[Users] AVPOPS module problem

Alexandre Passito alexpassito at gmail.com
Sun Jun 26 21:14:55 CEST 2005 

I did all these modifications but I have problems yet. Could you see
my code about "black list" an see if there is something wrong?


if (method=="INVITE")
        {
                if ( avp_db_load("$to/username", "s:not_allow/preferences")
                        && avp_check("s:not_allow", "eq/$from/gi") )
                {
                        sl_send_reply("403", "Forbidden - You are blocked!");
                        break;
                };

        }


        if (!t_relay()) {
                sl_reply_error();
        };
        lookup("aliases");
}

My "preferences" table looks like:

uuid(str) username(str) domain(str,null) attribute(str) value(str) type(int)
:ggg:200.129.163.139:not_allow:sip\:alexandre at 200.129.163.248:0
:alexandre:200.129.163.139:not_allow:sip\:ggg at 200.129.163.139:0

I think that this table means that ggg user cannot contact alexandre
and vice-versa. ok?

I need help in this,

Best regards,


2005/6/26, Daniel-Constantin Mierla <daniel at voice-system.ro>:
> Hello,
> you must not enclose the strings in quotes, just write the value between
> the colons. Also, you have to put "sip:" in front of sip uris from
> column 'value'. E.g.:
> 
> uuid(str) username(str) domain(str,null) attribute(str) value(str) type(int)
> :peter:200.129.163.139:not_allow:sip\:paul at 200.129.163.212:0
> 
> Daniel
> 
> 
> On 06/26/05 00:11, Alexandre Passito wrote:
> 
> >Hi,
> >
> >I'm trying to implement a "black list" with avpops module, but I got
> >some errors:
> >
> >This is my cfg file:
> >
> >#
> ># $Id: ser.cfg,v 1.21.4.1 2003/11/10 15:35:15 andrei Exp $
> >#
> ># simple quick-start config script
> >#
> >
> ># ----------- global configuration parameters ------------------------
> >
> >#debug=3         # debug level (cmd line: -dddddddddd)
> >#fork=yes
> >#log_stderror=no       # (cmd line: -E)
> >
> ># Uncomment these lines to enter debugging mode
> >#debug=7
> >#fork=no
> >#log_stderror=yes
> >
> >
> >check_via=no   # (cmd. line: -v)
> >dns=no           # (cmd. line: -r)
> >rev_dns=no      # (cmd. line: -R)
> >#port=5060
> >#children=4
> >fifo="/tmp/openser_fifo"
> >
> >fifo_db_url="dbtext:///home/alexandre/Devel/openser-0.9.4/bin/dbtext"
> >
> ># ------------------ module loading ----------------------------------
> >
> ># Uncomment this if you want to use SQL database
> >#loadmodule "/home/alexandre/Devel/ser-0.8.14/bin//lib/ser/modules/mysql.so"
> >
> >loadmodule "/home/alexandre/Devel/openser-0.9.4/bin//lib/openser/modules/dbtext.so"
> >loadmodule "/home/alexandre/Devel/openser-0.9.4/bin//lib/openser/modules/sl.so"
> >loadmodule "/home/alexandre/Devel/openser-0.9.4/bin//lib/openser/modules/tm.so"
> >loadmodule "/home/alexandre/Devel/openser-0.9.4/bin//lib/openser/modules/rr.so"
> >loadmodule "/home/alexandre/Devel/openser-0.9.4/bin//lib/openser/modules/maxfwd.so"
> >loadmodule "/home/alexandre/Devel/openser-0.9.4/bin//lib/openser/modules/usrloc.so"
> >loadmodule "/home/alexandre/Devel/openser-0.9.4/bin//lib/openser/modules/registrar.so"
> >loadmodule "/home/alexandre/Devel/openser-0.9.4/bin//lib/openser/modules/avpops.so"
> >
> ># Uncomment this if you want digest authentication
> ># mysql.so must be loaded !
> >
> >loadmodule "/home/alexandre/Devel/openser-0.9.4/bin//lib/openser/modules/auth.so"
> >loadmodule "/home/alexandre/Devel/openser-0.9.4/bin//lib/openser/modules/auth_db.so"
> >
> ># ----------------- setting module-specific parameters ---------------
> >
> ># -- usrloc params --
> >
> >modparam("usrloc", "db_url",
> >"dbtext:///home/alexandre/Devel/openser-0.9.4/bin/dbtext")
> >modparam("usrloc", "db_mode", 2)
> >
> >modparam("auth_db", "db_url",
> >"dbtext:///home/alexandre/Devel/openser-0.9.4/bin/dbtext")
> >modparam("auth_db", "calculate_ha1", yes)
