Hi,
i just imported a new module, called 'userblacklist', into the svn trunk. To quote from the README:
The userblacklist module allows OpenSER to handle blacklists on a per user basis. This information is stored in a database table, which is queried to decide if the number is blacklisted or not.
An additional functionality that this module provides is the ability to handle global blacklists. This lists are loaded on startup into memory, thus providing a better performance then in the userblacklist case. This global lists could also used to prevent the blacklisting of important numbers, as whitelisting is also supported. This is useful for example to prevent the customer from blocking emergency call number or service hotlines.
The module exports two functions, check_blacklist and check_user_blacklist for usage in the config file. Furthermore its provide a FIFO function to reload the global blacklist cache.
The documentation for this module can be found at:
http://www.openser.org/docs/modules/devel/userblacklist.html
Best regards,
Henning Westerholt
El Wednesday 27 February 2008 10:41:45 Henning Westerholt escribió:
An additional functionality that this module provides is the ability to handle global blacklists. This lists are loaded on startup into memory, thus providing a better performance then in the userblacklist case.
Hi, what is the difference between these "global blacklists" and the already existing blacklists (by using "dst_blacklist" and "use_blacklist")? Maybe the use of a database to store the IP's?
As a suggestion, shouldn't all this blacklist stuff (new module and existing core feature) be merged in just a module (maybe called "blacklists")?
Regards.
On Wednesday 27 February 2008, Iñaki Baz Castillo wrote:
El Wednesday 27 February 2008 10:41:45 Henning Westerholt escribió:
An additional functionality that this module provides is the ability to handle global blacklists. This lists are loaded on startup into memory, thus providing a better performance then in the userblacklist case.
Hi, what is the difference between these "global blacklists" and the already existing blacklists (by using "dst_blacklist" and "use_blacklist")? Maybe the use of a database to store the IP's?
Hi Iñaki,
the core blacklists work on IP level, as you mentioned. This modules allows to blacklists certain number prefixes per user or on a global level. Perhaps is should add this bit of informations to the docs.. ;-)
As a suggestion, shouldn't all this blacklist stuff (new module and existing core feature) be merged in just a module (maybe called "blacklists")?
Well, i don't know if its possible (or feasible) to move the autoblacklist feature from the core into a module, as this is probably more a low-level functionality.
Cheers,
Henning
Hi Henning,
If I understand correctly, the blacklisting is done at URI level (which URI?) and not at IP level, right?
Regards, Bogdan
Henning Westerholt wrote:
On Wednesday 27 February 2008, Iñaki Baz Castillo wrote:
El Wednesday 27 February 2008 10:41:45 Henning Westerholt escribió:
An additional functionality that this module provides is the ability to handle global blacklists. This lists are loaded on startup into memory, thus providing a better performance then in the userblacklist case.
Hi, what is the difference between these "global blacklists" and the already existing blacklists (by using "dst_blacklist" and "use_blacklist")? Maybe the use of a database to store the IP's?
Hi Iñaki,
the core blacklists work on IP level, as you mentioned. This modules allows to blacklists certain number prefixes per user or on a global level. Perhaps is should add this bit of informations to the docs.. ;-)
As a suggestion, shouldn't all this blacklist stuff (new module and existing core feature) be merged in just a module (maybe called "blacklists")?
Well, i don't know if its possible (or feasible) to move the autoblacklist feature from the core into a module, as this is probably more a low-level functionality.
Cheers,
Henning
Users mailing list Users@lists.openser.org http://lists.openser.org/cgi-bin/mailman/listinfo/users
On Wednesday 27 February 2008, Bogdan-Andrei Iancu wrote:
If I understand correctly, the blacklisting is done at URI level (which URI?) and not at IP level, right?
Hi Bogdan,
it matches the request URI user against the black/ whitelist entries. For the user information (check_user_blacklist) any pseudo-variable can be used.
Cheers,
Henning
Hi Henning,
Henning Westerholt wrote:
it matches the request URI user against the black/ whitelist entries. For the user information (check_user_blacklist) any pseudo-variable can be used.
Is there any pattern matching support, e.g. fnmatch, which I can use in the entries?
