aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHolger Hans Peter Freyther <zecke@selfish.org>2010-05-15 00:36:54 +0800
committerHolger Hans Peter Freyther <zecke@selfish.org>2010-05-15 00:36:54 +0800
commit3dfcd4636a8b32d66c985f55404847799c30f38d (patch)
treebeb172c5e1ec00e18bb2ee291c0d564832d6da20
parent50818d0c20a94476477609d448158779f26b12cf (diff)
[nat] Remove the imsi allow option on the nat level.
For now we have: 1.) bsc imsi deny to deny at the BSC level 2.) bsc imsi allow to allow a SIM at the BSC level 3.) nat imsi deny to deny at the global level
-rw-r--r--openbsc/include/openbsc/bsc_nat.h2
-rw-r--r--openbsc/src/nat/bsc_nat_utils.c11
-rw-r--r--openbsc/src/nat/bsc_nat_vty.c13
-rw-r--r--openbsc/tests/bsc-nat/bsc_nat_test.c5
4 files changed, 1 insertions, 30 deletions
diff --git a/openbsc/include/openbsc/bsc_nat.h b/openbsc/include/openbsc/bsc_nat.h
index 090eca8ef..351a06d48 100644
--- a/openbsc/include/openbsc/bsc_nat.h
+++ b/openbsc/include/openbsc/bsc_nat.h
@@ -229,8 +229,6 @@ struct bsc_nat {
struct bsc_endpoint *bsc_endpoints;
/* filter */
- char *imsi_allow;
- regex_t imsi_allow_re;
char *imsi_deny;
regex_t imsi_deny_re;
diff --git a/openbsc/src/nat/bsc_nat_utils.c b/openbsc/src/nat/bsc_nat_utils.c
index bb0d96963..d5537f796 100644
--- a/openbsc/src/nat/bsc_nat_utils.c
+++ b/openbsc/src/nat/bsc_nat_utils.c
@@ -228,16 +228,7 @@ static int auth_imsi(struct bsc_connection *bsc, const char *mi_string)
}
}
- /* 4. NAT allow */
- if (bsc->nat->imsi_allow) {
- if (regexec(&bsc->nat->imsi_allow_re, mi_string, 0, NULL, 0) == 0)
- return 0;
- } else {
- return 0;
- }
-
- /* unmatched */
- return -3;
+ return 0;
}
static int _cr_check_loc_upd(struct bsc_connection *bsc, uint8_t *data, unsigned int length)
diff --git a/openbsc/src/nat/bsc_nat_vty.c b/openbsc/src/nat/bsc_nat_vty.c
index c41929e7b..3e572bae5 100644
--- a/openbsc/src/nat/bsc_nat_vty.c
+++ b/openbsc/src/nat/bsc_nat_vty.c
@@ -52,8 +52,6 @@ static struct cmd_node bsc_node = {
static int config_write_nat(struct vty *vty)
{
vty_out(vty, "nat%s", VTY_NEWLINE);
- if (_nat->imsi_allow)
- vty_out(vty, " imsi allow %s%s", _nat->imsi_allow, VTY_NEWLINE);
if (_nat->imsi_deny)
vty_out(vty, " imsi deny %s%s", _nat->imsi_deny, VTY_NEWLINE);
vty_out(vty, " msc ip %s%s", _nat->msc_ip, VTY_NEWLINE);
@@ -233,16 +231,6 @@ DEFUN(cfg_nat, cfg_nat_cmd, "nat", "Configute the NAT")
return CMD_SUCCESS;
}
-DEFUN(cfg_nat_imsi_allow,
- cfg_nat_imsi_allow_cmd,
- "imsi allow [REGEXP]",
- "Allow matching IMSIs to talk to the MSC. "
- "The defualt is to allow everyone.")
-{
- bsc_parse_reg(_nat, &_nat->imsi_allow_re, &_nat->imsi_allow, argc, argv);
- return CMD_SUCCESS;
-}
-
DEFUN(cfg_nat_imsi_deny,
cfg_nat_imsi_deny_cmd,
"imsi deny [REGEXP]",
@@ -462,7 +450,6 @@ int bsc_nat_vty_init(struct bsc_nat *nat)
install_element(CONFIG_NODE, &cfg_nat_cmd);
install_node(&nat_node, config_write_nat);
install_default(NAT_NODE);
- install_element(NAT_NODE, &cfg_nat_imsi_allow_cmd);
install_element(NAT_NODE, &cfg_nat_imsi_deny_cmd);
install_element(NAT_NODE, &cfg_nat_msc_ip_cmd);
install_element(NAT_NODE, &cfg_nat_msc_port_cmd);
diff --git a/openbsc/tests/bsc-nat/bsc_nat_test.c b/openbsc/tests/bsc-nat/bsc_nat_test.c
index 15b7af1ea..66b486eca 100644
--- a/openbsc/tests/bsc-nat/bsc_nat_test.c
+++ b/openbsc/tests/bsc-nat/bsc_nat_test.c
@@ -558,7 +558,6 @@ struct cr_filter {
const char *bsc_imsi_allow;
const char *bsc_imsi_deny;
- const char *nat_imsi_allow;
const char *nat_imsi_deny;
};
@@ -604,7 +603,6 @@ static struct cr_filter cr_filter[] = {
.bsc_imsi_deny = "[0-9]*",
.bsc_imsi_allow = "[0-9]*",
.nat_imsi_deny = "[0-9]*",
- .nat_imsi_allow = "[0-9]*",
},
};
@@ -623,9 +621,6 @@ static void test_cr_filter()
msgb_reset(msg);
copy_to_msg(msg, cr_filter[i].data, cr_filter[i].length);
- bsc_parse_reg(nat, &nat->imsi_allow_re, &nat->imsi_allow,
- cr_filter[i].nat_imsi_allow ? 1 : 0,
- &cr_filter[i].nat_imsi_allow);
bsc_parse_reg(nat, &nat->imsi_deny_re, &nat->imsi_deny,
cr_filter[i].nat_imsi_deny ? 1 : 0,
&cr_filter[i].nat_imsi_deny);