[Spce-user] NGCP-FRAUD Protection doesn't work in 4.3.1

Matthias Hohl matthias.hohl at telematica.at
Sat Apr 23 07:02:51 EDT 2016 

Hello,

I did an update today at 4 o clock and the "no sender" error dissapeared now and i got the notification mails, but the subscriber didn't get locked automatically.

I also want the mail templates for daily and auto notifications to edit. Currently they are simply the same. Is it also possible to edit the "from" mail header to another adress?

Where i can change this settings?

> Am 22.04.2016 um 14:55 schrieb Kirill Solomko <ksolomko at sipwise.com>:
> 
> Hi Matthias,
> 
> Thank you for your report.
> I have pinned down the issue and going to release a hotfix nearest time.
> 
> (expected packages to upgrade: ngcp-billing-tools, ngcp-panel)
> 
> Kind regards,
> Kirill
> 
>> On 22 Apr 2016, at 13:00, Matthias Hohl <matthias.hohl at telematica.at> wrote:
>> 
>> Hello,
>> 
>> i use a wildcard zertificate for https.
>> Just for kamailio tls i use the selfsigned cause we doesn't use tls
>> currently.
>> 
>> I changed the setting and can execute the script now but I get now this
>> error:
>> 
>> 
>> root at spce:~# /usr/sbin/ngcp-fraud-daily-lock
>> no sender
>> 
>> Trace begun at /usr/share/perl5/Email/Sender/Simple.pm line 117
>> Email::Sender::Simple::send_email('Email::Sender::Simple',
>> 'Email::Abstract=ARRAY(0x300b810)', 'HASH(0x3aae940)') called at
>> /usr/share/perl5/Email/Sender/Role/CommonSending.pm line 45
>> Email::Sender::Role::CommonSending::try {...}  at
>> /usr/share/perl5/Try/Tiny.pm line 79
>> eval {...} at /usr/share/perl5/Try/Tiny.pm line 72
>> Try::Tiny::try('CODE(0x3aae928)', 'Try::Tiny::Catch=REF(0x2df6768)') called
>> at /usr/share/perl5/Email/Sender/Role/CommonSending.pm line 58
>> Email::Sender::Role::CommonSending::send('Email::Sender::Simple',
>> 'Email::Simple=HASH(0x3aaea30)', 'HASH(0x300ba20)') called at
>> /usr/sbin/ngcp-fraud-daily-lock line 124
>> main::send_email('HASH(0x2da1988)', 'ARRAY(0x36a98e0)') called at
>> /usr/sbin/ngcp-fraud-daily-lock line 171
>> main::main at /usr/sbin/ngcp-fraud-daily-lock line 176
>> 
>> 
>> root at spce:~# /usr/sbin/ngcp-fraud-auto-lock
>> no sender
>> 
>> Trace begun at /usr/share/perl5/Email/Sender/Simple.pm line 117
>> Email::Sender::Simple::send_email('Email::Sender::Simple',
>> 'Email::Abstract=ARRAY(0x30888f0)', 'HASH(0x3b2bcc0)') called at
>> /usr/share/perl5/Email/Sender/Role/CommonSending.pm line 45
>> Email::Sender::Role::CommonSending::try {...}  at
>> /usr/share/perl5/Try/Tiny.pm line 79
>> eval {...} at /usr/share/perl5/Try/Tiny.pm line 72
>> Try::Tiny::try('CODE(0x3b2bca8)', 'Try::Tiny::Catch=REF(0x2e73898)') called
>> at /usr/share/perl5/Email/Sender/Role/CommonSending.pm line 58
>> Email::Sender::Role::CommonSending::send('Email::Sender::Simple',
>> 'Email::Simple=HASH(0x3b2bdb0)', 'HASH(0x3088b60)') called at
>> /usr/sbin/ngcp-fraud-auto-lock line 124
>> main::send_email('HASH(0x3730438)', 'ARRAY(0x3739d30)') called at
>> /usr/sbin/ngcp-fraud-auto-lock line 171
>> main::main at /usr/sbin/ngcp-fraud-auto-lock line 176
>> 
>> 
>> -----Ursprüngliche Nachricht-----
>> Von: Spce-user [mailto:spce-user-bounces at lists.sipwise.com] Im Auftrag von
>> Victor Seva
>> Gesendet: Freitag, 22. April 2016 12:48
>> An: spce-user at lists.sipwise.com
>> Betreff: Re: [Spce-user] NGCP-FRAUD Protection doesn't work in 4.3.1
>> 
>>> On 04/22/2016 11:39 AM, Matthias Hohl wrote:
>>> Hello,
>>> 
>>> today i found out that the ngcp-fraud-daily-lock and 
>>> ngcp-fraud-auto-lock doesn't work on a subscriber with too much traffic in
>> version 4.3.1.
>>> In version 4.2.1 it definitely works. 
>>> To solve this problem i checked the cronjob log and saw, that the 
>>> cronjobs was executed.
>>> Then I tried to execute the commands directly and got this error:
>>> 
>>> 
>>> root at spce:/var/log# /usr/sbin/ngcp-fraud-daily-lock
>>> 500 Can't connect to 127.0.0.1:1442 (certificate verify failed) Can't 
>>> connect to 127.0.0.1:1442 (certificate verify failed) SSL connect 
>>> attempt failed error:14090086:SSL 
>>> routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed at 
>>> /usr/share/perl5/LWP/Protocol/http.pm line 49.
>>> 
>>> 
>>> root at spce:/var/log# /usr/sbin/ngcp-fraud-auto-lock
>>> 500 Can't connect to 127.0.0.1:1442 (certificate verify failed) Can't 
>>> connect to 127.0.0.1:1442 (certificate verify failed) SSL connect 
>>> attempt failed error:14090086:SSL 
>>> routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed at 
>>> /usr/share/perl5/LWP/Protocol/http.pm line 49.
>>> 
>>> 
>>> 
>>> Any idea to solve this problem?
>>> In changelog you wrote, that you updated the ngcp-fraud scripts for 
>>> 4.3.1, so maybe there is something wrong?
>> 
>> This should be a problem with the certificate you are using. Are you using a
>> self-sign certificate?
>> 
>> There is a new config for disable the check for scripts:
>> 
>> security:
>> ngcp_panel:
>>   scripts:
>>     restapi:
>>       sslverify: no
>> 
>> 
>> On production I would say you should not use self-sign certificates.
>> Maybe letsencrypt?
>> 
>> --
>> Victor Seva
>> Software Engineer
>> 
>> Phone: +43(0)1 301 2029
>> Email: vseva at sipwise.com
>> Website: www.sipwise.com
>> 
>> Particulars according Austrian Companies Code paragraph 14 "Sipwise GmbH“ -
>> Europaring F15 – 2345 Brunn am Gebirge FN:305595f, Commercial Court Vienna,
>> ATU64002206
>> 
>> _______________________________________________
>> Spce-user mailing list
>> Spce-user at lists.sipwise.com
>> https://lists.sipwise.com/listinfo/spce-user
>

More information about the Spce-user mailing list