From 3dfcd4636a8b32d66c985f55404847799c30f38d Mon Sep 17 00:00:00 2001 From: Holger Hans Peter Freyther Date: Sat, 15 May 2010 00:36:54 +0800 Subject: [nat] Remove the imsi allow option on the nat level. For now we have: 1.) bsc imsi deny to deny at the BSC level 2.) bsc imsi allow to allow a SIM at the BSC level 3.) nat imsi deny to deny at the global level --- openbsc/include/openbsc/bsc_nat.h | 2 -- openbsc/src/nat/bsc_nat_utils.c | 11 +---------- openbsc/src/nat/bsc_nat_vty.c | 13 ------------- openbsc/tests/bsc-nat/bsc_nat_test.c | 5 ----- 4 files changed, 1 insertion(+), 30 deletions(-) diff --git a/openbsc/include/openbsc/bsc_nat.h b/openbsc/include/openbsc/bsc_nat.h index 090eca8ef..351a06d48 100644 --- a/openbsc/include/openbsc/bsc_nat.h +++ b/openbsc/include/openbsc/bsc_nat.h @@ -229,8 +229,6 @@ struct bsc_nat { struct bsc_endpoint *bsc_endpoints; /* filter */ - char *imsi_allow; - regex_t imsi_allow_re; char *imsi_deny; regex_t imsi_deny_re; diff --git a/openbsc/src/nat/bsc_nat_utils.c b/openbsc/src/nat/bsc_nat_utils.c index bb0d96963..d5537f796 100644 --- a/openbsc/src/nat/bsc_nat_utils.c +++ b/openbsc/src/nat/bsc_nat_utils.c @@ -228,16 +228,7 @@ static int auth_imsi(struct bsc_connection *bsc, const char *mi_string) } } - /* 4. NAT allow */ - if (bsc->nat->imsi_allow) { - if (regexec(&bsc->nat->imsi_allow_re, mi_string, 0, NULL, 0) == 0) - return 0; - } else { - return 0; - } - - /* unmatched */ - return -3; + return 0; } static int _cr_check_loc_upd(struct bsc_connection *bsc, uint8_t *data, unsigned int length) diff --git a/openbsc/src/nat/bsc_nat_vty.c b/openbsc/src/nat/bsc_nat_vty.c index c41929e7b..3e572bae5 100644 --- a/openbsc/src/nat/bsc_nat_vty.c +++ b/openbsc/src/nat/bsc_nat_vty.c @@ -52,8 +52,6 @@ static struct cmd_node bsc_node = { static int config_write_nat(struct vty *vty) { vty_out(vty, "nat%s", VTY_NEWLINE); - if (_nat->imsi_allow) - vty_out(vty, " imsi allow %s%s", _nat->imsi_allow, VTY_NEWLINE); if (_nat->imsi_deny) vty_out(vty, " imsi deny %s%s", _nat->imsi_deny, VTY_NEWLINE); vty_out(vty, " msc ip %s%s", _nat->msc_ip, VTY_NEWLINE); @@ -233,16 +231,6 @@ DEFUN(cfg_nat, cfg_nat_cmd, "nat", "Configute the NAT") return CMD_SUCCESS; } -DEFUN(cfg_nat_imsi_allow, - cfg_nat_imsi_allow_cmd, - "imsi allow [REGEXP]", - "Allow matching IMSIs to talk to the MSC. " - "The defualt is to allow everyone.") -{ - bsc_parse_reg(_nat, &_nat->imsi_allow_re, &_nat->imsi_allow, argc, argv); - return CMD_SUCCESS; -} - DEFUN(cfg_nat_imsi_deny, cfg_nat_imsi_deny_cmd, "imsi deny [REGEXP]", @@ -462,7 +450,6 @@ int bsc_nat_vty_init(struct bsc_nat *nat) install_element(CONFIG_NODE, &cfg_nat_cmd); install_node(&nat_node, config_write_nat); install_default(NAT_NODE); - install_element(NAT_NODE, &cfg_nat_imsi_allow_cmd); install_element(NAT_NODE, &cfg_nat_imsi_deny_cmd); install_element(NAT_NODE, &cfg_nat_msc_ip_cmd); install_element(NAT_NODE, &cfg_nat_msc_port_cmd); diff --git a/openbsc/tests/bsc-nat/bsc_nat_test.c b/openbsc/tests/bsc-nat/bsc_nat_test.c index 15b7af1ea..66b486eca 100644 --- a/openbsc/tests/bsc-nat/bsc_nat_test.c +++ b/openbsc/tests/bsc-nat/bsc_nat_test.c @@ -558,7 +558,6 @@ struct cr_filter { const char *bsc_imsi_allow; const char *bsc_imsi_deny; - const char *nat_imsi_allow; const char *nat_imsi_deny; }; @@ -604,7 +603,6 @@ static struct cr_filter cr_filter[] = { .bsc_imsi_deny = "[0-9]*", .bsc_imsi_allow = "[0-9]*", .nat_imsi_deny = "[0-9]*", - .nat_imsi_allow = "[0-9]*", }, }; @@ -623,9 +621,6 @@ static void test_cr_filter() msgb_reset(msg); copy_to_msg(msg, cr_filter[i].data, cr_filter[i].length); - bsc_parse_reg(nat, &nat->imsi_allow_re, &nat->imsi_allow, - cr_filter[i].nat_imsi_allow ? 1 : 0, - &cr_filter[i].nat_imsi_allow); bsc_parse_reg(nat, &nat->imsi_deny_re, &nat->imsi_deny, cr_filter[i].nat_imsi_deny ? 1 : 0, &cr_filter[i].nat_imsi_deny); -- cgit v1.2.3