[Spce-user] NGCP-FRAUD Protection doesn't work in 4.3.1 - URGENT
Kirill Solomko
ksolomko at sipwise.com
Sat Jun 4 14:26:33 EDT 2016
Locking a single subscriber is not enough as the script checks and locks the whole customer and until the customer is locked it will keep send out the notifications.
> On 04 Jun 2016, at 20:21, Matthias Hohl <matthias.hohl at telematica.at> wrote:
>
> Hello Kirill,
>
> 1.) my mail templates are valid since 1 year and send out to subcribers and customers without problems. Never had any problems with that before.. so don’t know which “value must be an integer” the error means :/
> <image001.png>
>
>
> 2.) yah that’s a good feature, that script tries to check the status, if a subscriber is locked or not, but the problem is, that also if I lock the subscriber manually (Edit Master Data and set “lock level to “outgoing”” the script still don’t stop the mail notifications.
> <image002.png>
>
>
> 3.) I also needed to deactivate “sslverify” in config.yml cause otherwise I got this error:
> root at spce:~# /usr/sbin/ngcp-fraud-daily-lock
> 500 Can't connect to 127.0.0.1:1442 (certificate verify failed) Can't connect to 127.0.0.1:1442 (certificate verify failed)
> SSL connect attempt failed error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed at /usr/share/perl5/LWP/Protocol/http.pm line 49.
>
> So I thought maybe there is a problem with SSL certificate… cause I also don’t know how to fix that error… I added my wildcard certificate also for the restapi but if I enable “sslverify” I got still the same error.
>
>
> Yah it would be very nice if you could verify this problem, cause it is very risky to have no automatic lock enable.
> Thanks!
>
>
> Von: Kirill Solomko [mailto:ksolomko at sipwise.com <mailto:ksolomko at sipwise.com>]
> Gesendet: Samstag, 4. Juni 2016 19:54
> An: Matthias Hohl <matthias.hohl at telematica.at <mailto:matthias.hohl at telematica.at>>
> Cc: Spce-user at lists.sipwise.com <mailto:Spce-user at lists.sipwise.com>
> Betreff: Re: [Spce-user] NGCP-FRAUD Protection doesn't work in 4.3.1 - URGENT
>
> The API access is fine as the fraud script is able to access the data.
>
> I think there is an issue with the following when the script is trying to lock the customer:
>
> Jun 4 11:15:04 spce (local0.info) ngcp-panel: INFO: IP=127.0.0.1 CALLED=API[PATCH]/api/customers/231 TX=1454D6929806DE10 USER=system DATA={} MSG="" LOG="[{"value":"locked","path":"/status","op":"replace"}]"
> Jun 4 11:15:04 spce (local0.info) ngcp-panel: INFO: IP=127.0.0.1 CALLED=API[PATCH 422]/api/customers/231 TX=1454D6929806DE10 USER=system DATA={} MSG="" LOG="{"message":"Validation failed. field='subscriber_email_template', input='4', errors='Value must be an integer'; field='passreset_email_template', input='5', errors='Value must be an integer'; field='invoice_email_template', input='6', errors='Value must be an integer'; field='invoice_template', input='2', errors='Value must be an integer'","code":"422”}"
>
> and it causes the fraud detection script to stop processing the customer when an error occurs, therefore it tries over again next time until the customer is locked. It is by design that the warnings and lockings keep abusing the notify email until an action is taken (rather than silently ignore such occurrences).
>
> Looks like there is something not right with your email templates, those (subscriber_email_template, passreset_email_template, invoice_email_template) are not used by the script however. I will check that internally and see what can be done there.
>
>
>> On 04 Jun 2016, at 12:30, Matthias Hohl <matthias.hohl at telematica.at <mailto:matthias.hohl at telematica.at>> wrote:
>>
>> I have a hint, why it is maybe not working:
>>
>> I checked your script: “/usr/sbin/ngcp-fraud-daily-lock”
>> And saw that you doing the lock process over the API…
>>
>> Mybe there is the problem? That the script is working but the API access is not working?
>>
>>
>> If I check the log files I found this:
>>
>> PANEL-DEBUG.LOG
>> Jun 4 11:15:03 spce (local0.debug) ngcp-panel: DEBUG: ++++++ Root::auto unauthenticated API request
>> Jun 4 11:15:03 spce (local0.debug) ngcp-panel: DEBUG: ++++++ Root::auto API request with system auth
>> Jun 4 11:15:03 spce (local0.debug) ngcp-panel: DEBUG: contract IDs to be locked: 231
>> Jun 4 11:15:03 spce (local0.debug) ngcp-panel: DEBUG: contract IDs 231 locked (0 secs)
>> Jun 4 11:15:03 spce (local0.debug) ngcp-panel: DEBUG: catchup contract 231 contract_balances (now = 2016-06-04 11:15:03)
>> Jun 4 11:15:03 spce (local0.debug) ngcp-panel: DEBUG: lang set by browser or config: i_default
>> Jun 4 11:15:03 spce (local0.debug) ngcp-panel: DEBUG: ++++++ Root::auto unauthenticated API request
>> Jun 4 11:15:03 spce (local0.debug) ngcp-panel: DEBUG: ++++++ Root::auto API request with system auth
>>
>>
>> API.LOG:
>> Jun 4 11:15:01 spce (local0.info) ngcp-panel: INFO: IP=127.0.0.1 CALLED=API[GET 401]/api/customerfraudevents/ TX=1454D6922154D1F0 USER= DATA={ 'interval' => 'day'} MSG="" LOG="Authorization required."