Andreas
On Wednesday 27 February 2008, Andreas Granig wrote:
it matches the request URI user against the black/ whitelist entries. For the user information (check_user_blacklist) any pseudo-variable can be used.
Is there any pattern matching support, e.g. fnmatch, which I can use in the entries?
Hi Andreas,
no there is no such support. The only matching that is done is for the longest prefix.
Cheers,
Henning
Hi Henning,
I was just asking as mainly I see a potential confusion between to totally different feature but under the same name "blacklist" - this from user perspective. But before saying this, I wanted to be sure I correctly understand what the new module offers ;).
Regards, Bogdan
Henning Westerholt wrote:
On Wednesday 27 February 2008, Bogdan-Andrei Iancu wrote:
If I understand correctly, the blacklisting is done at URI level (which URI?) and not at IP level, right?
Hi Bogdan,
it matches the request URI user against the black/ whitelist entries. For the user information (check_user_blacklist) any pseudo-variable can be used.
Cheers,
Henning
El Miércoles, 27 de Febrero de 2008, Bogdan-Andrei Iancu escribió:
Hi Henning,
I was just asking as mainly I see a potential confusion between to totally different feature but under the same name "blacklist" - this from user perspective.
That is exactly what I thought when I listened to "blacklist" module for first time.
Henning, what about changing the name to "uri_blacklist"? wouldn't it less confusing?
On Wednesday 27 February 2008, Iñaki Baz Castillo wrote:
I was just asking as mainly I see a potential confusion between to totally different feature but under the same name "blacklist" - this from user perspective.
That is exactly what I thought when I listened to "blacklist" module for first time.
Henning, what about changing the name to "uri_blacklist"? wouldn't it less confusing?
Hi,
ok, never thought about the other blacklists.. :) Well, i like userblacklist, because they module implement, well blacklists per user. But if you think uri_blacklist will be better, ok..
Another thing: How about to merge this module with the uri_db stuff?
Cheers,
Henning
El Friday 29 February 2008 11:03:27 Henning Westerholt escribió:
On Wednesday 27 February 2008, Iñaki Baz Castillo wrote:
I was just asking as mainly I see a potential confusion between to totally different feature but under the same name "blacklist" - this from user perspective.
That is exactly what I thought when I listened to "blacklist" module for first time.
Henning, what about changing the name to "uri_blacklist"? wouldn't it less confusing?
Hi,
ok, never thought about the other blacklists.. :) Well, i like userblacklist, because they module implement, well blacklists per user. But if you think uri_blacklist will be better, ok..
Maybe "useruriblacklists" is too much XDDDD
El Wednesday 27 February 2008 10:41:45 Henning Westerholt escribió:
The userblacklist module allows OpenSER to handle blacklists on a per user basis. This information is stored in a database table, which is queried to decide if the number is blacklisted or not.
Could it be used to set the allowed international destinations? It's something that I asked past week and something for which there is not a "ellegant" and simple solution in OpenSer (and modules).
For example:
table "globalblacklist": --------------------------------------------------------------------------------------------- prefix whitelist comment -------- ----------- -------------- + 0 Any destination dissabled by default +34 1 Spain (allowed) +44 1 England (allowed) ---------------------------------------------------------------------------------------------
Would it work?
On Wednesday 27 February 2008, Iñaki Baz Castillo wrote:
The userblacklist module allows OpenSER to handle blacklists on a per user basis. This information is stored in a database table, which is queried to decide if the number is blacklisted or not.
Could it be used to set the allowed international destinations? It's something that I asked past week and something for which there is not a "ellegant" and simple solution in OpenSer (and modules).
For example:
table "globalblacklist": prefix whitelist comment
0 Any destination dissabled by default+34 1 Spain (allowed) +44 1 England (allowed)
Hi Iñaki,
yes, this works. I just extend the test for the module (test/25.sh), take a look into this file to get an idea.
Cheers,
Henning
-
Andreas Granig -
Bogdan-Andrei Iancu -
Henning Westerholt -
Iñaki Baz Castillo -
Iñaki Baz Castillo