Holger Hans Peter Freyther
64b12924bf
nat: Replace the idiom for replacing a string with a function call
...
Remove a lot of code in favor of a new function that is freeing
the old string and copying the new one. I should have gotten the
context and the strings right.
2010-10-25 21:04:46 +02:00
Holger Hans Peter Freyther
e393f273e7
nat: Keep a ussd token in the config
...
We will have the USSD provider connecting to us and we
will use the IPA protocol, including the auth mechanism.
2010-10-25 21:04:46 +02:00
Holger Hans Peter Freyther
3229f442f4
nat: Implement the matching of certain USSD messages
...
Have various checks, check if the IMSI should be handled,
if there is a USSD query set and then decode and compare
the value.
2010-10-25 21:04:46 +02:00
Holger Hans Peter Freyther
c1578bc747
nat: Add an option to set the query string to match
...
Allow the query string to be set. The ussd matching code
will check for this string and then forward it to the bypass.
2010-10-25 21:04:46 +02:00
Holger Hans Peter Freyther
c1cac1e31a
nat: Make the imsi checking function public.
...
We will use this method in the USSD module to check if the
IMSI should be handled for USSD queries.
2010-10-25 21:04:45 +02:00
Holger Hans Peter Freyther
d1effd835f
nat: Provide a USSD access list to check for which to play HLR.
2010-10-25 21:04:45 +02:00
Holger Hans Peter Freyther
17870cf533
nat: Create a USSD module to filter out USSDs...
2010-10-25 21:04:45 +02:00
Holger Hans Peter Freyther
74dc303134
nat: Introduce a new connection type for Supplementary Services
...
If we have a CM Service Request we will look into the message
to see if it is a Supplementary Service Activation.
2010-10-25 21:04:44 +02:00
Holger Hans Peter Freyther
a3967579f8
nat: Move the DTAP unpacking into a new method
...
DTAP unpacking will be used by the USSD checking code
2010-10-21 12:23:27 +02:00
Holger Hans Peter Freyther
749497eeb3
nat: Copy the IMSI, then free it or move the context to the connection
...
Extract the IMSI from the first message as well and safe it
in the connection structure. The problem is that we do not
have this structure at this point, so we will allocate the
imsi as child of the bsc_connection and then move/steal it.
2010-10-21 12:22:50 +02:00
Holger Hans Peter Freyther
8c78b480f9
nat: Store the IMSI inside the SCCP Connection data
...
Store the IMSI for the connections that we are tracking,
it will be freed when the normnal SCCP connection is freed.
2010-10-21 12:22:20 +02:00
Holger Hans Peter Freyther
1fd60631f7
nat: Change the order of the DENY/ALLOW rule for the BSC.
...
Currently it is not is not easily possible to disable
everyone and then only allow certain SIMs. By changing
the order we can do:
access-list imsi-deny only-something ^[0-9]*$
access-list imsi-allow only-something ^123[0-9]*$
and still keep the usecase of only forbidding certain
SIMs on certain LACs. Adjust test case, test that the
other cases are still functional.
2010-10-19 20:55:33 +02:00
Holger Hans Peter Freyther
a25d579ab9
nat: Convert the ip to host order to allow to bind to other ips
2010-10-19 17:48:13 +02:00
Holger Hans Peter Freyther
7e8da1379e
nat: Add a method to add a proper message to the queue.
...
This will be used by the USSD module to forward the data
without creating another copy of the data.
2010-10-19 16:40:34 +02:00
Holger Hans Peter Freyther
3d38742d1c
nat: Find a connection by the real ref
2010-10-19 16:40:17 +02:00
Holger Hans Peter Freyther
f961de1108
nat: Use the make_sock routine to listen for incoming connections.
2010-10-19 16:40:04 +02:00
Holger Hans Peter Freyther
a09b966cd4
nat: Use strncmp on the string in case it is not null terminated
2010-10-19 16:39:01 +02:00
Holger Hans Peter Freyther
69cfa179ef
nat: Make the write_queue write callback a public function
2010-10-13 23:56:01 +02:00
Holger Hans Peter Freyther
4d44fc56e7
nat: Make the queue routine work on any write_queue
2010-10-13 23:55:52 +02:00
Holger Hans Peter Freyther
19c530c5e7
ipaccess: Put our extensions to the protocol into the same enum
...
Rename NAT_IPAC_PROTO_MGCP to IPAC_PROTO_MGCP and place it in
the enum. We need to be prepared to change this number if IPA
is ever going to use it for something else.
2010-10-13 23:55:32 +02:00
Holger Hans Peter Freyther
3e9a7f80bd
misc: Replace the idiom for replacing a string with a function call
...
Remove a lot of code in favor of a new function that is freeing
the old string and copying the new one. I should have gotten the
context and the strings right.
2010-10-12 23:31:53 +02:00
Holger Hans Peter Freyther
0bd60f3317
nat: Allow a BSC to have multiple LACs
...
Make it possible that one BSC is serving multiple
cells. Introduce a list of lacs, add functions to
manipulate the lists. The current test cases for
paging by lac continue to work.
2010-10-08 22:21:46 +08:00
Holger Hans Peter Freyther
0c41b6933e
nat: Possible crash fix, only filter non local connections
...
For local connections con_msc is not set and sending a RLSD
to the network would have ended up in a segfault.
2010-10-06 00:48:36 +08:00
Holger Hans Peter Freyther
e8e41e611f
nat: Work around trying to forward a msg to a msc that does not exist
...
Instead of segfaulting warn the user that the MSC Connection does
not exist...
2010-10-06 00:24:28 +08:00
Holger Hans Peter Freyther
0c35b5bd79
nat: Use the right access list for the stats (found by clang)
2010-10-06 00:18:20 +08:00
Holger Hans Peter Freyther
463dc62ae4
nat: Provide statistics about amount of different messages.
