[SR-Users] how can I use WITH_IPAUTH when the IP may be stored in the DB as a FQDN?
Sergey Okhapkin
sos at sokhapkin.dyndns.org
Sun Mar 8 22:02:33 CET 2015
Authentication by IP address must be done by IP address only, DNS names must
not be allowed. Period. By definition.
What you want can be achieved with dns_int_match_ip() function provided by
ipops module. But keep in mind it is slow because of DNS lookup.
On Sunday 08 March 2015 13:38:52 canuck15 wrote:
> Here is is the relevant section of kamailio.cfg
>
> $var(tempfU) = $fU;
> #!ifdef WITH_IPAUTH
> if((!is_method("REGISTER")) && allow_source_address() && $au == "")
> {
> # Loading $fU from database using IP
>
> sql_pvquery("elxpbx", "SELECT name FROM sip WHERE host = '$si'
> AND sippasswd IS NULL", "$var(tempfU)");
>
> # source IP allowed
> return;
> }
>
> The problem is that when host= somefqdn.com the above will fail since
> $si will always be an IP address as far as I can tell. More often than
> not host= is a fqdn and requiring it to always be an IP address is not
> an option. Converting it to IP before storing it in the DB is also not
> an option because it needs to be able to work of the IP address changes.
>
> So how can the above be done to accomodate the possibility that host=
> somefqdn.com or an IP address. Preferably in such a way that it can
> scale to hundreds/thousands of rows in the database without slowing
> things down or crashing.
>
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
More information about the sr-users
mailing list