Login Attempts - sr-users - kamailio.org

List overview All Threads
Download

Login Attempts

Fwd: Kamailio--Sipcapture--Homer

CRITICAL: <core>...

Ahmed Marsou

27 May 2020 27 May '20

4:38 a.m.

Hi; I have to control the login attempts, but blocking the user until I unlock him from web site. To do that I have to save the paramter on database. There is any table and column where I can save that parameter? I'm using the htable module to count the Authentification attempts. There's is any module that do that easily? Thank you.

Attachments:

attachment.html (text/html — 622 bytes)

Reply

Show replies by date

Daniel-Constantin Mierla

27 May 27 May

5:56 a.m.

Hello, if you look for inserting into/querying from a database table from config script, look at sqlops module. If you need something else, provide more details about what you want to achieve. Cheers, Daniel On 26.05.20 20:38, Ahmed Marsou wrote:

Hi; I have to control the login attempts, but blocking the user until I unlock him from web site. To do that I have to save the paramter on database. There is any table and column where I can save that parameter? I'm using the htable module to count the Authentification attempts. There's is any module that do that easily? Thank you. _______________________________________________ Kamailio (SER) - Users Mailing List sr-users(a)lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

-- Daniel-Constantin Mierla -- www.asipto.com www.twitter.com/miconda -- www.linkedin.com/in/miconda Funding: https://www.paypal.me/dcmierla

Reply

Ahmed Marsou

6:12 a.m.

Sorry, what I want is to block a user after 'n' incorrect login attempts and leave it blocked until a user unblocks them from the website. I try something with the htable module but I don't know if I can save the value in the database. Is going to check if the number of login attempts is > 'n', and if is > 'n', I gonna leave it blocked and send a MESSAGE to an app. I starting with something like this: modparam("htable", "htable", "a=>size=8;autoexpire=920;") . . . if(is_present_hf("Authorization")){ reg_fetch_contacts("location", "$fu", "existingContact"); if($sht(a=>$au::auth_count)==3){ xlog("Other attempts auth failed more than 3 times - src ip: $si\n"); $var(address) = $si; $var(ruri) = "[" + $var(address)+ "]" + ":" + $sp + ";" + "transport" + "=" + $proto; #Send a SIP Request signalling the problem and its reason on the body $uac_req(method)="MESSAGE"; $uac_req(ruri) = "sip:"+ $au + "@" + $var(ruri); $uac_req(furi) = "sip:kamailio@ericsson.net"; $uac_req(turi) = $fu; $uac_req(hdrs)="Max-Forwards: 70\r\nEvent: reg\r\nContent-Type: text/plain\r\nAccept-Contact:*;+g.ext.app.registration\r\n"; $uac_req(body)="Accout Blocked. Plese contact with your adminstrator"; uac_req_send(); exit; }else{ $sht(a=>$au::auth_count) = 0; } if(!www_authenticate("ericsson.net", "subscriber")){ switch ($retcode) { case -1: sl_send_reply("403", "Forbidden"); exit; case -2: if($sht(a=>$au::auth_count) == $null) $sht(a=>$au::auth_count) = 0; $sht(a=>$au::auth_count) = $sht(a=>$au::auth_count) + 1; break; } www_challenge("$td"/*realm*/,"0"/*qop*/); exit; } $sht(a=>$au::auth_count) = 0; } else { www_challenge("$td","0"); exit; } } But first problem: Is not counting. I dont know if I have to configure any param more to start counting attempts? Second problem: I dont know the best option to save the login attempts on databes. Theres is any module that can help? Thank you so much. El mar., 26 may. 2020 a las 21:56, Daniel-Constantin Mierla (< miconda(a)gmail.com>) escribió:

Hello, if you look for inserting into/querying from a database table from config script, look at sqlops module. If you need something else, provide more details about what you want to achieve. Cheers, Daniel On 26.05.20 20:38, Ahmed Marsou wrote: Hi; I have to control the login attempts, but blocking the user until I unlock him from web site. To do that I have to save the paramter on database. There is any table and column where I can save that parameter? I'm using the htable module to count the Authentification attempts. There's is any module that do that easily? Thank you. _______________________________________________ Kamailio (SER) - Users Mailing Listsr-users@lists.kamailio.orghttps://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users -- Daniel-Constantin Mierla -- www.asipto.comwww.twitter.com/miconda -- www.linkedin.com/in/miconda Funding: https://www.paypal.me/dcmierla

Reply

Daniel-Constantin Mierla

4:15 p.m.

