64b12924bf
nat: Replace the idiom for replacing a string with a function call
...
Remove a lot of code in favor of a new function that is freeing
the old string and copying the new one. I should have gotten the
context and the strings right.
2010-10-25 21:04:46 +02:00
e393f273e7
nat: Keep a ussd token in the config
...
We will have the USSD provider connecting to us and we
will use the IPA protocol, including the auth mechanism.
2010-10-25 21:04:46 +02:00
3229f442f4
nat: Implement the matching of certain USSD messages
...
Have various checks, check if the IMSI should be handled,
if there is a USSD query set and then decode and compare
the value.
2010-10-25 21:04:46 +02:00
c1578bc747
nat: Add an option to set the query string to match
...
Allow the query string to be set. The ussd matching code
will check for this string and then forward it to the bypass.
2010-10-25 21:04:46 +02:00
c1cac1e31a
nat: Make the imsi checking function public.
...
We will use this method in the USSD module to check if the
IMSI should be handled for USSD queries.
2010-10-25 21:04:45 +02:00
d1effd835f
nat: Provide a USSD access list to check for which to play HLR.
2010-10-25 21:04:45 +02:00
17870cf533
nat: Create a USSD module to filter out USSDs...
2010-10-25 21:04:45 +02:00
74dc303134
nat: Introduce a new connection type for Supplementary Services
...
If we have a CM Service Request we will look into the message
to see if it is a Supplementary Service Activation.
2010-10-25 21:04:44 +02:00
a3967579f8
nat: Move the DTAP unpacking into a new method
...
DTAP unpacking will be used by the USSD checking code
2010-10-21 12:23:27 +02:00
749497eeb3
nat: Copy the IMSI, then free it or move the context to the connection
...
Extract the IMSI from the first message as well and safe it
in the connection structure. The problem is that we do not
have this structure at this point, so we will allocate the
imsi as child of the bsc_connection and then move/steal it.
2010-10-21 12:22:50 +02:00
8c78b480f9
nat: Store the IMSI inside the SCCP Connection data
...
Store the IMSI for the connections that we are tracking,
it will be freed when the normnal SCCP connection is freed.
2010-10-21 12:22:20 +02:00
1fd60631f7
nat: Change the order of the DENY/ALLOW rule for the BSC.
...
Currently it is not is not easily possible to disable
everyone and then only allow certain SIMs. By changing
the order we can do:
access-list imsi-deny only-something ^[0-9]*$
access-list imsi-allow only-something ^123[0-9]*$
and still keep the usecase of only forbidding certain
SIMs on certain LACs. Adjust test case, test that the
other cases are still functional.
2010-10-19 20:55:33 +02:00
a25d579ab9
nat: Convert the ip to host order to allow to bind to other ips
2010-10-19 17:48:13 +02:00
7e8da1379e
nat: Add a method to add a proper message to the queue.
...
This will be used by the USSD module to forward the data
without creating another copy of the data.
2010-10-19 16:40:34 +02:00
3d38742d1c
nat: Find a connection by the real ref
2010-10-19 16:40:17 +02:00
f961de1108
nat: Use the make_sock routine to listen for incoming connections.
2010-10-19 16:40:04 +02:00
a09b966cd4
nat: Use strncmp on the string in case it is not null terminated
2010-10-19 16:39:01 +02:00
69cfa179ef
nat: Make the write_queue write callback a public function
2010-10-13 23:56:01 +02:00
4d44fc56e7
nat: Make the queue routine work on any write_queue
2010-10-13 23:55:52 +02:00
19c530c5e7
ipaccess: Put our extensions to the protocol into the same enum
...
Rename NAT_IPAC_PROTO_MGCP to IPAC_PROTO_MGCP and place it in
the enum. We need to be prepared to change this number if IPA
is ever going to use it for something else.
2010-10-13 23:55:32 +02:00
3e9a7f80bd
misc: Replace the idiom for replacing a string with a function call
...
Remove a lot of code in favor of a new function that is freeing
the old string and copying the new one. I should have gotten the
context and the strings right.
2010-10-12 23:31:53 +02:00
0bd60f3317
nat: Allow a BSC to have multiple LACs
...
Make it possible that one BSC is serving multiple
cells. Introduce a list of lacs, add functions to
manipulate the lists. The current test cases for
paging by lac continue to work.
2010-10-08 22:21:46 +08:00
0c41b6933e
nat: Possible crash fix, only filter non local connections
...
For local connections con_msc is not set and sending a RLSD
to the network would have ended up in a segfault.
2010-10-06 00:48:36 +08:00
e8e41e611f
nat: Work around trying to forward a msg to a msc that does not exist
...
Instead of segfaulting warn the user that the MSC Connection does
not exist...
2010-10-06 00:24:28 +08:00
0c35b5bd79
nat: Use the right access list for the stats (found by clang)
2010-10-06 00:18:20 +08:00
463dc62ae4
nat: Provide statistics about amount of different messages.
