[OpenSIPS-Users] IP authentication

michel freiha michofr at gmail.com
Fri Jan 16 10:14:01 CET 2009


Dear Sir,

Kindly check the Whole configuration file:

http://pastebin.com/d16fe5f36

Please let me know if there is something wrong...I'm not be able to make a
call and when dialing 00 from a registered or non registered endpoint
OpenSIPS run inside the function if(!allow_address("1", "$si", "$sp")){


Regards

On Thu, Jan 15, 2009 at 10:07 PM, Brett Nemeroff <brett at nemeroff.com> wrote:

> What are you using for a mask? Bogdan, what's the format for that field? Is
> it typical slash notation? ie: 24 for a class c (255.255.255.0).
>
>
> On Thu, Jan 15, 2009 at 9:52 AM, michel freiha <michofr at gmail.com> wrote:
>
>> Dear Bogdan,
>>
>> I did the following:
>>
>> if(!allow_address("0", "$si", "$sp")){
>> sl_send_reply("403", "Forbidden");
>>
>> xlog("KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK");
>> exit;
>> }
>>
>> When making a call, the system is not matching the condition in all
>> cases...which means if my IP reside on the address table or not
>>
>> Regards
>>
>>
>> On Thu, Jan 15, 2009 at 5:24 PM, Bogdan-Andrei Iancu <
>> bogdan at voice-system.ro> wrote:
>>
>>> Hi Michel,
>>>
>>> seams allow_address() has mandatory params, replace with:
>>>   allow_address("0", "$si", "$sp")
>>>
>>> Regards,
>>> Bogdan
>>>
>>>
>>> michel freiha wrote:
>>>
>>>> Dear Bogdan,
>>>> I have created the address table as you asked me in the previous email
>>>> then I added the following to the opensips.cfg file:
>>>>
>>>> route{
>>>>
>>>> if (!allow_address()) {
>>>> sl_send_reply("403", "Forbidden");
>>>> xlog("$si");
>>>>
>>>> xlog("KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK");
>>>> };
>>>>
>>>> I added only IP address to the address table...When trying to restart
>>>> OpenSIps I got the below error:
>>>>
>>>>
>>>> Thanks for the help
>>>>
>>>> Regards
>>>>
>>>>
>>>>
>>>> On Thu, Jan 15, 2009 at 11:51 AM, Bogdan-Andrei Iancu <
>>>> bogdan at voice-system.ro <mailto:bogdan at voice-system.ro>> wrote:
>>>>
>>>>    Hi Michel,
>>>>
>>>>    So, the table must look like:
>>>>
>>>>    CREATE TABLE address (
>>>>      id INT(10) UNSIGNED AUTO_INCREMENT PRIMARY KEY NOT NULL,
>>>>      grp SMALLINT(5) UNSIGNED DEFAULT 0 NOT NULL,
>>>>      ip_addr VARCHAR(15) NOT NULL,
>>>>      mask TINYINT DEFAULT 32 NOT NULL,
>>>>      port SMALLINT(5) UNSIGNED DEFAULT 0 NOT NULL
>>>>    ) ENGINE=MyISAM;
>>>>
>>>>
>>>>    so, mask is integer after all :). What you should put in db (to
>>>>    test) is:
>>>>      insert into address (ip_addr) values ("xxx.xxx.xxx.xxx");
>>>>
>>>>    and check the allow_address() then.
>>>>
>>>>    Let me know if there are errors at startup or at runtime.
>>>>
>>>>
>>>>    Regards,
>>>>    Bogdan
>>>>
>>>>    michel freiha wrote:
>>>>
>>>>        Dear Bogdan,
>>>>
>>>>        I tried allow_address() and it returns an error when
>>>>        restarting OpenSIPS..Even I tried to change the mask field
>>>>        type from tinit to varchar but if I put a value inside it like
>>>>        26 and restart OpenSIPS I even get an error
>>>>
>>>>        Regards
>>>>
>>>>        Regards
>>>>
>>>>        On Thu, Jan 15, 2009 at 11:20 AM, Bogdan-Andrei Iancu
>>>>        <bogdan at voice-system.ro <mailto:bogdan at voice-system.ro>
>>>>        <mailto:bogdan at voice-system.ro
>>>>        <mailto:bogdan at voice-system.ro>>> wrote:
>>>>
>>>>           Hi Michel,
>>>>
>>>>           Have you tried to use the simple format of the command ?
>>>>
>>>>           Like  allow_address() ?
>>>>
>>>>           Also not that after filling in the table, you have either to
>>>>           restart, either to issue the "address_reload" MI command.
>>>>
>>>>           Regards,
>>>>           Bogdan
>>>>
>>>>           michel freiha wrote:
>>>>
>>>>               Dear Sir,
>>>>               I'm trying to authenticate users based on their IP
>>>>        addresses
>>>>               and not based on username and password...I did the
>>>>        following
>>>>               in the config file:
>>>>
>>>>               1- I added loadmodule "permissions.so"
>>>>               2- modparam("permissions", "db_url",
>>>>               "mysql://opensips:123456@MySQL_Database_IP
>>>> /Database_name")
>>>>               3- I added the below function in route function
>>>>
>>>>               if (!allow_address("1", "$si", "$sp")) {
>>>>                      sl_send_reply("403", "Forbidden");
>>>>
>>>> xlog("KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK");
>>>>               };
>>>>               4- on the database side I have created the address
>>>>        table then
>>>>               add an entry with the below values:
>>>>
>>>>               grp=1   ip_address=My Softphone IP address  mask=24
>>>>     Port=0
>>>>
>>>>               The problem is that I'm getting Forbidden in case my IP
>>>>        exist
>>>>               in address table or not...
>>>>               Does someone has any idea about what could be the issue
>>>>        here?
>>>>
>>>>               Thanks a lot for the help
>>>>
>>>>               Regards
>>>>
>>>> ------------------------------------------------------------------------
>>>>
>>>>               _______________________________________________
>>>>               Users mailing list
>>>>               Users at lists.opensips.org
>>>>        <mailto:Users at lists.opensips.org>
>>>>        <mailto:Users at lists.opensips.org
>>>>        <mailto:Users at lists.opensips.org>>
>>>>
>>>>               http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>>>
>>>>
>>>>
>>>>
>>>>
>>>
>>
>> _______________________________________________
>> Users mailing list
>> Users at lists.opensips.org
>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.opensips.org/pipermail/users/attachments/20090116/940cba8d/attachment-0002.htm 


More information about the Users mailing list