Hello, On 26.05.20 22:12, Ahmed Marsou wrote:

Sorry, what I want is to block a user after 'n' incorrect login attempts and leave it blocked until a user unblocks them from the website. I try something with the htable module but I don't know if I can save the value in the database. Is going to check if the number of login attempts is > 'n', and if is > 'n', I gonna leave it blocked and send a MESSAGE to an app. I starting with something like this: modparam("htable", "htable", "a=>size=8;autoexpire=920;") . . . if(is_present_hf("Authorization")){ reg_fetch_contacts("location", "$fu", "existingContact"); if($sht(a=>$au::auth_count)==3){ xlog("Other attempts auth failed more than 3 times - src ip: $si\n"); $var(address) = $si; $var(ruri) = "[" + $var(address)+ "]" + ":" + $sp + ";" + "transport" + "=" + $proto; #Send a SIP Request signalling the problem and its reason on the body $uac_req(method)="MESSAGE"; $uac_req(ruri) = "sip:"+ $au + "@" + $var(ruri); $uac_req(furi) = "sip:kamailio@ericsson.net <mailto:sip%3Akamailio@ericsson.net>"; $uac_req(turi) = $fu; $uac_req(hdrs)="Max-Forwards: 70\r\nEvent: reg\r\nContent-Type: text/plain\r\nAccept-Contact:*;+g.ext.app.registration\r\n"; $uac_req(body)="Accout Blocked. Plese contact with your adminstrator"; uac_req_send(); exit; }else{ $sht(a=>$au::auth_count) = 0; } if(!www_authenticate("ericsson.net <http://ericsson.net>", "subscriber")){ switch ($retcode) { case -1: sl_send_reply("403", "Forbidden"); exit; case -2: if($sht(a=>$au::auth_count) == $null) $sht(a=>$au::auth_count) = 0; $sht(a=>$au::auth_count) = $sht(a=>$au::auth_count) + 1; break; } www_challenge("$td"/*realm*/,"0"/*qop*/); exit; } $sht(a=>$au::auth_count) = 0; } else { www_challenge("$td","0"); exit; } } But first problem: Is not counting. I dont know if I have to configure any param more to start counting attempts?

Why do you say it is not counting? Have you checked the content of the htable via rpc command to see if anything is stored there?

Second problem: I dont know the best option to save the login attempts on databes. Theres is any module that can help?

Check the sqlops module, it allows to do any sql query. Cheers, Daniel

Thank you so much. El mar., 26 may. 2020 a las 21:56, Daniel-Constantin Mierla (<miconda(a)gmail.com <mailto:miconda@gmail.com>>) escribió: Hello, if you look for inserting into/querying from a database table from config script, look at sqlops module. If you need something else, provide more details about what you want to achieve. Cheers, Daniel On 26.05.20 20:38, Ahmed Marsou wrote:

Hi; I have to control the login attempts, but blocking the user until I unlock him from web site. To do that I have to save the paramter on database. There is any table and column where I can save that parameter? I'm using the htable module to count the Authentification attempts. There's is any module that do that easily? Thank you. _______________________________________________ Kamailio (SER) - Users Mailing List sr-users(a)lists.kamailio.org <mailto:sr-users@lists.kamailio.org> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

-- Daniel-Constantin Mierla -- www.asipto.com <http://www.asipto.com> www.twitter.com/miconda <http://www.twitter.com/miconda> -- www.linkedin.com/in/miconda <http://www.linkedin.com/in/miconda> Funding: https://www.paypal.me/dcmierla

-- Daniel-Constantin Mierla -- www.asipto.com www.twitter.com/miconda -- www.linkedin.com/in/miconda Funding: https://www.paypal.me/dcmierla

Reply

Ahmed Marsou

28 May 28 May

3:16 a.m.

OK, it works. I create a table 'auth_count' and I save $ ua, $ auth_count, and $ Ts, then I implement de code. Finaly I use sqlop. Thank you so much for the support. if (is_method("REGISTER")) { if(is_present_hf("Authorization")){ $var(max_attempts)= 3; if (sql_query("ca","select auth_count from auth_count where Blocked_user='$au'","auth_count")== $var(max_attempts) && $sht(a=>$au::auth_count)!= $null) { xlog("Other attempts auth ************************failed more than 3 times - src ip: $si\n"); $var(address) = $si; $var(ruri) = "[" + $var(address)+ "]" + ":" + $sp + ";" + "transport" + "=" + $proto; #Send a SIP Request signalling the problem and its reason on the body $uac_req(method)="MESSAGE"; $uac_req(ruri) = "sip:"+ $au + "@" + $var(ruri); $uac_req(furi) = " sip:kamailio@ericsson.net"; $uac_req(turi) = $fu; $uac_req(hdrs)="Max-Forwards: 70\r\nEvent: reg\r\nContent-Type: text/plain\r\nAccept-Contact:*;+g.ext.app.registration\r\n"; $uac_req(body)="Accout Blocked. Plese contact with your adminstrator"; uac_req_send(); exit; }else if($sht(a=>$au::auth_count)== $var(max_attempts)){ xlog("L_INFO","Insert the blocked user on database"); sql_query_async("ca", "insert into auth_count (Blocked_user, auth_count, Blocked_date) values ('$ua', '$sht(a=>$au::auth_count)', '$Ts')"); xlog("Other attempts auth failed more than 3 times - src ip: $si\n"); $var(address) = $si; $var(ruri) = "[" + $var(address)+ "]" + ":" + $sp + ";" + "transport" + "=" + $proto; #Send a SIP Request signalling the problem and its reason on the body $uac_req(method)="MESSAGE"; $uac_req(ruri) = "sip:"+ $au + "@" + $var(ruri); $uac_req(furi) = " sip:kamailio@ericsson.net"; $uac_req(turi) = $fu; $uac_req(hdrs)="Max-Forwards: 70\r\nEvent: reg\r\nContent-Type: text/plain\r\nAccept-Contact:*;+g.ext.app.registration\r\n"; $uac_req(body)="Accout Blocked. Plese contact with your adminstrator"; uac_req_send(); exit; }else if ($sht(a=>$au::auth_count)== $null){ xlog("L_INFO","Ponemos un cero ###################################################"); $sht(a=>$au::auth_count) = 0; } if(!www_authenticate("ericsson.net", "subscriber")) { if ($? == -1){ sl_send_reply("500", "Internal Server Error"); exit; } if ($? == -2){ $sht(a=>$au::auth_count) = $sht(a=>$au::auth_count) + 1; sl_send_reply("403", "Forbidden"); exit; } xlog("L_INFO","REPETIMOS ACCESO ###################################################"); www_challenge("$td"/*realm*/,"0"/*qop*/); exit; } xlog("L_INFO","AQUI ###################################################"); $sht(a=>$au::auth_count) = 0; } else { www_challenge("$td","0"); exit; } El mié., 27 may. 2020 a las 8:15, Daniel-Constantin Mierla (< miconda(a)gmail.com>) escribió:

