[OpenSIPS-Users] IP authentication
Bogdan-Andrei Iancu
bogdan at voice-system.ro
Thu Jan 15 16:24:16 CET 2009
Hi Michel,
seams allow_address() has mandatory params, replace with:
allow_address("0", "$si", "$sp")
Regards,
Bogdan
michel freiha wrote:
> Dear Bogdan,
> I have created the address table as you asked me in the previous email
> then I added the following to the opensips.cfg file:
>
> route{
>
> if (!allow_address()) {
> sl_send_reply("403", "Forbidden");
> xlog("$si");
> xlog("KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK");
> };
>
> I added only IP address to the address table...When trying to restart
> OpenSIps I got the below error:
>
>
> Thanks for the help
>
> Regards
>
>
>
> On Thu, Jan 15, 2009 at 11:51 AM, Bogdan-Andrei Iancu
> <bogdan at voice-system.ro <mailto:bogdan at voice-system.ro>> wrote:
>
> Hi Michel,
>
> So, the table must look like:
>
> CREATE TABLE address (
> id INT(10) UNSIGNED AUTO_INCREMENT PRIMARY KEY NOT NULL,
> grp SMALLINT(5) UNSIGNED DEFAULT 0 NOT NULL,
> ip_addr VARCHAR(15) NOT NULL,
> mask TINYINT DEFAULT 32 NOT NULL,
> port SMALLINT(5) UNSIGNED DEFAULT 0 NOT NULL
> ) ENGINE=MyISAM;
>
>
> so, mask is integer after all :). What you should put in db (to
> test) is:
> insert into address (ip_addr) values ("xxx.xxx.xxx.xxx");
>
> and check the allow_address() then.
>
> Let me know if there are errors at startup or at runtime.
>
>
> Regards,
> Bogdan
>
> michel freiha wrote:
>
> Dear Bogdan,
>
> I tried allow_address() and it returns an error when
> restarting OpenSIPS..Even I tried to change the mask field
> type from tinit to varchar but if I put a value inside it like
> 26 and restart OpenSIPS I even get an error
>
> Regards
>
> Regards
>
> On Thu, Jan 15, 2009 at 11:20 AM, Bogdan-Andrei Iancu
> <bogdan at voice-system.ro <mailto:bogdan at voice-system.ro>
> <mailto:bogdan at voice-system.ro
> <mailto:bogdan at voice-system.ro>>> wrote:
>
> Hi Michel,
>
> Have you tried to use the simple format of the command ?
>
> Like allow_address() ?
>
> Also not that after filling in the table, you have either to
> restart, either to issue the "address_reload" MI command.
>
> Regards,
> Bogdan
>
> michel freiha wrote:
>
> Dear Sir,
> I'm trying to authenticate users based on their IP
> addresses
> and not based on username and password...I did the
> following
> in the config file:
>
> 1- I added loadmodule "permissions.so"
> 2- modparam("permissions", "db_url",
> "mysql://opensips:123456@MySQL_Database_IP/Database_name")
> 3- I added the below function in route function
>
> if (!allow_address("1", "$si", "$sp")) {
> sl_send_reply("403", "Forbidden");
>
> xlog("KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK");
> };
> 4- on the database side I have created the address
> table then
> add an entry with the below values:
>
> grp=1 ip_address=My Softphone IP address mask=24
> Port=0
>
> The problem is that I'm getting Forbidden in case my IP
> exist
> in address table or not...
> Does someone has any idea about what could be the issue
> here?
>
> Thanks a lot for the help
>
> Regards
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> <mailto:Users at lists.opensips.org>
> <mailto:Users at lists.opensips.org
> <mailto:Users at lists.opensips.org>>
>
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
>
>
>
>
More information about the Users
mailing list