Allocate the status for an endpoint dynamically. We will support
BSCs with different amount of multiplexes and need to have this
flexibility in the future. Add the proper null checks to the
current users of this code.
Instead of using more numbers from the proto range we will
use the 0xee and then have a mini header with our new proto
id in there. For a start rename the use types to _OLD.
The reason for this is quite simple: We want to make sure anyone
running a customized version of OpenBSC to operate a network will
have to release all custom modifiations to the source code.
Extract the IMSI from the first message as well and safe it
in the connection structure. The problem is that we do not
have this structure at this point, so we will allocate the
imsi as child of the bsc_connection and then move/steal it.
Currently it is not is not easily possible to disable
everyone and then only allow certain SIMs. By changing
the order we can do:
access-list imsi-deny only-something ^[0-9]*$
access-list imsi-allow only-something ^123[0-9]*$
and still keep the usecase of only forbidding certain
SIMs on certain LACs. Adjust test case, test that the
other cases are still functional.
Rename NAT_IPAC_PROTO_MGCP to IPAC_PROTO_MGCP and place it in
the enum. We need to be prepared to change this number if IPA
is ever going to use it for something else.
Remove a lot of code in favor of a new function that is freeing
the old string and copying the new one. I should have gotten the
context and the strings right.
Make it possible that one BSC is serving multiple
cells. Introduce a list of lacs, add functions to
manipulate the lists. The current test cases for
paging by lac continue to work.
Return early in case the IMSI was already checked, if not we need
to look at the connection and check if the message could contain a
imsi we want/need to filter.
Return -1 if the IMSI should be filtered, 0 if the IMSI could not
be checked and 1 if the IMSI was checked and allowed to pass. In
the future this will be used to inspect every message coming by.
common_vty.c was including bsc_nat.h which tried to
get the sccp/sccp_types.h which is not required to be
installed. Move all structs using/embedding SCCP structures
into the bsc_nat_sccp.h and include. This should fix
the compilation.
Inside the access-list we have a list of entries that have
either one allow or one deny rule... we do not allow to remove
a single rule but one has to remove the whole list, in that case
talloc will handle cleaning all entries.
Right now the matching is O(n*m) as we traverse the list
(multiple times) and run the regexp multiple times. One
way to make it faster would be to concat all regexps into
one.
One can set one access-list to one BSC and one
access-list to one NAT. The matching of IMSIs
remains the same for now, also applying the
white/blacklist. Access lists can not be deleted
for now and no perf opt is done (e.g. one could
cache the result of the last lookup in the bsc
struct).
We will need to confirm the connection, then we can send the
GSM48 message, then we need to close the connection... the
embedding in the refusal method was way too easy..
Holger Hans Peter Freyther
Harald Welte