[OpenSIPS-Users] IP authentication

michel freiha michofr at gmail.com
Thu Jan 15 16:52:50 CET 2009


Dear Bogdan,

I did the following:

if(!allow_address("0", "$si", "$sp")){
sl_send_reply("403", "Forbidden");
xlog("KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK");
exit;
}

When making a call, the system is not matching the condition in all
cases...which means if my IP reside on the address table or not

Regards

On Thu, Jan 15, 2009 at 5:24 PM, Bogdan-Andrei Iancu <bogdan at voice-system.ro
> wrote:

> Hi Michel,
>
> seams allow_address() has mandatory params, replace with:
>   allow_address("0", "$si", "$sp")
>
> Regards,
> Bogdan
>
>
> michel freiha wrote:
>
>> Dear Bogdan,
>> I have created the address table as you asked me in the previous email
>> then I added the following to the opensips.cfg file:
>>
>> route{
>>
>> if (!allow_address()) {
>> sl_send_reply("403", "Forbidden");
>> xlog("$si");
>>
>> xlog("KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK");
>> };
>>
>> I added only IP address to the address table...When trying to restart
>> OpenSIps I got the below error:
>>
>>
>> Thanks for the help
>>
>> Regards
>>
>>
>>
>> On Thu, Jan 15, 2009 at 11:51 AM, Bogdan-Andrei Iancu <
>> bogdan at voice-system.ro <mailto:bogdan at voice-system.ro>> wrote:
>>
>>    Hi Michel,
>>
>>    So, the table must look like:
>>
>>    CREATE TABLE address (
>>      id INT(10) UNSIGNED AUTO_INCREMENT PRIMARY KEY NOT NULL,
>>      grp SMALLINT(5) UNSIGNED DEFAULT 0 NOT NULL,
>>      ip_addr VARCHAR(15) NOT NULL,
>>      mask TINYINT DEFAULT 32 NOT NULL,
>>      port SMALLINT(5) UNSIGNED DEFAULT 0 NOT NULL
>>    ) ENGINE=MyISAM;
>>
>>
>>    so, mask is integer after all :). What you should put in db (to
>>    test) is:
>>      insert into address (ip_addr) values ("xxx.xxx.xxx.xxx");
>>
>>    and check the allow_address() then.
>>
>>    Let me know if there are errors at startup or at runtime.
>>
>>
>>    Regards,
>>    Bogdan
>>
>>    michel freiha wrote:
>>
>>        Dear Bogdan,
>>
>>        I tried allow_address() and it returns an error when
>>        restarting OpenSIPS..Even I tried to change the mask field
>>        type from tinit to varchar but if I put a value inside it like
>>        26 and restart OpenSIPS I even get an error
>>
>>        Regards
>>
>>        Regards
>>
>>        On Thu, Jan 15, 2009 at 11:20 AM, Bogdan-Andrei Iancu
>>        <bogdan at voice-system.ro <mailto:bogdan at voice-system.ro>
>>        <mailto:bogdan at voice-system.ro
>>        <mailto:bogdan at voice-system.ro>>> wrote:
>>
>>           Hi Michel,
>>
>>           Have you tried to use the simple format of the command ?
>>
>>           Like  allow_address() ?
>>
>>           Also not that after filling in the table, you have either to
>>           restart, either to issue the "address_reload" MI command.
>>
>>           Regards,
>>           Bogdan
>>
>>           michel freiha wrote:
>>
>>               Dear Sir,
>>               I'm trying to authenticate users based on their IP
>>        addresses
>>               and not based on username and password...I did the
>>        following
>>               in the config file:
>>
>>               1- I added loadmodule "permissions.so"
>>               2- modparam("permissions", "db_url",
>>               "mysql://opensips:123456@MySQL_Database_IP/Database_name")
>>               3- I added the below function in route function
>>
>>               if (!allow_address("1", "$si", "$sp")) {
>>                      sl_send_reply("403", "Forbidden");
>>
>> xlog("KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK");
>>               };
>>               4- on the database side I have created the address
>>        table then
>>               add an entry with the below values:
>>
>>               grp=1   ip_address=My Softphone IP address  mask=24
>>   Port=0
>>
>>               The problem is that I'm getting Forbidden in case my IP
>>        exist
>>               in address table or not...
>>               Does someone has any idea about what could be the issue
>>        here?
>>
>>               Thanks a lot for the help
>>
>>               Regards
>>
>> ------------------------------------------------------------------------
>>
>>               _______________________________________________
>>               Users mailing list
>>               Users at lists.opensips.org
>>        <mailto:Users at lists.opensips.org>
>>        <mailto:Users at lists.opensips.org
>>        <mailto:Users at lists.opensips.org>>
>>
>>               http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>
>>
>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.opensips.org/pipermail/users/attachments/20090115/4c9e7ebb/attachment-0001.htm 


More information about the Users mailing list