[Users] Module for Config files

ronn100200 at aim.com ronn100200 at aim.com
Tue Aug 15 16:30:32 CEST 2006


 Hello Hakan,
 
 I have attached my openser.cfg file if you can see any error:
 
 DB entry is:
 
 select * from trusted where src_ip = '82.113.11.12';
 +--------------+-------+--------------+------+
 | src_ip | proto | from_pattern | tag |
 +--------------+-------+--------------+------+
 | 82.113.11.12 | udp | ^sip:00*@* | NULL |
 +--------------+-------+--------------+------+
 
 
 =====
 
 # ------------------ module loading ----------------------------------
 
 loadmodule "/usr/local/lib/openser/modules/mysql.so"
 loadmodule "/usr/local/lib/openser/modules/sl.so"
 loadmodule "/usr/local/lib/openser/modules/tm.so"
 loadmodule "/usr/local/lib/openser/modules/rr.so"
 loadmodule "/usr/local/lib/openser/modules/maxfwd.so"
 loadmodule "/usr/local/lib/openser/modules/usrloc.so"
 loadmodule "/usr/local/lib/openser/modules/registrar.so"
 loadmodule "/usr/local/lib/openser/modules/textops.so"
 
 
 loadmodule "/usr/local/lib/openser/modules/permissions.so"
 loadmodule "/usr/local/lib/openser/modules/auth.so"
 loadmodule "/usr/local/lib/openser/modules/auth_db.so"
 loadmodule "/usr/local/lib/openser/modules/nathelper.so"
 loadmodule "/usr/local/lib/openser/modules/uri_db.so"
 loadmodule "/usr/local/lib/openser/modules/uri.so"
 loadmodule "/usr/local/lib/openser/modules/dispatcher.so"
 
 
 # ----------------- setting module-specific parameters ---------------
 
 #---- Permissions_Module_Parameters -----
 modparam("permissions", "db_mode", 0)
 modparam("permissions", "trusted_table", "trusted")
 modparam("permissions", "source_col", "src_ip")
 modparam("permissions", "proto_col", "proto")
 modparam("permissions", "from_col", "from_pattern")
 
 modparam("permissions", "db_url", "mysql://openser:openserrw@localhost/openser")
 # -- usrloc params --
 
 modparam("usrloc", "db_mode", 0)
 
 # Uncomment this if you want to use SQL database
 modparam("auth_db|uri_db|usrloc", "db_url", "mysql://openser:openserrw@localhost/openser")
 
 modparam("auth_db", "use_domain", 1)
 modparam("auth_db", "calculate_ha1", 1)
 modparam("auth_db", "password_column", "password")
 
 modparam("nathelper", "natping_interval", 30)
 modparam("nathelper", "ping_nated_only", 1)
 modparam("nathelper", "rtpproxy_sock", "unix:/var/run/rtpproxy.sock")
 
 modparam( "registrar", "append_branches", 1 )
 modparam( "registrar", "desc_time_order", 1 )
 modparam( "registrar", "nat_flag", 6 )
 
 modparam("usrloc", "db_mode", 2)
 
 ##modparam("rr", "enable_full_lr", 1)
 ####### end old ser
 
 # -- auth params --
 # Uncomment if you are using auth module
 #
 #modparam("auth_db", "calculate_ha1", yes)
 #
 # If you set "calculate_ha1" parameter to yes (which true in this config),
 # uncomment also the following parameter)
 #
 #modparam("auth_db", "password_column", "password")
 
 # -- rr params --
 # add value to ;lr param to make some broken UAs happy
 modparam("rr", "enable_full_lr", 1)
 
 # ------------------------- request routing logic -------------------
 
 # main routing logic
 
 route {
 
 ###########
 if (!mf_process_maxfwd_header("10")) {
 sl_send_reply("483", "Too Many Hops");
 return;
 };
 
 
 if (msg:len > max_len) {
 sl_send_reply("513", "Message Overflow");
 return;
 };
 
