[SR-Users] userblacklist use avp for check_blacklist
Daniel-Constantin Mierla
miconda at gmail.com
Mon Jun 27 16:19:44 CEST 2016
You have a negation of the function int the if expression, respectively:
!check_user_blacklist(...)
If the function returns true on record match and you want to reject in
that case, then just remove the ! in the expression.
Cheers,
Daniel
On 27/06/16 14:11, Jan Hazenberg wrote:
> Daniel,
>
> Seems like it is not working anymore, i now have configured:
>
> if (!check_user_blacklist("blacklist", "oranjelaan.net",
> "318001234")) {
> xlog("L_ALERT", "ALERT: $rU is blacklisted, rejecting
> call - IP=$si PORT=$sp R=$ru ID=$ci FU=$fu M=$rm UA=$ua\n");
> sl_send_reply("403", "Blacklisted");
> exit;
> }
>
> With the following in db:
>
> +----+-----------+----------------+-----------+-----------+
> | id | username | domain | prefix | whitelist |
> +----+-----------+----------------+-----------+-----------+
> | 3 | blacklist | oranjelaan.net | 318001234 | 0 |
> +----+-----------+----------------+-----------+-----------+
>
> But is is not rejecting the call. If i use the fifo command all is fine:
>
>
> [root at sip03 kamailio]# /usr/local/sbin/kamctl fifo check_userblacklist
> blacklist oranjelaan.net 318001234
> 318001234:: blacklisted=true
>
> [root at sip03 kamailio]# /usr/local/sbin/kamctl fifo check_userblacklist
> blacklist oranjelaan.net 318001235
> 318001235:: blacklisted=false
>
>
>
> Jan
>
>
> Daniel-Constantin Mierla schreef op 2016-06-27 13:53:
>> Have you done any tests to see if runtime works fine as well? Just to be
>> sure nothing was broken.
>>
>> Cheers,
>> Daniel
>>
>>
>> On 27/06/16 13:46, Jan Hazenberg wrote:
>>> Daniel,
>>>
>>> Yes that seems to fix the problem. Kamailio now starts without
>>> crashing.
>>>
>>> Thanks,
>>>
>>> Jan
>>>
>>>
>>> Daniel-Constantin Mierla schreef op 2016-06-27 13:08:
>>>> Can you try with the master branch or backport the next commit?
>>>>
>>>> -
>>>> https://github.com/kamailio/kamailio/commit/5fd2c91f512b7311f11c76023da45758fb8c4365
>>>>
>>>>
>>>>
>>>> If all ok, then I push the backported patch to stable branches.
>>>>
>>>> Cheers,
>>>> Daniel
>>>>
>>>> On 27/06/16 11:57, Daniel-Constantin Mierla wrote:
>>>>> The spec is null, so the crash is obvious. I have to look at the
>>>>> code to
>>>>> see why it expect to be a spec there, while it can be a static
>>>>> string.
>>>>>
>>>>> Cheers,
>>>>> Daniel
>>>>>
>>>>>
>>>>> On 27/06/16 10:57, Jan Hazenberg wrote:
>>>>>> Daniel,
>>>>>>
>>>>>> Here the requested gdb output:
>>>>>>
>>>>>> (gdb) frame 1
>>>>>> #1 0x00007f22fd252ece in check_user_blacklist_fixup
>>>>>> (param=0x7f23061cdd88, param_no=1) at userblacklist.c:213
>>>>>> 213 if(str2int(&s, (unsigned
>>>>>> int*)&model->spec->pvp.pvn.u.isname.name.n) != 0) {
>>>>>> (gdb) info locals
>>>>>> model = 0x7f23061c9400
>>>>>> s = {s = 0x7f23061ce0b8 "blacklist", len = 9}
>>>>>> __FUNCTION__ = "check_user_blacklist_fixup"
>>>>>> (gdb) p *model
>>>>>> $1 = {text = {s = 0x7f23061ce0b8 "blacklist", len = 9}, spec = 0x0,
>>>>>> next = 0x0}
>>>>>> (gdb) p *model->spec
>>>>>> Cannot access memory at address 0x0
>>>>>> (gdb)
>>>>>>
>>>>>>
>>>>>> Jan
>>>>>>
>>>>>> Daniel-Constantin Mierla schreef op 2016-06-23 19:46:
>>>>>>> Can you get the output of following commands in gdb:
>>>>>>>
>>>>>>> frame 1
>>>>>>>
>>>>>>> info locals
>>>>>>>
>>>>>>> p *model
>>>>>>>
>>>>>>> p *model->spec
>>>>>>>
>>>>>>> Cheers,
>>>>>>> Daniel
>>>>>>>
>>>>>>>
>>>>>>> On 23/06/16 14:45, Jan Hazenberg wrote:
>>>>>>>> Daniel,
>>>>>>>>
>>>>>>>> Here the output of the bt command. This was generated with
>>>>>>>> kamailio
>>>>>>>> 4.4.1
>>>>>>>>
>>>>>>>> Core was generated by `/usr/local/sbin/kamailio -P
>>>>>>>> /var/run/kamailio.pid -m 768 -M 16 -u kamailio -g k'.
