Aastra XML scripts on non Distro

Was updating an older system, and i had been using the RPMs in the Distro repo. I went to grab the lastest, and it wouldn’t install. Says it’s not a PreePBX Distro. The problem is tha we run these pbx’s in a virtual Proxmox setup, and resource usage on the distro is quite high compared to our slimlined install. Was able to get around the pre-post script by running the rpm install with the noscripts option, but wondering if there’s a better way to make sure it’s upgraded nicely.

I guess I can always convert the iso install to a container if I have to.

Any chance of having this as a module?



I assume you are referring to this warning and notice

“This RPM and content has been built and released for use on the FreePBX Distro only.”
“Please visit freepbx.org on how to download and install the Official FreePBX Distro”

Or the license notice of
License: Officail FreePBX Distro use only

Not sure what you are asking for from me???

Why don’t you send him the spec file and a developer for a week to help him out.

So I was trying to break into your car and I could not get in with a slim jim, could you please send me a key to your car so I can break into it easier?

Is there a way the aastraxml stuff could be licensed?

Fortunately, this was only a demo/test box we use, so it’s a non-critical issue. Just glad this wasn’t a live box…

SkykingOH, Not trying to “steal” anything, just wondering if there’s a way of using it. My intent was if it’s available as a module, it would be paid for…

I’ve been down that route.

I was informed by FreePBX that after a few fingers (and pockets) got burned, they no longer support these scripts and neither do Aastra.

Without the scripts there is very little left, with the scripts as they exist the manager password is left at the Aastra default, along with some othr security holes.

It wasn’t long before all our friends in Chinese universities started looking for these phones (yes phonesm not the servers themselves) running these scripts on the public network, in which you stand with no underwear, all your extensions and passwords become public knowledge in a very short period, some of these “students” actually used them to make phone calls. ( I was an early victim myself!!)

I suggest you, as I did, harden them by using the Aastra xml toolkit encryption scripts that will generate the necessay .tuz files instead of the plain text vulnerable ones, consider using https instead of tftp as your boot service, (unfortunatly the t in tftp is not trivial in many circumstances, this doesn’t only apply to Aastra provisioning), you will need a “real” SSL certificate for facility, but most of all limit access to the xml server to ONLY be accessible from your phones if you care to continue to use them)

I won’t share my patched version in deference to this sites policy and my own concern that I still F’d them Up, Please don’t ask.

Good luck thogh, they really are nice scripts

The aastra phones are great, and the xml make them all the better/easier to configure. Just looking for a good way of continuing to use them, as we’re too apprehensive on the Yealinks, even though the configurability is there, and we don’t have the resources, nor do I care to develop it. if it’s up to a bounty, count me in, but I rather see the development with the Aastras continue. If the Visual Voicemail is the issue remove it. It’s too unusable on the 31i and people just get confused and lost.

It sure looks like they still are supporting, as the version available a few weeks ago didn’t have any “license” associated with it.

As to security, this is why we have taken the time to build an extremely secure base to roll out with. We’re using many layers of security, disabling everything that isn’t necessary.

They are nice, and it’s too bad about all the liability stuff. Aastra’s license was vague, they were example scripts. Anyone who touches them is now part of any intellectual property issues.

It’s a mess and Aastra was short sited for not realizing how many phones sold because of the scripts.

If you are an Aastra reseller I implore you to lean on your rep as hard as you can to get them to keep the scripts up.

Right now your only viable option is to hack them up as dicko did.

The license has always been there. There just was not check in the past to make sure it was a distro. It all comes down to the litigation society we now live in.

Wouldn’t that be litigious society? Litigation is a verb.


I had never seen it, nor known to have looked for it. I was used to just downloading firmware directly from Aastra, and found the package with them all and then found the xml portion. I think someone had referenced it in the PBIAF forum or somewhere.

Any way to work on this? Not looking to reinvent the wheel, just would like a good way of supporting these wonderful phones. They’ve become a key part of our offering.

Carlos Perez

Everyone who knows me knows I flunked spelling and grammar in high school and college

Download the developer kit that Aastra has with the examples and go from there.

I always just figured you were a country boy.

Carlos - You have to determine how you want to package your offering and run your business. We can’t advise you on that. The bottom line is support for new models and new versions of FreePBX are not going to be supported so unless someone picks up the ball nothing is going to change.

The scripts are well written, and work well, they work even better especially for a box that handles multiple clients if one reads all the stuff in the distributed scripts, .prf’s and associated files, as Tony pointed alluded to demo-user etc should be a clue :wink:

That they are vulnerable in the most trivial way if can get at a phone physically or network wise , was a huge oversight, both mine and Aastras, in my case a client took his phone home and plugged it in to his dsl, that’s all, to him it worked as well as ever.

Within minutes of the initial penetration, I saw literally dozens of oriental ip’s attack the server. They all failed as I expected, the clever attack was by an underground route through a road runner IP whose route I left open too widely.

I read the scripts more closely as I should have already, I did the .tuz thing plus the rest I said and invited everyone to take their phones home, that was six months ago, no sign of compromise yet . . . (I am again a little more careful after that few hundred dollar loss)

Actually you are, you ignored the copyright notice then had the nerve to come here and ask for more help.