<div dir="ltr">OK, it works. <br>I create a table 'auth_count' and I save $ ua, $ auth_count, and $ Ts, then I implement de code. <br>Finaly I use sqlop.<br>Thank you so much for the support.<div><br></div><div> if (is_method("REGISTER"))<br> {<br> if(is_present_hf("Authorization")){<br> $var(max_attempts)= 3;<br> if (sql_query("ca","select auth_count from auth_count where Blocked_user='$au'","auth_count")== $var(max_attempts) && $sht(a=>$au::auth_count)!= $null) {<br> xlog("Other attempts auth ************************failed more than 3 times - src ip: $si\n");<br> $var(address) = $si;<br> $var(ruri) = "[" + $var(address)+ "]" + ":" + $sp + ";" + "transport" + "=" + $proto;<br> #Send a SIP Request signalling the problem and its reason on the body<br> $uac_req(method)="MESSAGE";<br> $uac_req(ruri) = "sip:"+ $au + "@" + $var(ruri);<br> $uac_req(furi) = "<a href="mailto:sip%3Akamailio@ericsson.net">sip:kamailio@ericsson.net</a>";<br> $uac_req(turi) = $fu;<br> $uac_req(hdrs)="Max-Forwards: 70\r\nEvent: reg\r\nContent-Type: text/plain\r\nAccept-Contact:*;+g.ext.app.registration\r\n";<br> $uac_req(body)="Accout Blocked. Plese contact with your adminstrator";<br> uac_req_send();<br> exit;<br> }else<br> if($sht(a=>$au::auth_count)== $var(max_attempts)){<br> xlog("L_INFO","Insert the blocked user on database");<br> sql_query_async("ca", "insert into auth_count (Blocked_user, auth_count, Blocked_date) values ('$ua', '$sht(a=>$au::auth_count)', '$Ts')");<br> xlog("Other attempts auth failed more than 3 times - src ip: $si\n");<br> $var(address) = $si;<br> $var(ruri) = "[" + $var(address)+ "]" + ":" + $sp + ";" + "transport" + "=" + $proto;<br> #Send a SIP Request signalling the problem and its reason on the body<br> $uac_req(method)="MESSAGE";<br> $uac_req(ruri) = "sip:"+ $au + "@" + $var(ruri);<br> $uac_req(furi) = "<a href="mailto:sip%3Akamailio@ericsson.net">sip:kamailio@ericsson.net</a>";<br> $uac_req(turi) = $fu;<br> $uac_req(hdrs)="Max-Forwards: 70\r\nEvent: reg\r\nContent-Type: text/plain\r\nAccept-Contact:*;+g.ext.app.registration\r\n";<br> $uac_req(body)="Accout Blocked. Plese contact with your adminstrator";<br> uac_req_send();<br> exit;<br><br> }else<br> if ($sht(a=>$au::auth_count)== $null){<br> xlog("L_INFO","Ponemos un cero ###################################################");<br> $sht(a=>$au::auth_count) = 0;<br> }<br> if(!www_authenticate("<a href="http://ericsson.net">ericsson.net</a>", "subscriber"))<br></div><div> {<br> if ($? == -1){<br> sl_send_reply("500", "Internal Server Error");<br> exit;<br> }<br> if ($? == -2){<br> $sht(a=>$au::auth_count) = $sht(a=>$au::auth_count) + 1;<br> sl_send_reply("403", "Forbidden");<br> exit;<br> }<br> xlog("L_INFO","REPETIMOS ACCESO ###################################################");<br> www_challenge("$td"/*realm*/,"0"/*qop*/);<br> exit;<br> }<br> xlog("L_INFO","AQUI ###################################################");<br> $sht(a=>$au::auth_count) = 0;<br> } else {<br> www_challenge("$td","0");<br> exit;<br> }<br></div><div><br></div><div><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">El mié., 27 may. 2020 a las 8:15, Daniel-Constantin Mierla (<<a href="mailto:miconda@gmail.com">miconda@gmail.com</a>>) escribió:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div>
<p>Hello,<br>
</p>
<div>On 26.05.20 22:12, Ahmed Marsou wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">
<div dir="ltr">Sorry, what I want is to block a user after 'n'
incorrect login attempts and leave it blocked until a user
unblocks them from the website. I try something with the
htable module but I don't know if I can save the value in the
database. Is going to check if the number of login attempts is
> 'n', and if is > 'n', I gonna leave it blocked and
send a MESSAGE to an app.<br>
I starting with something like this:<br>
</div>
<div><br>
</div>
<div><span style="color:rgb(23,43,77);font-family:monospace;font-size:12px;white-space:pre-wrap;background-color:rgb(244,245,247)">modparam("htable", "htable", "a=>size=8;autoexpire=920;")
.
.