>> Jun 4 11:15:03 spce (local0.info) ngcp-panel: INFO: IP=127.0.0.1 CALLED=API[GET]/api/customerfraudevents/ TX=1454D69222D5A590 USER=system DATA={ 'interval' => 'day'} MSG="" LOG=""
>> Jun 4 11:15:03 spce (local0.info) ngcp-panel: INFO: IP=127.0.0.1 CALLED=API[GET 200]/api/customerfraudevents/ TX=1454D69222D5A590 USER=system DATA={ 'interval' => 'day'} MSG="" LOG="{ "_embedded" : { "ngcp:customerfraudevents" : { "_links" : { "collection" : { "href" : "/api/customerfraudevents/" }, "curies" : { "href" : "http://purl.org/sipwise/ngcp-api/#rel-{rel} <http://purl.org/sipwise/ngcp-api/#rel-{rel}>", "name" : "ngcp", "templated" : true }, "profile" : { "href" : "http://purl.org/sipwise/ngcp-api/ <http://purl.org/sipwise/ngcp-api/>" }, "self" : { "href" : "/api/customerfraudevents/231" } }, "id" : 231, "interval" : "day", "interval_cost" : 7060.00011, "interval_limit" : 5000, "interval_lock" : 2, "interval_notify" : "fraud at telematica.at <mailto:fraud at telematica.at>", "reseller_id" : 2, "type" : "profile_limit", "use_reseller_rates" : 0 } }, "_links" : { "curies" : { "href" : "http://purl.org/sipwise/ngcp-api/#rel-{rel} <http://purl.org/sipwise/ngcp-api/#rel-{rel}>", "name" : "ngcp", "templated" : true }, "ngcp:customerfraudevents" : { "href" : "/api/customerfraudevents/231" }, "profile" : { "href" : "http://purl.org/sipwise/ngcp-api/ <http://purl.org/sipwise/ngcp-api/>" }, "self" : { "href" : "/api/customerfraudevents/?page=1&rows=10" } }, "total_count" : 1}"
>> Jun 4 11:15:03 spce (local0.info) ngcp-panel: INFO: IP=127.0.0.1 CALLED=API[GET 401]/api/subscribers/ TX=1454D69281CC8F50 USER= DATA={ 'customer_id' => '231'} MSG="" LOG="Authorization required."
>> Jun 4 11:15:03 spce (local0.info) ngcp-panel: INFO: IP=127.0.0.1 CALLED=API[GET]/api/subscribers/ TX=1454D69282DE2660 USER=system DATA={ 'customer_id' => '231'} MSG="" LOG=""
>> Jun 4 11:15:03 spce (local0.info) ngcp-panel: INFO: IP=127.0.0.1 CALLED=API[GET 200]/api/subscribers/ TX=1454D69282DE2660 USER=system DATA={ 'customer_id' => '231'} MSG="" LOG="{ "_embedded" : { "ngcp:subscribers" : { "_links" : { "collection" : { "href" : "/api/subscribers/" }, "curies" : { "href" : "http://purl.org/sipwise/ngcp-api/#rel-{rel} <http://purl.org/sipwise/ngcp-api/#rel-{rel}>", "name" : "ngcp", "templated" : true }, "ngcp:callforwards" : { "href" : "/api/callforwards/254" }, "ngcp:calls" : { "href" : "/api/calls/?subscriber_id=254" }, "ngcp:customers" : { "href" : "/api/customers/231" }, "ngcp:domains" : { "href" : "/api/domains/1" }, "ngcp:journal" : { "href" : "/api/subscribers/254/journal/" }, "ngcp:reminders" : { "href" : "/api/reminders/?subscriber_id=254" }, "ngcp:subscriberpreferences" : { "href" : "/api/subscriberpreferences/254" }, "ngcp:subscriberprofiles" : { "href" : "/api/subscriberprofiles/1" }, "ngcp:subscriberprofilesets" : { "href" : "/api/subscriberprofilesets/1" }, "ngcp:subscriberregistrations" : { "href" : "/api/subscriberregistrations/?subscriber_id=254" }, "ngcp:voicemailsettings" : { "href" : "/api/voicemailsettings/254" }, "profile" : { "href" : "http://purl.org/sipwise/ngcp-api/ <http://purl.org/sipwise/ngcp-api/>" }, "self" : { "href" : "/api/subscribers/254" } }, "administrative" : false, "alias_numbers" : [], "customer_id" : 231, "domain" : "xxxxxxxxxxxxxxxxx" } }, "_links" : { "curies" : { "href" : "http://purl.org/sipwise/ngcp-api/#rel-{rel} <http://purl.org/sipwise/ngcp-api/#rel-{rel}>", "name" : "ngcp", "templated" : true }, "ngcp:subscribers" : { "href" : "/api/subscribers/254" }, "profile" : { "href" : "http://purl.org/sipwise/ngcp-api/ <http://purl.org/sipwise/ngcp-api/>" }, "self" : { "href" : "/api/subscribers/?page=1&rows=10" } }, "total_count" : 1}"
>> Jun 4 11:15:03 spce (local0.info) ngcp-panel: INFO: IP=127.0.0.1 CALLED=API[PATCH 401]/api/customers/231 TX=1454D69296DE8AB0 USER= DATA={} MSG="" LOG="Authorization required."
>> Jun 4 11:15:04 spce (local0.info) ngcp-panel: INFO: IP=127.0.0.1 CALLED=API[PATCH]/api/customers/231 TX=1454D6929806DE10 USER=system DATA={} MSG="" LOG="[{"value":"locked","path":"/status","op":"replace"}]"
>> Jun 4 11:15:04 spce (local0.info) ngcp-panel: INFO: IP=127.0.0.1 CALLED=API[PATCH 422]/api/customers/231 TX=1454D6929806DE10 USER=system DATA={} MSG="" LOG="{"message":"Validation failed. field='subscriber_email_template', input='4', errors='Value must be an integer'; field='passreset_email_template', input='5', errors='Value must be an integer'; field='invoice_email_template', input='6', errors='Value must be an integer'; field='invoice_template', input='2', errors='Value must be an integer'","code":"422"}"
>> Jun 4 11:15:04 spce (local0.info) ngcp-panel: INFO: IP=127.0.0.1 CALLED=API[GET 401]/api/emailtemplates/ TX=1454D692A176CAA0 USER= DATA={ 'reseller_id' => '2'} MSG="" LOG="Authorization required."
