[sr-dev] git:master:6568a5be: permissions: added subnet_match_mode param

Module: kamailio Branch: master Commit: 6568a5be5b912326e8bea85a5c37a28d36863a24 URL: https://github.com/kamailio/kamailio/commit/6568a5be5b912326e8bea85a5c37a28d...

Author: Daniel-Constantin Mierla miconda@gmail.com Committer: Daniel-Constantin Mierla miconda@gmail.com Date: 2025-07-15T10:16:18+02:00

permissions: added subnet_match_mode param

- control how subnet match is done: 0 - return on first prefix match; 1 - return on longest prefix match - default: 0 - backward compatible behaviour

---

Modified: src/modules/permissions/hash.c Modified: src/modules/permissions/permissions.c

---

Diff: https://github.com/kamailio/kamailio/commit/6568a5be5b912326e8bea85a5c37a28d... Patch: https://github.com/kamailio/kamailio/commit/6568a5be5b912326e8bea85a5c37a28d...

---

diff --git a/src/modules/permissions/hash.c b/src/modules/permissions/hash.c index aeb8dce2d23..1ef625913e4 100644 --- a/src/modules/permissions/hash.c +++ b/src/modules/permissions/hash.c @@ -47,6 +47,7 @@ extern int perm_peer_tag_mode;

extern int _perm_max_subnets; +extern int _perm_subnet_match_mode;

#define PERM_MAX_SUBNETS _perm_max_subnets

@@ -719,6 +720,10 @@ int match_subnet_table(struct subnet *table, unsigned int grp, ip_addr_t *addr, best_mask = table[i].mask; best_idx = i; } + if(_perm_subnet_match_mode == 0) { + /* use the first match */ + break; + } } i++; } @@ -762,6 +767,10 @@ int find_group_in_subnet_table( best_mask = table[i].mask; best_idx = i; } + if(_perm_subnet_match_mode == 0) { + /* use the first match */ + break; + } } i++; } diff --git a/src/modules/permissions/permissions.c b/src/modules/permissions/permissions.c index 788bf48b135..fcf17fc7534 100644 --- a/src/modules/permissions/permissions.c +++ b/src/modules/permissions/permissions.c @@ -97,6 +97,7 @@ time_t *perm_rpc_reload_time = NULL; int _perm_max_subnets = 512;

int _perm_load_backends = 0xFFFF; +int _perm_subnet_match_mode = 0;

/* * Convert the name of the files into table index @@ -198,6 +199,7 @@ static param_export_t params[] = { {"mask_col", PARAM_STR, &perm_mask_col}, {"port_col", PARAM_STR, &perm_port_col}, {"max_subnets", PARAM_INT, &_perm_max_subnets}, + {"subnet_match_mode", PARAM_INT, &_perm_subnet_match_mode}, {"load_backends", PARAM_INT, &_perm_load_backends}, {"reload_delta", PARAM_INT, &perm_reload_delta}, {"trusted_cleanup_interval", PARAM_INT, &perm_trusted_table_interval},