aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDaniel Willmann <dwillmann@sysmocom.de>2017-02-28 19:09:25 +0100
committerDaniel Willmann <dwillmann@sysmocom.de>2018-01-30 18:58:27 +0100
commit0f4da6771cf3e5c3d5c1ed63d5b2cbf5c9be5e74 (patch)
tree6465f5e30db66ac57fb182fa7b0a4ea55ba38db5
parent2443aca27804ecbf52a1e593cf314a45a9cabfe3 (diff)
osmo-bsc_nat: Implement access lists for MSC conns
Change-Id: Iedcf492ff8bb86e7ac68d8909634525e7b0648ea Ticket: SYS#3208 Sponsored-by: On-Waves ehf.
-rw-r--r--openbsc/include/openbsc/bsc_nat.h5
-rw-r--r--openbsc/src/osmo-bsc_nat/bsc_nat.c8
-rw-r--r--openbsc/src/osmo-bsc_nat/bsc_nat_utils.c20
-rw-r--r--openbsc/src/osmo-bsc_nat/bsc_nat_vty.c29
4 files changed, 61 insertions, 1 deletions
diff --git a/openbsc/include/openbsc/bsc_nat.h b/openbsc/include/openbsc/bsc_nat.h
index 7cbb98aa2..204a9a5ef 100644
--- a/openbsc/include/openbsc/bsc_nat.h
+++ b/openbsc/include/openbsc/bsc_nat.h
@@ -234,6 +234,10 @@ struct msc_config {
struct llist_head dests;
struct bsc_msc_dest *main_dest;
struct bsc_msc_connection *msc_con;
+
+ /* imsi white and blacklist */
+ char *acc_lst_name;
+
char *token;
int nr;
struct bsc_nat *nat;
@@ -357,6 +361,7 @@ int bsc_config_handles_lac(struct bsc_config *cfg, int lac);
struct msc_config *msc_config_alloc(struct bsc_nat *nat);
struct msc_config *msc_config_num(struct bsc_nat *nat, int num);
struct msc_config *msc_config_by_con(struct bsc_nat *nat, struct bsc_msc_connection *msc_con);
+struct bsc_msc_connection *msc_conn_by_imsi(struct bsc_nat *nat, const char *imsi);
void msc_config_free(struct msc_config *);
struct bsc_nat *bsc_nat_alloc(void);
diff --git a/openbsc/src/osmo-bsc_nat/bsc_nat.c b/openbsc/src/osmo-bsc_nat/bsc_nat.c
index 3012b8a12..2b146faf0 100644
--- a/openbsc/src/osmo-bsc_nat/bsc_nat.c
+++ b/openbsc/src/osmo-bsc_nat/bsc_nat.c
@@ -1153,8 +1153,14 @@ static int forward_sccp_to_msc(struct bsc_connection *bsc, struct msgb *msg)
if (!create_sccp_src_ref(bsc, parsed))
goto exit2;
con = patch_sccp_src_ref_to_msc(msg, parsed, bsc);
+#warning Don't assert, fail gracefully!
OSMO_ASSERT(con);
- con->msc_con = bsc->nat->msc_con;
+
+#warning Implement routing by IMSI
+ if (!imsi)
+ LOGP(DNAT, LOGL_ERROR, "No IMSI for CR\n");
+
+ con->msc_con = msc_conn_by_imsi(bsc->nat, imsi);
con_msc = con->msc_con;
con->filter_state.con_type = con_type;
con->filter_state.imsi_checked = filter;
diff --git a/openbsc/src/osmo-bsc_nat/bsc_nat_utils.c b/openbsc/src/osmo-bsc_nat/bsc_nat_utils.c
index 51977f029..6655d43aa 100644
--- a/openbsc/src/osmo-bsc_nat/bsc_nat_utils.c
+++ b/openbsc/src/osmo-bsc_nat/bsc_nat_utils.c
@@ -253,6 +253,26 @@ struct msc_config *msc_config_by_con(struct bsc_nat *nat, struct bsc_msc_connect
return NULL;
}
+struct bsc_msc_connection *msc_conn_by_imsi(struct bsc_nat *nat, const char *imsi)
+{
+ struct msc_config *conf;
+
+ if (!imsi)
+ return NULL;
+
+ llist_for_each_entry(conf, &nat->msc_configs, entry) {
+ struct bsc_msg_acc_lst *acc;
+ acc = bsc_msg_acc_lst_find(&nat->access_lists, conf->acc_lst_name);
+ if (!acc)
+ continue;
+
+ if (!bsc_msg_acc_lst_check_allow(acc, imsi))
+ return conf->msc_con;
+ }
+
+ return NULL;
+}
+
void msc_config_free(struct msc_config *cfg)
{
llist_del(&cfg->entry);
diff --git a/openbsc/src/osmo-bsc_nat/bsc_nat_vty.c b/openbsc/src/osmo-bsc_nat/bsc_nat_vty.c
index f2cc8a24f..3f20a0cb8 100644
--- a/openbsc/src/osmo-bsc_nat/bsc_nat_vty.c
+++ b/openbsc/src/osmo-bsc_nat/bsc_nat_vty.c
@@ -1114,6 +1114,33 @@ DEFUN(cfg_msc_port,
return CMD_SUCCESS;
}
+DEFUN(cfg_msc_acc_lst_name,
+ cfg_msc_acc_lst_name_cmd,
+ "access-list-name NAME",
+ "Set the name of the access list to use.\n"
+ "The name of the to be used access list.")
+{
+ struct msc_config *conf = vty->index;
+
+ osmo_talloc_replace_string(conf, &conf->acc_lst_name, argv[0]);
+ return CMD_SUCCESS;
+}
+
+DEFUN(cfg_msc_no_acc_lst_name,
+ cfg_msc_no_acc_lst_name_cmd,
+ "no access-list-name",
+ NO_STR "Do not use an access-list for the MSC.\n")
+{
+ struct msc_config *conf = vty->index;
+
+ if (conf->acc_lst_name) {
+ talloc_free(conf->acc_lst_name);
+ conf->acc_lst_name = NULL;
+ }
+
+ return CMD_SUCCESS;
+}
+
DEFUN(test_regex, test_regex_cmd,
"test regex PATTERN STRING",
"Test utilities\n"
@@ -1373,6 +1400,8 @@ int bsc_nat_vty_init(struct bsc_nat *nat)
install_element(NAT_MSC_NODE, &cfg_msc_token_cmd);
install_element(NAT_MSC_NODE, &cfg_msc_ip_cmd);
install_element(NAT_MSC_NODE, &cfg_msc_port_cmd);
+ install_element(NAT_MSC_NODE, &cfg_msc_acc_lst_name_cmd);
+ install_element(NAT_MSC_NODE, &cfg_msc_no_acc_lst_name_cmd);
mgcp_vty_init();