>> Jun 4 11:15:04 spce (local0.info) ngcp-panel: INFO: IP=127.0.0.1 CALLED=API[GET]/api/emailtemplates/ TX=1454D692A29CAD00 USER=system DATA={ 'reseller_id' => '2'} MSG="" LOG=""
>> Jun 4 11:15:04 spce (local0.info) ngcp-panel: INFO: IP=127.0.0.1 CALLED=API[GET 200]/api/emailtemplates/ TX=1454D692A29CAD00 USER=system DATA={ 'reseller_id' => '2'} MSG="" LOG="{ "_embedded" : { "ngcp:emailtemplates" : [ { "_links" : { "collection" : { "href" : "/api/emailtemplates/" }, "curies" : { "href" : "http://purl.org/sipwise/ngcp-api/#rel-{rel} <http://purl.org/sipwise/ngcp-api/#rel-{rel}>", "name" : "ngcp", "templated" : true }, "ngcp:resellers" : { "href" : "/api/resellers/2" }, "profile" : { "href" : "http://purl.org/sipwise/ngcp-api/ <http://purl.org/sipwise/ngcp-api/>" }, "self" : { "href" : "/api/emailtemplates/13" } }, "body" : "Hello!\r\n\r\nCustomer # [% customer_id %] has been locked due to exceeding the configured\r\ncredit balance threshold ([% interval_cost %] EUR >= [% interval_limit %] EUR) in the [% type %] [% interval %] settings.\r\n\r\nAffected subscribers:\r\n[% subscribers %]\r\n\r\nPlease contact our support team if you need assistance.\r\nYour Telematica Support Team.\r\n\r\n--\r\nThis is an automatically generated message.", "from_email" : "support at telematica.at <mailto:support at telematica.at>", "id" : 13, "name" : "customer_fraud_lock_email", "reseller_id" : 2, "subject" : "Telematica Fraud Protection - Customer # [% customer_id %] locked" }, { "_links" : { "collection" : { "href" : "/api/emailtemplates/" }, "curies" : { "href" : "http://purl.org/sipwise/ngcp-api/#rel-{rel} <http://purl.org/sipwise/ngcp-api/#rel-{rel}>", "name" : "ngcp", "templated" : true }, "ngcp:resellers" : { "href" : "/api/resellers/2" }, "profile" : { "href" : "http://purl.org/sipwise/ngcp-api/ <http://purl.org/sipwise/ngcp-api/>" }, "self" : { "href" : "/api/emailtemplates/14" } }, "body" : "Hello!\r\n\r\nCustomer # [% customer_id %] is currently exceeding the configured credit balance\r\nthreshold ([% interval_cost %] EUR >= [% interval_limit %] EUR) in the [% type %] [% interval %] settings,\r\nbut has not been locked due to configuration.\r\n\r\nAffected subscribers:\r\n[% subscribers %]\r\n\r\nPlease contact our support team if you need assistance.\r\nYour Telematica Support Team.\r\n\r\n--\r\nThis is an automatically generated message.", "from_email" : "support at telematica.at <mailto:support at telematica.at>", "id" : 14, "name" : "customer_fraud_warning_email", "reseller_id" : 2, "subject" : "Telematica Fraud Protection - Customer # [% customer_id %] exceeding limit" }, { "_links" : { "collection" : { "href" : "/api/emailtemplates/" }, "curies" : { "href" : "http://purl.org/sipwise/ngcp-api/#rel-{rel} <http://purl.org/sipwise/ngcp-api/#rel-{rel}>", "name" : "ngcp", "templated" : true }, "ngcp:resellers" : { "href" : "/api/resellers/2" }, "profile" : { "href" : "http://purl.org/sipwise/ngcp-api/ <http://purl.org/sipwise/ngcp-api/>" }, "self" : { "href" : "/api/emailtemplates/6" } }, "body" : "Lieber Kunde,\r\n\r\nAnbei finden Sie den Einzelgesprächsnachweis mit der Nummer #[%invoice.serial%] für den Zeitraum von [%invoice.period_start_obj.month_name%], [%invoice.period_start_obj.year%].\r\n\r\nVielen Dank!\r\nIhr Telematica Team.\r\n\r\n-- \r\nDies ist eine automatisierte Nachricht. Falls Sie Fragen haben, wenden Sie sich bitte an den Support per Mail unter support at telematica.at <mailto:support at telematica.at> oder telefonisch an +43 (0)5 056 400", "from_email" : "buchhaltung at telematica.at <mailto:buchhaltung at telematica.at>", "id" : 6, "name" : "invoice_default_email", "reseller_id" : 2, "subject" : "Telematica: SIP Einzelgesprächsnachweis für [%invoice.period_start_obj.ymd%] bis [%invoice.period_end_obj.ymd%]" }, { "_links" : { "collection" : { "href" : "/api/emailtemplates/" }, "curies" : { "href" : "http://purl.org/sipwise/ngcp-api/#rel-{rel} <http://purl.org/sipwise/ngcp-api/#rel-{rel}>", "name" : "ngcp", "templated" : true }, "ngcp:resellers" : { "href" : "/api/resellers/2" }, "profile" : { "href" : "http://purl.org/sipwise/ngcp-api/ <http://purl.org/sipwise/ngcp-api/>" }, "self" : { "href" : "/api/emailtemplates/5" } }, "body" : "Lieber Kunde, liebe Kundin,\r\n\r\nIhr Kennwort für das Self-Care Portal wurde zurückgesetzt.\r\nBitte klicken Sie auf folgenden Link um ein neues Kennwort festzulegen.\r\nPasswort zurücksetzen: [% url %]\r\n\r\nSie können sich nun wieder mit Ihrem Benutzernamen und Ihrem neu gesetzten Kennwort im Self-Care Portal einloggen.\r\nSelf-Care Portal: https://sip.telematica.at\r\n\r\nWir <https://sip.telematica.at/r/n/r/nWir> wünschen Ihnen weiterhin viel Spass mit unserem Produkt.\r\n\r\nVielen Dank!\r\nIhr Telematica Team.\r\n\r\n-- \r\nDies ist eine automatisierte Nachricht.
