[Users] AVPOPS module problem

Bogdan-Andrei Iancu bogdan at voice-system.ro
Mon Jun 27 10:33:02 CEST 2005 

Hi Alexandre,

the logic and DB content look good with only exception - use 
ruri/username instead of to/username in avp_db_load().

to debug, you may try to add an avp_print() just to see what the 
avp_db_load() loaded:
     if (avp_db_load(.....) && avp_print() && avp_check(.....)
    {
       ....
    }

also try to to switch to full debug (debug=9)- the extra logs may prove 
helpful in locating your problem.

regards,
bogdan


Alexandre Passito wrote:

>I did all these modifications but I have problems yet. Could you see
>my code about "black list" an see if there is something wrong?
>
>
>if (method=="INVITE")
>        {
>                if ( avp_db_load("$to/username", "s:not_allow/preferences")
>                        && avp_check("s:not_allow", "eq/$from/gi") )
>                {
>                        sl_send_reply("403", "Forbidden - You are blocked!");
>                        break;
>                };
>
>        }
>
>
>        if (!t_relay()) {
>                sl_reply_error();
>        };
>        lookup("aliases");
>}
>
>My "preferences" table looks like:
>
>uuid(str) username(str) domain(str,null) attribute(str) value(str) type(int)
>:ggg:200.129.163.139:not_allow:sip\:alexandre at 200.129.163.248:0
>:alexandre:200.129.163.139:not_allow:sip\:ggg at 200.129.163.139:0
>
>I think that this table means that ggg user cannot contact alexandre
>and vice-versa. ok?
>
>I need help in this,
>
>Best regards,
>
>
>2005/6/26, Daniel-Constantin Mierla <daniel at voice-system.ro>:
>  
>
>>Hello,
>>you must not enclose the strings in quotes, just write the value between
>>the colons. Also, you have to put "sip:" in front of sip uris from
>>column 'value'. E.g.:
>>
>>uuid(str) username(str) domain(str,null) attribute(str) value(str) type(int)
>>:peter:200.129.163.139:not_allow:sip\:paul at 200.129.163.212:0
>>
>>Daniel
>>
>>
>>On 06/26/05 00:11, Alexandre Passito wrote:
>>
>>    
>>
>>>Hi,
>>>
>>>I'm trying to implement a "black list" with avpops module, but I got
>>>some errors:
>>>
>>>This is my cfg file:
>>>
>>>#
>>># $Id: ser.cfg,v 1.21.4.1 2003/11/10 15:35:15 andrei Exp $
>>>#
>>># simple quick-start config script
>>>#
>>>
>>># ----------- global configuration parameters ------------------------
>>>
>>>#debug=3         # debug level (cmd line: -dddddddddd)
>>>#fork=yes
>>>#log_stderror=no       # (cmd line: -E)
>>>
>>># Uncomment these lines to enter debugging mode
>>>#debug=7
>>>#fork=no
>>>#log_stderror=yes
>>>
>>>
>>>check_via=no   # (cmd. line: -v)
>>>dns=no           # (cmd. line: -r)
>>>rev_dns=no      # (cmd. line: -R)
>>>#port=5060
>>>#children=4
>>>fifo="/tmp/openser_fifo"
>>>
>>>fifo_db_url="dbtext:///home/alexandre/Devel/openser-0.9.4/bin/dbtext"
>>>
>>># ------------------ module loading ----------------------------------
>>>
>>># Uncomment this if you want to use SQL database
>>>#loadmodule "/home/alexandre/Devel/ser-0.8.14/bin//lib/ser/modules/mysql.so"
>>>
>>>loadmodule "/home/alexandre/Devel/openser-0.9.4/bin//lib/openser/modules/dbtext.so"
>>>loadmodule "/home/alexandre/Devel/openser-0.9.4/bin//lib/openser/modules/sl.so"
>>>loadmodule "/home/alexandre/Devel/openser-0.9.4/bin//lib/openser/modules/tm.so"
>>>loadmodule "/home/alexandre/Devel/openser-0.9.4/bin//lib/openser/modules/rr.so"
>>>loadmodule "/home/alexandre/Devel/openser-0.9.4/bin//lib/openser/modules/maxfwd.so"
>>>loadmodule "/home/alexandre/Devel/openser-0.9.4/bin//lib/openser/modules/usrloc.so"
>>>loadmodule "/home/alexandre/Devel/openser-0.9.4/bin//lib/openser/modules/registrar.so"
>>>loadmodule "/home/alexandre/Devel/openser-0.9.4/bin//lib/openser/modules/avpops.so"
>>>
>>># Uncomment this if you want digest authentication
>>># mysql.so must be loaded !
>>>
>>>loadmodule "/home/alexandre/Devel/openser-0.9.4/bin//lib/openser/modules/auth.so"
>>>loadmodule "/home/alexandre/Devel/openser-0.9.4/bin//lib/openser/modules/auth_db.so"
>>>
>>># ----------------- setting module-specific parameters ---------------