...
Provide simple statistics on how many LUs, Paging Responses
etc. we are seeing in the network.
2010-10-03 19:41:42 +08:00
Holger Hans Peter Freyther
ee8849649b
nat: Keep track of how many connections we reject
...
Keep track of how many connections we reject due the IMSI
filter itself or due not being able to parse the message.
2010-09-25 17:58:22 +08:00
Holger Hans Peter Freyther
520c1f12ef
nat: Print the statistics of the access-list matches
...
Print the statistics for the rule matches via the vty.
2010-09-25 16:25:47 +08:00
Holger Hans Peter Freyther
2f1a984d4f
nat: Add statistics to the access-list in the NAT
...
Count how many times we match a BSC or NAT deny. This will
give us the number of how often something should be filtered.
2010-09-25 16:15:23 +08:00
Holger Hans Peter Freyther
568b9682e0
nat: Fix the filter when searching for a identity response
...
The filter code will return < 0 for error, 0 for unknown
subscriber, 1 for subscriber checked. Use the same if construct
as for the CR message. This should fix passing LU when it
starts with a TMSI of a different network.
2010-09-24 04:52:38 +08:00
Holger Hans Peter Freyther
f2eedff052
nat: Send a transcoder reset on start up.
...
The transcoder RESET is using the same extensions to reset all
endpoints on a remote site. This makes sure that all allocations
can be made in a properly configured network.
2010-09-20 02:51:30 +08:00
Holger Hans Peter Freyther
985f5694c7
nat: Keep the audio name and default payload around
...
For all forwarded messages this will not be used, but it is of
use for the transcoding.
2010-09-20 02:51:29 +08:00
Holger Hans Peter Freyther
249d69a26c
nat: Use the write_queue inside the CFG.
2010-09-20 02:51:29 +08:00
Holger Hans Peter Freyther
3c79214727
nat: NULL check the allocation and print a nice warning.
2010-09-20 02:48:43 +08:00
Holger Hans Peter Freyther
adb6e1cce1
janitor: Move the * to the variable name
2010-09-18 06:44:24 +08:00
Holger Hans Peter Freyther
eea5a1bcd6
nat: Fix a crash when a BSC disconnects while a rejected IMSI
...
When we reject the IMSI we do not have the msc_con set on the
SCCP connection, but we do have a remote_ref. So the nat_send_rlsd
will end up with a crash due the msc_con being zero. Fix the
crash by only sending a released to the MSC when the connection
is not local.
2010-09-16 06:41:09 +08:00
Holger Hans Peter Freyther
4fcce9ea19
nat; Start to use gcc attribute to say that parameter may not be zero
...
This is an attempt to hint the compiler that it should check
the parameters and warn when something is null. Sadly it does
not work as expected.
2010-09-16 06:33:27 +08:00
Holger Hans Peter Freyther
85804a80d4
nat: Fix the grammar of the sentence for listing open sccp connections
2010-09-15 19:01:31 +08:00
Holger Hans Peter Freyther
09ecda49d7
nat: Check if the connection was filtered before the msc connection
...
This way we avoid seeing many warnings that we will not forward
data to the MSC. For the con_local connections that is actually
the idea, we will not forward them to the MSC.
2010-09-15 18:58:37 +08:00
Holger Hans Peter Freyther
e8223cae3d
nat: Remove debug left overs
2010-09-15 18:58:36 +08:00
Holger Hans Peter Freyther
ac2763b47e
nat: Attempt to disconnect a connection when IMSI filtering happens
...
Attempt to disconnect the connection and make both sides happy
about this. Right now it only handles the LU and should be extended
to the CM Service Request.
2010-09-15 18:58:36 +08:00
Holger Hans Peter Freyther
11ebe1bf05
nat: And the sequence number away, making it work more reliable
2010-09-15 18:58:36 +08:00
Holger Hans Peter Freyther
3268540fc3
nat: Parse the id response, extract the IMSI, compare it
...
Add a test case and also add a basic check that we got some
size checks correct. The next step is to act on the result.
2010-09-15 18:58:36 +08:00
Holger Hans Peter Freyther
74e0a1b91c
nat: Start inspecting every message coming from the BSC for the IMSI
...
Return early in case the IMSI was already checked, if not we need
to look at the connection and check if the message could contain a
imsi we want/need to filter.
2010-09-15 18:58:36 +08:00
Holger Hans Peter Freyther
909e61fddc
nat: Remember if we have check the imsi.
...
Return -1 if the IMSI should be filtered, 0 if the IMSI could not
be checked and 1 if the IMSI was checked and allowed to pass. In
the future this will be used to inspect every message coming by.
2010-09-15 18:58:35 +08:00
Holger Hans Peter Freyther
3837f99e89
nat: Keep the fiter status in the return message.
2010-09-15 18:58:35 +08:00
Holger Hans Peter Freyther
27640fc255
nat: Improve the log message in case we have SCCP data without a connection
...
Describe which kind of data we have and where it was coming from
as this makes debugging a bit easier.
2010-09-15 18:58:35 +08:00
Holger Hans Peter Freyther
5f54075a8b
vty: Use \r\n in the copyright messages
...
We should use VTY_NEWLINE but our strings are static, always
use \r\n as unix terminals can handle that as well.
2010-09-11 13:32:30 +08:00
Holger Hans Peter Freyther
d368a71398
nat: Use ':' to separate the message and strerror
2010-09-05 08:51:12 +08:00
Holger Hans Peter Freyther
81506b4095
vty: Add the config node code to everyone.
2010-09-04 11:00:01 +08:00