Hello Tom,
I’ve done a quick comparison of the main function and the called function. On a first view it looked identically, but I looked only a few levels deep.
Do you have maybe some means to reproduce this on a test system? Then it would be probably interesting to look to the DEBUG logging of this cases. Maybe you can compare if you spot some obvious differences from the logic.
Cheers,
Henning
From: sr-users sr-users-bounces@lists.kamailio.org On Behalf Of Tom Dworakowski Sent: Tuesday, September 14, 2021 4:10 AM To: sr-users@lists.kamailio.org Subject: [SR-Users] Empty Subnets in Permissions Module
Greetings all!
I have two deployments of Kamailio: one running version 5.3 and one 5.5 with practically identical configurations, same (MySQL and REDIS) data sources.
We have customers that we assign an ACL "group" to, where the ID of this group resolves to records in the "address" table in our MySQL database - using the "grp" field.
On the box running Kamailio 5.5, we have noticed that if a group has ip_addr=0.0.0.0, mask=0, port=0 - and we try to run the allow_source_address() - it will return false, thus failing this phase of the authentication process.
However, on Kamailio 5.3 we are not seeing this issue, i.e. if a customer is assigned a group where the ACL is 0.0.0.0/0http://0.0.0.0/0 - it will let him through.
Has something changed that I'm not aware of? Any suggestions on how to resolve this?
My best, Tom