Hello, On 26.05.20 22:12, Ahmed Marsou wrote: Sorry, what I want is to block a user after 'n' incorrect login attempts and leave it blocked until a user unblocks them from the website. I try something with the htable module but I don't know if I can save the value in the database. Is going to check if the number of login attempts is > 'n', and if is > 'n', I gonna leave it blocked and send a MESSAGE to an app. I starting with something like this: modparam("htable", "htable", "a=>size=8;autoexpire=920;") . . . if(is_present_hf("Authorization")){ reg_fetch_contacts("location", "$fu", "existingContact"); if($sht(a=>$au::auth_count)==3){ xlog("Other attempts auth failed more than 3 times - src ip: $si\n"); $var(address) = $si; $var(ruri) = "[" + $var(address)+ "]" + ":" + $sp + ";" + "transport" + "=" + $proto; #Send a SIP Request signalling the problem and its reason on the body $uac_req(method)="MESSAGE"; $uac_req(ruri) = "sip:"+ $au + "@" + $var(ruri); $uac_req(furi) = "sip:kamailio@ericsson.net"; $uac_req(turi) = $fu; $uac_req(hdrs)="Max-Forwards: 70\r\nEvent: reg\r\nContent-Type: text/plain\r\nAccept-Contact:*;+g.ext.app.registration\r\n"; $uac_req(body)="Accout Blocked. Plese contact with your adminstrator"; uac_req_send(); exit; }else{ $sht(a=>$au::auth_count) = 0; } if(!www_authenticate("ericsson.net", "subscriber")){ switch ($retcode) { case -1: sl_send_reply("403", "Forbidden"); exit; case -2: if($sht(a=>$au::auth_count) == $null) $sht(a=>$au::auth_count) = 0; $sht(a=>$au::auth_count) = $sht(a=>$au::auth_count) + 1; break; } www_challenge("$td"/*realm*/,"0"/*qop*/); exit; } $sht(a=>$au::auth_count) = 0; } else { www_challenge("$td","0"); exit; } } But first problem: Is not counting. I dont know if I have to configure any param more to start counting attempts? Why do you say it is not counting? Have you checked the content of the htable via rpc command to see if anything is stored there? Second problem: I dont know the best option to save the login attempts on databes. Theres is any module that can help? Check the sqlops module, it allows to do any sql query. Cheers, Daniel Thank you so much. El mar., 26 may. 2020 a las 21:56, Daniel-Constantin Mierla (< miconda(a)gmail.com>) escribió:

Hello, if you look for inserting into/querying from a database table from config script, look at sqlops module. If you need something else, provide more details about what you want to achieve. Cheers, Daniel On 26.05.20 20:38, Ahmed Marsou wrote: Hi; I have to control the login attempts, but blocking the user until I unlock him from web site. To do that I have to save the paramter on database. There is any table and column where I can save that parameter? I'm using the htable module to count the Authentification attempts. There's is any module that do that easily? Thank you. _______________________________________________ Kamailio (SER) - Users Mailing Listsr-users@lists.kamailio.orghttps://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users -- Daniel-Constantin Mierla -- www.asipto.comwww.twitter.com/miconda -- www.linkedin.com/in/miconda Funding: https://www.paypal.me/dcmierla --

Daniel-Constantin Mierla -- www.asipto.comwww.twitter.com/miconda -- www.linkedin.com/in/miconda Funding: https://www.paypal.me/dcmierla

Reply

1710

days inactive

1711

days old

sr-users@lists.kamailio.org

Manage subscription

4 comments

2 participants

tags (0)

participants (2)

Ahmed Marsou
Daniel-Constantin Mierla