> >modparam("auth_db", "password_column", "password")
> >
> >modparam("avpops", "avp_url",
> >"dbtext:///home/alexandre/Devel/openser-0.9.4/bin/dbtext")
> >modparam("avpops", "avp_table", "preferences")
> >
> >
> ># Uncomment this if you want to use SQL database
> ># for persistent storage and comment the previous line
> >#modparam("usrloc", "db_mode", 2)
> >
> ># -- auth params --
> ># Uncomment if you are using auth module
> >#
> >#modparam("auth_db", "calculate_ha1", yes)
> >#
> ># If you set "calculate_ha1" parameter to yes (which true in this config),
> ># uncomment also the following parameter)
> >#
> >#modparam("auth_db", "password_column", "password")
> >
> ># -- rr params --
> ># add value to ;lr param to make some broken UAs happy
> >modparam("rr", "enable_full_lr", 1)
> >
> ># -------------------------  request routing logic -------------------
> >
> ># main routing logic
> >
> >route{
> >
> >       # initial sanity checks -- messages with
> >       # max_forwards==0, or excessively long requests
> >       if (!mf_process_maxfwd_header("10")) {
> >               sl_send_reply("483","Too Many Hops");
> >               break;
> >       };
> >       if ( msg:len > max_len ) {
> >               sl_send_reply("513", "Message too big");
> >               break;
> >       };
> >
> >       # we record-route all messages -- to make sure that
> >       # subsequent messages will go through our proxy; that's
> >       # particularly good if upstream and downstream entities
> >       # use different transport protocol
> >       record_route();
> >       # loose-route processing
> >       if (loose_route()) {
> >               t_relay();
> >               break;
> >       };
> >
> >       # if the request is for other domain use UsrLoc
> >       # (in case, it does not work, use the following command
> >       # with proper names and addresses in it)
> >       if (uri==myself) {
> >
> >               if (method=="REGISTER") {
> >
> ># Uncomment this if you want to use digest authentication
> >#                      if (!www_authorize("iptel.org", "subscriber")) {
> >#                              www_challenge("iptel.org", "0");
> >#                              break;
> >#                      };
> >
> >                       save("location");
> >                       break;
> >               };
> >
> >               # native SIP destinations are handled using our USRLOC DB
> >               if (!lookup("location")) {
> >                       sl_send_reply("404", "Not Found");
> >                       break;
> >               };
> >       };
> >       # forward to current uri now; use stateful forwarding; that
> >       # works reliably even if we forward from TCP to UDP
> >
> >#Black-list!!!
> >
> >        if (method=="INVITE" || method=="MESSAGE")
> >        {
> >                if ( avp_db_load("$to/username", "s:not_allow/preferences")
> >                       && avp_check("s:not_allow", "eq/$from/gi") )
> >                {
> >                       sl_send_reply("403", "Forbidden - You are blocked!");
> >                        break;
> >               }
> >       }
> >
> >       if (!t_relay()) {
> >               sl_reply_error();
> >       };
> >       lookup("aliases");
> >}
> >
> >
> >My "preference" table looks like:
> >
> >uuid(str) username(str) domain(str,null) attribute(str) value(str) type(int)
> >"":"peter":"200.129.163.139":"not_allow":"paul at 200.129.163.212":"0"
> >
> >I'm using openser in to a local network. Its ip is 200.129.163.178.
> >
> >peter address is 200.129.163.139
> >
> >paul address is 200.129.163.212
> >
> >
> >
> >The result is that both UA call each one, despite peter blocks paul.
> >
> >Any help?
> >
> >Best regards
> >
> >
> 


-- 
Alexandre Passito
Universidade Federal do Amazonas
Departamento de Ciência da Computação
LabVoIP - GRSD

More information about the sr-users mailing list