<html><head></head><body><div style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;font-size:16px;"><div></div>
<div>Awesome note. </div><div><br></div><div>How does one fire the RPC command. Whats the interface? Any docs on that?</div><div><br></div><div>KD</div><div><br></div>
<div id="yahoo_quoted_6375685907" class="yahoo_quoted">
<div style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;font-size:13px;color:#26282a;">
<div>
On Wednesday, May 9, 2018, 10:06:35 PM EDT, Alex Balashov <abalashov@evaristesys.com> wrote:
</div>
<div><br></div>
<div><br></div>
<div>There are a lot of options here.<br clear="none"><br clear="none">For source IPs and subnets, the `permissions` module probably works<br clear="none">best:<br clear="none"><br clear="none"><a shape="rect" href="https://kamailio.org/docs/modules/5.1.x/modules/permissions.html" target="_blank">https://kamailio.org/docs/modules/5.1.x/modules/permissions.html</a><br clear="none"><br clear="none">While it can function in a mode where it bangs on your database for<br clear="none">every request, it also supports a caching mode (db_mode 1):<br clear="none"><br clear="none"><a shape="rect" href="https://kamailio.org/docs/modules/5.1.x/modules/permissions.html#permissions.p.db_mode" target="_blank">https://kamailio.org/docs/modules/5.1.x/modules/permissions.html#permissions.p.db_mode</a><br clear="none"><br clear="none">In caching mode, it loads the ACL from the database once on startup and<br clear="none">keeps it in memory. If you have made alterations to the database table<br clear="none">and want to kick Kamailio to reload it, there are management/RPC commands for that[2]:<br clear="none"><br clear="none"><a shape="rect" href="https://kamailio.org/docs/modules/5.1.x/modules/permissions.html#permissions.r.trustedReload" target="_blank">https://kamailio.org/docs/modules/5.1.x/modules/permissions.html#permissions.r.trustedReload</a><br clear="none"><a shape="rect" href="https://kamailio.org/docs/modules/5.1.x/modules/permissions.html#permissions.r.addressReload" target="_blank">https://kamailio.org/docs/modules/5.1.x/modules/permissions.html#permissions.r.addressReload</a><br clear="none"><br clear="none">Note that in a lot of scenarios, use of the permissions module isn't<br clear="none">truly necessary because some other module provides a de facto ACL. For<br clear="none">example, if you are using the dispatcher[1] module to front-end a group<br clear="none">of servers for round-robin type load balancing, making routing decisions<br clear="none">based on whether the origin is within the dispatcher server pool seems<br clear="none">only natural[2]:<br clear="none"><br clear="none"> if(ds_is_from_list("1")) { <br clear="none"> # Allow from own application server farm.<br clear="none">}<br clear="none"><br clear="none">For filtering out nonlocal URI domains, the `domain` module presents a<br clear="none">natural fit. It works much as `permissions` does in terms of in-memory<br clear="none">caching and that:<br clear="none"><br clear="none"><a shape="rect" href="https://kamailio.org/docs/modules/5.1.x/modules/domain.html" target="_blank">https://kamailio.org/docs/modules/5.1.x/modules/domain.html</a><br clear="none"><br clear="none">And if you should find that these modules' data model doesn't<br clear="none">schematically meet your needs, you can always seed your own `htable`<br clear="none">values from a DB-backed hash table:<br clear="none"><br clear="none"><a shape="rect" href="https://kamailio.org/docs/modules/5.1.x/modules/htable.html#htable.p.db_url" target="_blank">https://kamailio.org/docs/modules/5.1.x/modules/htable.html#htable.p.db_url</a><br clear="none"><br clear="none">Or fetch these values from somewhere else (e.g. HTTP API) and inject<br clear="none">them into an htable upon startup:<br clear="none"><br clear="none"><a shape="rect" href="https://kamailio.org/docs/modules/5.1.x/modules/htable.html#idp49461924" target="_blank">https://kamailio.org/docs/modules/5.1.x/modules/htable.html#idp49461924</a><br clear="none"><br clear="none">Lots of options...<br clear="none"><br clear="none">-- Alex<br clear="none"><br clear="none">[1] <a shape="rect" href="https://kamailio.org/docs/modules/5.1.x/modules/dispatcher.html" target="_blank">https://kamailio.org/docs/modules/5.1.x/modules/dispatcher.html</a><br clear="none"><br clear="none">[2] <a shape="rect" href="https://kamailio.org/docs/modules/5.1.x/modules/dispatcher.html#dispatcher.f.ds_is_from_list" target="_blank">https://kamailio.org/docs/modules/5.1.x/modules/dispatcher.html#dispatcher.f.ds_is_from_list</a><br clear="none"><br clear="none">On Wed, May 09, 2018 at 09:04:16PM +0000, KamDev Essa wrote:<br clear="none"><br clear="none">> easy. Not one of my domains or source IPs. Unless hackers is ex user they would never know my list. <br clear="none">> KD<br clear="none">> On Wednesday, May 9, 2018, 4:53:21 PM EDT, Alex Balashov <<a shape="rect" ymailto="mailto:abalashov@evaristesys.com" href="mailto:abalashov@evaristesys.com">abalashov@evaristesys.com</a>> wrote: <br clear="none">> <br clear="none">> How would you define "foes" in a programmatic sense? :) That will dictate the answer. <br clear="none">> <br clear="none">> -- Alex<br clear="none">> <br clear="none">> --<br clear="none">> Sent via mobile, please forgive typos and brevity. <br clear="none">> <br clear="none">> _______________________________________________<br clear="none">> Kamailio (SER) - Users Mailing List<br clear="none">> <a shape="rect" ymailto="mailto:sr-users@lists.kamailio.org" href="mailto:sr-users@lists.kamailio.org">sr-users@lists.kamailio.org</a><br clear="none">> <a shape="rect" href="https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users" target="_blank">https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users</a><br clear="none">> <br clear="none"><br clear="none">> _______________________________________________<br clear="none">> Kamailio (SER) - Users Mailing List<br clear="none">> <a shape="rect" ymailto="mailto:sr-users@lists.kamailio.org" href="mailto:sr-users@lists.kamailio.org">sr-users@lists.kamailio.org</a><br clear="none">> <a shape="rect" href="https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users" target="_blank">https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users</a><br clear="none"><br clear="none"><br clear="none">-- <br clear="none">Alex Balashov | Principal | Evariste Systems LLC<br clear="none"><br clear="none">Tel: +1-706-510-6800 / +1-800-250-5920 (toll-free) <br clear="none">Web: <a shape="rect" href="http://www.evaristesys.com/, " target="_blank">http://www.evaristesys.com/, </a><a shape="rect" href="http://www.csrpswitch.com/" target="_blank">http://www.csrpswitch.com/</a><div class="yqt5631211602" id="yqtfd38127"><br clear="none"><br clear="none">_______________________________________________<br clear="none">Kamailio (SER) - Users Mailing List<br clear="none"><a shape="rect" ymailto="mailto:sr-users@lists.kamailio.org" href="mailto:sr-users@lists.kamailio.org">sr-users@lists.kamailio.org</a><br clear="none"><a shape="rect" href="https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users" target="_blank">https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users</a><br clear="none"></div></div>
</div>
</div></div></body></html>