170 lines
7.3 KiB
Plaintext
170 lines
7.3 KiB
Plaintext
;
|
|
; AMI - The Asterisk Manager Interface
|
|
;
|
|
; Third party application call management support and PBX event supervision
|
|
;
|
|
; Use the "manager show commands" at the CLI to list available manager commands
|
|
; and their authorization levels.
|
|
;
|
|
; "manager show command <command>" will show a help text.
|
|
;
|
|
; ---------------------------- SECURITY NOTE -------------------------------
|
|
; Note that you should not enable the AMI on a public IP address. If needed,
|
|
; block this TCP port with iptables (or another FW software) and reach it
|
|
; with IPsec, SSH, or SSL vpn tunnel. You can also make the manager
|
|
; interface available over http/https if Asterisk's http server is enabled in
|
|
; http.conf and if both "enabled" and "webenabled" are set to yes in
|
|
; this file. Both default to no. httptimeout provides the maximum
|
|
; timeout in seconds before a web based session is discarded. The
|
|
; default is 60 seconds.
|
|
;
|
|
[general]
|
|
enabled = no
|
|
;webenabled = yes
|
|
|
|
port = 5038
|
|
bindaddr = 0.0.0.0
|
|
|
|
; Parameters that control AMI over TLS. ("enabled" must be set too).
|
|
; You can open a connection to this socket with e.g.
|
|
;
|
|
; openssl s_client -connect my_host:5039
|
|
;
|
|
;tlsenable=no ; set to YES to enable it
|
|
;tlsbindaddr=0.0.0.0:5039 ; address and port to bind to, default to bindaddr and port 5039
|
|
;tlscertfile=/tmp/asterisk.pem ; path to the certificate.
|
|
;tlsprivatekey=/tmp/private.pem ; path to the private key, if no private given,
|
|
; if no tlsprivatekey is given, default is to search
|
|
; tlscertfile for private key.
|
|
;tlscipher=<cipher string> ; string specifying which SSL ciphers to use or not use
|
|
;
|
|
;allowmultiplelogin = yes ; IF set to no, rejects manager logins that are already in use.
|
|
; ; The default is yes.
|
|
;
|
|
;displayconnects = yes
|
|
;
|
|
; Add a Unix epoch timestamp to events (not action responses)
|
|
;
|
|
;timestampevents = yes
|
|
|
|
;brokeneventsaction = yes ; Restore previous behavior that caused the events
|
|
; action to not return a response in certain
|
|
; circumstances. Defaults to 'no'.
|
|
|
|
;
|
|
; Display certain channel variables every time a channel-oriented
|
|
; event is emitted:
|
|
;
|
|
; Note that this does incur a performance penalty and should be avoided if possible.
|
|
;
|
|
;channelvars = var1,var2,var3
|
|
|
|
; debug = on ; enable some debugging info in AMI messages (default off).
|
|
; Also accessible through the "manager debug" CLI command.
|
|
|
|
; authtimeout specifies the maximum number of seconds a client has to
|
|
; authenticate. If the client does not authenticate beofre this timeout
|
|
; expires, the client will be disconnected. (default: 30 seconds)
|
|
|
|
;authtimeout = 30
|
|
|
|
; authlimit specifies the maximum number of unauthenticated sessions that will
|
|
; be allowed to connect at any given time.
|
|
|
|
;authlimit = 50
|
|
|
|
;httptimeout = 60
|
|
; a) httptimeout sets the Max-Age of the http cookie
|
|
; b) httptimeout is the amount of time the webserver waits
|
|
; on a action=waitevent request (actually its httptimeout-10)
|
|
; c) httptimeout is also the amount of time the webserver keeps
|
|
; a http session alive after completing a successful action
|
|
;
|
|
; disabledevents specifies AMI events which should be completely globally disabled.
|
|
; These events will not be available to any AMI listeners. Use this to disable
|
|
; frequent events which are not desired for any listeners. Default
|
|
; is no events are globally disabled. Event names are case-sensitive.
|
|
; Events disabled in stasis.conf do not also need to be disabled here.
