-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi,
during setup of permissions module I found that module parameters "default_allow_file" and "default_deny_file" doesn't seem to work as expected.
No mater what filename I configured permissions.so always checks for "permissions.allow" resp. "permissions.deny" files in openser's main config directory.
Here is openser's level 3 console output:
Mar 11 16:25:49 [3235] WARNING:core:main: no fork mode Mar 11 16:25:49 [3235] INFO:core:init_tcp: using epoll_lt as the TCP io watch method (auto detected) Mar 11 16:25:49 [3235] NOTICE:core:main: version: openser 1.4.0dev0-notls (x86_64/linux) Mar 11 16:25:49 [3235] INFO:core:main: using 32 Mb shared memory Mar 11 16:25:49 [3235] INFO:core:main: using 1 Mb private memory per process Mar 11 16:25:49 [3235] INFO:xlog:mod_init: initializing... Mar 11 16:25:49 [3235] INFO:sl:mod_init: Initializing StateLess engine Mar 11 16:25:49 [3235] INFO:tm:mod_init: TM - initializing... Mar 11 16:25:49 [3235] INFO:maxfwd:mod_init: initializing... Mar 11 16:25:49 [3235] INFO:usrloc:ul_init_locks: locks array size 512 Mar 11 16:25:49 [3235] INFO:registrar:mod_init: initializing... Mar 11 16:25:49 [3235] INFO:textops:mod_init: initializing... Mar 11 16:25:49 [3235] INFO:auth:mod_init: initializing... Mar 11 16:25:49 [3235] INFO:auth_db:mod_init: initializing... Mar 11 16:25:49 [3235] INFO:avpops:avpops_init: initializing... Mar 11 16:25:49 [3235] WARNING:permissions:parse_config_file: file not found: etc/openser/permissions.allow Mar 11 16:25:49 [3235] WARNING:permissions:mod_init: default allow file (etc/openser/permissions.allow) not found => empty rule set Mar 11 16:25:49 [3235] WARNING:permissions:parse_config_file: file not found: etc/openser/permissions.deny Mar 11 16:25:49 [3235] WARNING:permissions:mod_init: default deny file (etc/openser/permissions.deny) not found => empty rule set
And here is my permissions config:
# -- permissions -- loadmodule "permissions.so" modparam("permissions", "default_allow_file", "permissionddds.allow") modparam("permissions", "default_deny_file", "/opt/app/voip/openser/etc/permissionddds.deny") modparam("permissions", "check_all_branches", 1) modparam("permissions", "allow_suffix", ".allow") modparam("permissions", "deny_suffix", ".deny") modparam("permissions", "address_table", "address") modparam("permissions", "grp_col", "grp") modparam("permissions", "ip_addr_col", "ip_addr") modparam("permissions", "mask_col", "mask") modparam("permissions", "port_col", "port") modparam("permissions", "db_mode", 0) modparam("permissions", "trusted_table", "trusted") modparam("permissions", "source_col", "src_ip") modparam("permissions", "proto_col", "proto") modparam("permissions", "from_col", "from_pattern") modparam("permissions", "tag_col", "tag") modparam("permissions", "peer_tag_avp", "")
I use openser 1.4 build 3384
regards helmut
Hi list,
I'm playing around with avpops and custom schemas - but it doesn't work the way I wanted - and expected.
I would like to lookup a customer in CDRTools billing_customers table. For that purpose I've defined
modparam("avpops", "db_scheme", "customers:table=billing_customers;username_col=subscriber;domain_col=domain;value_col=gateway;value_type=string")
For testing, let's say I have the following in the database:
id gateway domain subscriber 1 a-gate.net a-cust.net 10101010 2 b-gate.net b-cust.net 20202020
If I try
avp_db_load("$fu","$avp(s:gateway)/$customers"); xdbg(" Gateway: $avp(s:gateway)\n");
avpops will look up the gateway based on the subscriber/username_col field only - it completely ignores the domain part. If I try explicitely specifying
avp_db_load("$fu/uri","$avp(s:gateway)/$customers");
it still ignores the domain and use the subscriber only - but if I try
avp_db_load("$fu/domain","$avp(s:gateway)/$customers");
it _does_ lookup the gateway based on the domain-part.
What I want is an answer stating that there is _no_ gateway defined for, say, "10101010@b-cust.net". Right now it returns "a-gate.net" as the answer.
What am I missing?
Regards, Lars
Hi Lars,
Have you set the use_domain module parameter? http://www.openser.org/docs/modules/1.3.x/avpops.html#AEN117
Regards, Bogdan
Lars Skjærlund wrote:
Hi list,
I'm playing around with avpops and custom schemas - but it doesn't work the way I wanted - and expected.
