Re: [Users] AVPOPS module problem

Hello, you must not enclose the strings in quotes, just write the value between the colons. Also, you have to put "sip:" in front of sip uris from column 'value'. E.g.: uuid(str) username(str) domain(str,null) attribute(str) value(str) type(int) :peter:200.129.163.139:not_allow:sip\:paul@200.129.163.212:0 Daniel On 06/26/05 00:11, Alexandre Passito wrote: >Hi, > >I'm trying to implement a "black list" with avpops module, but I got >some errors: > >This is my cfg file: > ># ># $Id: ser.cfg,v 1.21.4.1 2003/11/10 15:35:15 andrei Exp $ ># ># simple quick-start config script ># > ># ----------- global configuration parameters ------------------------ > >#debug=3 # debug level (cmd line: -dddddddddd) >#fork=yes >#log_stderror=no # (cmd line: -E) > ># Uncomment these lines to enter debugging mode >#debug=7 >#fork=no >#log_stderror=yes > > >check_via=no # (cmd. line: -v) >dns=no # (cmd. line: -r) >rev_dns=no # (cmd. line: -R) >#port=5060 >#children=4 >fifo="/tmp/openser_fifo" > >fifo_db_url="dbtext:///home/alexandre/Devel/openser-0.9.4/bin/dbtext" > ># ------------------ module loading ---------------------------------- > ># Uncomment this if you want to use SQL database >#loadmodule "/home/alexandre/Devel/ser-0.8.14/bin//lib/ser/modules/mysql.so" > >loadmodule "/home/alexandre/Devel/openser-0.9.4/bin//lib/openser/modules/dbtext.so" >loadmodule "/home/alexandre/Devel/openser-0.9.4/bin//lib/openser/modules/sl.so" >loadmodule "/home/alexandre/Devel/openser-0.9.4/bin//lib/openser/modules/tm.so" >loadmodule "/home/alexandre/Devel/openser-0.9.4/bin//lib/openser/modules/rr.so" >loadmodule "/home/alexandre/Devel/openser-0.9.4/bin//lib/openser/modules/maxfwd.so" >loadmodule "/home/alexandre/Devel/openser-0.9.4/bin//lib/openser/modules/usrloc.so" >loadmodule "/home/alexandre/Devel/openser-0.9.4/bin//lib/openser/modules/registrar.so" >loadmodule "/home/alexandre/Devel/openser-0.9.4/bin//lib/openser/modules/avpops.so" > ># Uncomment this if you want digest authentication ># mysql.so must be loaded ! > >loadmodule "/home/alexandre/Devel/openser-0.9.4/bin//lib/openser/modules/auth.so" >loadmodule "/home/alexandre/Devel/openser-0.9.4/bin//lib/openser/modules/auth_db.so" > ># ----------------- setting module-specific parameters --------------- > ># -- usrloc params -- > >modparam("usrloc", "db_url", >"dbtext:///home/alexandre/Devel/openser-0.9.4/bin/dbtext") >modparam("usrloc", "db_mode", 2) > >modparam("auth_db", "db_url", >"dbtext:///home/alexandre/Devel/openser-0.9.4/bin/dbtext") >modparam("auth_db", "calculate_ha1", yes) >modparam("auth_db", "password_column", "password") > >modparam("avpops", "avp_url", >"dbtext:///home/alexandre/Devel/openser-0.9.4/bin/dbtext") >modparam("avpops", "avp_table", "preferences") > > ># Uncomment this if you want to use SQL database ># for persistent storage and comment the previous line >#modparam("usrloc", "db_mode", 2) > ># -- auth params -- ># Uncomment if you are using auth module ># >#modparam("auth_db", "calculate_ha1", yes) ># ># If you set "calculate_ha1" parameter to yes (which true in this config), ># uncomment also the following parameter) ># >#modparam("auth_db", "password_column", "password") > ># -- rr params -- ># add value to ;lr param to make some broken UAs happy >modparam("rr", "enable_full_lr", 1) > ># ------------------------- request routing logic ------------------- > ># main routing logic > >route{ > > # initial sanity checks -- messages with > # max_forwards==0, or excessively long requests > if (!mf_process_maxfwd_header("10")) { > sl_send_reply("483","Too Many Hops"); > break; > }; > if ( msg:len > max_len ) { > sl_send_reply("513", "Message too big"); > break; > }; > > # we record-route all messages -- to make sure that > # subsequent messages will go through our proxy; that's > # particularly good if upstream and downstream entities > # use different transport protocol > record_route(); > # loose-route processing > if (loose_route()) { > t_relay(); > break; > }; > > # if the request is for other domain use UsrLoc > # (in case, it does not work, use the following command > # with proper names and addresses in it) > if (uri==myself) { > > if (method=="REGISTER") { > ># Uncomment this if you want to use digest authentication ># if (!www_authorize("iptel.org", "subscriber")) { ># www_challenge("iptel.org", "0"); ># break; ># }; > > save("location"); > break; > }; > > # native SIP destinations are handled using our USRLOC DB > if (!lookup("location")) { > sl_send_reply("404", "Not Found"); > break; > }; > }; > # forward to current uri now; use stateful forwarding; that > # works reliably even if we forward from TCP to UDP > >#Black-list!!! > > if (method=="INVITE" || method=="MESSAGE") > { > if ( avp_db_load("$to/username", "s:not_allow/preferences") > && avp_check("s:not_allow", "eq/$from/gi") ) > { > sl_send_reply("403", "Forbidden - You are blocked!"); > break; > } > } > > if (!t_relay()) { > sl_reply_error(); > }; > lookup("aliases"); >} > > >My "preference" table looks like: > >uuid(str) username(str) domain(str,null) attribute(str) value(str) type(int) >"":"peter":"200.129.163.139":"not_allow":"paul@200.129.163.212":"0" > >I'm using openser in to a local network. Its ip is 200.129.163.178. > >peter address is 200.129.163.139 > >paul address is 200.129.163.212 > > > >The result is that both UA call each one, despite peter blocks paul. > >Any help? > >Best regards > > > >