 ###############
 if ( method != "REGISTER" ) {
 record_route();
 };
 
 if ( nat_uac_test( "3" ) ) {
 setflag( 6 );
 force_rport();
 fix_nated_contact();
 };
 
 if ( method=="INVITE" ) {
 force_rtp_proxy();
 };
 
 if ( loose_route() ) {
 route( 1 );
 return;
 };
 
 if ( uri == myself ) {
 if ( method == "REGISTER" ) {
 if ( ! www_authorize( "", "subscriber" ) ) {
 www_challenge( "", "0" );
 return;
 };
 
 if ( ! check_to() ) {
 sl_send_reply( "403", "Authentication user must match username" );
 return;
 };
 
 save( "location" );
 return;
 };
 
 if (allow_trusted()) {
 
 if ( uri =~ "sip:00[1-9]+ at .*" ) {
 
 if ( src_ip == 82.113.11.12){
 prefix("2333");
 };
 
 prefix("11");
 ds_select_dst( "1", "0" );
 route( 1 );
 return;
 }
 
 };
 
 
 } else {
 if ( method == "INVITE" ) {
 sl_send_reply( "403", "Host part forbidden" );
 return;
 };
 };
 
 route( 1 );
 }
 
 route[1] {
 t_on_reply( "1" );
 if ( ! t_relay() ) {
 sl_reply_error();
 };
 }
 
 onreply_route[1] {
 if ( status =~ "(180)|(183)|2[0-9][0-9]" ) {
 if ( ! search( "^Content-Length:\ +0" ) ) {
 force_rtp_proxy();
 };
 };
 
 if ( nat_uac_test( "3" ) ) {
 force_rport();
 fix_nated_contact();
 };
 } 
    
 ##=================
 
 -----Original Message-----
 From: hakanyasti at gmail.com
 To: ronn100200 at aim.com; users at openser.org
 Sent: Mon, 14 Aug 2006 8:10 AM
 Subject: Re: [Users] Module for Config files
 
  You can use permissions module.       http://www.openser.org/docs/modules/1.1.x/permissions.html   this is an example of with trusted_table.....     loadmodule "/usr/local/lib/openser/modules/permissions.so"   
 modparam("permissions", "db_url", "postgres or mysql://username:password@localhost/dbname")   #---- Permissions_Module_Parameters -----
 modparam("permissions", "db_mode", 0)
 modparam("permissions", "trusted_table", "trusted")
 modparam("permissions", "source_col", "src_ip")
 modparam("permissions", "proto_col", "proto")
 modparam("permissions", "from_col", "from_pattern")   route[3] {    # -----------------------------------------------------------------
 # INVITE Message Handler
 # -----------------------------------------------------------------    if (allow_trusted()) {  route(4); # NAT Traversal Section
 route(5); # PSTN Handler 
 return;
 };   Welcome to psql 7.4.13, the PostgreSQL interactive terminal.   Type: \copyright for distribution terms
 \h for help with SQL commands
 \? for help on internal slash commands
 \g or terminate with semicolon to execute query
 \q to quit dbname=> select * from trusted;
 src_ip | proto | from_pattern 
 -----------------+-------+-------------------------------
 10.1.1.5 | udp | ^sip:120*@*     Regards, Hakan.   ----- Original Message -----   From: ronn100200 at aim.com  To: users at openser.org  Sent: Monday, August 14, 2006 5:39 PM Subject: [Users] Module for Config files 
  Hi All,
 
 I am using the following if statement to allow certain calls from pre authorized IPs. 
 
 if ( method == "INVITE" && src_ip != 195.xxx.xxx.xx && src_ip != 195.xxx.xxx.xx && src_ip != 195.xxx.xxx.xx && src_ip != 195.xxx.xxx.xx) {
 
 
 My issues is the number of IPs that need to be authorized this way is getting large and was wondering if there's a module that can be used to read config date from a config file ? 
 
 regards,
 
 Ron   Check Out the new free AIM(R) Mail -- 2 GB of storage and industry-leading spam and email virus protection.
      _______________________________________________
 Users mailing list
 Users at openser.org
 http://openser.org/cgi-bin/mailman/listinfo/users
   
________________________________________________________________________
Check Out the new free AIM(R) Mail -- 2 GB of storage and industry-leading spam and email virus protection.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20060815/2782905f/attachment.htm>


More information about the sr-users mailing list