diff options
author | Holger Hans Peter Freyther <holger@moiji-mobile.com> | 2015-04-04 21:55:08 +0200 |
---|---|---|
committer | Holger Hans Peter Freyther <holger@moiji-mobile.com> | 2015-05-03 21:42:27 +0200 |
commit | 4579bb1ed7464d66343d84846314ec66e6f8cccd (patch) | |
tree | 97837280f1b76a44a440ffbd1422f2618081face /openbsc/src/libfilter | |
parent | 973dbaeebdbdbd8fed417cdfd169644093389d05 (diff) |
filter: Move the access list management around
Diffstat (limited to 'openbsc/src/libfilter')
-rw-r--r-- | openbsc/src/libfilter/Makefile.am | 3 | ||||
-rw-r--r-- | openbsc/src/libfilter/bsc_msg_acc.c | 116 |
2 files changed, 118 insertions, 1 deletions
diff --git a/openbsc/src/libfilter/Makefile.am b/openbsc/src/libfilter/Makefile.am index e24ec5f73..d79afb2cb 100644 --- a/openbsc/src/libfilter/Makefile.am +++ b/openbsc/src/libfilter/Makefile.am @@ -5,5 +5,6 @@ AM_CFLAGS=-Wall $(LIBOSMOCORE_CFLAGS) $(LIBOSMOGSM_CFLAGS) \ noinst_LIBRARIES = libfilter.a libfilter_a_SOURCES = \ - bsc_msg_filter.c + bsc_msg_filter.c \ + bsc_msg_acc.c diff --git a/openbsc/src/libfilter/bsc_msg_acc.c b/openbsc/src/libfilter/bsc_msg_acc.c new file mode 100644 index 000000000..947a7b2ed --- /dev/null +++ b/openbsc/src/libfilter/bsc_msg_acc.c @@ -0,0 +1,116 @@ +/* + * (C) 2010-2015 by Holger Hans Peter Freyther <zecke@selfish.org> + * (C) 2010-2011 by On-Waves + * All Rights Reserved + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + +#include <openbsc/bsc_msg_filter.h> +#include <openbsc/bsc_nat.h> + +#include <osmocom/core/rate_ctr.h> + +#include <string.h> + +static const struct rate_ctr_desc acc_list_ctr_description[] = { + [ACC_LIST_BSC_FILTER] = { "access-list.bsc-filter", "Rejected by rule for BSC"}, + [ACC_LIST_NAT_FILTER] = { "access-list.nat-filter", "Rejected by rule for NAT"}, +}; + +static const struct rate_ctr_group_desc bsc_cfg_acc_list_desc = { + .group_name_prefix = "nat.filter", + .group_description = "NAT Access-List Statistics", + .num_ctr = ARRAY_SIZE(acc_list_ctr_description), + .ctr_desc = acc_list_ctr_description, +}; + + +int bsc_nat_lst_check_allow(struct bsc_nat_acc_lst *lst, const char *mi_string) +{ + struct bsc_nat_acc_lst_entry *entry; + + llist_for_each_entry(entry, &lst->fltr_list, list) { + if (!entry->imsi_allow) + continue; + if (regexec(&entry->imsi_allow_re, mi_string, 0, NULL, 0) == 0) + return 0; + } + + return 1; +} + +struct bsc_nat_acc_lst *bsc_nat_acc_lst_find(struct bsc_nat *nat, const char *name) +{ + struct bsc_nat_acc_lst *lst; + + if (!name) + return NULL; + + llist_for_each_entry(lst, &nat->access_lists, list) + if (strcmp(lst->name, name) == 0) + return lst; + + return NULL; +} + +struct bsc_nat_acc_lst *bsc_nat_acc_lst_get(struct bsc_nat *nat, const char *name) +{ + struct bsc_nat_acc_lst *lst; + + lst = bsc_nat_acc_lst_find(nat, name); + if (lst) + return lst; + + lst = talloc_zero(nat, struct bsc_nat_acc_lst); + if (!lst) { + LOGP(DNAT, LOGL_ERROR, "Failed to allocate access list"); + return NULL; + } + + /* TODO: get the index right */ + lst->stats = rate_ctr_group_alloc(lst, &bsc_cfg_acc_list_desc, 0); + if (!lst->stats) { + talloc_free(lst); + return NULL; + } + + INIT_LLIST_HEAD(&lst->fltr_list); + lst->name = talloc_strdup(lst, name); + llist_add_tail(&lst->list, &nat->access_lists); + return lst; +} + +void bsc_nat_acc_lst_delete(struct bsc_nat_acc_lst *lst) +{ + llist_del(&lst->list); + rate_ctr_group_free(lst->stats); + talloc_free(lst); +} + +struct bsc_nat_acc_lst_entry *bsc_nat_acc_lst_entry_create(struct bsc_nat_acc_lst *lst) +{ + struct bsc_nat_acc_lst_entry *entry; + + entry = talloc_zero(lst, struct bsc_nat_acc_lst_entry); + if (!entry) + return NULL; + + entry->cm_reject_cause = GSM48_REJECT_PLMN_NOT_ALLOWED; + entry->lu_reject_cause = GSM48_REJECT_PLMN_NOT_ALLOWED; + llist_add_tail(&entry->list, &lst->fltr_list); + return entry; +} + |