diff options
Diffstat (limited to 'openbsc/src/nat/bsc_nat_utils.c')
-rw-r--r-- | openbsc/src/nat/bsc_nat_utils.c | 57 |
1 files changed, 48 insertions, 9 deletions
diff --git a/openbsc/src/nat/bsc_nat_utils.c b/openbsc/src/nat/bsc_nat_utils.c index 41796f713..335b0e374 100644 --- a/openbsc/src/nat/bsc_nat_utils.c +++ b/openbsc/src/nat/bsc_nat_utils.c @@ -195,6 +195,34 @@ int bsc_write(struct bsc_connection *bsc, struct msgb *msg, int proto) return 0; } +static int lst_check_allow(struct bsc_nat_acc_lst *lst, const char *mi_string) +{ + struct bsc_nat_acc_lst_entry *entry; + + llist_for_each_entry(entry, &lst->fltr_list, list) { + if (!entry->imsi_allow) + continue; + if (regexec(&entry->imsi_allow_re, mi_string, 0, NULL, 0) == 0) + return 0; + } + + return 1; +} + +static int lst_check_deny(struct bsc_nat_acc_lst *lst, const char *mi_string) +{ + struct bsc_nat_acc_lst_entry *entry; + + llist_for_each_entry(entry, &lst->fltr_list, list) { + if (!entry->imsi_deny) + continue; + if (regexec(&entry->imsi_deny_re, mi_string, 0, NULL, 0) == 0) + return 0; + } + + return 1; +} + /* apply white/black list */ static int auth_imsi(struct bsc_connection *bsc, const char *mi_string) { @@ -212,24 +240,22 @@ static int auth_imsi(struct bsc_connection *bsc, const char *mi_string) nat_lst = bsc_nat_acc_lst_find(bsc->nat, bsc->nat->acc_lst_name); - /* 1. BSC deny */ - if (bsc_lst && bsc_lst->imsi_deny) { - if (regexec(&bsc_lst->imsi_deny_re, mi_string, 0, NULL, 0) == 0) { + if (bsc_lst) { + /* 1. BSC deny */ + if (lst_check_deny(bsc_lst, mi_string) == 0) { LOGP(DNAT, LOGL_ERROR, "Filtering %s by imsi_deny on bsc nr: %d.\n", mi_string, bsc->cfg->nr); return -2; } - } - /* 2. BSC allow */ - if (bsc_lst && bsc_lst->imsi_allow) { - if (regexec(&bsc_lst->imsi_allow_re, mi_string, 0, NULL, 0) == 0) + /* 2. BSC allow */ + if (lst_check_allow(bsc_lst, mi_string) == 0) return 0; } /* 3. NAT deny */ - if (nat_lst && nat_lst->imsi_deny) { - if (regexec(&nat_lst->imsi_deny_re, mi_string, 0, NULL, 0) == 0) { + if (nat_lst) { + if (lst_check_deny(nat_lst, mi_string) == 0) { LOGP(DNAT, LOGL_ERROR, "Filtering %s by nat imsi_deny on bsc nr: %d.\n", mi_string, bsc->cfg->nr); return -3; @@ -440,6 +466,7 @@ struct bsc_nat_acc_lst *bsc_nat_acc_lst_get(struct bsc_nat *nat, const char *nam return NULL; } + INIT_LLIST_HEAD(&lst->fltr_list); lst->name = talloc_strdup(lst, name); llist_add(&lst->list, &nat->access_lists); return lst; @@ -450,3 +477,15 @@ void bsc_nat_acc_lst_delete(struct bsc_nat_acc_lst *lst) llist_del(&lst->list); talloc_free(lst); } + +struct bsc_nat_acc_lst_entry *bsc_nat_acc_lst_entry_create(struct bsc_nat_acc_lst *lst) +{ + struct bsc_nat_acc_lst_entry *entry; + + entry = talloc_zero(lst, struct bsc_nat_acc_lst_entry); + if (!entry) + return NULL; + + llist_add(&entry->list, &lst->fltr_list); + return entry; +} |