As built/howto for the Python MSN transport. This is installed on the same VM as the ejabberd xmpp server.
Use the RPM's in Michael Flemings
repository. The EPEL repository is already installed for ejabberd
support. RPMForge is required for modern python-twisted support (EPEL
provides python-twisted v2.5 as of April 2009).
# rpm -Uvh http://www.thatfleminggent.com/packages/centos/5/x86_64/thatfleminggent-release-5-2centos.mf.noarch.rpm
# rpm -Uvh http://download.fedora.redhat.com/pub/epel/5/x86_64/epel-release-5-3.noarch.rpm
# rpm -Uhv http://apt.sw.be/redhat/el5/en/x86_64/rpmforge/RPMS/rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm
# yum --enablerepo=thatfleminggent install pymsn-t python-twisted-web python-twisted-words python-crypto
Add DNS name
Add an IPv4 DNS name for msn.lucidsolutions.co.nz to the DJB DNS configuration.
+msn.lucidsolutions.co.nz:123.255.40.190:86400
Add firewall rules
The pymsn-t process needs to be able to connect to both the ejabberd process, and MSN services. The local process connections are via the loopback interface and should be implicitly allowed. Add a rule to allow connections out on TCP port 1863:
# msn
-A tcpOut -p tcp -m tcp --dport 1863 -m state --state NEW -j ACCEPT
# https
-A tcpOut -p tcp -m tcp --dport 443 -m state --state NEW -j ACCEPT
Configure ejabberd
Add a section to /etc/ejabberd/ejabberd.cfg to support listening for
the pymsn-t service to connect to the ejabberd server. The service
listens on the loopback interface only (127.0.0.1).
%% pymsn-t
{5347, ejabberd_service, [
{ip, {127, 0, 0, 1}},
{host, "msn.lucidsolutions.co.nz", [{password, "ws0GVM96Gu0R7EOi8M9R"}]}
]},
Configure pymsn-t
Copy the sample configuration file (Note: the sample below is reformatted. The default sample is great machine readable XML, but not that great for human consumption)
# cp /usr/share/doc/pymsn-t-0.11.3/config-example.xml /etc/pymsn-t/config.xml
The following changes are made to the configuration:
- change the 'jid'
- change the 'host' and 'secret' (secret is the same fake one in the ejabberd config as above)
- fill in the website
- list the lucid solutions admin account as an admin account
- setup the debug logging, but set the level to zero
10c10
< <jid>msn</jid>
---
> <jid>msn.lucidsolutions.co.nz</jid>
17c17
< <host>127.0.0.1</host>
---
> <host>msn.lucidsolutions.co.nz</host>
68c68
< <secret>secret</secret>
---
> <secret>ws0GVM96Gu0R7EOi8M9R</secret>
84c84
< <website>http://host.com</website>
---
> <website>http://www.lucidsolutions.co.nz</website>
162d161
< <!--
164c163
< <jid>admin@host.com</jid>
---
> <jid>admin@lucidsolutions.co.nz</jid>
166d164
< -->
179c177
< <!-- <debugLevel>0</debugLevel> -->
---
> <debugLevel>2</debugLevel>
184c182
< <!-- <debugFile>debug.log</debugFile> -->
---
> <debugFile>/var/log/pymsn-t/debug.log</debugFile>
Enable the service and start it:
# chkconfig pymsn-t on
# service pymsn-t start
Use your favourite jabber client to configure the MSN transport.
Residual
- Test/implement file transfers. No support for file transfers on TCP 8010 has been enabled through firewalls or NAT
Links
Appendices
yum install pymsn-t
Dependencies Resolved
===========================================================================================================
Package Arch Version Repository Size
===========================================================================================================
Installing:
pymsn-t noarch 0.11.3-6.el5.mf thatfleminggent 471 k
python-twisted-web x86_64 8.1.0-1.el5.rf rpmforge 622 k
python-twisted-words x86_64 0.5.0-3.el5 epel 553 k
python-crypto x86_64 2.0.1-4.el5.1 epel 195 k
Installing for dependencies:
gmp x86_64 4.1.4-10.el5 base 201 k
PyXML x86_64 0.8.4-4 base 1.1 M
python-fpconst noarch 0.7.3-3.el5.1 epel 15 k
python-soap noarch 0.11.6-1.el5.rf rpmforge 291 k
freetype x86_64 2.2.1-20.el5_2 base 311 k
libjpeg x86_64 6b-37 base 139 k
pyOpenSSL x86_64 0.6-1.p24.7.2.2 base 120 k
python-imaging x86_64 1.1.6-2.el5.rf rpmforge 778 k
python-twisted-core x86_64 8.1.0-1.el5.rf rpmforge 2.5 M
python-zope-interface x86_64 3.0.1-10.el5 epel 231 k
Default configuration
<pymsnt>
<!--
This file contains options to be configured by the server administrator.
