[OpenSIPS-Users] check if ip address belongs to ip and subnet subscriber

Edwin Haselhoff eahaselhoff at gmail.com
Thu Jan 30 12:38:58 CET 2014 

Stefano,

I tested the permission module but changes to the table are not 'real 
time', I have to reload the table every time (or did I miss something?).



Stefano Pisani schreef op 30-1-2014 12:32:
> Hi,
> use module permission.
>
> s
>
> Il 30/01/2014 12.21, Edwin Haselhoff ha scritto:
>> Hi all,
>>
>> For security reasons I want to check if the $si ip is part of ip and 
>> subnet of a subscriber so added '$(avp(sourceip)' and 
>> '$(avp(sourceip_mask)' to the subscriber table.
>> (I know I can use permissions module, but this is in cache and we 
>> like to make changes real time without haveing to reload the table in 
>> cache)
>>
>> I tried something like this where sourceip_net and sourceip_mask is 
>> the ip subnet belonging to the subscriber:
>>
>> $si = 10.100.5.42 (00001010000101000001111000101010)
>> $avp(sourceip_net) = 10.20.30.40; (00001010000101000001111000101000)
>> $avp(sourceip_mask) = 29;
>>
>> if($si{ip.isip} && $(si{ip.pton}{s.substr,0,$avp(sourceip_mask)}) == 
>> $(avp(sourceip_net){ip.pton}{s.substr,0,$avp(sourceip_mask)}))
>> {
>>     xlog("L_INFO", " ip $si belongs to $au\n");
>> }
>> else
>> {
>>     xlog("L_INFO", " ip $si does not belong to $au\n");
>>     sl_send_reply("403", "Forbidden");
>>     exit;
>> }
>>
>>
>> So I expect the ip is valid and the comparison is true 
>> (00001010000101000001111000101 = 00001010000101000001111000101) but 
>> it doesn't seem to work like I expect.
>>
>> It's difficult to output ip.pton to xlog (unreadable). Does it output 
>> a binary format like I expect?
>>
>> Any ideas how to accomplish this?
>>
>> Thanks,
>>
>> Edwin
>>
>>
>> _______________________________________________
>> Users mailing list
>> Users at lists.opensips.org
>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
>
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20140130/3c4617ce/attachment.htm>

More information about the Users mailing list