[SR-Users] htable - banning users

Daniel-Constantin Mierla miconda at gmail.com
Thu Mar 17 10:30:53 CET 2016 

Hello,

I think auth_check() returns a particular code if the user doesn't exits
-- see the readme and add the return code to the switch along with the
-2 value.

Alternative, you can use the function is_subscriber() from auth_db
module to detect if the user exists or not, and if not, ban it directly
without

Cheers,
Daniel

On 15/03/16 12:55, meres gr wrote:
> I am using the following script to ban users failing to authenticate
> with fail2ban:
> My problem is that it logs attempts of users only existing to the database
> I would like to modify it in order to log all FAILED authentication
> attempts
> Is this possible?
>  
> # Authentication route
> route[AUTH] {
> #!ifdef WITH_AUTH
>
>   if(is_present_hf("Authorization"))
>   {
>     if($sht(a=>$au::auth_count)==3)
>     {
>      $var(exp) = $Ts - 900;
>         if($sht(a=>$au::last_auth) > $var(exp))
>         {
>             sl_send_reply("403", "Try later");
>             exit;
>         } else {
>             $sht(a=>$au::auth_count) = 0;
>         }
>     }
>     if(!www_authenticate("$td", "subscriber"))
>     {
>      switch ($retcode) {
>             case -1:
>                 sl_send_reply("403", "Forbidden");
>             exit;
>             case -2:
> #fixed null -> $null:
>                 if($sht(a=>$au::auth_count) == $null)
>                     $sht(a=>$au::auth_count) = 0;
>                 $sht(a=>$au::auth_count) = $sht(a=>$au::auth_count) + 1;
> xlog("User $fu Authenticating from ip $si\n");
>                 if($sht(a=>$au::auth_count) == 3)
> xlog("User $fU Authenticating for the 3d time from ip $si\n");
>                 $sht(a=>$au::last_auth) = $Ts;
>             break;
>         }
> www_challenge("$td"/*realm*/,"0"/*qop*/);
>         exit;
>     }
>     $sht(a=>$au::auth_count) = 0;
>   } else {
>     www_challenge("$td","0");
>     exit;
>   }
> }
> #!endif
>
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users

-- 
Daniel-Constantin Mierla
http://www.asipto.com
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
Kamailio World Conference, Berlin, May 18-20, 2016 - http://www.kamailioworld.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20160317/65603183/attachment.html>

More information about the sr-users mailing list