7 Nov
2019
7 Nov
'19
5:08 a.m.
Thanks!
Looks ok. (Despite the fact it's looking like write-only statement : )
Idea was, that I want to avoid creating additional tables or schema of ACL. Means if I can
use already built-in mechanism/tables/schema - than why to implement own. Code reuse, all
this.
On Nov 7 2019, at 10:56 am, Daniel Tryba <d.tryba(a)pocos.nl> wrote:
On Wed, Nov 06, 2019 at 07:15:42PM +0100, Igor
Olhovskiy wrote:
Hm... Maybe there is other module to achieve such functions?
Best if it would be with cache :)
But if no - regex also fine.
But if it works it works! I don't think there is a specific module to do
this but it is easy to implement yourself. What I don't like personally
about your solution is the use of the permission tables, you need
atleast 1 per user (unless users have the same ip).
Personally I do this by direct database queries in usr_preferences on
INVITEs and REGISTERs. You could use any database (depending on how you
store the ACL) and cache it in a htable.
My solution is mysql specific (inet_aton) and forces users to have
atleast 1 CIDR notated subnet:
if(!avp_db_query("select value from usr_preferences where username='$au' and
attribute='acl' and
inet_aton(substring_index(value,'/',1))&(1 << 32) - 1 & ~((1
<< (32 -
substring_index(value,'/',-1))) - 1)=inet_aton('$si')&(1 << 32)
-
1 & ~((1 << (32 - substring_index(value,'/',-1))) - 1)"))
{
t_reply("404","Go away");
exit;
}
_______________________________________________
Kamailio (SER) - Users Mailing List
sr-users(a)lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users