I would like to lookup a customer in CDRTools billing_customers table. For that purpose I've defined
modparam("avpops", "db_scheme", "customers:table=billing_customers;username_col=subscriber;domain_col=domain;value_col=gateway;value_type=string")
For testing, let's say I have the following in the database:
id gateway domain subscriber 1 a-gate.net a-cust.net 10101010 2 b-gate.net b-cust.net 20202020
If I try
avp_db_load("$fu","$avp(s:gateway)/$customers"); xdbg(" Gateway: $avp(s:gateway)\n");
avpops will look up the gateway based on the subscriber/username_col field only - it completely ignores the domain part. If I try explicitely specifying
avp_db_load("$fu/uri","$avp(s:gateway)/$customers");
it still ignores the domain and use the subscriber only - but if I try
avp_db_load("$fu/domain","$avp(s:gateway)/$customers");
it _does_ lookup the gateway based on the domain-part.
What I want is an answer stating that there is _no_ gateway defined for, say, "10101010@b-cust.net". Right now it returns "a-gate.net" as the answer.
What am I missing?
Regards, Lars
Hi Bogdan,
Have you set the use_domain module parameter? http://www.openser.org/docs/modules/1.3.x/avpops.html#AEN117
Argh - I don't know how that one slipped my attention :-(.
You're right, of course, everything works fine now.
Thanks a lot.
Regards, Lars
Hi Helmut,
I fixed this bug in trunk - see rev 3679
Regards, Bogdan
Helmut Kuper wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi,
during setup of permissions module I found that module parameters "default_allow_file" and "default_deny_file" doesn't seem to work as expected.
No mater what filename I configured permissions.so always checks for "permissions.allow" resp. "permissions.deny" files in openser's main config directory.
Here is openser's level 3 console output:
Mar 11 16:25:49 [3235] WARNING:core:main: no fork mode Mar 11 16:25:49 [3235] INFO:core:init_tcp: using epoll_lt as the TCP io watch method (auto detected) Mar 11 16:25:49 [3235] NOTICE:core:main: version: openser 1.4.0dev0-notls (x86_64/linux) Mar 11 16:25:49 [3235] INFO:core:main: using 32 Mb shared memory Mar 11 16:25:49 [3235] INFO:core:main: using 1 Mb private memory per process Mar 11 16:25:49 [3235] INFO:xlog:mod_init: initializing... Mar 11 16:25:49 [3235] INFO:sl:mod_init: Initializing StateLess engine Mar 11 16:25:49 [3235] INFO:tm:mod_init: TM - initializing... Mar 11 16:25:49 [3235] INFO:maxfwd:mod_init: initializing... Mar 11 16:25:49 [3235] INFO:usrloc:ul_init_locks: locks array size 512 Mar 11 16:25:49 [3235] INFO:registrar:mod_init: initializing... Mar 11 16:25:49 [3235] INFO:textops:mod_init: initializing... Mar 11 16:25:49 [3235] INFO:auth:mod_init: initializing... Mar 11 16:25:49 [3235] INFO:auth_db:mod_init: initializing... Mar 11 16:25:49 [3235] INFO:avpops:avpops_init: initializing... Mar 11 16:25:49 [3235] WARNING:permissions:parse_config_file: file not found: etc/openser/permissions.allow Mar 11 16:25:49 [3235] WARNING:permissions:mod_init: default allow file (etc/openser/permissions.allow) not found => empty rule set Mar 11 16:25:49 [3235] WARNING:permissions:parse_config_file: file not found: etc/openser/permissions.deny Mar 11 16:25:49 [3235] WARNING:permissions:mod_init: default deny file (etc/openser/permissions.deny) not found => empty rule set
And here is my permissions config:
# -- permissions -- loadmodule "permissions.so" modparam("permissions", "default_allow_file", "permissionddds.allow") modparam("permissions", "default_deny_file", "/opt/app/voip/openser/etc/permissionddds.deny") modparam("permissions", "check_all_branches", 1) modparam("permissions", "allow_suffix", ".allow") modparam("permissions", "deny_suffix", ".deny") modparam("permissions", "address_table", "address") modparam("permissions", "grp_col", "grp") modparam("permissions", "ip_addr_col", "ip_addr") modparam("permissions", "mask_col", "mask") modparam("permissions", "port_col", "port") modparam("permissions", "db_mode", 0) modparam("permissions", "trusted_table", "trusted") modparam("permissions", "source_col", "src_ip") modparam("permissions", "proto_col", "proto") modparam("permissions", "from_col", "from_pattern") modparam("permissions", "tag_col", "tag") modparam("permissions", "peer_tag_avp", "")
I use openser 1.4 build 3384
regards helmut -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD4DBQFH1qUP4tZeNddg3dwRAmPbAJiQAKWUzSoUVJx2iPjJEzT+PpKvAJ9Cwgqh Q5z67Xb1/Oze+QK4aqHPNA== =fjgt -----END PGP SIGNATURE-----
Users mailing list Users@lists.openser.org http://lists.openser.org/cgi-bin/mailman/listinfo/users
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hello,
I fixed the bug in permissions module:
in File permissions.c funtion "static int mod_init(void)"
replace line (around line 690)
allow[0].filename = get_pathname(DEFAULT_ALLOW_FILE);
with
allow[0].filename = get_pathname(default_allow_file);
and replace line (around line 699)
deny[0].filename = get_pathname(DEFAULT_DENY_FILE);
with
deny[0].filename = get_pathname(default_deny_file);
then compile and reinstall it or just replace old permissions.so with the newly compiled one.
