[Spce-user] NGCP-FRAUD Protection doesn't work in 4.3.1

Matthias Hohl matthias.hohl at telematica.at
Mon Apr 25 07:29:00 EDT 2016


Hello,

thanks for the information.

But i see that there is now just 1 template for fraud lock and one for fraud without lock.
Is there no difference between daily and month limit anymore? It would be good if this would be different mails as well.

BTW: is it possible to send also an information mail about a lock to the subscriber Mail address instead 


-----Ursprüngliche Nachricht-----
Von: Kirill Solomko [mailto:ksolomko at sipwise.com] 
Gesendet: Montag, 25. April 2016 00:52
An: Matthias Hohl <matthias.hohl at telematica.at>
Cc: Spce-user at lists.sipwise.com
Betreff: Re: [Spce-user] NGCP-FRAUD Protection doesn't work in 4.3.1

Hi Matthias,

Thank you for your feedback. I have identified the issue and going to release a hotfix today.

As for your question regarding editing the templates you can do that from the GUI interface (Email Templates) where you create a template with name '’customer_fraud_lock_email’ or "’customer_fraud_warning_email’ respectively, it is best if you jump copy the content from the original template(s) as it contains macros, and adjust the text to your taste.

You can fetch the original templates by executing the following sql query:

mysql -e "select name,from_email,subject,body from billing.email_templates where name like 'customer_fraud_%_default_email'\G”