|
|
; If you don't want to completely disable an AMI event, also consider the
|
|
; filter option available on a per-manager user basis to block unwanted
|
|
; events from being received in a stream (as opposed to this option which
|
|
; would prevent specified events from being generated at all).
|
|
|
|
;disabledevents = Newexten,Varset
|
|
|
|
;[mark]
|
|
;secret = mysecret
|
|
;deny=0.0.0.0/0.0.0.0
|
|
;permit=209.16.236.73/255.255.255.0
|
|
;acl=named_acl_example ; use a named ACL from acl.conf
|
|
;
|
|
;
|
|
;setvar=PBXACCOUNT=edvina
|
|
; The setvar option defines channel variables that will be set when this account
|
|
; originates a call. You can define multiple setvar= commands for one manager
|
|
; user.
|
|
;
|
|
;eventfilter=Event: Newchannel
|
|
;eventfilter=Channel: (PJ)?SIP/(james|jim|john)-
|
|
;eventfilter=!Channel: DAHDI/
|
|
; The eventfilter option is used to whitelist or blacklist events per user.
|
|
; A filter consists of an (unanchored) regular expression that is run on the
|
|
; entire event data. If the first character of the filter is an exclamation
|
|
; mark (!), the filter is appended to the blacklist instead of the whitelist.
|
|
; After first checking the read access below, the regular expression filters
|
|
; are processed as follows:
|
|
; - If no filters are configured all events are reported as normal.
|
|
; - If there are white filters only: implied black all filter processed first,
|
|
; then white filters.
|
|
; - If there are black filters only: implied white all filter processed first,
|
|
; then black filters.
|
|
; - If there are both white and black filters: implied black all filter processed
|
|
; first, then white filters, and lastly black filters.
|
|
|
|
;
|
|
; If the device connected via this user accepts input slowly,
|
|
; the timeout for writes to it can be increased to keep it
|
|
; from being disconnected (value is in milliseconds)
|
|
;
|
|
; writetimeout = 100
|
|
;
|
|
;displayconnects = yes ; Display on CLI user login/logoff
|
|
;
|
|
; Authorization for various classes
|
|
;
|
|
; Read authorization permits you to receive asynchronous events, in general.
|
|
; Write authorization permits you to send commands and get back responses. The
|
|
; following classes exist:
|
|
;
|
|
; all - All event classes below (including any we may have missed).
|
|
; system - General information about the system and ability to run system
|
|
; management commands, such as Shutdown, Restart, and Reload. This
|
|
; class also includes dialplan manipulation actions such as
|
|
; DialplanExtensionAdd and DialplanExtensionRemove.
|
|
; call - Information about channels and ability to set information in a
|
|
; running channel.
|
|
; log - Logging information. Read-only. (Defined but not yet used.)
|
|
; verbose - Verbose information. Read-only. (Defined but not yet used.)
|
|
; agent - Information about queues and agents and ability to add queue
|
|
; members to a queue.
|
|
; user - Permission to send and receive UserEvent.
|
|
; config - Ability to read and write configuration files.
|
|
; command - Permission to run CLI commands. Write-only.
|
|
; dtmf - Receive DTMF events. Read-only.
|
|
; reporting - Ability to get information about the system.
|
|
; cdr - Output of cdr_manager, if loaded. Read-only.
|
|
; dialplan - Receive NewExten and VarSet events. Read-only.
|
|
; originate - Permission to originate new calls. Write-only.
|
|
; agi - Output AGI commands executed. Input AGI command to execute.
|
|
; cc - Call Completion events. Read-only.
|
|
; aoc - Permission to send Advice Of Charge messages and receive Advice
|
|
; - Of Charge events.
|
|
; test - Ability to read TestEvent notifications sent to the Asterisk Test
|
|
; Suite. Note that this is only enabled when the TEST_FRAMEWORK
|
|
; compiler flag is defined.
|
|
; security - Security Events. Read-only.
|
|
; message - Permissions to send out of call messages. Write-only
|
|
;
|
|
;read = system,call,log,verbose,agent,user,config,dtmf,reporting,cdr,dialplan
|
|
;write = system,call,agent,user,config,command,reporting,originate,message
|