>> Jun 4 11:15:04 spce (local0.info) ngcp-panel: INFO: IP=127.0.0.1 CALLED=API[GET 401]/api/emailtemplates/ TX=1454D692ADDA2DA0 USER= DATA={ 'reseller_id' => 'NULL'} MSG="" LOG="Authorization required."
>> Jun 4 11:15:04 spce (local0.info) ngcp-panel: INFO: IP=127.0.0.1 CALLED=API[GET]/api/emailtemplates/ TX=1454D692AF1E9480 USER=system DATA={ 'reseller_id' => 'NULL'} MSG="" LOG=""
>> Jun 4 11:15:04 spce (local0.info) ngcp-panel: INFO: IP=127.0.0.1 CALLED=API[GET 200]/api/emailtemplates/ TX=1454D692AF1E9480 USER=system DATA={ 'reseller_id' => 'NULL'} MSG="" LOG="{ "_embedded" : { "ngcp:emailtemplates" : [ { "_links" : { "collection" : { "href" : "/api/emailtemplates/" }, "curies" : { "href" : "http://purl.org/sipwise/ngcp-api/#rel-{rel} <http://purl.org/sipwise/ngcp-api/#rel-{rel}>", "name" : "ngcp", "templated" : true }, "profile" : { "href" : "http://purl.org/sipwise/ngcp-api/ <http://purl.org/sipwise/ngcp-api/>" }, "self" : { "href" : "/api/emailtemplates/10" } }, "body" : "Credit threshold warning for: [% domain %]\nThe following contracts are below the configured threshold of [% threshold %]:\n\n[% contracts %]\n\nYour faithful Sipwise system\n\n-- \nThis is an automatically generated message. Do not reply.", "from_email" : "[% adminmail %]", "id" : 10, "name" : "credit_warning_default_email", "reseller_id" : null, "subject" : "Sipwise NGCP credit threshold notification" }, { "_links" : { "collection" : { "href" : "/api/emailtemplates/" }, "curies" : { "href" : "http://purl.org/sipwise/ngcp-api/#rel-{rel} <http://purl.org/sipwise/ngcp-api/#rel-{rel}>", "name" : "ngcp", "templated" : true }, "profile" : { "href" : "http://purl.org/sipwise/ngcp-api/ <http://purl.org/sipwise/ngcp-api/>" }, "self" : { "href" : "/api/emailtemplates/11" } }, "body" : "Customer # [% customer_id %] has been locked due to exceeding the configured\n[% IF interval == \"day\" -%]daily[% ELSIF interval == \"month\" -%]monthly[% END -%] credit balance threshold ([% interval_cost %] >= [% interval_limit %]) in the [% type %] settings.\n\nAffected subscribers:\n[% subscribers %]\n\nYour faithful Sipwise system\n\n-- \nThis is an automatically generated message. Do not reply.", "from_email" : "[% adminmail %]", "id" : 11, "name" : "customer_fraud_lock_default_email", "reseller_id" : null, "subject" : "Customer # [% customer_id %] locked by fraud detection" }, { "_links" : { "collection" : { "href" : "/api/emailtemplates/" }, "curies" : { "href" : "http://purl.org/sipwise/ngcp-api/#rel-{rel} <http://purl.org/sipwise/ngcp-api/#rel-{rel}>", "name" : "ngcp", "templated" : true }, "profile" : { "href" : "http://purl.org/sipwise/ngcp-api/ <http://purl.org/sipwise/ngcp-api/>" }, "self" : { "href" : "/api/emailtemplates/12" } }, "body" : "Customer # [% customer_id %] is currently exceeding the configured\n[% IF interval == \"day\" -%]daily[% ELSIF interval == \"month\" -%]monthly[% END -%] credit balance threshold ([% interval_cost %] >= [% interval_limit %]) in the [% type %] settings,\nbut has not been locked due to configuration.\n\nAffected subscribers:\n[% subscribers %]\n\nYour faithful Sipwise system\n\n-- \nThis is an automatically generated message. Do not reply.", "from_email" : "[% adminmail %]", "id" : 12, "name" : "customer_fraud_warning_default_email", "reseller_id" : null, "subject" : "Customer # [% customer_id %] exceeding fraud detection limit" }, { "_links" : { "collection" : { "href" : "/api/emailtemplates/" }, "curies" : { "href" : "http://purl.org/sipwise/ngcp-api/#rel-{rel} <http://purl.org/sipwise/ngcp-api/#rel-{rel}>", "name" : "ngcp", "templated" : true }, "profile" : { "href" : "http://purl.org/sipwise/ngcp-api/ <http://purl.org/sipwise/ngcp-api/>" }, "self" : { "href" : "/api/emailtemplates/3" } }, "body" : "Dear Customer,\n\nPlease find your invoice #[%invoice.serial%] for [%invoice.period_start_obj.month_name%], [%invoice.period_start_obj.year%] in attachment of this letter.\n\nYour faithful Sipwise system\n\n--\nThis is an automatically generated message. Do not reply.", "from_email" : "default at sipwise.com <mailto:default at sipwise.com>", "id" : 3, "name" : "invoice_default_email", "reseller_id" : null, "subject" : "Invoice #[%invoice.serial%] from [%invoice.period_start_obj.ymd%] to [%invoice.period_end_obj.ymd%]" }, { "_links" : { "collection" : { "href" : "/api/emailtemplates/" }, "curies" : { "href" : "http://purl.org/sipwise/ngcp-api/#rel-{rel} <http://purl.org/sipwise/ngcp-api/#rel-{rel}>", "name" : "ngcp", "templated" : true }, "profile" : { "href" : "http://purl.org/sipwise/ngcp-api/ <http://purl.org/sipwise/ngcp-api/>" }, "self" : { "href" : "/api/emailtemplates/2" } }, "body" : "Dear Customer,\n\nPlease go to [% url %] to set your password and log into your self-care interface.\n\nYour faithful Sipwise system\n\n-- \nThis is an automatically generated message. Do not reply.", "from_email" : "default at sipwise.com <mailto:default at sipwise.com>", "id" : 2, "name" : "passreset_
>>
>>
>>
>> Von: Spce-user [mailto:spce-user-bounces at lists.sipwise.com <mailto:spce-user-bounces at lists.sipwise.com>] Im Auftrag von Matthias Hohl
>> Gesendet: Samstag, 4. Juni 2016 11:45
>> An: 'Kirill Solomko' <ksolomko at sipwise.com <mailto:ksolomko at sipwise.com>>
>> Cc: Spce-user at lists.sipwise.com <mailto:Spce-user at lists.sipwise.com>
>> Betreff: Re: [Spce-user] NGCP-FRAUD Protection doesn't work in 4.3.1 - URGENT
>> Priorität: Hoch
>>
>> Hello,
>>
>> this fraud protection module in 4.3.1 still DOESN’T work!