Kind regards,
Kirill

> On 23 Apr 2016, at 13:02, Matthias Hohl <matthias.hohl at telematica.at> wrote:
> 
> Hello,
> 
> I did an update today at 4 o clock and the "no sender" error dissapeared now and i got the notification mails, but the subscriber didn't get locked automatically.
> 
> I also want the mail templates for daily and auto notifications to edit. Currently they are simply the same. Is it also possible to edit the "from" mail header to another adress?
> 
> Where i can change this settings?
> 
>> Am 22.04.2016 um 14:55 schrieb Kirill Solomko <ksolomko at sipwise.com>:
>> 
>> Hi Matthias,
>> 
>> Thank you for your report.
>> I have pinned down the issue and going to release a hotfix nearest time.
>> 
>> (expected packages to upgrade: ngcp-billing-tools, ngcp-panel)
>> 
>> Kind regards,
>> Kirill
>> 
>>> On 22 Apr 2016, at 13:00, Matthias Hohl <matthias.hohl at telematica.at> wrote:
>>> 
>>> Hello,
>>> 
>>> i use a wildcard zertificate for https.
>>> Just for kamailio tls i use the selfsigned cause we doesn't use tls 
>>> currently.
>>> 
>>> I changed the setting and can execute the script now but I get now 
>>> this
>>> error:
>>> 
>>> 
>>> root at spce:~# /usr/sbin/ngcp-fraud-daily-lock no sender
>>> 
>>> Trace begun at /usr/share/perl5/Email/Sender/Simple.pm line 117 
>>> Email::Sender::Simple::send_email('Email::Sender::Simple',
>>> 'Email::Abstract=ARRAY(0x300b810)', 'HASH(0x3aae940)') called at 
>>> /usr/share/perl5/Email/Sender/Role/CommonSending.pm line 45 
>>> Email::Sender::Role::CommonSending::try {...}  at 
>>> /usr/share/perl5/Try/Tiny.pm line 79 eval {...} at 
>>> /usr/share/perl5/Try/Tiny.pm line 72 
>>> Try::Tiny::try('CODE(0x3aae928)', 'Try::Tiny::Catch=REF(0x2df6768)') 
>>> called at /usr/share/perl5/Email/Sender/Role/CommonSending.pm line 
>>> 58 Email::Sender::Role::CommonSending::send('Email::Sender::Simple',
>>> 'Email::Simple=HASH(0x3aaea30)', 'HASH(0x300ba20)') called at 
>>> /usr/sbin/ngcp-fraud-daily-lock line 124 
>>> main::send_email('HASH(0x2da1988)', 'ARRAY(0x36a98e0)') called at 
>>> /usr/sbin/ngcp-fraud-daily-lock line 171 main::main at 
>>> /usr/sbin/ngcp-fraud-daily-lock line 176
>>> 
>>> 
>>> root at spce:~# /usr/sbin/ngcp-fraud-auto-lock no sender
>>> 
>>> Trace begun at /usr/share/perl5/Email/Sender/Simple.pm line 117 
>>> Email::Sender::Simple::send_email('Email::Sender::Simple',
>>> 'Email::Abstract=ARRAY(0x30888f0)', 'HASH(0x3b2bcc0)') called at 
>>> /usr/share/perl5/Email/Sender/Role/CommonSending.pm line 45 
>>> Email::Sender::Role::CommonSending::try {...}  at 
>>> /usr/share/perl5/Try/Tiny.pm line 79 eval {...} at 
>>> /usr/share/perl5/Try/Tiny.pm line 72 
>>> Try::Tiny::try('CODE(0x3b2bca8)', 'Try::Tiny::Catch=REF(0x2e73898)') 
>>> called at /usr/share/perl5/Email/Sender/Role/CommonSending.pm line 
>>> 58 Email::Sender::Role::CommonSending::send('Email::Sender::Simple',
>>> 'Email::Simple=HASH(0x3b2bdb0)', 'HASH(0x3088b60)') called at 
>>> /usr/sbin/ngcp-fraud-auto-lock line 124 
>>> main::send_email('HASH(0x3730438)', 'ARRAY(0x3739d30)') called at 
>>> /usr/sbin/ngcp-fraud-auto-lock line 171 main::main at 
>>> /usr/sbin/ngcp-fraud-auto-lock line 176
>>> 
>>> 
>>> -----Ursprüngliche Nachricht-----
>>> Von: Spce-user [mailto:spce-user-bounces at lists.sipwise.com] Im 
>>> Auftrag von Victor Seva
>>> Gesendet: Freitag, 22. April 2016 12:48
>>> An: spce-user at lists.sipwise.com
>>> Betreff: Re: [Spce-user] NGCP-FRAUD Protection doesn't work in 4.3.1
>>> 
>>>> On 04/22/2016 11:39 AM, Matthias Hohl wrote:
>>>> Hello,
>>>> 
>>>> today i found out that the ngcp-fraud-daily-lock and 
>>>> ngcp-fraud-auto-lock doesn't work on a subscriber with too much 
>>>> traffic in
>>> version 4.3.1.
>>>> In version 4.2.1 it definitely works. 
>>>> To solve this problem i checked the cronjob log and saw, that the 
>>>> cronjobs was executed.
>>>> Then I tried to execute the commands directly and got this error:
>>>> 
>>>> 
>>>> root at spce:/var/log# /usr/sbin/ngcp-fraud-daily-lock
>>>> 500 Can't connect to 127.0.0.1:1442 (certificate verify failed) 
>>>> Can't connect to 127.0.0.1:1442 (certificate verify failed) SSL 
>>>> connect attempt failed error:14090086:SSL 
>>>> routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed at 
>>>> /usr/share/perl5/LWP/Protocol/http.pm line 49.
>>>> 
>>>> 
>>>> root at spce:/var/log# /usr/sbin/ngcp-fraud-auto-lock
>>>> 500 Can't connect to 127.0.0.1:1442 (certificate verify failed) 
>>>> Can't connect to 127.0.0.1:1442 (certificate verify failed) SSL 
>>>> connect attempt failed error:14090086:SSL 
>>>> routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed at 
>>>> /usr/share/perl5/LWP/Protocol/http.pm line 49.
>>>> 
>>>> 
>>>> 
>>>> Any idea to solve this problem?
>>>> In changelog you wrote, that you updated the ngcp-fraud scripts for 
>>>> 4.3.1, so maybe there is something wrong?
>>> 
>>> This should be a problem with the certificate you are using. Are you 
>>> using a self-sign certificate?
>>> 
>>> There is a new config for disable the check for scripts:
>>> 
>>> security:
>>> ngcp_panel:
>>>  scripts:
>>>    restapi:
>>>      sslverify: no
>>> 
>>> 
>>> On production I would say you should not use self-sign certificates.
>>> Maybe letsencrypt?
>>> 
>>> --
>>> Victor Seva
>>> Software Engineer
>>> 
>>> Phone: +43(0)1 301 2029
>>> Email: vseva at sipwise.com
>>> Website: www.sipwise.com
>>> 
>>> Particulars according Austrian Companies Code paragraph 14 "Sipwise 
>>> GmbH“ - Europaring F15 – 2345 Brunn am Gebirge FN:305595f, 
>>> Commercial Court Vienna,
>>> ATU64002206
>>> 
>>> _______________________________________________
>>> Spce-user mailing list
>>> Spce-user at lists.sipwise.com
>>> https://lists.sipwise.com/listinfo/spce-user
>> 




More information about the Spce-user mailing list