Wednesday, May 23, 2018

Fortinet Traffic Shaper by Application

Here's how you traffic shape by APPLICATION type.
Lets say we want to limit social media, specifically facebook.

First, create a traffic shaper.  I called it "SOCIAL MEDIA".  I set it to a LOW priority and MAX bandwidth of 1000Kbps (1 meg)


Next I created a new traffic shaping policy:

SOURCE/DESTINATION = ALL (apply to all groups)
(set destination to a specific address range if you want to limit it to a certain group of users)
but ALL is a pretty good test!

SERVICE = ALL

Set APPLICATION CATEGORY to "Social Media".  Selecting a category just reduces what shows up in the application window to make it easier.

Application = Select all the Facebook ones.  When you click in the "Application" drop box, the box of available apps will show up on the right.  You can shift click to select a range or certain ones.

URL Category isn't probably necessary, but you can select "SOCIAL NETWORKING"

Outgoing Interface = Your internet connection.  Could be WAN1/2 or something, depends on how you configured and named your internet.

SHARED SHAPER & REVERSE SHAPER = both to "SOCIAL MEDIA" (which you created earlier)




Select "OK" at the bottom.

Now click on Policy and Object -> Traffic Shaping Policy

Place it in the list relative to others in the list to ensure its followed.



Now to get this to work, you need to assign "Application Control" setting to each policy that you want this to be used on, and you need to assign an application control policy.

Security Porfiles -> Application Control

Using the Default application sensor for this example
Set "SOCIAL MEDIA" to "MONITOR"


Save those changes, then go to the policy you want this to be applied to and set the Application Control



Move the shaper to an appropriate position in the list.  You would need to be weary of other policies that might over ride the one you put in because their position is higher.


Friday, May 4, 2018

Asterisk - Automatic call

I wanted the asterisk box to make some test calls to me to make sure things were working.
Here's what I did.

This system will place a call out my IAX trunk to a number, and upon answering will play "HELLO WORLD" voice and hangup.

How it works
A shell script is made that the chron job will run (our example, everyday at 3:45 PM)

In that shell script contains the destination number we want asterisk to call, and the sound we want it to play.

Everyday at 3:45 PM the script is run by LINUX which causes asterisk to call  the number and play the sound "Hello world".  then it hangs up.

1> goto /etc/asterisk

2> type in

vi testcall.sh

3> press " " (go into insert mode)
copy and paste the following into that file.  Change "Trunkname" to be the name of your outgoing trunk for external calls.  Change IAX2 to SIP if you use sip trunking.  Put your number in that you want dialed.

#!/bin/bash
echo Channel: IAX2/TRUNKNAME/15552229876 > /tmp/testcall.call
echo Application: Playback >> /tmp/testcall.call
echo Data: hello-world >> /tmp/testcall.call
mv /tmp/testcall.call /var/spool/asterisk/outgoing

4> Press ESC key

5> type:
:wq!
This will save/quit from the app

6> Now type in
chmod 755 testcall.sh

7> Now type in 
crontab -e

8> In your crontab put this in:  (this will run the command at 3:45pm)

45     15     *     *     *         . /etc/asterisk/testcall.sh

9> save / quit  (CTRL X,  Y, then ENTER)


10> You can test the call with this command
./testcall.sh

Within 10 seconds you should get a call.