hepstunnel
In this example we will setup a local stunnel instance for plain HEP agents to use and forward packets over an encrypted tunnel to a remote HOMER instance. Stunnel should be installed on both ends – it is avaialble from http://stunnel.org.
NOTE: CaptAgent 4/6 fully supports SSL encryption and does not require a tunnel.
cd /etc/stunnel openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout stunnel.pem -out stunnel.pem
cert = /etc/stunnel/stunnel.pem setuid = stunnel4 setgid = stunnel4 pid = /tmp/stunnel.pid debug = 7 output = stunnel.log [hep_server] client = no accept = 9061 ; address of your Kamailio/OpenSIPS HEP Socket connect = 127.0.0.1:9060
- start
stunnel
Obtain a valid certificate using the Letsencrypt.org procedure for your domain (ie: example.com)
On completion your certificates should be saved in path:
/etc/letsencrypt/live/example.com/
cert=/etc/letsencrypt/live/example.com/fullchain.pem key=/etc/letsencrypt/live/example.com/privkey.pem setuid = stunnel4 setgid = stunnel4 pid = /tmp/stunnel.pid debug = 7 output = stunnel.log [hep_server] client = no accept = 9061 ; address of your Kamailio/OpenSIPS HEP Socket connect = 127.0.0.1:9060
- start
stunnel
cd /etc/stunnel openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout stunnel.pem -out stunnel.pem```
cert =/etc/stunnel/stunnel.pem pid = /tmp/stunnel.pid setuid = stunnel4 setgid = stunnel4 debug=7 output=stunnel.log client = yes [my_client] client = yes ; port where local plain HEP Capture Agents will connect accept = 9060 ; address of remote HOMER Instance connect = hep.server:9061
- start
stunnel
Configure your Capture Agents to send HEP packets to your local HEP proxy instance and verify they are delivered remotely to your HOMER instance.
Voila'!
HEP/EEP Agent Examples:
- CaptAgent
- HEPlify
- Kamailio
- OpenSIPS
- FreeSwitch
- Asterisk
- sipgrep
- sngrep
- RTPEngine
- RTPProxy
- Oracle ACME SBC
- Sonus SBC
- Avaya SM
- Sansay SBC
HEP/EEP Agent Examples (LOGS):
HEP/EEP Proxy:
Extra Examples:
- Custom JSON Stats
- RTCP-XR Stats
- GEO IP Maps
- Janus/Meetecho-WebRTC
- Cloudshark Export
- Encrypted HEP Tunneling
- SNMP Monitoring
- FreeSWITCH ESL Monitoring
- Kazoo Monitoring
- Speech-to-Text-to-HEP
Extra Resources: