forked from kamailio/kamailio
-
Notifications
You must be signed in to change notification settings - Fork 1
/
dst_blacklist.h
209 lines (173 loc) · 7.22 KB
/
dst_blacklist.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
/*
* Copyright (C) 2006 iptelorg GmbH
*
* This file is part of Kamailio, a free SIP server.
*
* Kamailio is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version
*
* Kamailio is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
/** Kamailio core :: Destination blacklists.
* @file
* @author andrei, Gergo
* @ingroup core
* Module: @ref core
*/
#ifndef dst_black_list_h
#define dst_black_list_h
#include "ip_addr.h"
#include "parser/msg_parser.h"
#include "timer_ticks.h"
#include "cfg_core.h"
#define DEFAULT_BLST_TIMEOUT 60 /**< 1 min. */
#define DEFAULT_BLST_MAX_MEM 250 /**< 250 KB */
/** @name flags: */
/*@{ */
#define BLST_IS_IPV6 1 /**< set if the address is ipv6 */
#define BLST_ERR_SEND (1<<1) /**< set if send is denied/failed */
#define BLST_ERR_CONNECT (1<<2) /**< set if connect failed (tcp/tls) */
#define BLST_ICMP_RCVD (1<<3) /**< set if icmp error */
#define BLST_ERR_TIMEOUT (1<<4) /**< set if sip timeout */
#define BLST_503 (1<<5) /**< set for 503 replies */
#define BLST_ADM_PROHIBITED (1<<6) /**< administratively prohibited */
#define BLST_PERMANENT (1<<7) /**< never deleted, never expires */
/*@} */
/* uncomment the define above to enable blacklist callbacks support */
/*#define DST_BLACKLIST_HOOKS*/
#define DST_BLACKLIST_CONTINUE 0 /**< add: do nothing/ignore, search: ignore */
#define DST_BLACKLIST_ACCEPT 1 /**< add: force accept, search: force match */
#define DST_BLACKLIST_DENY -1 /**< add: deny, search: force no match */
#define DST_BLACKLIST_ADD_CB 1
#define DST_BLACKLIST_SEARCH_CB 2
extern unsigned blst_proto_imask[PROTO_LAST+1];
#ifdef DST_BLACKLIST_HOOKS
struct blacklist_hook{
/* WARNING: msg might be NULL, and it might point to shared memory
* without locking, do not modify it! msg can be used typically for checking
* the message flags with isflagset() */
int (*on_blst_action)(struct dest_info* si, unsigned char* err_flags,
struct sip_msg* msg);
/* called before ser shutdown */
void (*destroy)(void);
};
int register_blacklist_hook(struct blacklist_hook *h, int type);
#endif /* DST_BLACKLIST_HOOKS */
int init_dst_blacklist(void);
#ifdef USE_DST_BLACKLIST_STATS
int init_dst_blacklist_stats(int iproc_num);
#define DST_BLACKLIST_ALL_STATS "bkl_all_stats"
#endif
void destroy_dst_blacklist(void);
/** force add to the blacklist.
* like function dst_blacklist_add_to, but no ignore mask or
* blacklist enabled checks are made.
* @see dst_blacklist_add_to for the parameters and return value.
*/
int dst_blacklist_force_add_to(unsigned char err_flags, struct dest_info* si,
struct sip_msg* msg, ticks_t timeout);
/** force add to the blacklist, long version.
* like function dst_blacklist_su_to, but no ignore mask or
* blacklist enabled checks are made.
* @see dst_blacklist_su_to for the parameters and return value.
*/
int dst_blacklist_force_su_to( unsigned char err_flags,
unsigned char proto,
union sockaddr_union* dst,
struct sip_msg* msg,
ticks_t timeout);
/** checks if blacklist should be used.
* @param err_flags - blacklist reason
* @param si - filled dest_info structure pointer.
* @return 1 if blacklist is enabled (core_cfg) and the event/error
* is not in the ignore list.