>> I also use the latest updates.
>> The subscriber doesn’t get automatically locked after reaching the fraud limit and the notification mail is send again, everytime the cronjob is running!
>>
>> The Fraud Limit is only set in the billing profile and nothing edited at customer.
>>
>> Customer settings:
>>
>> <image001.jpg>
>>
>> Billing Profile Settings:
>>
>> <image002.jpg>
>>
>>
>> I received the notification mail:
>> Customer # 231 has been locked due to exceeding the configured credit balance threshold (70.60 EUR >= 50.00 EUR) in the billing profile day settings.
>>
>> I checked the subscriber and I saw that there was no lock level activated, and I still receive the notifcations mails now everytime again, when the cronjob runs, until I manually rise up the fraud limit on this customer in the customer settings.
>> So I also can’t deactivate the notification mails. Also if I manually lock the subscriber I still receive the notifications until I raise up the fraud limit in customer settings or billing profile settings to be under the threshold.
>>
>> So all is definitely right configurated but your new fraud protection scripts doesn’t lock the subscriber.. I am speaking about that problem now for over 1 month and it doesn’t work.
>> Everything works fine before I updated to 4.3.1 with fraud protection and now ether subscriber nor customer will be locked any more by reaching the threshold.
>>
>> I don’t know why it is working on your fresh installed 4.3.1 version. But I don’t have a fresh installed version, maybe that is the problem, I don’t know.
>> Please fix this as soon as possible cause this is a very high security risk.
>>
>> Thanks!
>>
>>
>>
>>
>> Von: Spce-user [mailto:spce-user-bounces at lists.sipwise.com <mailto:spce-user-bounces at lists.sipwise.com>] Im Auftrag von Matthias Hohl
>> Gesendet: Freitag, 13. Mai 2016 16:13
>> An: 'Kirill Solomko' <ksolomko at sipwise.com <mailto:ksolomko at sipwise.com>>
>> Cc: Spce-user at lists.sipwise.com <mailto:Spce-user at lists.sipwise.com>
>> Betreff: Re: [Spce-user] NGCP-FRAUD Protection doesn't work in 4.3.1
>>
>> Hello again,
>>
>> Yeah definitely you have the excat same settings, how i did the setup at my side, but at me and the subsriber didn’t get a lock and the notification mail comes again and again and again and again everytime the cronjobs runs until I rise up the fraud limit.
>> I did no fresh install I just did a upgrade from 4.2.1 to 4.3.1 and did the last update && upgrade last week.
>>
>> This is in my billing profile: (lock monthly and daily all outgoing calls by reaching a limit and send mail.)
>>
>> <image003.jpg>
>>
>> And this at the customer: (there is just “billing profile default” in every field.)
>>
>> <image004.jpg>
>>
>> And if the call limit was reached, I just get the notification mails every time the cronjob runs but the subscriber never get locked.
>> I will test it today again after the latest update && upgrade. Once with billing profile lock limit and once with customer lock limit.
>>
>> Sure, I believe that It will work at your side, but just believe me, it didn’t work at me after an upgrade to 4.3.1 :D
>>
>>
>>
>>
>> Von: Kirill Solomko [mailto:ksolomko at sipwise.com <mailto:ksolomko at sipwise.com>]
>> Gesendet: Freitag, 13. Mai 2016 15:42
>> An: Matthias Hohl <matthias.hohl at telematica.at <mailto:matthias.hohl at telematica.at>>
>> Cc: Spce-user at lists.sipwise.com <mailto:Spce-user at lists.sipwise.com>
>> Betreff: Re: [Spce-user] NGCP-FRAUD Protection doesn't work in 4.3.1
>>
>>
>>> On 13 May 2016, at 14:40, Matthias Hohl <matthias.hohl at telematica.at <mailto:matthias.hohl at telematica.at>> wrote:
>>>
>>> Hello,
>>>
>>> thanks for the info. I will do the update later today.
>>>
>>> Okay.
>>>
>>> Yah that’s the behavior I doing currently. But normally I have no customer fraud preferences and use always the billing profile defaults. So there is no need now for mixing.
>>>
>>> Is the bug with the automatic lock also fixed? Cause currently I just get the notifications but the lock will not be done automatically, even if it is set "lock outgoing calls" in the billing profile fraud protection. I also tested it with customer fraud protection and also there the settings for lock outgoing calls if limit is reached but also there I just get the notification mail and no lock happened.
>>
>> I have tested it on a fresh mr4.3.1 CE and it worked just fine.
>>
>> 1. In the billing profile I set (customer fraud preferences are untouched):
>>
>> fraud_daily_limit: 10 (means 10 cents)
>> fraud_dailty_lock: “all outgoing calls”
>> fraud_daily_notify: "myemail"
>>
>> 2. There are 2 cdrs with source_customer_cost = 1000 each (total: 2000).
