[arm-allstar] Update issue...

James R. Pilgram jim.pilgram at gmail.com
Thu Nov 15 14:10:42 EST 2018 

Aloha Doug,
 With all due respect, I did read the blurb but as far as understanding the full ramifications of the update, that is a whole different issue. The only thing that was noted was the *4 command. Nothing was noted that dtmf commands behind your own firewall won't work. If I understand it correctly, *4 is across the network.

I spent a number of hours beating my head on the desk last night trying to figure out what was happening.  I use the IaxRpt client a lot to do connects and disconnects, node reboots etc on my own system. 

I understand your frustration of all the repeat questions on the same issues over and over. A lot of us don't think as deep as you do on this stuff.

In the below explanation the *4 command was the focus. Supermon was touted but nowhere did it say dtmf commands wouldn't work from the IaxRpt client from this point on.

The thing that kept throwing me was that dtmf tones did work from my HT to my repeater but not from my desktop and the repeater is also behind my firewall.  

What are we missing here?

Aloha and Mahalo to you and David for your patience 

Jim NH6HI 







  Original Message  



From: arm-allstar at hamvoip.org
 Sent: November 15, 2018 07:35
 To: arm-allstar at hamvoip.org
 Reply-to: arm-allstar at hamvoip.org
 Cc: wa3dsp at gmail.com
 Subject: Re: [arm-allstar] Update issue...


I really wish users would actually read and understand the update
 announcements we send out. This was clearly described in the update
 announcement of November 12. I will repeat again here. There is a way
 around this security fix but you use it at your own risk and understanding
 of the possible consequences.

Prior message -

Allstar has a often little known and used command *4 mapped to ilink,4
 which can be used to send DTMF commands to OTHER nodes just like you would
 to your own. The node you would control needs to be connected for the
 control to work.

While this is in some cases a useful command it also has enormous security
 risks if used in a nefarious way. To eliminate this problem we have turned
 off this feature by default in the hamvoip code with this update. Users who
 need to use it can turn it on with this added command in the node stanza of
 each node requiring it in rpt.conf. Leaving the command out or setting it
 to 0 has the same effect of restricting its use. Few users will have a need
 to turn this on -

remote_dtmf_allowed=1

This command is only needed at the node you want to control and on any
 nodes in between if it is not a direct connect. It is not required on the
 source node unless you also want it to be controlled from somewhere else.
 Keep in mind that it is a general security issue to turn this on and you
 should only to do so if it is needed. This is the classic "back door" which
 probably made sense when Allstar was a small group with trust between
 users. We will be introducing a pin number security feature for this in a
 future update which will make it more secure to leave it on.

And I might also add that Supermon is an excellent alternative to control
 remote nodes. It has the capability to send DTMF directly, is independent
 of in-between nodes, You do not have to be connected to send the commands,
 is secure, and useable on any device that has a web browser.


*73 Doug*

*WA3DSP*

*http://www.crompton.com/hamradio <http://www.crompton.com/hamradio>*

On Thu, Nov 15, 2018 at 11:34 AM "David McGough via ARM-allstar" <
 arm-allstar at hamvoip.org> wrote:

>
 > Hi Vendel,
 >
 > This is a security feature added in the latest release. Remote DTMF
 > commands are disabled by default.  To re-enable, in the rpt.conf
 > node stanza which you want to remote control, add the statement:
 >
 > remote_dtmf_allowed=1
 >
 >
 > 73, David KB4FXC
 >
 >
 > On Thu, 15 Nov 2018, "Vendel via ARM-allstar" wrote:
 >
 > > Hello all, I just updated my Controller/ Node software and I noticed
 > the DTMF commands issued by IAXRPT on my PC no longer work. The Android
 > version of IAXRPT works fine as does my HT. Here is what CLI shows when I
 > issue the commands,
 >
 > [Nov 15 11:15:45] WARNING[408]: app_rpt.c:11779 handle_link_data: DTMF
 > commands disabled! link string: D 42883 0 1 *
 > [Nov 15 11:15:45] WARNING[408]: app_rpt.c:11779 handle_link_data: DTMF
 > commands disabled! link string: D 42883 0 1 7
 > [Nov 15 11:15:46] WARNING[408]: app_rpt.c:11779 handle_link_data: DTMF
 > commands disabled! link string: D 42883 0 1 0
 > K2DSI*CLI>
 >
 > Any idea what’s happening? Thanks as always, Vendel/ K2DSI.
 >
 >
 > ---
 > This email has been checked for viruses by Avast antivirus software.
 > https://www.avast.com/antivirus
 > _______________________________________________
 >
 > ARM-allstar mailing list
 > ARM-allstar at hamvoip.org
 > http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
 >
 > Visit the BBB and RPi2/3 web page - http://hamvoip.org
 >
 > _______________________________________________
 >
 > ARM-allstar mailing list
 > ARM-allstar at hamvoip.org
 > http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
 >
 > Visit the BBB and RPi2/3 web page - http://hamvoip.org
 >
 _______________________________________________

ARM-allstar mailing list
 ARM-allstar at hamvoip.org
 http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar

Visit the BBB and RPi2/3 web page - http://hamvoip.org

More information about the ARM-allstar mailing list