[SR-Users] Login Attempts

Ahmed Marsou amarsou1988 at gmail.com
Wed May 27 19:16:29 CEST 2020


OK, it works.
I create a table 'auth_count' and I save $ ua, $ auth_count, and $ Ts, then
I implement de code.
Finaly I use sqlop.
Thank you so much for the support.

        if (is_method("REGISTER"))
        {
                if(is_present_hf("Authorization")){
                        $var(max_attempts)= 3;
                        if (sql_query("ca","select auth_count from
auth_count where Blocked_user='$au'","auth_count")== $var(max_attempts) &&
$sht(a=>$au::auth_count)!= $null) {
                                 xlog("Other attempts auth
************************failed more than 3 times - src ip: $si\n");
                                 $var(address) = $si;
                                  $var(ruri) = "[" + $var(address)+ "]" +
":" + $sp + ";" + "transport" + "=" + $proto;
                 #Send a SIP Request signalling the problem and its reason
on the body
                                  $uac_req(method)="MESSAGE";
                                  $uac_req(ruri) = "sip:"+ $au + "@" +
$var(ruri);
                                  $uac_req(furi) = "
sip:kamailio at ericsson.net";
                                  $uac_req(turi) = $fu;
                                  $uac_req(hdrs)="Max-Forwards:
70\r\nEvent: reg\r\nContent-Type:
text/plain\r\nAccept-Contact:*;+g.ext.app.registration\r\n";
                                  $uac_req(body)="Accout Blocked. Plese
contact with your adminstrator";
                                  uac_req_send();
                                  exit;
                        }else
                        if($sht(a=>$au::auth_count)== $var(max_attempts)){
                                  xlog("L_INFO","Insert the blocked user on
database");
                                  sql_query_async("ca", "insert into
auth_count (Blocked_user, auth_count, Blocked_date) values ('$ua',
'$sht(a=>$au::auth_count)', '$Ts')");
                                  xlog("Other attempts auth failed more
than 3 times - src ip: $si\n");
                                  $var(address) = $si;
                                  $var(ruri) = "[" + $var(address)+ "]" +
":" + $sp + ";" + "transport" + "=" + $proto;
                 #Send a SIP Request signalling the problem and its reason
on the body
                                  $uac_req(method)="MESSAGE";
                                  $uac_req(ruri) = "sip:"+ $au + "@" +
$var(ruri);
                                  $uac_req(furi) = "
sip:kamailio at ericsson.net";
                                  $uac_req(turi) = $fu;
                                  $uac_req(hdrs)="Max-Forwards:
70\r\nEvent: reg\r\nContent-Type:
text/plain\r\nAccept-Contact:*;+g.ext.app.registration\r\n";
                                  $uac_req(body)="Accout Blocked. Plese
contact with your adminstrator";
                                  uac_req_send();
                                  exit;

                        }else
                        if ($sht(a=>$au::auth_count)== $null){
                        xlog("L_INFO","Ponemos un cero
 ###################################################");
                        $sht(a=>$au::auth_count) = 0;
                        }
                if(!www_authenticate("ericsson.net", "subscriber"))
                {
                        if ($? == -1){
                                sl_send_reply("500", "Internal Server
Error");
                                exit;
                }
                        if ($? == -2){
                                $sht(a=>$au::auth_count) =
$sht(a=>$au::auth_count) + 1;
                                sl_send_reply("403", "Forbidden");
                                exit;
                }
                xlog("L_INFO","REPETIMOS ACCESO
 ###################################################");
                www_challenge("$td"/*realm*/,"0"/*qop*/);
                exit;
                }
                xlog("L_INFO","AQUI
###################################################");
                $sht(a=>$au::auth_count) = 0;
                } else {
                www_challenge("$td","0");
                exit;
                }



El mié., 27 may. 2020 a las 8:15, Daniel-Constantin Mierla (<
miconda at gmail.com>) escribió:

