29 Jul
2010
29 Jul
'10
11:12 a.m.
Hello,
thank you for your help. I understood the idea of the "longest prefix matching",
I was just confused about the return-values of the functions.
I was in doubt, if the documnetation is right, as I would have expected the function
"check_user_blacklist" to return TRUE if a user is blacklisted and FALSE if the
user is whitelisted OR not on the list.
The following return-functionality is described but didn't seem logic to me:
check_black_list();
-> returns TRUE, if user is whitelisted OR not on the list
-> returns FALSE, if user is blacklisted
The functionality of "check_user_whitelist" instead seems more logic to me:
check_user_whitelist();
-> returns TRUE, if the user is whitelisted
-> returns FALSE, if the user is blacklisted OR not on the list
Therefore I thought that there's either a mistake in the documentation or I understood
it wrong somehow.
If anyone can confirm oder vaildate my understanding of the functionality as stated above,
would help me.
Thank you very much...
Regards,
Nicolas
-------- Original-Nachricht --------
Datum: Thu, 22 Jul 2010 19:33:42 +0300
Von: marius zbihlei <marius.zbihlei(a)1and1.ro>
An: "Nicolas Rüger" <NicolasRueger(a)gmx.de>
CC: "sr-users(a)lists.sip-router.org" <sr-users(a)lists.sip-router.org>
Betreff: Re: [SR-Users] userblacklist Module - Documentation fault?
Nicolas Rüger wrote:
Hello Nicolas,
Before your quoted text there is this statement "Finds the longest
prefix that matches the request URI user (or the number parameter) for
the given user and domain name in the database."
This means that you might have in the db a blacklist rule for the
desired user for prefix 555123, that this will match the numbers
5551234 and 5551235. But you want to allow one of these numbers to be
called by that user, you can specify that 5551234 is whitelisted.
> Question:
>
> 1.) Is "not whitelisted" equal to "blacklisted"?
Before your quoted text there is this statement "Finds the longest
prefix that matches the request URI user (or the number parameter) for
the given user and domain name in the database."
This means that you might have in the db a blacklist rule for the
desired user for prefix 555123, that this will match the numbers
5551234 and 5551235(and others of course). But you want to allow one of
these numbers to be called by that user, you can specify that 5551234 is
whitelisted.
To answer your question no, if a R-URI is not whitelisted then it will
be blacklisted only if there is a prefix that will match it(it the
userblacklist table is empty no numbers are blacklisted)
> 2.) Why is "false" returned if the blacklist_check is positive?
This is the interface.
The example in the documentation is like this:
$avp(i:80) = $rU;
# rewrite the R-URI
if (!check_user_blacklist("$avp(i:80)", "$avp(i:82)"))
sl_send_reply("403", "Forbidden");
exit;
}
> 3.) Is "true" even returned if there's no match?
The check_use_blacklist will return
true if no blacklisted prefix match
is found, or a longer whitelisted prefix is found.
For example if you have 123 blacklisted and 1234 whitelisted, 12345 will
be whitelisted but 1233 will be blacklisted.
> I'd have expected the following:
>
> if (user_is_blacklisted)
> then return TRUE;
> else return FALSE;
>
>
> Can you please clarify the behavior? Thank you.
>
Hope this helps
Marius
--
Neu: GMX De-Mail - Einfach wie E-Mail, sicher wie ein Brief!
Jetzt De-Mail-Adresse reservieren: http://portal.gmx.net/de/go/demail
Hello,
in the documentation of the Module "Userblacklist" seems not really
clear to me. Please clarify my doubts.
Refering to:
http://www.kamailio.org/docs/modules/3.0.x/modules_k/userblacklist.html
in
"4.1. check_user_blacklist"
is written:
"[...]If a match is found and it is not set to whitelist, false is
returned.
Otherwise, true is returned.[...]"
Regards,
Nicolas
Example that seems clear to me:
===============================
In
"4.2. check_user_whitelist"
is written:
"[...]If a match is found and it is set to whitelist, true is returned.
Otherwise, false is returned.[...]"
>
> cause it means to me:
>
> if (user_is_whitelisted)
> then return TRUE;
> else return FALSE;
>
>