1 /* 2 * Copyright (C) 2006 iptelorg GmbH 3 * 4 * This file is part of Kamailio, a free SIP server. 5 * 6 * Kamailio is free software; you can redistribute it and/or modify 7 * it under the terms of the GNU General Public License as published by 8 * the Free Software Foundation; either version 2 of the License, or 9 * (at your option) any later version 10 * 11 * Kamailio is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 * GNU General Public License for more details. 15 * 16 * You should have received a copy of the GNU General Public License 17 * along with this program; if not, write to the Free Software 18 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA 19 */ 20 21 /** Kamailio core :: Destination blacklists. 22 * @file 23 * @author andrei, Gergo 24 * @ingroup core 25 * Module: @ref core 26 */ 27 28 #ifndef dst_black_list_h 29 #define dst_black_list_h 30 31 #include "ip_addr.h" 32 #include "parser/msg_parser.h" 33 #include "timer_ticks.h" 34 #include "cfg_core.h" 35 36 #define DEFAULT_BLST_TIMEOUT 60 /**< 1 min. */ 37 #define DEFAULT_BLST_MAX_MEM 250 /**< 250 KB */ 38 39 /** @name flags: */ 40 /*@{ */ 41 42 #define BLST_IS_IPV6 1 /**< set if the address is ipv6 */ 43 #define BLST_ERR_SEND (1<<1) /**< set if send is denied/failed */ 44 #define BLST_ERR_CONNECT (1<<2) /**< set if connect failed (tcp/tls) */ 45 #define BLST_ICMP_RCVD (1<<3) /**< set if icmp error */ 46 #define BLST_ERR_TIMEOUT (1<<4) /**< set if sip timeout */ 47 #define BLST_503 (1<<5) /**< set for 503 replies */ 48 #define BLST_ADM_PROHIBITED (1<<6) /**< administratively prohibited */ 49 #define BLST_PERMANENT (1<<7) /**< never deleted, never expires */ 50 /*@} */ 51 52 /* uncomment the define above to enable blacklist callbacks support */ 53 /*#define DST_BLACKLIST_HOOKS*/ 54 55 #define DST_BLACKLIST_CONTINUE 0 /**< add: do nothing/ignore, search: ignore */ 56 #define DST_BLACKLIST_ACCEPT 1 /**< add: force accept, search: force match */ 57 #define DST_BLACKLIST_DENY -1 /**< add: deny, search: force no match */ 58 59 #define DST_BLACKLIST_ADD_CB 1 60 #define DST_BLACKLIST_SEARCH_CB 2 61 62 63 extern unsigned blst_proto_imask[PROTO_LAST+1]; 64 65 #ifdef DST_BLACKLIST_HOOKS 66 struct blacklist_hook{ 67 /* WARNING: msg might be NULL, and it might point to shared memory 68 * without locking, do not modify it! msg can be used typically for checking 69 * the message flags with isflagset() */ 70 int (*on_blst_action)(struct dest_info* si, unsigned char* err_flags, 71 struct sip_msg* msg); 72 /* called before ser shutdown */ 73 void (*destroy)(void); 74 }; 75 76 int register_blacklist_hook(struct blacklist_hook *h, int type); 77 #endif /* DST_BLACKLIST_HOOKS */ 78 79 int init_dst_blacklist(void); 80 #ifdef USE_DST_BLACKLIST_STATS 81 int init_dst_blacklist_stats(int iproc_num); 82 #define DST_BLACKLIST_ALL_STATS "bkl_all_stats" 83 #endif 84 void destroy_dst_blacklist(void); 85 86 87 /** force add to the blacklist. 88 * like function dst_blacklist_add_to, but no ignore mask or 89 * blacklist enabled checks are made. 90 * @see dst_blacklist_add_to for the parameters and return value. 91 */ 92 int dst_blacklist_force_add_to(unsigned char err_flags, struct dest_info* si, 93 struct sip_msg* msg, ticks_t timeout); 94 95 /** force add to the blacklist, long version. 96 * like function dst_blacklist_su_to, but no ignore mask or 97 * blacklist enabled checks are made. 98 * @see dst_blacklist_su_to for the parameters and return value. 99 */ 100 int dst_blacklist_force_su_to( unsigned char err_flags, 101 unsigned char proto, 102 union sockaddr_union* dst, 103 struct sip_msg* msg, 104 ticks_t timeout); 105 106 107 /** checks if blacklist should be used. 108 * @param err_flags - blacklist reason 109 * @param si - filled dest_info structure pointer. 