[OpenSIPS-Users] check if ip address belongs to ip and subnet subscriber
Edwin Haselhoff
eahaselhoff at gmail.com
Thu Jan 30 12:21:36 CET 2014
Hi all,
For security reasons I want to check if the $si ip is part of ip and
subnet of a subscriber so added '$(avp(sourceip)' and
'$(avp(sourceip_mask)' to the subscriber table.
(I know I can use permissions module, but this is in cache and we like
to make changes real time without haveing to reload the table in cache)
I tried something like this where sourceip_net and sourceip_mask is the
ip subnet belonging to the subscriber:
$si = 10.100.5.42 (00001010000101000001111000101010)
$avp(sourceip_net) = 10.20.30.40; (00001010000101000001111000101000)
$avp(sourceip_mask) = 29;
if($si{ip.isip} && $(si{ip.pton}{s.substr,0,$avp(sourceip_mask)}) ==
$(avp(sourceip_net){ip.pton}{s.substr,0,$avp(sourceip_mask)}))
{
xlog("L_INFO", " ip $si belongs to $au\n");
}
else
{
xlog("L_INFO", " ip $si does not belong to $au\n");
sl_send_reply("403", "Forbidden");
exit;
}
So I expect the ip is valid and the comparison is true
(00001010000101000001111000101 = 00001010000101000001111000101) but it
doesn't seem to work like I expect.
It's difficult to output ip.pton to xlog (unreadable). Does it output a
binary format like I expect?
Any ideas how to accomplish this?
Thanks,
Edwin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20140130/08a5bb78/attachment.htm>
More information about the Users
mailing list