>>>>>>>> Program terminated with signal 11, Segmentation fault.
>>>>>>>> #0 0x00007f22fd2526fb in str2int (_s=0x7ffc529b73c0, _r=0x30) at
>>>>>>>> ../../parser/../parser/../ut.h:643
>>>>>>>> 643 *_r = 0;
>>>>>>>> Missing separate debuginfos, use: debuginfo-install
>>>>>>>> glibc-2.12-1.166.el6_7.7.x86_64 keyutils-libs-1.4-5.el6.x86_64
>>>>>>>> krb5-libs-1.10.3-42z1.el6_7.x86_64
>>>>>>>> libcom_err-1.41.12-22.el6.x86_64
>>>>>>>> libselinux-2.0.94-5.8.el6.x86_64 libxml2-2.7.6-20.el6_7.1.x86_64
>>>>>>>> mysql-libs-5.1.73-5.el6_6.x86_64
>>>>>>>> nss-softokn-freebl-3.14.3-23.el6_7.x86_64
>>>>>>>> openssl-1.0.1e-42.el6_7.4.x86_64 pcre-7.8-7.el6.x86_64
>>>>>>>> zlib-1.2.3-29.el6.x86_64
>>>>>>>> (gdb) bt
>>>>>>>> #0 0x00007f22fd2526fb in str2int (_s=0x7ffc529b73c0, _r=0x30) at
>>>>>>>> ../../parser/../parser/../ut.h:643
>>>>>>>> #1 0x00007f22fd252ece in check_user_blacklist_fixup
>>>>>>>> (param=0x7f23061cdd88, param_no=1) at userblacklist.c:213
>>>>>>>> #2 0x0000000000531e49 in fix_actions (a=0x7f23061cdd28) at
>>>>>>>> route.c:919
>>>>>>>> #3 0x00000000005613b7 in fix_rval (rv=0x7f23061cfa68) at
>>>>>>>> rvalue.c:2876
>>>>>>>> #4 0x000000000057323e in fix_rval_expr (p=0x7f23061cfa60) at
>>>>>>>> rvalue.c:3797
>>>>>>>> #5 0x0000000000573253 in fix_rval_expr (p=0x7f23061cf350) at
>>>>>>>> rvalue.c:3808
>>>>>>>> #6 0x000000000052da79 in fix_actions (a=0x7f23061ce7f0) at
>>>>>>>> route.c:706
>>>>>>>> #7 0x000000000053da17 in fix_rl (rt=0xac8640) at route.c:2088
>>>>>>>> #8 0x000000000053da4d in fix_rls () at route.c:2104
>>>>>>>> #9 0x00000000004b83ea in main (argc=11, argv=0x7ffc529b8158) at
>>>>>>>> main.c:2605
>>>>>>>> (gdb)
>>>>>>>>
>>>>>>>>
>>>>>>>> Thanks,
>>>>>>>>
>>>>>>>> Jan
>>>>>>>>
>>>>>>>> Daniel-Constantin Mierla schreef op 2016-06-23 12:53:
>>>>>>>>> Hello,
>>>>>>>>>
>>>>>>>>> send the all the output of 'bt' command inside gdb. It will give
>>>>>>>>> the
>>>>>>>>> full execution stack, likely the problem is not in frame 0, but
>>>>>>>>> in a
>>>>>>>>> previous one.