>>
>> 3. Issued ngcp-fraud-daily-check and got this result (internal debug):
>>
>> id: 3
>> reseller_id: 1
>> interval: day
>> type: profile_limit
>> interval_cost: 2000.000000
>> interval_limit: 10
>> interval_lock: 2
>> interval_notify: “myemail"
>> use_reseller_rates: 0
>>
>> 4. And received the following email:
>>
>> ————
>> Customer # 3 has been locked due to exceeding the configured
>> daily credit balance threshold (20.00 >= 0.10) in the billing profile settings.
>>
>> Affected subscribers:
>> 123456 at 1.1.1.1 <mailto:123456 at 1.1.1.1>
>> 123457 at 1.1.1.1 <mailto:123457 at 1.1.1.1>
>>
>> Your faithful Sipwise system
>>
>> --
>> This is an automatically generated message. Do not reply.
>> ————
>>
>> 5. Status of the customer: "status: locked”
>>
>> 6. Status of the related subscribers: "status: locked”
>>
>> 7. When I open of the locked subscribers on the ngcp-panel I see
>>
>> Subscriber status is locked
>> Subscriber is locked for outgoing
>> 8. When I issue “ngcp-fraud-daily-check” again it does nothing as the customer is already locked.
>>
>> 9. When I call to any number from the locked subscriber I get “403 Caller Locked” on my phone and in kamalio-proxy.log I can see "Caller locked for outgoing with mode ‘2'"
>>
>> Kind regards,
>> Kirill
>>
>>
>>>
>>> Thanks.
>>>
>>> -----Ursprüngliche Nachricht-----
>>> Von: Spce-user [mailto:spce-user-bounces at lists.sipwise.com <mailto:spce-user-bounces at lists.sipwise.com>] Im Auftrag von Kirill Solomko
>>> Gesendet: Freitag, 13. Mai 2016 14:28
>>> An: Spce-user at lists.sipwise.com <mailto:Spce-user at lists.sipwise.com>
>>> Betreff: Re: [Spce-user] NGCP-FRAUD Protection doesn't work in 4.3.1
>>>
>>> Hi Matthias,
>>>
>>> The new “interval” email template variable will be available later on today, affected packages: ngcp-billing-tools, db-schema (you have to issue “ngcp-update-db-schema" after the db-schema package upgrade).
>>>
>>> As for the planned change to use “mixed” billing profile / customer fraud preferences, that will not be implemented, at least not in 4.3/4.4.
>>> Currently you can either add a customer fraud preference (which takes preference over the billing profile once created) and if you no longer need it there is a “delete” button in the customer fraud preferences where after removal all the values are shown as “billing profile default”.
>>>
>>> Kind regards,
>>> Kirill
>>>
>>>> On 03 May 2016, at 16:45, Kirill Solomko <ksolomko at sipwise.com <mailto:ksolomko at sipwise.com>> wrote:
>>>>
>>>>
>>>>
>>>>> On 03 May 2016, at 15:54, Matthias Hohl <matthias.hohl at telematica.at <mailto:matthias.hohl at telematica.at>> wrote:
>>>>>
>>>>> Hello again :)
>>>>>
>>>>> 1.) When do you believe this fix is coming?
>>>>> Cause again another customer reached is daily limit and there was no
>>>>> lock :/
>>>>>
>>>>> Customer # 227 has been locked due to exceeding the configured credit
>>>>> balance threshold (73.49 >= 50.00) in the billing profile settings.
>>>>>
>>>>> It is currently a bit risky not to lock automatically :/
>>>>
>>>> Hi Matthias,
>>>>
>>>> As I have mentioned before the core logic has not been changed in mr4.3 and such behaviour is also in our previous versions.
>>>>
>>>> For now you can either override all the 3 customer fraud preferences or use none of them and the billing profile only.
>>>>
>>>> The incoming improvement will allow to mix up the preferences so the inheritance customer preference -> billing profile will be used.
>>>>
>>>> ETA: this/next week.
>>>>
>>>>>
>>>>> 2.) Yah using GUI is good, but then you have to manually set the value back on next month :/ not so workflow friendly.
>>>>>
>>>>
>>>> As I have written in the previous reply you you can use "GUI for that and/or the API interface.”, where with our REST API interface you can automate it and well integrate into your own workflow.
>>>>
>>>> Kind regards,
>>>> Kirill
>>>>
>>>>> thanks
>>>>>
>>>>> -----Ursprüngliche Nachricht-----
>>>>> Von: Kirill Solomko [mailto:ksolomko at sipwise.com <mailto:ksolomko at sipwise.com>]
>>>>> Gesendet: Dienstag, 3. Mai 2016 15:33
>>>>> An: Matthias Hohl <matthias.hohl at telematica.at <mailto:matthias.hohl at telematica.at>>
>>>>> Cc: Spce-user at lists.sipwise.com <mailto:Spce-user at lists.sipwise.com>
>>>>> Betreff: Re: [Spce-user] NGCP-FRAUD Protection doesn't work in 4.3.1
>>>>>
>>>>>
>>>>>
>>>>>> On 03 May 2016, at 15:26, Matthias Hohl <matthias.hohl at telematica.at <mailto:matthias.hohl at telematica.at>> wrote:
>>>>>>
>>>>>> Hello,
>>>>>>
>>>>>>
>>>>>> -----Ursprüngliche Nachricht-----
>>>>>> Von: Kirill Solomko [mailto:ksolomko at sipwise.com <mailto:ksolomko at sipwise.com>]
>>>>>> Gesendet: Dienstag, 3. Mai 2016 13:23
>>>>>> An: Matthias Hohl <matthias.hohl at telematica.at <mailto:matthias.hohl at telematica.at>>
>>>>>> Cc: Spce-user at lists.sipwise.com <mailto:Spce-user at lists.sipwise.com>
>>>>>> Betreff: Re: [Spce-user] NGCP-FRAUD Protection doesn't work in 4.3.1
>>>>>>
>>>>>> Hi Matthias,
>>>>>>
>>>>>>> On 02 May 2016, at 18:31, Matthias Hohl <matthias.hohl at telematica.at <mailto:matthias.hohl at telematica.at>> wrote:
>>>>>>>
>>>>>>> Hello Kirill,
>>>>>>>
>>>>>>> 1.) the problem with the amount was just at one customer, another one, which was notified from billing profile monthly limit, was set correct.