Please read through all the options in this file
-->
<!--
The JabberID of the transport
-->
<jid>msn</jid>
<!--
The public IP or DNS name of the machine the transport is running on
This is needed for file transfer!! This is also used as the IP address
for outgoing connections
-->
<host>127.0.0.1</host>
<!--
The component JID of the transport. Unless you're doing clustering,
leave this alone
-->
<!-- <compjid>msn1</compjid> -->
<!--
The name of the transport in the service discovery list.
-->
<discoName>MSN Transport</discoName>
<!--
The location of the spool directory.. if relative, relative to the
PyMSNt dir. Do not include the jid of the transport
-->
<spooldir>/var/spool/pymsn-t</spooldir>
<!--
The location of the PID file, relative to the PyMSNt directory
-->
<pid>/var/run/pymsn-t.pid</pid>
<!--
If set, the transport will background itself when run
-->
<background />
<!--
The Twisted reactor to choose. Pick poll or epoll on Linux, kqueue on
BSD. Or leave as default (best found)
-->
<!-- <reactor>poll</reactor> -->
<!--
The IP address of the main Jabber server to connect to
-->
<mainServer>127.0.0.1</mainServer>
<!--
The TCP port to connect to the Jabber server on (this is the default
for Jabberd2)
-->
<port>5347</port>
<!--
The authentication token to use when connecting to the Jabber server
-->
<secret>secret</secret>
<!--
Use Jabber.com's XCP component protocol extensions.
-->
<!-- <useXCP/> -->
<!--
The default language to use
-->
<lang>en</lang>
<!--
The website of the Jabber service
-->
<website>http://host.com</website>
<!--
Comment out the following options to disable them, or uncomment them
to enable them Send email notification messages to users
-->
<mailNotifications />
<!--
Send greeting on login
-->
<!-- <sessionGreeting>You have just started a session with PyMSNt</sessionGreeting> -->
<!--
Send message on successful registration
-->
<!-- <registerMessage>You have successfully registered with PyMSNt</registerMessage> -->
<!--
Allow users to register with this transport
-->
<allowRegister />
<!--
Get all avatars. If this is set to true then avatars are grabbed for
all your contacts immediately. If false then avatars are only grabbed
when you're in a chat with a contact
-->
<getAllAvatars />
<!--
The amount of time a user has to join a groupchat they are invited to
before the transport makes them leave the room. (MSN protocol requires
autojoining of groupchats)
-->
<!-- <groupchatTimeout>120</groupchatTimeout> -->
<!-- File transfer settings -->
<!--
The maximum size of a file transfer (in bytes). For unlimited, comment
out, or set to 0
-->
<ftSizeLimit>524288</ftSizeLimit>
<!--
The maximum rate for file transfer (in bytes). For unlimited, comment
out, or set to 0
-->
<ftRateLimit>2048</ftRateLimit>
<!-- Please give the port to listen for Jabber socks5 transfers on. -->
<ftJabberPort>8010</ftJabberPort>
<!--
Please give the port to listen for HTTP GETs here (Used in old-style
OOB file transfers. Best to leave this disabled unless you know you
need it.)
-->
<!--<ftOOBPort>8011</ftOOBPort>-->
<!--
Please give the root URL the transport should send to clients. (You
can use an Apache reverse proxy to put this on your ordinary website)
Eg, the transport will listen on port 8011 for HTTP GETs to
/RANDOM_FILE.ext. You can set apache to forward any requests to
http://yourhost.com:80/msn/files/RANDOM_FILE.ext to
http://yourhost.com:8011/RANDOM_FILE.ext. This saves you from opening
extra ports.
-->
<!--<ftOOBRoot>http://host.com/msn/files/</ftOOBRoot>-->
<!--
You can choose which users you wish to have as administrators. These
users can perform some tasks with Ad-Hoc commands that others cannot
-->
<!--
<admins>
<jid>admin@host.com</jid>
</admins>
-->
<!--
Log settings.
The logging level
0 -> No logging
1 -> Log tracebacks
2 -> Log tracebacks, warnings and errors
3 -> Log all sorts of informational (mostly useless stuff)
4 -> Log the MSN protocol code sent
-->
<!-- <debugLevel>0</debugLevel> -->
<!--
The file to log to. Leave this disabled for stdout
-->
<!-- <debugFile>debug.log</debugFile> -->
</pymsnt>