* 0 otherwise
*/
#define should_blacklist(err_flags, si) \
(cfg_get(core, core_cfg, use_dst_blacklist) && \
((err_flags) & ~blst_proto_imask[(unsigned)((si)->proto)] & \
~(si)->send_flags.blst_imask ))
/** checks if blacklist should be used, long version.
* @param err_flags - blacklist reason
* @param snd_flags - snd_flags pointer, can be 0.
* @param proto - protocol, can be 0 (PROTO_NONE).
* @param su - sockaddr_union pointer, can be 0.
* @return 1 if blacklist is enabled (core_cfg) and the event/error
* is not in the ignore list. 0 otherwise
*/
#define should_blacklist_su(err_flags, snd_flags, proto, su) \
(cfg_get(core, core_cfg, use_dst_blacklist) && \
((err_flags) & ~blst_proto_imask[(unsigned)(proto)] & \
~((snd_flags)?((snd_flags_t*)(snd_flags))->blst_imask:0)))
/** adds a dst to the blacklist.
*
* @param err_flags - blacklist reason
* @param si - dest_info structure (dst).
* @param msg - sip msg struct. pointer if known, 0 otherwise.
* @param timeout - timeout in ticks.
* @return >=0 on success, -1 on error.
*/
#define dst_blacklist_add_to(err_flags, si, msg, timeout) \
(should_blacklist(err_flags, si)? \
dst_blacklist_force_add_to((err_flags), (si), (msg), (timeout))\
: 0)
/** adds a dst to the blacklist, long version.
* Similar to dst_blacklist_add_to, but uses "unpacked" parameters.
* @param err_flags - blacklist reason
* @param proto - protocol.
* @param dst - sockaddr_union pointer.
* @param snd_flags - snd_flags pointer, can be 0.
* @param msg - sip msg struct. pointer if known, 0 otherwise.
* @param timeout - timeout in ticks.
* @return >=0 on success, -1 on error.
*/
#define dst_blacklist_su_to(err_flags, proto, dst, snd_flags, msg, timeout) \
(should_blacklist_su(err_flags, snd_flags, proto, dst) ? \
dst_blacklist_force_su_to((err_flags), (proto), (dst), (msg), \
(timeout))\
: 0)
/** adds a dst to the blacklist with default timeout.
*
* @param err_flags - blacklist reason
* @param si - dest_info structure (dst).
* @param msg - sip msg struct. pointer if known, 0 otherwise.
* @return >=0 on success, -1 on error.
* @see dst_blacklist_add_to.
*/
#define dst_blacklist_add(err_flags, si, msg) \
dst_blacklist_add_to(err_flags, si, msg, \
S_TO_TICKS(cfg_get(core, core_cfg, blst_timeout)))
/** adds a dst to the blacklist with default timeout, long version.
* Similar to dst_blacklist_add_to, but uses "unpacked" parameters.
* @param err_flags - blacklist reason
* @param proto - protocol.
* @param dst - sockaddr_union pointer.
* @param snd_flags - snd_flags pointer, can be 0.
* @param msg - sip msg struct. pointer if known, 0 otherwise.
* @return >=0 on success, -1 on error.
* @see dst_blacklist_su_to.
*/
#define dst_blacklist_su(err_flags, proto, dst, snd_flags, msg) \
dst_blacklist_su_to(err_flags, proto, dst, snd_flags, msg, \
S_TO_TICKS(cfg_get(core, core_cfg, blst_timeout)))
int dst_is_blacklisted(struct dest_info* si, struct sip_msg* msg);
/** delete an entry from the blacklist. */
int dst_blacklist_del(struct dest_info* si, struct sip_msg* msg);
/** deletes all the entries from the blacklist except the permanent ones.
* (which are marked with BLST_PERMANENT)
*/
void dst_blst_flush(void);
int use_dst_blacklist_fixup(void *handle, str *gname, str *name, void **val);
/** KByte to Byte conversion. */
int blst_max_mem_fixup(void *handle, str *gname, str *name, void **val);
void blst_reinit_ign_masks(str* gname, str* name);
#endif