def ksr_route_sipout(self, msg): if KSR.is_myself_ruri(): return 1 KSR.hdr.append("P-Hint: outbound\r\n") self.ksr_route_relay(msg) return -255
def ksr_route_sipout(self, msg): if KSR.is_myself_ruri() : return 1; KSR.hdr.append("P-Hint: outbound\r\n"); self.ksr_route_relay(msg); return -255;
def ksr_route_reqinit(self, msg): if not KSR.is_myself(KSR.pv.get("$si")): if not KSR.pv.is_null("$sht(ipban=>$si)"): # ip is already blocked KSR.dbg("request from blocked IP - " + KSR.pv.get("$rm") + " from " + KSR.pv.get("$fu") + " (IP:" + KSR.pv.get("$si") + ":" + str(KSR.pv.get("$sp")) + ")\n") return -255 if KSR.pike.pike_check_req() < 0: KSR.err("ALERT: pike blocking " + KSR.pv.get("$rm") + " from " + KSR.pv.get("$fu") + " (IP:" + KSR.pv.get("$si") + ":" + str(KSR.pv.get("$sp")) + ")\n") KSR.pv.seti("$sht(ipban=>$si)", 1) return -255 if KSR.corex.has_user_agent() > 0: ua = KSR.pv.gete("$ua") if (ua.find("friendly") != -1 or ua.find("scanner") != -1 or ua.find("sipcli") != -1 or ua.find("sipvicious") != -1): KSR.sl.sl_send_reply(200, "Processed") return -255 if KSR.maxfwd.process_maxfwd(10) < 0: KSR.sl.sl_send_reply(483, "Too Many Hops") return -255 if (KSR.is_OPTIONS() and KSR.is_myself_ruri() and KSR.corex.has_ruri_user() < 0): KSR.sl.sl_send_reply(200, "Keepalive") return -255 if KSR.sanity.sanity_check(1511, 7) < 0: KSR.err("Malformed SIP message from " + KSR.pv.get("$si") + ":" + str(KSR.pv.get("$sp")) + "\n") return -255
def ksr_route_reqinit(self, msg): if not KSR.is_myself(KSR.pv.get("$si")) : if not KSR.pv.is_null("$sht(ipban=>$si)") : # ip is already blocked KSR.dbg("request from blocked IP - " + KSR.pv.get("$rm") + " from " + KSR.pv.get("$fu") + " (IP:" + KSR.pv.get("$si") + ":" + str(KSR.pv.get("$sp")) + ")\n"); return -255; if KSR.pike.pike_check_req()<0 : KSR.err("ALERT: pike blocking " + KSR.pv.get("$rm") + " from " + KSR.pv.get("$fu") + " (IP:" + KSR.pv.get("$si") + ":" + str(KSR.pv.get("$sp")) + ")\n"); KSR.pv.seti("$sht(ipban=>$si)", 1); return -255; if KSR.corex.has_user_agent() > 0 : ua = KSR.pv.gete("$ua") if (ua.find("friendly-scanner")!=-1 or ua.find("sipcli")!=-1) : KSR.sl.sl_send_reply(200, "Processed"); return -255; if KSR.maxfwd.process_maxfwd(10) < 0 : KSR.sl.sl_send_reply(483,"Too Many Hops"); return -255; if (KSR.is_OPTIONS() and KSR.is_myself_ruri() and KSR.corex.has_ruri_user() < 0) : KSR.sl.sl_send_reply(200,"Keepalive"); return -255; if KSR.sanity.sanity_check(1511, 7)<0 : KSR.err("Malformed SIP message from " + KSR.pv.get("$si") + ":" + str(KSR.pv.get("$sp")) +"\n"); return -255;
def ksr_route_auth(self, msg): if not KSR.is_REGISTER(): if KSR.permissions.allow_source_address(1) > 0: # source IP allowed return 1 if KSR.is_REGISTER() or KSR.is_myself_furi(): # authenticate requests if KSR.auth_db.auth_check(KSR.pv.get("$fd"), "subscriber", 1) < 0: KSR.auth.auth_challenge(KSR.pv.get("$fd"), 0) return -255 # user authenticated - remove auth header if not KSR.is_method_in("RP"): KSR.auth.consume_credentials() # if caller is not local subscriber, then check if it calls # a local destination, otherwise deny, not an open relay here if (not KSR.is_myself_furi()) and (not KSR.is_myself_ruri()): KSR.sl.sl_send_reply(403, "Not relaying") return -255 return 1
def ksr_route_auth(self, msg): if not KSR.is_REGISTER() : if KSR.permissions.allow_source_address(1)>0 : # source IP allowed return 1; if KSR.is_REGISTER() or KSR.is_myself_furi() : # authenticate requests if KSR.auth_db.auth_check(KSR.pv.get("$fd"), "subscriber", 1)<0 : KSR.auth.auth_challenge(KSR.pv.get("$fd"), 0); return -255; # user authenticated - remove auth header if not KSR.is_method_in("RP") : KSR.auth.consume_credentials(); # if caller is not local subscriber, then check if it calls # a local destination, otherwise deny, not an open relay here if (not KSR.is_myself_furi()) and (not KSR.is_myself_ruri()) : KSR.sl.sl_send_reply(403,"Not relaying"); return -255; return 1;