.
if(is_present_hf("Authorization")){
reg_fetch_contacts("location", "$fu", "existingContact");
if($sht(a=>$au::auth_count)==3){
xlog("Other attempts auth failed more than 3 times - src ip: $si\n");
$var(address) = $si;
$var(ruri) = "[" + $var(address)+ "]" + ":" + $sp + ";" + "transport" + "=" + $proto;
#Send a SIP Request signalling the problem and its reason on the body
$uac_req(method)="MESSAGE";
$uac_req(ruri) = "sip:"+ $au + "@" + $var(ruri);
$uac_req(furi) = "<a href="mailto:sip%3Akamailio@ericsson.net" target="_blank">sip:kamailio@ericsson.net</a>";
$uac_req(turi) = $fu;
$uac_req(hdrs)="Max-Forwards: 70\r\nEvent: reg\r\nContent-Type: text/plain\r\nAccept-Contact:*;+g.ext.app.registration\r\n";
$uac_req(body)="Accout Blocked. Plese contact with your adminstrator";
uac_req_send();
exit;
}else{
$sht(a=>$au::auth_count) = 0;
}
if(!www_authenticate("<a href="http://ericsson.net" target="_blank">ericsson.net</a>", "subscriber")){
switch ($retcode) {
case -1:
sl_send_reply("403", "Forbidden");
exit;
case -2:
if($sht(a=>$au::auth_count) == $null)
$sht(a=>$au::auth_count) = 0;
$sht(a=>$au::auth_count) = $sht(a=>$au::auth_count) + 1;
break;
}
www_challenge("$td"/*realm*/,"0"/*qop*/);
exit;
}
$sht(a=>$au::auth_count) = 0;
} else {
www_challenge("$td","0");
exit;
}
}</span> </div>
<div><br>
</div>
<div>But first problem:</div>
<div>Is not counting. I dont know if I have to configure any
param more to start counting attempts?<br>
</div>
</div>
</blockquote>
<p>Why do you say it is not counting? Have you checked the content
of the htable via rpc command to see if anything is stored there?</p>
<p><br>
</p>
<blockquote type="cite">
<div dir="ltr">
<div><br>
</div>
<div>Second problem:</div>
I dont know the best option to save the login attempts on
databes. Theres is any module that can help?</div>
</blockquote>
<p><br>
</p>
<p>Check the sqlops module, it allows to do any sql query.</p>
<p><br>
</p>
<p>Cheers,<br>
Daniel</p>
<p><br>
</p>
<blockquote type="cite">
<div dir="ltr">
<div>Thank you so much.</div>
<div><br>
</div>
<div><br>
</div>
<div><br>
</div>
<div><br>
</div>
<div><br>
</div>
<div><br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">El mar., 26 may. 2020 a
las 21:56, Daniel-Constantin Mierla (<<a href="mailto:miconda@gmail.com" target="_blank">miconda@gmail.com</a>>)
escribió:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div>
<p>Hello,</p>
<p>if you look for inserting into/querying from a
database table from config script, look at sqlops
module.</p>
<p>If you need something else, provide more details
about what you want to achieve.</p>
<p>Cheers,<br>
Daniel<br>
</p>
<div>On 26.05.20 20:38, Ahmed Marsou wrote:<br>
</div>
<blockquote type="cite">
<div dir="auto">
<div style="font-family:sans-serif;font-size:12.8px" dir="auto">
<div style="width:361.091px;margin:16px 0px">
<div>
<div dir="auto">Hi;
<div dir="auto">I have to control the login
attempts, but blocking the user until I
unlock him from web site. To do that I
have to save the paramter on database.
There is any table and column where I can
save that parameter? </div>
<div dir="auto">I'm using the htable module
to count the Authentification attempts.
There's is any module that do that
easily? </div>
<div dir="auto">Thank you.</div>
</div>
</div>
</div>
</div>
<br>
</div>
<br>
<fieldset></fieldset>
<pre>_______________________________________________
Kamailio (SER) - Users Mailing List
<a href="mailto:sr-users@lists.kamailio.org" target="_blank">sr-users@lists.kamailio.org</a>
<a href="https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users" target="_blank">https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users</a>
</pre>
</blockquote>
<pre cols="72">--
Daniel-Constantin Mierla -- <a href="http://www.asipto.com" target="_blank">www.asipto.com</a>
<a href="http://www.twitter.com/miconda" target="_blank">www.twitter.com/miconda</a> -- <a href="http://www.linkedin.com/in/miconda" target="_blank">www.linkedin.com/in/miconda</a>
Funding: <a href="https://www.paypal.me/dcmierla" target="_blank">https://www.paypal.me/dcmierla</a></pre>
</div>
</blockquote>
</div>
</div>
</div>
</blockquote>
<pre cols="72">--
Daniel-Constantin Mierla -- <a href="http://www.asipto.com" target="_blank">www.asipto.com</a>
<a href="http://www.twitter.com/miconda" target="_blank">www.twitter.com/miconda</a> -- <a href="http://www.linkedin.com/in/miconda" target="_blank">www.linkedin.com/in/miconda</a>
Funding: <a href="https://www.paypal.me/dcmierla" target="_blank">https://www.paypal.me/dcmierla</a></pre>
</div>
</blockquote></div>