110 * @return 1 if blacklist is enabled (core_cfg) and the event/error 111 * is not in the ignore list. 112 * 0 otherwise 113 */ 114 #define should_blacklist(err_flags, si) \ 115 (cfg_get(core, core_cfg, use_dst_blacklist) && \ 116 ((err_flags) & ~blst_proto_imask[(unsigned)((si)->proto)] & \ 117 ~(si)->send_flags.blst_imask )) 118 119 120 /** checks if blacklist should be used, long version. 121 * @param err_flags - blacklist reason 122 * @param snd_flags - snd_flags pointer, can be 0. 123 * @param proto - protocol, can be 0 (PROTO_NONE). 124 * @param su - sockaddr_union pointer, can be 0. 125 * @return 1 if blacklist is enabled (core_cfg) and the event/error 126 * is not in the ignore list. 0 otherwise 127 */ 128 #define should_blacklist_su(err_flags, snd_flags, proto, su) \ 129 (cfg_get(core, core_cfg, use_dst_blacklist) && \ 130 ((err_flags) & ~blst_proto_imask[(unsigned)(proto)] & \ 131 ~((snd_flags)?((snd_flags_t*)(snd_flags))->blst_imask:0))) 132 133 134 /** adds a dst to the blacklist. 135 * 136 * @param err_flags - blacklist reason 137 * @param si - dest_info structure (dst). 138 * @param msg - sip msg struct. pointer if known, 0 otherwise. 139 * @param timeout - timeout in ticks. 140 * @return >=0 on success, -1 on error. 141 */ 142 #define dst_blacklist_add_to(err_flags, si, msg, timeout) \ 143 (should_blacklist(err_flags, si)? \ 144 dst_blacklist_force_add_to((err_flags), (si), (msg), (timeout))\ 145 : 0) 146 147 148 /** adds a dst to the blacklist, long version. 149 * Similar to dst_blacklist_add_to, but uses "unpacked" parameters. 150 * @param err_flags - blacklist reason 151 * @param proto - protocol. 152 * @param dst - sockaddr_union pointer. 153 * @param snd_flags - snd_flags pointer, can be 0. 154 * @param msg - sip msg struct. pointer if known, 0 otherwise. 155 * @param timeout - timeout in ticks. 156 * @return >=0 on success, -1 on error. 157 */ 158 #define dst_blacklist_su_to(err_flags, proto, dst, snd_flags, msg, timeout) \ 159 (should_blacklist_su(err_flags, snd_flags, proto, dst) ? \ 160 dst_blacklist_force_su_to((err_flags), (proto), (dst), (msg), \ 161 (timeout))\ 162 : 0) 163 164 165 /** adds a dst to the blacklist with default timeout. 166 * 167 * @param err_flags - blacklist reason 168 * @param si - dest_info structure (dst). 169 * @param msg - sip msg struct. pointer if known, 0 otherwise. 170 * @return >=0 on success, -1 on error. 171 * @see dst_blacklist_add_to. 172 */ 173 #define dst_blacklist_add(err_flags, si, msg) \ 174 dst_blacklist_add_to(err_flags, si, msg, \ 175 S_TO_TICKS(cfg_get(core, core_cfg, blst_timeout))) 176 177 178 /** adds a dst to the blacklist with default timeout, long version. 179 * Similar to dst_blacklist_add_to, but uses "unpacked" parameters. 180 * @param err_flags - blacklist reason 181 * @param proto - protocol. 182 * @param dst - sockaddr_union pointer. 183 * @param snd_flags - snd_flags pointer, can be 0. 184 * @param msg - sip msg struct. pointer if known, 0 otherwise. 185 * @return >=0 on success, -1 on error. 186 * @see dst_blacklist_su_to. 187 */ 188 #define dst_blacklist_su(err_flags, proto, dst, snd_flags, msg) \ 189 dst_blacklist_su_to(err_flags, proto, dst, snd_flags, msg, \ 190 S_TO_TICKS(cfg_get(core, core_cfg, blst_timeout))) 191 192 int dst_is_blacklisted(struct dest_info* si, struct sip_msg* msg); 193 194 /** delete an entry from the blacklist. */ 195 int dst_blacklist_del(struct dest_info* si, struct sip_msg* msg); 196 197 /** deletes all the entries from the blacklist except the permanent ones. 198 * (which are marked with BLST_PERMANENT) 199 */ 200 void dst_blst_flush(void); 201 202 int use_dst_blacklist_fixup(void *handle, str *gname, str *name, void **val); 203 204 /** KByte to Byte conversion. */ 205 int blst_max_mem_fixup(void *handle, str *gname, str *name, void **val); 206 207 void blst_reinit_ign_masks(str* gname, str* name); 208 209 #endif 210