>>>>>>>>>
>>>>>>>>> Cheers,
>>>>>>>>> Daniel
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On 23/06/16 12:47, Jan Hazenberg wrote:
>>>>>>>>>> I just tried to use the check_user_blacklist function but then
>>>>>>>>>> kamailio crashed when i start it. I'm using the following code:
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> if (!check_user_blacklist("blacklist",
>>>>>>>>>> "$avp(from_domain)",
>>>>>>>>>> "$(avp(ruri_number){s.substr,1,0})")) {
>>>>>>>>>> xlog("L_ALERT", "ALERT: $rU is blacklisted,
>>>>>>>>>> rejecting
>>>>>>>>>> call - IP=$si PORT=$sp R=$ru ID=$ci FU=$fu M=$rm UA=$ua\n");
>>>>>>>>>> sl_send_reply("403", "Forbidden");
>>>>>>>>>> exit;
>>>>>>>>>> }
>>>>>>>>>>
>>>>>>>>>> This is the GDB output:
>>>>>>>>>>
>>>>>>>>>> Core was generated by `/usr/local/sbin/kamailio -P
>>>>>>>>>> /var/run/kamailio.pid -m 768 -M 16 -u kamailio -g k'.
>>>>>>>>>> Program terminated with signal 11, Segmentation fault.
>>>>>>>>>> #0 0x00007fdf4b2be6fb in str2int (_s=0x7fff312b7bd0,
>>>>>>>>>> _r=0x30) at
>>>>>>>>>> ../../parser/../parser/../ut.h:643
>>>>>>>>>> 643 *_r = 0;
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> I have kamailio 4.4.0 installed, just tested with 4.4.1 and the
>>>>>>>>>> result
>>>>>>>>>> is the same.
>>>>>>>>>>
>>>>>>>>>> Thanks,
>>>>>>>>>>
>>>>>>>>>> Jan
>>>>>>>>>>
>>>>>>>>>> Jan Hazenberg schreef op 2016-06-23 09:47:
>>>>>>>>>>> Hello,
>>>>>>>>>>>
>>>>>>>>>>> I'm trying to use the userblacklist module to implement a
>>>>>>>>>>> global
>>>>>>>>>>> blacklist. I have a few questions about the module.
>>>>>>>>>>>
>>>>>>>>>>> Is it possible to use a avp for the check_blacklist function?
>>>>>>>>>>> If i'm
>>>>>>>>>>> correct it will only parse the request URI, but i'm
>>>>>>>>>>> rewriting the
>>>>>>>>>>> URI
>>>>>>>>>>> in a branch route to allow different formats to different
>>>>>>>>>>> destinations. Or is this only possible with the
>>>>>>>>>>> check_user_blacklist
>>>>>>>>>>> function?
>>>>>>>>>>>
>>>>>>>>>>> I also have a issue with numbers in E164 format with a leading
>>>>>>>>>>> +. I
>>>>>>>>>>> tried to escape this with a \ in the database but it will not
>>>>>>>>>>> load the
>>>>>>>>>>> entry's when i use the + in front of the number. Is the +
>>>>>>>>>>> supported by
>>>>>>>>>>> this module or should i strip it before the function and add it
>>>>>>>>>>> again
>>>>>>>>>>> afterwards?
>>>>>>>>>>>
>>>>>>>>>>> Thanks,
>>>>>>>>>>>
>>>>>>>>>>> Jan
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> _______________________________________________
>>>>>>>>>>> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users
>>>>>>>>>>> mailing
>>>>>>>>>>> list
>>>>>>>>>>> sr-users at lists.sip-router.org
>>>>>>>>>>> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
>>>>>>>>>> _______________________________________________
>>>>>>>>>> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users
>>>>>>>>>> mailing
>>>>>>>>>> list
>>>>>>>>>> sr-users at lists.sip-router.org
>>>>>>>>>> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
>>>>>>>> _______________________________________________
>>>>>>>> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users
>>>>>>>> mailing list
>>>>>>>> sr-users at lists.sip-router.org
>>>>>>>> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
>>>>>> _______________________________________________
>>>>>> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing
>>>>>> list
>>>>>> sr-users at lists.sip-router.org
>>>>>> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
>>>
>>> _______________________________________________
>>> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
>>> sr-users at lists.sip-router.org
>>> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
--
Daniel-Constantin Mierla
http://www.asipto.com - http://www.kamailio.org
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
More information about the sr-users
mailing list