On Wed, Nov 06, 2019 at 07:15:42PM +0100, Igor Olhovskiy wrote:
Hm... Maybe there is other module to achieve such functions? Best if it would be with cache :) But if no - regex also fine.
But if it works it works! I don't think there is a specific module to do this but it is easy to implement yourself. What I don't like personally about your solution is the use of the permission tables, you need atleast 1 per user (unless users have the same ip).
Personally I do this by direct database queries in usr_preferences on INVITEs and REGISTERs. You could use any database (depending on how you store the ACL) and cache it in a htable.
My solution is mysql specific (inet_aton) and forces users to have atleast 1 CIDR notated subnet:
if(!avp_db_query("select value from usr_preferences where username='$au' and attribute='acl' and inet_aton(substring_index(value,'/',1))&(1 << 32) - 1 & ~((1 << (32 - substring_index(value,'/',-1))) - 1)=inet_aton('$si')&(1 << 32) - 1 & ~((1 << (32 - substring_index(value,'/',-1))) - 1)")) { t_reply("404","Go away"); exit; }