summaryrefslogtreecommitdiff
path: root/orkaudio/audiocaptureplugins/voip/VoIpConfig.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'orkaudio/audiocaptureplugins/voip/VoIpConfig.cpp')
-rw-r--r--orkaudio/audiocaptureplugins/voip/VoIpConfig.cpp173
1 files changed, 171 insertions, 2 deletions
diff --git a/orkaudio/audiocaptureplugins/voip/VoIpConfig.cpp b/orkaudio/audiocaptureplugins/voip/VoIpConfig.cpp
index 7cb6dde..5a12214 100644
--- a/orkaudio/audiocaptureplugins/voip/VoIpConfig.cpp
+++ b/orkaudio/audiocaptureplugins/voip/VoIpConfig.cpp
@@ -24,6 +24,8 @@ VoIpConfig::VoIpConfig()
m_asciiLanMasks.push_back("192.168.255.255");
m_asciiLanMasks.push_back("10.255.255.255");
m_asciiLanMasks.push_back("172.31.255.255");
+
+ m_sipDropIndirectInvite = false;
}
void VoIpConfig::Define(Serializer* s)
@@ -32,8 +34,13 @@ void VoIpConfig::Define(Serializer* s)
s->CsvValue("Devices", m_devices);
s->CsvValue("LanMasks", m_asciiLanMasks);
s->CsvValue("MediaGateways", m_asciiMediaGateways);
+
+ s->CsvValue("BlockedIpRanges", m_asciiBlockedIpRanges);
+ s->CsvValue("AllowedIpRanges", m_asciiAllowedIpRanges);
+
s->StringValue("PcapFile", m_pcapFile);
s->StringValue("PcapDirectory", m_pcapDirectory);
+ s->BoolValue("SipDropIndirectInvite", m_sipDropIndirectInvite);
}
void VoIpConfig::Validate()
@@ -50,7 +57,7 @@ void VoIpConfig::Validate()
}
else
{
- throw (CStdString("VoIpConfig: invalid IP address in LanMasks:" + *it));
+ throw (CStdString("VoIpConfig: invalid IP address in LanMasks:" + *it) + " please fix config.xml");
}
}
@@ -65,7 +72,100 @@ void VoIpConfig::Validate()
}
else
{
- throw (CStdString("VoIpConfig: invalid IP address in MediaGateways:" + *it));
+ throw (CStdString("VoIpConfig: invalid IP address in MediaGateways:" + *it) + " please fix config.xml");
+ }
+ }
+
+ // Iterate over ascii allowed IP ranges and populate the bit width and prefix lists
+ m_allowedIpRangePrefixes.clear();
+ m_allowedIpRangeBitWidths.clear();
+ for(it = m_asciiAllowedIpRanges.begin(); it != m_asciiAllowedIpRanges.end(); it++)
+ {
+ CStdString cidrPrefixLengthString;
+ unsigned int cidrPrefixLength = 32; // by default, x.x.x.x/32
+ CStdString cidrIpAddressString;
+ struct in_addr cidrIpAddress;
+
+ CStdString entry = *it;
+ int slashPosition = entry.Find('/');
+ if(slashPosition > 0)
+ {
+ cidrIpAddressString = entry.Left(slashPosition);
+ cidrPrefixLengthString = entry.Mid(slashPosition+1);
+
+ bool notAnInt = false;
+ try
+ {
+ cidrPrefixLength = StringToInt(cidrPrefixLengthString);
+ }
+ catch (...) {notAnInt = true;}
+ if(cidrPrefixLength < 1 || cidrPrefixLength > 32 || notAnInt)
+ {
+ throw (CStdString("VoIpConfig: invalid CIDR prefix length in AllowedIpRanges:" + entry) + " please fix config.xml");
+ }
+ }
+ else
+ {
+ cidrIpAddressString = entry;
+ }
+
+ if(ACE_OS::inet_aton((PCSTR)cidrIpAddressString, &cidrIpAddress))
+ {
+ unsigned int rangeBitWidth = 32-cidrPrefixLength;
+ unsigned int prefix = ntohl((unsigned int)cidrIpAddress.s_addr) >> (rangeBitWidth);
+ m_allowedIpRangePrefixes.push_back(prefix);
+ m_allowedIpRangeBitWidths.push_back(rangeBitWidth);
+ }
+ else
+ {
+ throw (CStdString("VoIpConfig: invalid IP range in AllowedIpRanges:" + entry) + " please fix config.xml");
+ }
+ }
+
+
+ // Iterate over ascii blocked IP ranges and populate the bit width and prefix lists
+ m_blockedIpRangePrefixes.clear();
+ m_blockedIpRangeBitWidths.clear();
+ for(it = m_asciiBlockedIpRanges.begin(); it != m_asciiBlockedIpRanges.end(); it++)
+ {
+ CStdString cidrPrefixLengthString;
