[SR-Users] "Sleeping Giant - No Snore" Kam?

Alex Balashov abalashov at evaristesys.com
Thu May 10 04:05:24 CEST 2018

There are a lot of options here.

For source IPs and subnets, the `permissions` module probably works


While it can function in a mode where it bangs on your database for
every request, it also supports a caching mode (db_mode 1):


In caching mode, it loads the ACL from the database once on startup and
keeps it in memory. If you have made alterations to the database table
and want to kick Kamailio to reload it, there are management/RPC commands for that[2]:


Note that in a lot of scenarios, use of the permissions module isn't
truly necessary because some other module provides a de facto ACL. For
example, if you are using the dispatcher[1] module to front-end a group
of servers for round-robin type load balancing, making routing decisions
based on whether the origin is within the dispatcher server pool seems
only natural[2]:

   if(ds_is_from_list("1")) { 
   	# Allow from own application server farm.

For filtering out nonlocal URI domains, the `domain` module presents a
natural fit. It works much as `permissions` does in terms of in-memory
caching and that:


And if you should find that these modules' data model doesn't
schematically meet your needs, you can always seed your own `htable`
values from a DB-backed hash table:


Or fetch these values from somewhere else (e.g. HTTP API) and inject
them into an htable upon startup:


Lots of options...

-- Alex

[1] https://kamailio.org/docs/modules/5.1.x/modules/dispatcher.html

[2] https://kamailio.org/docs/modules/5.1.x/modules/dispatcher.html#dispatcher.f.ds_is_from_list

On Wed, May 09, 2018 at 09:04:16PM +0000, KamDev Essa wrote:

>  easy. Not one of my domains or source IPs. Unless hackers is ex user they would never know my list. 
> KD
>     On Wednesday, May 9, 2018, 4:53:21 PM EDT, Alex Balashov <abalashov at evaristesys.com> wrote:  
>  How would you define "foes" in a programmatic sense? :) That will dictate the answer. 
> -- Alex
> --
> Sent via mobile, please forgive typos and brevity. 
> _______________________________________________
> Kamailio (SER) - Users Mailing List
> sr-users at lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

> _______________________________________________
> Kamailio (SER) - Users Mailing List
> sr-users at lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Alex Balashov | Principal | Evariste Systems LLC

Tel: +1-706-510-6800 / +1-800-250-5920 (toll-free) 
Web: http://www.evaristesys.com/, http://www.csrpswitch.com/

More information about the sr-users mailing list