[OpenSIPS-Users] A questions about permissions module

Nick Altmann nick.altmann at gmail.com
Thu Sep 6 11:51:48 CEST 2012 

With debug=3 only messages about permissions.allow and
permissions.deny files not found.
Record like '0.0.0.0/0' are silently ignored.

--
Nick

2012/9/6 Bogdan-Andrei Iancu <bogdan at opensips.org>:
> Hi Nick,
>
> 1. Well, I agree, but I'm not sure what will be the impact over the code -
> like either :
>     doing re-allocs to increase the table each time you get it full
>  either
>     doing it as a linked list.
>
> Probably 1) is simpler to do, with a dynamic size for the table.
>
>
> 2. So you say the rule is silently discarded on DB loading ?
>
>
> Regards,
>
> Bogdan-Andrei Iancu
> OpenSIPS Founder and Developer
> http://www.opensips-solutions.com
>
>
> On 09/06/2012 11:54 AM, Nick Altmann wrote:
>>
>> 1. What about to modify this module to dynamically allocate memory for
>> subnets structure?
>>
>> 2. About 0.0.0.0/0 - no error messages. Just no record if I do
>> "opensipsctl fifo subnet_dump".
>>
>> For example:
>> I need group1 of users to permit from 8.8.0.0/24 and I need group2 to
>> permit from all. Another users have no permission to access server.
>> I make two records in db:
>> 8.8.0.0/24, pattern=group1
>> 0.0.0.0/0, pattern=group2
>>
>> then I do something like:
>> check_address("0", "$(var(realip){uri.host})", "0", "ANY",
>> "$var(ip_access)", "$avp(group_name)");
>>
>> If check_address fails then no access. If check_address is true then
>> check $var(ip_access).
>>
>> --
>> Nick
>>
>> 2012/9/6 Bogdan-Andrei Iancu<bogdan at opensips.org>:
>>>
>>> Hi Nick,
>>>
>>> Indeed the table keeping the subnets is limited to PERM_MAX_SUBNETS - the
>>> table is statically allocate at startup. So, if you want more, you need
>>> to
>>> recompile.
>>>
>>> Regarding the 0.0.0.0/0 :
>>>      1) why do you want to add that :P ?
>>>      2) what error do you get?
>>>
>>> Regards,
>>>
>>> Bogdan-Andrei Iancu
>>> OpenSIPS Founder and Developer
>>> http://www.opensips-solutions.com
>>>
>>>
>>>
>>> On 09/06/2012 11:08 AM, Nick Altmann wrote:
>>>>
>>>> First question:
>>>> Is it okay
>>>> #define PERM_MAX_SUBNETS 128
>>>> ?
>>>>
>>>> What to do if I need to load about 5000 subnets.
>>>>
>>>> And second question:
>>>> Why it doesn't load 0.0.0.0/0 subnet?
>>>>
>>>> --
>>>> Nick
>>>>
>>>> _______________________________________________
>>>> Users mailing list
>>>> Users at lists.opensips.org
>>>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>>>
>

More information about the Users mailing list