<div dir="ltr">Dear Sir,<br><br>I'm using the following:<br><br>if($rU =~ "^00.*")<br>{<br>if(!allow_address("1", "$si", "$sp")){<br>sl_send_reply("403", "Forbidden");<br>
xlog("KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK");<br>exit;<br>}<br>else<br>{<br><br>xlog("MICHOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOO");<br>
route(8);<br>exit;<br>}<br>} <br><br>When I make a call I got Forbidden in all cases...Registered or Non Registered user<br><br>Regards<br><br><div class="gmail_quote">On Thu, Jan 15, 2009 at 10:07 PM, Brett Nemeroff <span dir="ltr"><<a href="mailto:brett@nemeroff.com">brett@nemeroff.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">What are you using for a mask? Bogdan, what's the format for that field? Is it typical slash notation? ie: 24 for a class c (255.255.255.0).<div>
<br></div><div><br><div><br><div class="gmail_quote"><div><div></div><div class="Wj3C7c">On Thu, Jan 15, 2009 at 9:52 AM, michel freiha <span dir="ltr"><<a href="mailto:michofr@gmail.com" target="_blank">michofr@gmail.com</a>></span> wrote:<br>
</div></div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><div><div></div><div class="Wj3C7c"><div dir="ltr">Dear Bogdan,<br><br>I did the following:<br>
<br>if(!allow_address("0", "$si", "$sp")){<div>
<br>sl_send_reply("403", "Forbidden");<br>xlog("KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK");<br></div>
exit;<br>}<br><br>When making a call, the system is not matching the condition in all cases...which means if my IP reside on the address table or not<br><br>Regards<div><div></div><div><br><br><div class="gmail_quote">
On Thu, Jan 15, 2009 at 5:24 PM, Bogdan-Andrei Iancu <span dir="ltr"><<a href="mailto:bogdan@voice-system.ro" target="_blank">bogdan@voice-system.ro</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">Hi Michel,<br>
<br>
seams allow_address() has mandatory params, replace with:<br>
allow_address("0", "$si", "$sp")<div><br>
<br>
Regards,<br>
Bogdan<br>
<br>
<br>
michel freiha wrote:<br>
</div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Dear Bogdan,<div><br>
I have created the address table as you asked me in the previous email then I added the following to the opensips.cfg file:<br>
<br>
route{<br>
<br>
if (!allow_address()) {<br>
sl_send_reply("403", "Forbidden");<br>
xlog("$si");<br>
xlog("KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK");<br>
};<br>
<br>
I added only IP address to the address table...When trying to restart OpenSIps I got the below error:<br>
<br>
<br></div><div>
Thanks for the help<br>
<br>
Regards<br>
<br>
<br>
<br></div><div><div></div><div>
On Thu, Jan 15, 2009 at 11:51 AM, Bogdan-Andrei Iancu <<a href="mailto:bogdan@voice-system.ro" target="_blank">bogdan@voice-system.ro</a> <mailto:<a href="mailto:bogdan@voice-system.ro" target="_blank">bogdan@voice-system.ro</a>>> wrote:<br>
<br>
Hi Michel,<br>
<br>
So, the table must look like:<br>
<br>
CREATE TABLE address (<br>
id INT(10) UNSIGNED AUTO_INCREMENT PRIMARY KEY NOT NULL,<br>
grp SMALLINT(5) UNSIGNED DEFAULT 0 NOT NULL,<br>
ip_addr VARCHAR(15) NOT NULL,<br>
mask TINYINT DEFAULT 32 NOT NULL,<br>
port SMALLINT(5) UNSIGNED DEFAULT 0 NOT NULL<br>
) ENGINE=MyISAM;<br>
<br>
<br>
so, mask is integer after all :). What you should put in db (to<br>
test) is:<br>
insert into address (ip_addr) values ("xxx.xxx.xxx.xxx");<br>
<br>
and check the allow_address() then.<br>
<br>
Let me know if there are errors at startup or at runtime.<br>
<br>
<br>
Regards,<br>
Bogdan<br>
<br>
michel freiha wrote:<br>
<br>
Dear Bogdan,<br>
<br>
I tried allow_address() and it returns an error when<br>
restarting OpenSIPS..Even I tried to change the mask field<br>
type from tinit to varchar but if I put a value inside it like<br>
26 and restart OpenSIPS I even get an error<br>
<br>
Regards<br>
<br>
Regards<br>
<br>
On Thu, Jan 15, 2009 at 11:20 AM, Bogdan-Andrei Iancu<br>
<<a href="mailto:bogdan@voice-system.ro" target="_blank">bogdan@voice-system.ro</a> <mailto:<a href="mailto:bogdan@voice-system.ro" target="_blank">bogdan@voice-system.ro</a>><br>
<mailto:<a href="mailto:bogdan@voice-system.ro" target="_blank">bogdan@voice-system.ro</a><br>
<mailto:<a href="mailto:bogdan@voice-system.ro" target="_blank">bogdan@voice-system.ro</a>>>> wrote:<br>
<br>
Hi Michel,<br>
<br>
Have you tried to use the simple format of the command ?<br>
<br>
Like allow_address() ?<br>
<br>
Also not that after filling in the table, you have either to<br>
restart, either to issue the "address_reload" MI command.<br>
<br>
Regards,<br>
Bogdan<br>
<br>
michel freiha wrote:<br>
<br>
Dear Sir,<br>
I'm trying to authenticate users based on their IP<br>
addresses<br>
and not based on username and password...I did the<br>
following<br>
in the config file:<br>
<br>
1- I added loadmodule "permissions.so"<br>
2- modparam("permissions", "db_url",<br>
"mysql://opensips:123456@MySQL_Database_IP/Database_name")<br>
3- I added the below function in route function<br>
<br>
if (!allow_address("1", "$si", "$sp")) {<br>
sl_send_reply("403", "Forbidden");<br>
xlog("KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK");<br>
};<br>
4- on the database side I have created the address<br>
table then<br>
add an entry with the below values:<br>
<br>
grp=1 ip_address=My Softphone IP address mask=24 Port=0<br>
<br>
The problem is that I'm getting Forbidden in case my IP<br>
exist<br>
in address table or not...<br>
Does someone has any idea about what could be the issue<br>
here?<br>
<br>
Thanks a lot for the help<br>
<br>
Regards<br>
------------------------------------------------------------------------<br>
<br>
_______________________________________________<br>
Users mailing list<br>
<a href="mailto:Users@lists.opensips.org" target="_blank">Users@lists.opensips.org</a><br>
<mailto:<a href="mailto:Users@lists.opensips.org" target="_blank">Users@lists.opensips.org</a>><br>
<mailto:<a href="mailto:Users@lists.opensips.org" target="_blank">Users@lists.opensips.org</a><br>
<mailto:<a href="mailto:Users@lists.opensips.org" target="_blank">Users@lists.opensips.org</a>>><br>
<br>
<a href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users" target="_blank">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a><br>
<br>
<br>
<br>
<br>
</div></div></blockquote>
<br>
</blockquote></div><br></div></div></div>
<br>_______________________________________________<br>
Users mailing list<br>
<a href="mailto:Users@lists.opensips.org" target="_blank">Users@lists.opensips.org</a><br>
</div></div><div class="Ih2E3d"><a href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users" target="_blank">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a><br>
<br></div></blockquote></div><br></div></div>
</blockquote></div><br></div>