>>>>>>> 2.) yah I know it is in cents not in EUR. Thanks for the advice how to change it.
>>>>>>> 3.) on last day I had the problem, that a customer exceeded the monthly limit and I got the notifications but no lock... the setting is set right. is this still included in the bugfix?
>>>>>>> Yes, that was because you had mixed inheritance (part of the limits were billing profile and part customer based).
>>>>>>
>>>>>> No definitely not. The limit was ONLY at the billing profile and NO setting on customer based. It was not one of my test subscriber, it was a totally different one. I got no lock. So something is wrong with the locking module.
>>>>>
>>>>> I think we are talking about the same. As I have mentioned earlier the upcoming “mixed inheritance” fix will address that.
>>>>>
>>>>>>
>>>>>>
>>>>>>> 5.) so is it then possible to just set the limit in customer settings and the mail address will be used from billing profile setting? Like it works currently for the daily limit?
>>>>>>> Yes, if a customer fraud preference is unset/empty, inheritance to a related billing profile will take place. Currently it determines it only based on customer fraud interval limit.
>>>>>>
>>>>>>
>>>>>>> 6.) if you update the script, it is maybe also possible to include a checkbox for "lock limit just for current month", and next month there is standard lock level? Would be nice feature, to top up the limit for the current month only.
>>>>>>>
>>>>>>> We do not add new features in already released versions, only fixes.
>>>>>>> I honestly see no reason in that as such limitation may very well go out of control, as if you set this month for a certain lock level but next month you forget to re-enable it if you were about to occasionally.
>>>>>>> An example: normal practice for mobile operators is to lock you out (for your own good) if you are over a certain sane daily/monthly usage threshold and send a text message or an email in our case.
>>>>>>> You call your operator and ask them to manually unlock you, or if you are really that talkative request them to manually disable/shift the threshold.
>>>>>>> I truly appreciate that idea but that feature will less likely be implemented however we will keep that in mind and perhaps morph it into something alike.
>>>>>>
>>>>>> Yah thats definitly what i wanted to say. the possibility to unlock a customer for the current billing period. Your example is exactly what I mean. If customer is over threshold, the operator can manually unlock for this period to a higher threshold level. If month is over, the old normal threshold level is back active.
>>>>>>
>>>>>
>>>>> You should either use GUI for that and/or the API interface. No need for anything extra to accomplish the scenario.
>>>>>
>>>>>> Kind regards,
>>>>>> Kirill
>>>>>>
>>>>>>> -----Ursprüngliche Nachricht-----
>>>>>>> Von: Kirill Solomko [mailto:ksolomko at sipwise.com <mailto:ksolomko at sipwise.com>]
>>>>>>> Gesendet: Montag, 2. Mai 2016 16:31
>>>>>>> An: Matthias Hohl <matthias.hohl at telematica.at <mailto:matthias.hohl at telematica.at>>
>>>>>>> Cc: Spce-user at lists.sipwise.com <mailto:Spce-user at lists.sipwise.com>
>>>>>>> Betreff: Re: [Spce-user] NGCP-FRAUD Protection doesn't work in
>>>>>>> 4.3.1
>>>>>>>
>>>>>>> Hi Matthias,
>>>>>>>
>>>>>>> I could not reproduce your scenario.
>>>>>>>
>>>>>>> I have 30 cdrs for customer 5, for 2016-04-22 with 150 cents in sum().
>>>>>>>
>>>>>>> mysql> select count(id), source_account_id,
>>>>>>> mysql> date(from_unixtime(start_time)) from cdr group by 2,3;
>>>>>>> +-----------+-------------------+---------------------------------+
>>>>>>> | count(id) | source_account_id | date(from_unixtime(start_time)) |
>>>>>>> +-----------+-------------------+---------------------------------+
>>>>>>> | 10 | 5 | 2016-04-21 |
>>>>>>> | 30 | 5 | 2016-04-22 |
>>>>>>> | 10 | 41 | 2016-04-15 |
>>>>>>> | 10 | 41 | 2016-04-22 |
>>>>>>>
>>>>>>> Now the costs:
>>>>>>>
>>>>>>> select sum(source_customer_cost), source_account_id,
>>>>>>> date(from_unixtime(start_time)) from cdr group by 2,3;
>>>>>>> +---------------------------+-------------------+---------------------------------+
>>>>>>> | sum(source_customer_cost) | source_account_id |
>>>>>>> | date(from_unixtime(start_time)) |
>>>>>>> +---------------------------+-------------------+---------------------------------+
>>>>>>> | 50.000000 | 5 | 2016-04-21 |
>>>>>>> | 150.000000 | 5 | 2016-04-22 |
>>>>>>> | 50.000000 | 41 | 2016-04-15 |
>>>>>>> | 50.000000 | 41 | 2016-04-22
>>>>>>>
>>>>>>> And customer_id 5 was triggered with the amount of 150 (cents). And the warning I received:
>>>>>>>
>>>>>>> ———————
>>>>>>> Customer # 5 is currently exceeding the configured credit balance threshold (1.50 >= 0.20) in the customer settings, but has not been locked due to configuration.
>>>>>>>
>>>>>>> Affected subscribers:
>>>>>>> …
>>>>>>> ———————
>>>>>>>
>>>>>>> Please keep in mind that you enter values in cents (150 = 150 cents) where in the email you see them divided by 100.
>>>>>>> You can however adjust your template and define it there as “1.50 EUR >= 0.20 EUR”.
>>>>>>>
>>>>>>> Also please bear in mind that in the billing profiles there is a checkbox “use reseller rates”, which means that if it is checked then the reseller defined fees will be used in the calculation (source_reseller_cost instead of source_customer_cost).
