userblacklist Module

The module depends on the following modules (in the other words the listed modules must be loaded before this module):

The following libraries or applications must be installed before running Kamailio with this module loaded:

If set to non-zero value, the domain column in the userblacklist is used.

Default value is “0”.

...
modparam("userblacklist", "use_domain", 0)
...

The number of individual characters that are used for matching. Valid values are 10 or 128. When you specifiy 10, only digits will be used for matching, this operation mode is equivalent to the old behaviour. When configured with 128, all standard ascii chars are available for matching. Please be aware that memory requirements for storing the routing tree in shared memory will also increase by a factor of 12.8.

Default value is “10”.

...
modparam("userblacklist", "match_mode", 128)
...

Finds the longest prefix that matches the request URI user (or the number parameter) for the given user and domain name in the database. If a match is found and it is not set to whitelist, false is returned. Otherwise, true is returned. Pseudo-variables or AVPs can be used for the user, domain and number parameters. The number and table variables are optional, the defaults are used if they are ommited. The number parameter can be used to check for example against the from URI user.

...
$avp(i:80) = $rU;
# rewrite the R-URI
if (!check_user_blacklist("$avp(i:80)", "$avp(i:82)")) {
	sl_send_reply("403", "Forbidden");
	exit;
}
...

Finds the longest prefix that matches the request URI user (or the number parameter) for the given user and domain name in the database. If a match is found and it is set to whitelist, true is returned. Otherwise, false is returned. Pseudo-variables or AVPs can be used for the user, domain and number parameters. The number and table variables are optional, the defaults are used if they are ommited. The number parameter can be used to check for example against the from URI user.

...
$avp(i:80) = $rU;
# rewrite the R-URI
if (!check_user_whitelist("$avp(i:80)", "$avp(i:82)")) {
	# process request
	exit;
}
...

Finds the longest prefix that matches the request URI for the given table. If a match is found and it is not set to whitelist, false is returned. Otherwise, true is returned. If no table is given, then globalblacklist_table is used.

...
if (!check_blacklist("globalblacklist")) {
	sl_send_reply("403", "Forbidden");
	exit;
}
...

Reload the internal global blacklist cache. This is necessary after the database tables for the global blacklist have been changed.

...
kamctl fifo reload_blacklist
...

Before running Kamailio with userblacklist, you have to setup the database table where the module will read the blacklist data. For that, if the table was not created by the installation script or you choose to install everything by yourself you can use the userblacklist-create.sql SQL script in the database directories in the kamailio/scripts folder as template. Database and table name can be set with module parameters so they can be changed, but the name of the columns must be as they are in the SQL script. You can also find the complete database documentation on the project webpage, http://www.kamailio.org/docs/db-tables/kamailio-db-devel.html.

...
+----+-----------+-----------+
| id | prefix    | whitelist |
+----+-----------+-----------+
|  1 |           |         0 |
|  2 | 1         |         1 |
|  3 | 123456    |         0 |
|  4 | 123455787 |         0 |
+----+-----------+-----------+
...

This table will setup a global blacklist for all numbers, only allowing calls starting with “1”. Numbers that starting with “123456” and “123455787” are also blacklisted, because the longest prefix will be matched.

...
+----+----------------+-------------+-----------+-----------+
| id | username       | domain      | prefix    | whitelist |
+----+----------------+-------------+-----------+-----------+
| 23 | 49721123456788 |             | 1234      |         0 |
| 22 | 49721123456788 |             | 123456788 |         1 |
| 21 | 49721123456789 |             | 12345     |         0 |
| 20 | 494675231      |             | 499034133 |         1 |
| 19 | 494675231      | test        | 499034132 |         0 |
| 18 | 494675453      | test.domain | 49901     |         0 |
| 17 | 494675454      |             | 49900     |         0 |
+----+----------------+-------------+-----------+-----------+
...

This table will setup user specific blacklists for certain usernames. For example for user “49721123456788” the prefix “1234” will be not allowed, but the number “123456788” is allowed. Additionally a domain could be specified that is used for username matching if the “use_domain” parameter is set.