FOP2 Installation for FreePBX 14

Hi everyone,
I want to install FOP2 for FreePBX 14.0.3.17. I read from FOP2 website that can be done with this bash script. Does it really works?
wget -O - http://download.fop2.com/install_fop2.sh | bash.

I want some feedback.

Regards.

I don’t remember if the installation with one command works, but it does work to follow the step by step instructions listed after that. I’m sure you have the link, but for others: https://www.fop2.com/docs/installation.php

You choose which file to download based on your operating system and whether it’s 32 or 64 bit. Hint: If you are using the FreePBX distro, the OS is CentOS.

Something that isn’t immediately obvious after the install, is that you need to change the manager password in usr/local/fop2/fop2.cfg to the one listed in /etc/asterisk/manager.conf

After you do all of that, you can test fop2 with this command:
/usr/local/fop2/fop2_server --test

That’s probably all you need to know, but there are a couple more advanced things that you might run into.

If you are using an https certificate, change the settings in /usr/local/fop/fop2.cfg to these settings:
ssl_certificate_file=/etc/httpd/pki/webserver.crt
ssl_certificate_key_file=/etc/httpd/pki/webserver.key

More notes on that here: https://mangolassi.it/topic/13383/updating-fop2-to-work-with-https-correctly

If you want to add it to fail2ban, follow these instructions:

change /etc/sysconfig/fop2 to: OPTIONS="-d -a /var/log/fop2_audit.log"

Restart fop2: service fop2 restart

Create a new file in filter.d: nano /etc/fail2ban/filter.d/fop2.conf

[INCLUDES]

# Read common prefixes. If any customizations available -- read them from
# common.local
before = common.conf

[Definition]

_daemon = fop2_server

# Option: failregex
# Notes.: regex to match the password failures messages in the logfile. The
# host must be matched by a group named "host". The tag "<HOST>" can
# be used for standard IP/hostname matching and is only an alias for
# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+)
# Values: TEXT
#


failregex = GENERAL\|FAILED LOGIN \(bad password\)\|<HOST>:\d+
			GENERAL\|FAILED LOGIN \(non existant user\)\|<HOST>:\d+

# Option: ignoreregex
# Notes.: regex to ignore. If this regex matches, the line is ignored.
# Values: TEXT
#
ignoreregex =

(More information on Fail2Ban here: https://www.fail2ban.org/wiki/index.php/MANUAL_0_8)’
It seems like the formatting for failregex matters. So you may want to copy it from to get the line spacing right, and just replace their failregex with what I have here)

Add to the bottom of /etc/fail2ban/jail.conf

[fop2]
enabled = true
filter = fop2
action = iptables-allports[name=FOP2, protocol=all]
sendmail[name=FOP2, [email protected], [email protected]]
logpath = /var/log/fop2_audit.log
bantime = 1800
findtime = 1200
maxretry = 4
backend = auto

Restart fail2ban:
service fail2ban restart

Check fail2ban status:
fail2ban-client status
This should list all jails, including fop2

Check Fail2ban fop2 status:
fail2ban-client status fop2

More notes on fail2ban and Fop2 here: http://forum.fop2.com/4036-fop2-logs/0 and here: Custom fail2ban jail on freepbx distro

1 Like

Thanks for your response.
I used the bash script command, it worked like a charm!

1 Like

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.