> Hello,
> On 26.05.20 22:12, Ahmed Marsou wrote:
>
> Sorry, what I want is to block a user after 'n' incorrect login attempts
> and leave it blocked until a user unblocks them from the website. I try
> something with the htable module but I don't know if I can save the value
> in the database. Is going to check if the number of login attempts is >
> 'n', and if is > 'n', I gonna leave it blocked and send a MESSAGE to an app.
> I starting with something like this:
>
> modparam("htable", "htable", "a=>size=8;autoexpire=920;") . . .
> if(is_present_hf("Authorization")){ reg_fetch_contacts("location", "$fu",
> "existingContact"); if($sht(a=>$au::auth_count)==3){ xlog("Other attempts
> auth failed more than 3 times - src ip: $si\n"); $var(address) = $si;
> $var(ruri) = "[" + $var(address)+ "]" + ":" + $sp + ";" + "transport" + "="
> + $proto; #Send a SIP Request signalling the problem and its reason on the
> body $uac_req(method)="MESSAGE"; $uac_req(ruri) = "sip:"+ $au + "@" +
> $var(ruri); $uac_req(furi) = "sip:kamailio at ericsson.net"; $uac_req(turi)
> = $fu; $uac_req(hdrs)="Max-Forwards: 70\r\nEvent: reg\r\nContent-Type:
> text/plain\r\nAccept-Contact:*;+g.ext.app.registration\r\n";
> $uac_req(body)="Accout Blocked. Plese contact with your adminstrator";
> uac_req_send(); exit; }else{ $sht(a=>$au::auth_count) = 0; }
> if(!www_authenticate("ericsson.net", "subscriber")){ switch ($retcode) {
> case -1: sl_send_reply("403", "Forbidden"); exit; case -2:
> if($sht(a=>$au::auth_count) == $null) $sht(a=>$au::auth_count) = 0;
> $sht(a=>$au::auth_count) = $sht(a=>$au::auth_count) + 1; break; }
> www_challenge("$td"/*realm*/,"0"/*qop*/); exit; } $sht(a=>$au::auth_count)
> = 0; } else { www_challenge("$td","0"); exit; } }
>
> But first problem:
> Is not counting. I dont know if I have to configure any param more to
> start counting attempts?
>
> Why do you say it is not counting? Have you checked the content of the
> htable via rpc command to see if anything is stored there?
>
>
>
> Second problem:
> I dont know the best option to save the login attempts on databes. Theres
> is any module that can help?
>
>
> Check the sqlops module, it allows to do any sql query.
>
>
> Cheers,
> Daniel
>
>
> Thank you so much.
>
>
>
>
>
>
> El mar., 26 may. 2020 a las 21:56, Daniel-Constantin Mierla (<
> miconda at gmail.com>) escribió:
>
>> Hello,
>>
>> if you look for inserting into/querying from a database table from config
>> script, look at sqlops module.
>>
>> If you need something else, provide more details about what you want to
>> achieve.
>>
>> Cheers,
>> Daniel
>> On 26.05.20 20:38, Ahmed Marsou wrote:
>>
>> Hi;
>> I have to control the login attempts, but blocking the user until I
>> unlock him from web site. To do that I have to save the paramter on
>> database. There is any table and column where I can save that parameter?
>> I'm using the  htable module to count the Authentification attempts.
>> There's is any module that do that easily?
>> Thank you.
>>
>>
>> _______________________________________________
>> Kamailio (SER) - Users Mailing Listsr-users at lists.kamailio.orghttps://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>
>> --
>> Daniel-Constantin Mierla -- www.asipto.comwww.twitter.com/miconda -- www.linkedin.com/in/miconda
>> Funding: https://www.paypal.me/dcmierla
>>
>> --
> Daniel-Constantin Mierla -- www.asipto.comwww.twitter.com/miconda -- www.linkedin.com/in/miconda
> Funding: https://www.paypal.me/dcmierla
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20200527/346bab61/attachment.html>


More information about the sr-users mailing list