Hi Alexandre,
the logic and DB content look good with only exception - use ruri/username instead of to/username in avp_db_load().
to debug, you may try to add an avp_print() just to see what the avp_db_load() loaded: if (avp_db_load(.....) && avp_print() && avp_check(.....) { .... }
also try to to switch to full debug (debug=9)- the extra logs may prove helpful in locating your problem.
regards, bogdan
Alexandre Passito wrote:
I did all these modifications but I have problems yet. Could you see my code about "black list" an see if there is something wrong?
if (method=="INVITE") { if ( avp_db_load("$to/username", "s:not_allow/preferences") && avp_check("s:not_allow", "eq/$from/gi") ) { sl_send_reply("403", "Forbidden - You are blocked!"); break; };
} if (!t_relay()) { sl_reply_error(); }; lookup("aliases");}
My "preferences" table looks like:
uuid(str) username(str) domain(str,null) attribute(str) value(str) type(int) :ggg:200.129.163.139:not_allow:sip:alexandre@200.129.163.248:0 :alexandre:200.129.163.139:not_allow:sip:ggg@200.129.163.139:0
I think that this table means that ggg user cannot contact alexandre and vice-versa. ok?
I need help in this,
Best regards,
2005/6/26, Daniel-Constantin Mierla daniel@voice-system.ro:
Hello, you must not enclose the strings in quotes, just write the value between the colons. Also, you have to put "sip:" in front of sip uris from column 'value'. E.g.:
uuid(str) username(str) domain(str,null) attribute(str) value(str) type(int) :peter:200.129.163.139:not_allow:sip:paul@200.129.163.212:0
Daniel
On 06/26/05 00:11, Alexandre Passito wrote:
Hi,
I'm trying to implement a "black list" with avpops module, but I got some errors:
This is my cfg file:
# # $Id: ser.cfg,v 1.21.4.1 2003/11/10 15:35:15 andrei Exp $ # # simple quick-start config script #
# ----------- global configuration parameters ------------------------
#debug=3 # debug level (cmd line: -dddddddddd) #fork=yes #log_stderror=no # (cmd line: -E)
# Uncomment these lines to enter debugging mode #debug=7 #fork=no #log_stderror=yes
check_via=no # (cmd. line: -v) dns=no # (cmd. line: -r) rev_dns=no # (cmd. line: -R) #port=5060 #children=4 fifo="/tmp/openser_fifo"
fifo_db_url="dbtext:///home/alexandre/Devel/openser-0.9.4/bin/dbtext"
# ------------------ module loading ----------------------------------
# Uncomment this if you want to use SQL database #loadmodule "/home/alexandre/Devel/ser-0.8.14/bin//lib/ser/modules/mysql.so"
loadmodule "/home/alexandre/Devel/openser-0.9.4/bin//lib/openser/modules/dbtext.so" loadmodule "/home/alexandre/Devel/openser-0.9.4/bin//lib/openser/modules/sl.so" loadmodule "/home/alexandre/Devel/openser-0.9.4/bin//lib/openser/modules/tm.so" loadmodule "/home/alexandre/Devel/openser-0.9.4/bin//lib/openser/modules/rr.so" loadmodule "/home/alexandre/Devel/openser-0.9.4/bin//lib/openser/modules/maxfwd.so" loadmodule "/home/alexandre/Devel/openser-0.9.4/bin//lib/openser/modules/usrloc.so" loadmodule "/home/alexandre/Devel/openser-0.9.4/bin//lib/openser/modules/registrar.so" loadmodule "/home/alexandre/Devel/openser-0.9.4/bin//lib/openser/modules/avpops.so"
# Uncomment this if you want digest authentication # mysql.so must be loaded !
loadmodule "/home/alexandre/Devel/openser-0.9.4/bin//lib/openser/modules/auth.so" loadmodule "/home/alexandre/Devel/openser-0.9.4/bin//lib/openser/modules/auth_db.so"
# ----------------- setting module-specific parameters ---------------
# -- usrloc params --
modparam("usrloc", "db_url", "dbtext:///home/alexandre/Devel/openser-0.9.4/bin/dbtext") modparam("usrloc", "db_mode", 2)
modparam("auth_db", "db_url", "dbtext:///home/alexandre/Devel/openser-0.9.4/bin/dbtext") modparam("auth_db", "calculate_ha1", yes) modparam("auth_db", "password_column", "password")
modparam("avpops", "avp_url", "dbtext:///home/alexandre/Devel/openser-0.9.4/bin/dbtext") modparam("avpops", "avp_table", "preferences")
# Uncomment this if you want to use SQL database # for persistent storage and comment the previous line #modparam("usrloc", "db_mode", 2)
# -- auth params -- # Uncomment if you are using auth module # #modparam("auth_db", "calculate_ha1", yes) # # If you set "calculate_ha1" parameter to yes (which true in this config), # uncomment also the following parameter) # #modparam("auth_db", "password_column", "password")
# -- rr params -- # add value to ;lr param to make some broken UAs happy modparam("rr", "enable_full_lr", 1)
# ------------------------- request routing logic -------------------
# main routing logic
route{
# initial sanity checks -- messages with # max_forwards==0, or excessively long requests if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); break; }; if ( msg:len > max_len ) { sl_send_reply("513", "Message too big"); break; }; # we record-route all messages -- to make sure that # subsequent messages will go through our proxy; that's # particularly good if upstream and downstream entities # use different transport protocol record_route(); # loose-route processing if (loose_route()) { t_relay(); break; }; # if the request is for other domain use UsrLoc # (in case, it does not work, use the following command # with proper names and addresses in it) if (uri==myself) { if (method=="REGISTER") {# Uncomment this if you want to use digest authentication # if (!www_authorize("iptel.org", "subscriber")) { # www_challenge("iptel.org", "0"); # break; # };
save("location"); break; }; # native SIP destinations are handled using our USRLOC DB if (!lookup("location")) { sl_send_reply("404", "Not Found"); break; }; }; # forward to current uri now; use stateful forwarding; that # works reliably even if we forward from TCP to UDP#Black-list!!!
if (method=="INVITE" || method=="MESSAGE") { if ( avp_db_load("$to/username", "s:not_allow/preferences") && avp_check("s:not_allow", "eq/$from/gi") ) { sl_send_reply("403", "Forbidden - You are blocked!"); break; } } if (!t_relay()) { sl_reply_error(); }; lookup("aliases");}
My "preference" table looks like:
uuid(str) username(str) domain(str,null) attribute(str) value(str) type(int) "":"peter":"200.129.163.139":"not_allow":"paul@200.129.163.212":"0"
I'm using openser in to a local network. Its ip is 200.129.163.178.
peter address is 200.129.163.139
paul address is 200.129.163.212
The result is that both UA call each one, despite peter blocks paul.
Any help?
Best regards