For restarting the NAT we can now block it, it will not accept
new connections and for existing connections it will attempt
to drop them over time. A blocked NAT will end up with no BSC
connections left and then can be safely restarted.
In case this is a local USSD connection we will ignore
the clear command and respond with a RLC to any RLSD but
will never forward that to the BSC. This way the external
USSD is fully in charge of the connection.
There are theoretical issues if there are multiple transactions
on the same SCCP Connection but this can not be solved properly
right now.
Keep track of the used transaction identifier and always forward
messages to the USSD provider. E.g. this can be used to have a
dialogue going. Right now it is still possible that the MSC will
close down the connection.
We need to and out the protocol discriminator as call control
might have use transactions. This has only failed for the USSD
filter so far as this must deal with transactions.
With this patch, ipaccess-proxy makes more robust option checking:
$ ./ipaccess-proxy -l 1.1.1.1 -b 2.2.2.2 -e
ERROR: missing mandatory argument for `-e' option
And we return to shell to enforce the user to try again with the
appropriate invocation.
Before this patch, the default getopt_long() error handling was
enabled which displayed this message:
./ipaccess-proxy: option requires an argument -- 'e'
and ipaccess-proxy continued working.
This is generic enough to cover other option that require mandatory
arguments like `--bsc' and `--listen'.
Now ipaccess_idtag_parse() returns -EINVAL instead of -1. We also
check for the return value of this function in every invocation to
skip further processing in case of messages with malformed TLVs.
This idea was suggested by Zecke.
When we have no other MNCC connection but the registeration of the
new fd is failing we should not disable reading from the listen_fd
for ever as the situation might not be permanent.
* include/openbsc/ipaccess.h: Reserve a protocol number for control
commands
* input/ipaccess.c: New function ipaccess_prepend_header_ext prepends
the extension header
This patch finishes the new ipaccess_send_*() functions and use them
in the ipaccess-proxy code.
I have also cleanup the definition of the PONG, ID_ACK and ID_REQ
messages (including some minor documentation about them).
I had to rename ipaccess_recvmsg() in ipaccess-proxy to avoid clashing
with the one defined in libabis.
For the USSD module we only want to handle requests that are
legitimate. This is achieved by looking for the CM Service Accept
or the BSSAP CIPHER MODE COMMAND.
This patch extends the make_sock() prototype so you can fully set
the fields priv_nr and data of the bsc_fd structure.
This is the first step to get rid of the internal make_sock()
implementation that ipaccess-proxy uses.
This patch includes a minor cleanup to pass INADDR_ANY instead
of zero, if you do not want to bind the socket to one specific
address.