Copyright © 2008 1&1 Internet AG
Revision History | |
---|---|
Revision $Revision: 4863 $ | $Date: 2008-09-05 13:11:33 +0200 (Fri, 05 Sep 2008) $ |
Table of Contents
db_url
(String)userblacklist_table
(String)userblacklist_id_col
(string)userblacklist_username_col
(string)userblacklist_domain_col
(string)userblacklist_prefix_col
(string)userblacklist_whitelist_col
(string)globalblacklist_table
(String)globalblacklist_id_col
(string)globalblacklist_prefix_col
(string)globalblacklist_whitelist_col
(string)globalblacklist_description_col
(string)List of Examples
use_domain
parametercheck_user_blacklist
usagecheck_blacklist
usagereload_blacklists
usagedb_url
parameteruserblacklist_table
parameteruserblacklist_id_col
parameteruserblacklist_username_col
parameteruserblacklist_domain_col
parameteruserblacklist_prefix_col
parameteruserblacklist_whitelist_col
parameterglobalblacklist_table
parameterglobalblacklist_id_col
parameterglobalblacklist_prefix_col
parameterglobalblacklist_whitelist_col
parameterglobalblacklist_description_col
parameterThe userblacklist module allows Kamailio to handle blacklists on a per user basis. This information is stored in a database table, which is queried to decide if the number (more exactly, the request URI user) is blacklisted or not.
An additional functionality that this module provides is the ability to handle global blacklists. This lists are loaded on startup into memory, thus providing a better performance then in the userblacklist case. This global blacklists are useful to only allow calls to certain international destinations, i.e. block all not whitelisted numbers. They could also used to prevent the blacklisting of important numbers, as whitelisting is supported too. This is useful for example to prevent the customer from blocking emergency call number or service hotlines.
The module exports two functions, check_blacklist and check_user_blacklist for usage in the config file. Furthermore its provide a FIFO function to reload the global blacklist cache.
Please note that only numerical strings for matching are supported at the moment (the used library supports this already, but its not yet implemented in the module). Non-digits on the beginning of the matched string are skipped, any later non-digits will stop the matching on this position.
The module depends on the following modules (in the other words the listed modules must be loaded before this module):
database -- Any database module
Finds the longest prefix that matches the request URI user (or the number parameter) for the given user and domain name in the database. If a match is found and it is not set to whitelist, false is returned. Otherwise, true is returned. Pseudo-variables or AVPs can be used for the user, domain and number parameters. The number and table variables are optional, the defaults are used if they are ommited. The number parameter can be used to check for example against the from URI user.
Example 1.2. check_user_blacklist
usage
... $avp(i:80) = $rU; # rewrite the R-URI if (!check_user_blacklist("$avp(i:80)", "$avp(i:82)")) sl_send_reply("403", "Forbidden"); exit; } ...
Finds the longest prefix that matches the request URI for the given table. If a match is found and it is not set to whitelist, false is returned. Otherwise, true is returned.
Example 1.3. check_blacklist
usage
... if (!check_blacklist("global_blacklist"))) sl_send_reply("403", "Forbidden"); exit; } ...
Before running Kamailio with userblacklist, you have to setup the database table where the module will read the blacklist data. For that, if the table was not created by the installation script or you choose to install everything by yourself you can use the userblacklist-create.sql SQL script in the database directories in the kamailio/scripts folder as template. Database and table name can be set with module parameters so they can be changed, but the name of the columns must be as they are in the SQL script. You can also find the complete database documentation on the project webpage, http://www.kamailio.org/docs/db-tables/kamailio-db-devel.html.
Example 1.5. Example database content - globalblacklist table
... +----+-----------+-----------+ | id | prefix | whitelist | +----+-----------+-----------+ | 1 | | 0 | | 2 | 1 | 1 | | 3 | 123456 | 0 | | 4 | 123455787 | 0 | +----+-----------+-----------+ ...
This table will setup a global blacklist for all numbers, only allowing calls starting with “1”. Numbers that starting with “123456” and “123455787” are also blacklisted, because the longest prefix will be matched.
Example 1.6. Example database content - userblacklist table
... +----+----------------+-------------+-----------+-----------+ | id | username | domain | prefix | whitelist | +----+----------------+-------------+-----------+-----------+ | 23 | 49721123456788 | | 1234 | 0 | | 22 | 49721123456788 | | 123456788 | 1 | | 21 | 49721123456789 | | 12345 | 0 | | 20 | 494675231 | | 499034133 | 1 | | 19 | 494675231 | test | 499034132 | 0 | | 18 | 494675453 | test.domain | 49901 | 0 | | 17 | 494675454 | | 49900 | 0 | +----+----------------+-------------+-----------+-----------+ ...
This table will setup user specific blacklists for certain usernames. For example for user “49721123456788” the prefix “1234” will be not allowed, but the number “123456788” is allowed. Additionally a domain could be specified that is used for username matching if the “use_domain” parameter is set.
URL to the database containing the data.
Default value is “mysql://openserro:openserro@localhost/openser”.
Example 2.1. Set db_url
parameter
... modparam("userblacklist", "db_url", "dbdriver://username:password@dbhost/dbname") ...
Name of the userblacklist table for the userblacklist module.
Default value is “userblacklist”.
Example 2.2. Set userblacklist_table
parameter
... modparam("userblacklist", "userblacklist_table", "userblacklist") ...
unique ID
Example 2.3. Set userblacklist_id_col
parameter
... modparam("userblacklist", "userblacklist_id_col", "id") ...
The user that is used for the blacklist lookup.
Example 2.4. Set userblacklist_username_col
parameter
... modparam("userblacklist", "userblacklist_username_col", "username") ...
The domain that is used for the blacklist lookup.
Example 2.5. Set userblacklist_domain_col
parameter
... modparam("userblacklist", "userblacklist_domain_col", "domain") ...
The prefix that is matched for the blacklist.
Example 2.6. Set userblacklist_prefix_col
parameter
... modparam("userblacklist", "userblacklist_prefix_col", "prefix") ...
Specify if this a blacklist (0) or a whitelist (1) entry.
Example 2.7. Set userblacklist_whitelist_col
parameter
... modparam("userblacklist", "userblacklist_whitelist_col", "whitelist") ...
Name of the globalblacklist table for the userblacklist module. Please not that this table is currently ignored, the table needs to be given as a parameter for the check_blacklist function.
Default value is “globalblacklist”.
Example 2.8. Set globalblacklist_table
parameter
... modparam("userblacklist", "globalblacklist_table", "globalblacklist") ...
unique ID
Example 2.9. Set globalblacklist_id_col
parameter
... modparam("userblacklist", "globalblacklist_id_col", "id") ...
The prefix that is matched for the blacklist.
Example 2.10. Set globalblacklist_prefix_col
parameter
... modparam("userblacklist", "globalblacklist_prefix_col", "prefix") ...