regards Helmut
Helmut Kuper wrote: | Hi, | | during setup of permissions module I found that module parameters | "default_allow_file" and "default_deny_file" doesn't seem to work as | expected. | | No mater what filename I configured permissions.so always checks for | "permissions.allow" resp. "permissions.deny" files in openser's main | config directory. | | Here is openser's level 3 console output: | | Mar 11 16:25:49 [3235] WARNING:core:main: no fork mode | Mar 11 16:25:49 [3235] INFO:core:init_tcp: using epoll_lt as the TCP io | watch method (auto detected) | Mar 11 16:25:49 [3235] NOTICE:core:main: version: openser | 1.4.0dev0-notls (x86_64/linux) | Mar 11 16:25:49 [3235] INFO:core:main: using 32 Mb shared memory | Mar 11 16:25:49 [3235] INFO:core:main: using 1 Mb private memory per process | Mar 11 16:25:49 [3235] INFO:xlog:mod_init: initializing... | Mar 11 16:25:49 [3235] INFO:sl:mod_init: Initializing StateLess engine | Mar 11 16:25:49 [3235] INFO:tm:mod_init: TM - initializing... | Mar 11 16:25:49 [3235] INFO:maxfwd:mod_init: initializing... | Mar 11 16:25:49 [3235] INFO:usrloc:ul_init_locks: locks array size 512 | Mar 11 16:25:49 [3235] INFO:registrar:mod_init: initializing... | Mar 11 16:25:49 [3235] INFO:textops:mod_init: initializing... | Mar 11 16:25:49 [3235] INFO:auth:mod_init: initializing... | Mar 11 16:25:49 [3235] INFO:auth_db:mod_init: initializing... | Mar 11 16:25:49 [3235] INFO:avpops:avpops_init: initializing... | Mar 11 16:25:49 [3235] WARNING:permissions:parse_config_file: file not | found: etc/openser/permissions.allow | Mar 11 16:25:49 [3235] WARNING:permissions:mod_init: default allow file | (etc/openser/permissions.allow) not found => empty rule set | Mar 11 16:25:49 [3235] WARNING:permissions:parse_config_file: file not | found: etc/openser/permissions.deny | Mar 11 16:25:49 [3235] WARNING:permissions:mod_init: default deny file | (etc/openser/permissions.deny) not found => empty rule set | | | | And here is my permissions config: | | | # -- permissions -- | loadmodule "permissions.so" | modparam("permissions", "default_allow_file", "permissionddds.allow") | modparam("permissions", "default_deny_file", | "/opt/app/voip/openser/etc/permissionddds.deny") | modparam("permissions", "check_all_branches", 1) | modparam("permissions", "allow_suffix", ".allow") | modparam("permissions", "deny_suffix", ".deny") | modparam("permissions", "address_table", "address") | modparam("permissions", "grp_col", "grp") | modparam("permissions", "ip_addr_col", "ip_addr") | modparam("permissions", "mask_col", "mask") | modparam("permissions", "port_col", "port") | modparam("permissions", "db_mode", 0) | modparam("permissions", "trusted_table", "trusted") | modparam("permissions", "source_col", "src_ip") | modparam("permissions", "proto_col", "proto") | modparam("permissions", "from_col", "from_pattern") | modparam("permissions", "tag_col", "tag") | modparam("permissions", "peer_tag_avp", "") | | | I use openser 1.4 build 3384 | | regards | helmut
_______________________________________________ Users mailing list Users@lists.openser.org http://lists.openser.org/cgi-bin/mailman/listinfo/users
-
Bogdan-Andrei Iancu -
Helmut Kuper -
Lars Skjærlund