+ unsigned int cidrPrefixLength = 32; // by default, x.x.x.x/32
+ CStdString cidrIpAddressString;
+ struct in_addr cidrIpAddress;
+
+ CStdString entry = *it;
+ int slashPosition = entry.Find('/');
+ if(slashPosition > 0)
+ {
+ cidrIpAddressString = entry.Left(slashPosition);
+ cidrPrefixLengthString = entry.Mid(slashPosition+1);
+
+ bool notAnInt = false;
+ try
+ {
+ cidrPrefixLength = StringToInt(cidrPrefixLengthString);
+ }
+ catch (...) {notAnInt = true;}
+ if(cidrPrefixLength < 1 || cidrPrefixLength > 32 || notAnInt)
+ {
+ throw (CStdString("VoIpConfig: invalid CIDR prefix length in blockedIpRanges:" + entry) + " please fix config.xml");
+ }
+ }
+ else
+ {
+ cidrIpAddressString = entry;
+ }
+
+ if(ACE_OS::inet_aton((PCSTR)cidrIpAddressString, &cidrIpAddress))
+ {
+ unsigned int rangeBitWidth = 32-cidrPrefixLength;
+ unsigned int prefix = ntohl((unsigned int)cidrIpAddress.s_addr) >> (rangeBitWidth);
+ m_blockedIpRangePrefixes.push_back(prefix);
+ m_blockedIpRangeBitWidths.push_back(rangeBitWidth);
+ }
+ else
+ {
+ throw (CStdString("VoIpConfig: invalid IP range in BlockedIpRanges:" + entry) + " please fix config.xml");
}
}
}
@@ -94,6 +194,75 @@ bool VoIpConfig::IsMediaGateway(struct in_addr addr)
return false;
}
+bool VoIpConfig::IsPacketWanted(IpHeaderStruct* ipHeader)
+{
+ bool wanted = true; // keep packet by default
+
+ // If source or destination IP address does not match any existing allowing mask, drop packet
+ if(m_allowedIpRangePrefixes.size() > 0)
+ {
+ wanted = false; // Presence of allowing ranges -> drop packet by default
+
+ bool sourceWanted = false;
+ std::list<unsigned int>::iterator bitWidthIt = m_allowedIpRangeBitWidths.begin();
+ std::list<unsigned int>::iterator prefixIt = m_allowedIpRangePrefixes.begin();
+ while(prefixIt != m_allowedIpRangePrefixes.end())
+ {
+ unsigned int bitWidth = *bitWidthIt;
+ unsigned int prefix = *prefixIt;
+ unsigned int packetSourcePrefix = ntohl((unsigned int)ipHeader->ip_src.s_addr) >> bitWidth;
+ if(packetSourcePrefix == prefix)
+ {
+ sourceWanted = true;
+ break;
+ }
+ prefixIt++;
+ bitWidthIt++;
+ }
+ if(sourceWanted)
+ {
+ std::list<unsigned int>::iterator bitWidthIt = m_allowedIpRangeBitWidths.begin();
+ std::list<unsigned int>::iterator prefixIt = m_allowedIpRangePrefixes.begin();
+ while(prefixIt != m_allowedIpRangePrefixes.end())
+ {
+ unsigned int bitWidth = *bitWidthIt;
+ unsigned int prefix = *prefixIt;
+ unsigned int packetDestPrefix = ntohl((unsigned int)ipHeader->ip_dest.s_addr) >> bitWidth;
+ if(packetDestPrefix == prefix)
+ {
+ wanted = true;
+ break;
+ }
+ prefixIt++;
+ bitWidthIt++;
+ }
+ }
+ }
+ // If source or destination IP address does match any existing blocking range, drop packet
+ std::list<unsigned int>::iterator bitWidthIt = m_blockedIpRangeBitWidths.begin();
+ std::list<unsigned int>::iterator prefixIt = m_blockedIpRangePrefixes.begin();
+
+ while(prefixIt != m_blockedIpRangePrefixes.end() && wanted == true)
+ {
+ unsigned int bitWidth = *bitWidthIt;
+ unsigned int prefix = *prefixIt;
+ unsigned int packetSourcePrefix = ntohl((unsigned int)ipHeader->ip_src.s_addr) >> bitWidth;
+ unsigned int packetDestPrefix = ntohl((unsigned int)ipHeader->ip_dest.s_addr) >> bitWidth;
+
+ if(packetSourcePrefix == prefix)
+ {
+ wanted = false;
+ }
+ if(packetDestPrefix == prefix)
+ {
+ wanted = false;
+ }
+ prefixIt++;
+ bitWidthIt++;
+ }
+ return wanted;
+}
+
bool VoIpConfig::IsDeviceWanted(CStdString device)
{
if(device.Equals(m_device))
generated by cgit v1.2.3 (git 2.39.1) at 2024-04-29 05:37:27 +0000