[SR-Users] conditional on secfilter seems does not work or how to do it
Pepelux
pepeluxx at gmail.com
Wed Aug 12 16:30:10 CEST 2020
Hi there
It must work fine. I've just tested it:
kamailio.cfg
xinfo("Checking source IP $si");
secf_check_ip();
xinfo("Result of sec_check_ip: $?");
kamailio.log
Aug 12 16:17:38 pepelux /usr/local/sbin/kamailio[23304]: INFO:
<script>: Checking source IP 85.XXX.YYY.54
Aug 12 16:17:38 pepelux /usr/local/sbin/kamailio[23304]: INFO:
<script>: Result of sec_check_ip: 2
# kamcmd secfilter.print ip
IP Address
==========
[+] Blacklisted
-----------
[+] Whitelisted
-----------
0001 -> 85.XXX.YYY.54
Are you sure that the secf_check_ip() function is executed? Could you put a
log before or after to verify it?
On the other hand, 0 is not a possible return value. If the IP address is
not found, the return value will be 1:
[image: image.png]
Regards
On Tue, 11 Aug 2020 at 21:47, PICCORO McKAY Lenz <mckaygerhard at gmail.com>
wrote:
>
> I implemented secfilter in a simple way, in first step routing put that
> conditional for black list check that already works:
>
> ```
> secf_check_ip();
> if ($? == -2) {
> xlog("L_ALERT", "$rm from $si is blacklisted");
> drop();
> }
> ```
>
>
>
> BUT NOW i want to change to whitelick checks, so i reviewed the docs and
> "2" is resulting for whitelist, so then i said "if not whitelisted so
> block" using "!= 2" as on
> https://www.kamailio.org/wiki/cookbooks/5.3.x/core#operators BUT SEEMS
> DOES NOT WORK: that is the code:
>
> ```
> secf_check_ip();
> if ($? != 2) {
> xlog("L_ALERT", "$rm from $si is not in whitelist, block");
> drop();
> }
> ```
>
>
>
> when i tested all the calls passed not matter if are in the table or not
> as whitelist!
>
> I want able to call only if are present and whitelisted the ip address..
> so i also tested with:
>
> ```
> secf_check_ip();
> if ($? == 0) {
> xlog("L_ALERT", "$rm from $si is not present, so block");
> drop();
> }
> ```
>
>
>
> to check if the ip address are presented in the table but call also passed
> and must not cos i not put never a entry in the table!
>
>
> Lenz McKAY Gerardo (PICCORO)
> http://qgqlochekone.blogspot.com
> _______________________________________________
> Kamailio (SER) - Users Mailing List
> sr-users at lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20200812/226aab8c/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image.png
Type: image/png
Size: 26406 bytes
Desc: not available
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20200812/226aab8c/attachment.png>
More information about the sr-users
mailing list