diff options
author | Daniel Willmann <dwillmann@sysmocom.de> | 2017-02-28 19:09:25 +0100 |
---|---|---|
committer | Daniel Willmann <dwillmann@sysmocom.de> | 2018-01-30 18:58:27 +0100 |
commit | 0f4da6771cf3e5c3d5c1ed63d5b2cbf5c9be5e74 (patch) | |
tree | 6465f5e30db66ac57fb182fa7b0a4ea55ba38db5 | |
parent | 2443aca27804ecbf52a1e593cf314a45a9cabfe3 (diff) |
osmo-bsc_nat: Implement access lists for MSC conns
Change-Id: Iedcf492ff8bb86e7ac68d8909634525e7b0648ea
Ticket: SYS#3208
Sponsored-by: On-Waves ehf.
-rw-r--r-- | openbsc/include/openbsc/bsc_nat.h | 5 | ||||
-rw-r--r-- | openbsc/src/osmo-bsc_nat/bsc_nat.c | 8 | ||||
-rw-r--r-- | openbsc/src/osmo-bsc_nat/bsc_nat_utils.c | 20 | ||||
-rw-r--r-- | openbsc/src/osmo-bsc_nat/bsc_nat_vty.c | 29 |
4 files changed, 61 insertions, 1 deletions
diff --git a/openbsc/include/openbsc/bsc_nat.h b/openbsc/include/openbsc/bsc_nat.h index 7cbb98aa2..204a9a5ef 100644 --- a/openbsc/include/openbsc/bsc_nat.h +++ b/openbsc/include/openbsc/bsc_nat.h @@ -234,6 +234,10 @@ struct msc_config { struct llist_head dests; struct bsc_msc_dest *main_dest; struct bsc_msc_connection *msc_con; + + /* imsi white and blacklist */ + char *acc_lst_name; + char *token; int nr; struct bsc_nat *nat; @@ -357,6 +361,7 @@ int bsc_config_handles_lac(struct bsc_config *cfg, int lac); struct msc_config *msc_config_alloc(struct bsc_nat *nat); struct msc_config *msc_config_num(struct bsc_nat *nat, int num); struct msc_config *msc_config_by_con(struct bsc_nat *nat, struct bsc_msc_connection *msc_con); +struct bsc_msc_connection *msc_conn_by_imsi(struct bsc_nat *nat, const char *imsi); void msc_config_free(struct msc_config *); struct bsc_nat *bsc_nat_alloc(void); diff --git a/openbsc/src/osmo-bsc_nat/bsc_nat.c b/openbsc/src/osmo-bsc_nat/bsc_nat.c index 3012b8a12..2b146faf0 100644 --- a/openbsc/src/osmo-bsc_nat/bsc_nat.c +++ b/openbsc/src/osmo-bsc_nat/bsc_nat.c @@ -1153,8 +1153,14 @@ static int forward_sccp_to_msc(struct bsc_connection *bsc, struct msgb *msg) if (!create_sccp_src_ref(bsc, parsed)) goto exit2; con = patch_sccp_src_ref_to_msc(msg, parsed, bsc); +#warning Don't assert, fail gracefully! OSMO_ASSERT(con); - con->msc_con = bsc->nat->msc_con; + +#warning Implement routing by IMSI + if (!imsi) + LOGP(DNAT, LOGL_ERROR, "No IMSI for CR\n"); + + con->msc_con = msc_conn_by_imsi(bsc->nat, imsi); con_msc = con->msc_con; con->filter_state.con_type = con_type; con->filter_state.imsi_checked = filter; diff --git a/openbsc/src/osmo-bsc_nat/bsc_nat_utils.c b/openbsc/src/osmo-bsc_nat/bsc_nat_utils.c index 51977f029..6655d43aa 100644 --- a/openbsc/src/osmo-bsc_nat/bsc_nat_utils.c +++ b/openbsc/src/osmo-bsc_nat/bsc_nat_utils.c @@ -253,6 +253,26 @@ struct msc_config *msc_config_by_con(struct bsc_nat *nat, struct bsc_msc_connect return NULL; } +struct bsc_msc_connection *msc_conn_by_imsi(struct bsc_nat *nat, const char *imsi) +{ + struct msc_config *conf; + + if (!imsi) + return NULL; + + llist_for_each_entry(conf, &nat->msc_configs, entry) { + struct bsc_msg_acc_lst *acc; + acc = bsc_msg_acc_lst_find(&nat->access_lists, conf->acc_lst_name); + if (!acc) + continue; + + if (!bsc_msg_acc_lst_check_allow(acc, imsi)) + return conf->msc_con; + } + + return NULL; +} + void msc_config_free(struct msc_config *cfg) { llist_del(&cfg->entry); diff --git a/openbsc/src/osmo-bsc_nat/bsc_nat_vty.c b/openbsc/src/osmo-bsc_nat/bsc_nat_vty.c index f2cc8a24f..3f20a0cb8 100644 --- a/openbsc/src/osmo-bsc_nat/bsc_nat_vty.c +++ b/openbsc/src/osmo-bsc_nat/bsc_nat_vty.c @@ -1114,6 +1114,33 @@ DEFUN(cfg_msc_port, return CMD_SUCCESS; } +DEFUN(cfg_msc_acc_lst_name, + cfg_msc_acc_lst_name_cmd, + "access-list-name NAME", + "Set the name of the access list to use.\n" + "The name of the to be used access list.") +{ + struct msc_config *conf = vty->index; + + osmo_talloc_replace_string(conf, &conf->acc_lst_name, argv[0]); + return CMD_SUCCESS; +} + +DEFUN(cfg_msc_no_acc_lst_name, + cfg_msc_no_acc_lst_name_cmd, + "no access-list-name", + NO_STR "Do not use an access-list for the MSC.\n") +{ + struct msc_config *conf = vty->index; + + if (conf->acc_lst_name) { + talloc_free(conf->acc_lst_name); + conf->acc_lst_name = NULL; + } + + return CMD_SUCCESS; +} + DEFUN(test_regex, test_regex_cmd, "test regex PATTERN STRING", "Test utilities\n" @@ -1373,6 +1400,8 @@ int bsc_nat_vty_init(struct bsc_nat *nat) install_element(NAT_MSC_NODE, &cfg_msc_token_cmd); install_element(NAT_MSC_NODE, &cfg_msc_ip_cmd); install_element(NAT_MSC_NODE, &cfg_msc_port_cmd); + install_element(NAT_MSC_NODE, &cfg_msc_acc_lst_name_cmd); + install_element(NAT_MSC_NODE, &cfg_msc_no_acc_lst_name_cmd); mgcp_vty_init(); |