added plugin_blacklist

2017-03-14 19:42:03 +00:00 · 2017-03-14 19:42:03 +00:00 · 8d0467ff8b
commit 8d0467ff8b
parent f6293d1b3d
3 changed files with 38 additions and 8 deletions
--- a/5
+++ b/5
@ -1,6 +1,9 @@
 0.8.3dev
 ========
-<<<<<<< .mine
+  14-Mar-2017:  - plugin_blacklist: new plugin to block UACs that cause
+                  excessive failures durign REGISTER attempts.
+  27-Feb-2017:  - improved memory behavior of some plugins during shutdown
+                - fixed 2 minor memory leaks
  02-Aug-2016:  - rtpproxy_relay: more robustness when closing sockets.
  31-Aug-2016:  - plugin_stats: write some statistics about currently active calls
  30-Aug-2016:  - rtpproxy.h: rtp_proxytable_t.opposite_entry has been
--- a/doc/siproxd.conf.example
+++ b/doc/siproxd.conf.example
@ -314,6 +314,10 @@ debug_port = 0
 #outbound_domain_name = freenet.de
 #outbound_domain_host = proxy.for.domain.freende.de
 #outbound_domain_port = 5060
+#
+outbound_domain_name = easybell.de
+outbound_domain_host = sip.easybell.de
+outbound_domain_port = 5060


 ######################################################################
@ -519,3 +523,29 @@ plugin_fix_fbox_anoncall_networks = 192.168.0.0/16,10.0.0.0/8,172.16.0.0/20
 #plugin_stats_to_syslog = 300
 #plugin_stats_to_file = 300
 #plugin_stats_filename = /var/lib/siproxd/siproxd_stats
+
+######################################################################
+# Plugin_blacklist
+#
+# This plugin maintains count of failed REGISTER attempts of
+# individual local UACs (clients) and does block outgoing requests
+# from such a UAC once a limit /hitcount) has been reached. The 
+# duration of the block is configurable. It is required that a blocked
+# UAC does *not* send any packets that are going to be blocked
+# during the duration to recover (the UAC must remain silent during 
+# this period)
+#
+# ..._dbpath:        path where to locate the database
+# ..._mode:          0: no block, 1: IP based, 2: IP and SIP-user based
+# ..._simulate:      0: block UACs once the failure count limit has been reached
+#                    1: simulate, only log but don't block
+# ..._duration:      block duration in seconds, 0: forever
+# ..._hitcount:      required failed REGISTER attempts until blocked.
+#
+plugin_blacklist_dbpath = /var/lib/siproxd/blacklist.sqlite
+//plugin_blacklist_mode = 0
+plugin_blacklist_simulate = 0
+plugin_blacklist_duration = 3600
+plugin_blacklist_hitcount = 10
+
+
--- a/src/plugin_blacklist.c
+++ b/src/plugin_blacklist.c
@ -53,7 +53,7 @@ extern struct siproxd_config configuration;
 /* plugin configuration storage */
 static struct plugin_config {
   char *dbpath;	/* path to sqlite DB file (/var/lib/siproxd/bl.db */
-   int  block_mode;	/* 0: no, 1: IP based, 2: IP & SIP-user */ 
+//   int  block_mode;	/* 0: no, 1: IP based, 2: IP & SIP-user */ 
   int  simulate;	/* 0: no, 1: don't block, just log */ 
   int  duration;	/* in seconds, 0: forever, dont' expire */ 
   int  hitcount;	/* required attempts until blocked */ 
@ -62,7 +62,7 @@ static struct plugin_config {
 /* Instructions for config parser */
 static cfgopts_t plugin_cfg_opts[] = {
   { "plugin_blacklist_dbpath",		TYP_STRING, &plugin_cfg.dbpath,	{0, "/var/lib/siproxd/blacklist.sqlite"} },
-   { "plugin_blacklist_mode",		TYP_INT4,   &plugin_cfg.block_mode,	{2, NULL} },
+//   { "plugin_blacklist_mode",		TYP_INT4,   &plugin_cfg.block_mode,	{2, NULL} },
   { "plugin_blacklist_simulate",	TYP_INT4,   &plugin_cfg.simulate,	{0, NULL} },
   { "plugin_blacklist_duration",	TYP_INT4,   &plugin_cfg.duration,	{3600, NULL} },
   { "plugin_blacklist_hitcount",	TYP_INT4,   &plugin_cfg.hitcount,	{10, NULL} },
@ -81,12 +81,12 @@ typedef struct {

 static sql_statement_t sql_statement[] = {
   /* blacklist_check() */
-   {  0, NULL, "SELECT count(id) from blacklist WHERE ip=?001 and sipuri=?002 AND (type =1 or failcount>?003);" },
+   {  0, NULL, "SELECT count(*) from blacklist WHERE ip=?001 and sipuri=?002 AND (type=1 or failcount>?003);" },
   {  1, NULL, "UPDATE OR IGNORE blacklist SET lastseen=?003 WHERE ip=?001 and sipuri=?002;" },
   {  2, NULL, "INSERT OR REPLACE INTO requests (timestamp, ip, sipuri, callid) VALUES (?001, ?002, ?003, ?004);" },
   /* blacklist_update() */
   {  3, NULL, "DELETE FROM requests WHERE timestamp<?001;" },
-   {  4, NULL, "SELECT count(id) from requests WHERE ip=?001 and sipuri=?002 AND callid=?003;" },
+   {  4, NULL, "SELECT count(*) from requests WHERE ip=?001 and sipuri=?002 AND callid=?003;" },
   {  5, NULL, "INSERT OR IGNORE INTO blacklist (ip, sipuri) VALUES (?001, ?002);" },
   {  6, NULL, "UPDATE OR IGNORE blacklist SET failcount=failcount+1, lastseen=?003, lastfail=?003 WHERE type=0 and ip=?001 and sipuri=?002;" },
   {  7, NULL, "UPDATE OR IGNORE blacklist SET lastseen=?003 WHERE ip=?001 and sipuri=?002;" },
@ -120,7 +120,6 @@ static sql_statement_t sql_statement[] = {
 	    ");" \
 	"CREATE TABLE IF NOT EXISTS "\
 	    "blacklist ( "\
-		"id INTEGER PRIMARY KEY AUTOINCREMENT, "\
 		"type INTEGER DEFAULT 0, "\
 		"ip VARCHAR(" xstr(IPSTRING_SIZE) "), "\
 		"sipuri VARCHAR(" xstr(USERNAME_SIZE) "), "\
@ -131,7 +130,6 @@ static sql_statement_t sql_statement[] = {
 	    ");" \
 	"CREATE TABLE IF NOT EXISTS "\
 	    "requests ( "\
-		"id INTEGER PRIMARY KEY AUTOINCREMENT, "\
 		"timestamp INTEGER DEFAULT 0, "\
 		"ip VARCHAR(" xstr(IPSTRING_SIZE) "), "\
 		"sipuri VARCHAR(" xstr(USERNAME_SIZE) "), "\
@ -142,7 +140,6 @@ static sql_statement_t sql_statement[] = {
 /* tables
 control
 blacklist
-    - id
    - type	0: automatic entry, 1: manual entry (manually added to DB, will not expire)
    - ip	IP address of source (xxx.xxx.xxx.xxx)
    - sipuri	SIP authentication username