...
Provide simple statistics on how many LUs, Paging Responses
etc. we are seeing in the network.
2010-10-03 19:41:42 +08:00
ee8849649b
nat: Keep track of how many connections we reject
...
Keep track of how many connections we reject due the IMSI
filter itself or due not being able to parse the message.
2010-09-25 17:58:22 +08:00
520c1f12ef
nat: Print the statistics of the access-list matches
...
Print the statistics for the rule matches via the vty.
2010-09-25 16:25:47 +08:00
2f1a984d4f
nat: Add statistics to the access-list in the NAT
...
Count how many times we match a BSC or NAT deny. This will
give us the number of how often something should be filtered.
2010-09-25 16:15:23 +08:00
568b9682e0
nat: Fix the filter when searching for a identity response
...
The filter code will return < 0 for error, 0 for unknown
subscriber, 1 for subscriber checked. Use the same if construct
as for the CR message. This should fix passing LU when it
starts with a TMSI of a different network.
2010-09-24 04:52:38 +08:00
f2eedff052
nat: Send a transcoder reset on start up.
...
The transcoder RESET is using the same extensions to reset all
endpoints on a remote site. This makes sure that all allocations
can be made in a properly configured network.
2010-09-20 02:51:30 +08:00
985f5694c7
nat: Keep the audio name and default payload around
...
For all forwarded messages this will not be used, but it is of
use for the transcoding.
2010-09-20 02:51:29 +08:00
249d69a26c
nat: Use the write_queue inside the CFG.
2010-09-20 02:51:29 +08:00
3c79214727
nat: NULL check the allocation and print a nice warning.
2010-09-20 02:48:43 +08:00
adb6e1cce1
janitor: Move the * to the variable name
2010-09-18 06:44:24 +08:00
eea5a1bcd6
nat: Fix a crash when a BSC disconnects while a rejected IMSI
...
When we reject the IMSI we do not have the msc_con set on the
SCCP connection, but we do have a remote_ref. So the nat_send_rlsd
will end up with a crash due the msc_con being zero. Fix the
crash by only sending a released to the MSC when the connection
is not local.
2010-09-16 06:41:09 +08:00
4fcce9ea19
nat; Start to use gcc attribute to say that parameter may not be zero
...
This is an attempt to hint the compiler that it should check
the parameters and warn when something is null. Sadly it does
not work as expected.
2010-09-16 06:33:27 +08:00
85804a80d4
nat: Fix the grammar of the sentence for listing open sccp connections
2010-09-15 19:01:31 +08:00
09ecda49d7
nat: Check if the connection was filtered before the msc connection
...
This way we avoid seeing many warnings that we will not forward
data to the MSC. For the con_local connections that is actually
the idea, we will not forward them to the MSC.
2010-09-15 18:58:37 +08:00
e8223cae3d
nat: Remove debug left overs
2010-09-15 18:58:36 +08:00
ac2763b47e
nat: Attempt to disconnect a connection when IMSI filtering happens
...
Attempt to disconnect the connection and make both sides happy
about this. Right now it only handles the LU and should be extended
to the CM Service Request.
2010-09-15 18:58:36 +08:00
11ebe1bf05
nat: And the sequence number away, making it work more reliable
2010-09-15 18:58:36 +08:00
3268540fc3
nat: Parse the id response, extract the IMSI, compare it
...
Add a test case and also add a basic check that we got some
size checks correct. The next step is to act on the result.
2010-09-15 18:58:36 +08:00
74e0a1b91c
nat: Start inspecting every message coming from the BSC for the IMSI
...
Return early in case the IMSI was already checked, if not we need
to look at the connection and check if the message could contain a
imsi we want/need to filter.
2010-09-15 18:58:36 +08:00
909e61fddc
nat: Remember if we have check the imsi.
...
Return -1 if the IMSI should be filtered, 0 if the IMSI could not
be checked and 1 if the IMSI was checked and allowed to pass. In
the future this will be used to inspect every message coming by.
2010-09-15 18:58:35 +08:00
3837f99e89
nat: Keep the fiter status in the return message.
2010-09-15 18:58:35 +08:00
27640fc255
nat: Improve the log message in case we have SCCP data without a connection
...
Describe which kind of data we have and where it was coming from
as this makes debugging a bit easier.
2010-09-15 18:58:35 +08:00
5f54075a8b
vty: Use \r\n in the copyright messages
...
We should use VTY_NEWLINE but our strings are static, always
use \r\n as unix terminals can handle that as well.
2010-09-11 13:32:30 +08:00
d368a71398
nat: Use ':' to separate the message and strerror
2010-09-05 08:51:12 +08:00
81506b4095
vty: Add the config node code to everyone.
2010-09-04 11:00:01 +08:00
Holger Hans Peter Freyther