3532FD44 marked as ultimately trusted
public and secret key created and signed.
gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0 valid: 4 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 4u
gpg: next trustdb check due at 2010-01-06
pub 1024D/3532FD44 2009-10-15
Key fingerprint = 17CD 4A5A 9A6D F817 0796 ACD5 8651 E9E8 3532 FD44
uid Simon Zhang <simon.zhang@domain>
sub 4096g/E14D2527 2009-10-15
然后导出公匙:
你可以用刚刚设定问题中的Real name或者是电子邮件地址为名称导出公匙:
gpg -a --export Simon\ Zhang > Simon_PUBKEY.asc
或者:
gpg -a --export simon.zhang@domain > Simon_PUBKEY.asc
然后复制这个公匙到asterisk服务器,要想操作asterisk用户的匙扣,你要给asterisk用户一个shell
用vi打开/etc/passwd, 找到asterisk用户,将行尾的/bin/false改为/bin/bash,保存退出
然后以root用户身份su到asterisk用户并导入它:
root@server:~# su asterisk
asterisk@server:/root$ gpg --import Simon_PUBKEY.asc
编辑信任度:
asterisk@server:~$ gpg --edit-key simon.zhang@domain
gpg (GnuPG) 1.4.9; Copyright (C) 2008 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Secret key is available.
pub 1024D/166B2755 created: 2009-06-11 expires: never usage: SC
trust: undefined validity: ultimate
sub 4096g/2C66CF1E created: 2009-06-11 expires: never usage: E
[ultimate] (1). Simon Zhang (this key pair is for external mail transfer) <simon.zhang@domain>
Command> trust
pub 1024D/166B2755 created: 2009-06-11 expires: never usage: SC
trust: undefined validity: ultimate
sub 4096g/2C66CF1E created: 2009-06-11 expires: never usage: E
[ultimate] (1). Simon Zhang (this key pair is for external mail transfer) <simon.zhang@domain>
Please decide how far you trust this user to correctly verify other users' keys
(by looking at passports, checking fingerprints from different sources, etc.)
1 = I don't know or won't say
2 = I do NOT trust
3 = I trust marginally
4 = I trust fully
5 = I trust ultimately
m = back to the main menu
Your decision? 5
Do you really want to set this key to ultimate trust? (y/N) y
pub 1024D/166B2755 created: 2009-06-11 expires: never usage: SC
trust: ultimate validity: ultimate
sub 4096g/2C66CF1E created: 2009-06-11 expires: never usage: E
[ultimate] (1). Simon Zhang (this key pair is for external mail transfer) <simon.zhang@domain>
Command> quit
asterisk@server:/root$ exit
root@server:~#
完成后别忘记把asterisk用户的shell改回false喔。
ALL DONE!