>>>>>>>
>>>>>>> As for the new template value [% interval %] it will be available with next package update nearest days and also addressed “inheritance” minor fix when the “limit” value is not set in the customer fraud preferences but the other values are.
>>>>>>>
>>>>>>> Kind regards,
>>>>>>> Kirill
>>>>>>>
>>>>>>>> On 01 May 2016, at 18:06, Matthias Hohl <matthias.hohl at telematica.at <mailto:matthias.hohl at telematica.at>> wrote:
>>>>>>>>
>>>>>>>> Hello Kirill,
>>>>>>>>
>>>>>>>> Any news about the Fraud Check update..?
>>>>>>>>
>>>>>>>> Thanks
>>>>>>>>
>>>>>>>> Von meinem iPhone gesendet
>>>>>>>>
>>>>>>>>> Am 26.04.2016 um 20:41 schrieb Matthias Hohl <matthias.hohl at telematica.at <mailto:matthias.hohl at telematica.at>>:
>>>>>>>>>
>>>>>>>>> Hi kirill,
>>>>>>>>>
>>>>>>>>> Oh okay. Good to know :)
>>>>>>>>>
>>>>>>>>> Then I will wait.
>>>>>>>>>
>>>>>>>>> Any update about the "lock" problem?
>>>>>>>>>
>>>>>>>>> Thanks for your time.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> -----Ursprüngliche Nachricht-----
>>>>>>>>> Von: Kirill Solomko [mailto:ksolomko at sipwise.com <mailto:ksolomko at sipwise.com>]
>>>>>>>>> Gesendet: Dienstag, 26. April 2016 19:34
>>>>>>>>> An: Matthias Hohl <matthias.hohl at telematica.at <mailto:matthias.hohl at telematica.at>>
>>>>>>>>> Cc: Spce-user at lists.sipwise.com <mailto:Spce-user at lists.sipwise.com>
>>>>>>>>> Betreff: Re: [Spce-user] NGCP-FRAUD Protection doesn't work in
>>>>>>>>> 4.3.1
>>>>>>>>>
>>>>>>>>> Hi Matthias,
>>>>>>>>>
>>>>>>>>> It is not available yet, it is going to be available as a package
>>>>>>>>> update nearest days.
>>>>>>>>>
>>>>>>>>> Kind regards,
>>>>>>>>> Kirill
>>>>>>>>>
>>>>>>>>>>> On 26 Apr 2016, at 09:34, Matthias Hohl
>>>>>>>>>>> <matthias.hohl at telematica.at <mailto:matthias.hohl at telematica.at>>
>>>>>>>>>> wrote:
>>>>>>>>>>
>>>>>>>>>> Hello,
>>>>>>>>>>
>>>>>>>>>> i inserted [% interval %] in the mail template but it doesn't work.
>>>>>>>>>> I can't see the "daily" or "monthly" information in the notification mail.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> TEMPLATE:
>>>>>>>>>> Customer # [% customer_id %] has been locked due to exceeding
>>>>>>>>>> the configured credit balance threshold ([% interval_cost %] >=
>>>>>>>>>> [% interval_limit %]) in the [% type %] [% interval %] settings.
>>>>>>>>>>
>>>>>>>>>> MAIL:
>>>>>>>>>> Customer # 6 has been locked due to exceeding the configured
>>>>>>>>>> credit balance threshold (178.59 >= 20.00) in the customer settings.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> -----Ursprüngliche Nachricht-----
>>>>>>>>>> Von: Kirill Solomko [mailto:ksolomko at sipwise.com <mailto:ksolomko at sipwise.com>]
>>>>>>>>>> Gesendet: Montag, 25. April 2016 23:40
>>>>>>>>>> An: Matthias Hohl <matthias.hohl at telematica.at <mailto:matthias.hohl at telematica.at>>
>>>>>>>>>> Cc: Spce-user at lists.sipwise.com <mailto:Spce-user at lists.sipwise.com>
>>>>>>>>>> Betreff: Re: [Spce-user] NGCP-FRAUD Protection doesn't work in
>>>>>>>>>> 4.3.1
>>>>>>>>>>
>>>>>>>>>> Hi Matthias,
>>>>>>>>>>
>>>>>>>>>> Inline replies as following:
>>>>>>>>>>
>>>>>>>>>>>> On 25 Apr 2016, at 19:05, Matthias Hohl
>>>>>>>>>>>> <matthias.hohl at telematica.at <mailto:matthias.hohl at telematica.at>>
>>>>>>>>>>> wrote:
>>>>>>>>>>>
>>>>>>>>>>> 3. Bug:
>>>>>>>>>>>
>>>>>>>>>>> I also see that in the notifcation mail doesn't split between "daily"
>>>>>>>>>>> or
>>>>>>>>>> "monthly" limit exceeded.
>>>>>>>>>>
>>>>>>>>>> The variable will be exposed to the email templates as [%
>>>>>>>>>> interval %]
>>>>>>>>>>
>>>>>>>>>> Kind regards,
>>>>>>>>>> Kirill
>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>>> Spce-user mailing list
>>>>>>>>> Spce-user at lists.sipwise.com <mailto:Spce-user at lists.sipwise.com>
>>>>>>>>> https://lists.sipwise.com/listinfo/spce-user <https://lists.sipwise.com/listinfo/spce-user>
>>>>>>
>>>>>
>>>>
>>>> _______________________________________________
>>>> Spce-user mailing list
>>>> Spce-user at lists.sipwise.com <mailto:Spce-user at lists.sipwise.com>
>>>> https://lists.sipwise.com/listinfo/spce-user <https://lists.sipwise.com/listinfo/spce-user>
>>> _______________________________________________
>>> Spce-user mailing list
>>> Spce-user at lists.sipwise.com <mailto:Spce-user at lists.sipwise.com>
>>> https://lists.sipwise.com/listinfo/spce-user <https://lists.sipwise.com/listinfo/spce-user>
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sipwise.com/pipermail/spce-user_lists.sipwise.com/attachments/20160604/365b818f/attachment-0001.html>
More information about the Spce-user
mailing list