>>>
>>># -- usrloc params --
>>>
>>>modparam("usrloc", "db_url",
>>>"dbtext:///home/alexandre/Devel/openser-0.9.4/bin/dbtext")
>>>modparam("usrloc", "db_mode", 2)
>>>
>>>modparam("auth_db", "db_url",
>>>"dbtext:///home/alexandre/Devel/openser-0.9.4/bin/dbtext")
>>>modparam("auth_db", "calculate_ha1", yes)
>>>modparam("auth_db", "password_column", "password")
>>>
>>>modparam("avpops", "avp_url",
>>>"dbtext:///home/alexandre/Devel/openser-0.9.4/bin/dbtext")
>>>modparam("avpops", "avp_table", "preferences")
>>>
>>>
>>># Uncomment this if you want to use SQL database
>>># for persistent storage and comment the previous line
>>>#modparam("usrloc", "db_mode", 2)
>>>
>>># -- auth params --
>>># Uncomment if you are using auth module
>>>#
>>>#modparam("auth_db", "calculate_ha1", yes)
>>>#
>>># If you set "calculate_ha1" parameter to yes (which true in this config),
>>># uncomment also the following parameter)
>>>#
>>>#modparam("auth_db", "password_column", "password")
>>>
>>># -- rr params --
>>># add value to ;lr param to make some broken UAs happy
>>>modparam("rr", "enable_full_lr", 1)
>>>
>>># -------------------------  request routing logic -------------------
>>>
>>># main routing logic
>>>
>>>route{
>>>
>>>      # initial sanity checks -- messages with
>>>      # max_forwards==0, or excessively long requests
>>>      if (!mf_process_maxfwd_header("10")) {
>>>              sl_send_reply("483","Too Many Hops");
>>>              break;
>>>      };
>>>      if ( msg:len > max_len ) {
>>>              sl_send_reply("513", "Message too big");
>>>              break;
>>>      };
>>>
>>>      # we record-route all messages -- to make sure that
>>>      # subsequent messages will go through our proxy; that's
>>>      # particularly good if upstream and downstream entities
>>>      # use different transport protocol
>>>      record_route();
>>>      # loose-route processing
>>>      if (loose_route()) {
>>>              t_relay();
>>>              break;
>>>      };
>>>
>>>      # if the request is for other domain use UsrLoc
>>>      # (in case, it does not work, use the following command
>>>      # with proper names and addresses in it)
>>>      if (uri==myself) {
>>>
>>>              if (method=="REGISTER") {
>>>
>>># Uncomment this if you want to use digest authentication
>>>#                      if (!www_authorize("iptel.org", "subscriber")) {
>>>#                              www_challenge("iptel.org", "0");
>>>#                              break;
>>>#                      };
>>>
>>>                      save("location");
>>>                      break;
>>>              };
>>>
>>>              # native SIP destinations are handled using our USRLOC DB
>>>              if (!lookup("location")) {
>>>                      sl_send_reply("404", "Not Found");
>>>                      break;
>>>              };
>>>      };
>>>      # forward to current uri now; use stateful forwarding; that
>>>      # works reliably even if we forward from TCP to UDP
>>>
>>>#Black-list!!!
>>>
>>>       if (method=="INVITE" || method=="MESSAGE")
>>>       {
>>>               if ( avp_db_load("$to/username", "s:not_allow/preferences")
>>>                      && avp_check("s:not_allow", "eq/$from/gi") )
>>>               {
>>>                      sl_send_reply("403", "Forbidden - You are blocked!");
>>>                       break;
>>>              }
>>>      }
>>>
>>>      if (!t_relay()) {
>>>              sl_reply_error();
>>>      };
>>>      lookup("aliases");
>>>}
>>>
>>>
>>>My "preference" table looks like:
>>>
>>>uuid(str) username(str) domain(str,null) attribute(str) value(str) type(int)
>>>"":"peter":"200.129.163.139":"not_allow":"paul at 200.129.163.212":"0"
>>>
>>>I'm using openser in to a local network. Its ip is 200.129.163.178.
>>>
>>>peter address is 200.129.163.139
>>>
>>>paul address is 200.129.163.212
>>>
>>>
>>>
>>>The result is that both UA call each one, despite peter blocks paul.
>>>
>>>Any help?
>>>
>>>Best regards
>>>
>>>
>>>      
>>>
>
>
>  
>

More information about the Users mailing list