From 5aceeee0352021d6f14a06e30c8dd89cc998822a Mon Sep 17 00:00:00 2001
From: "(no author)" <(no author)@09dcff7a-b715-0410-9601-b79a96267cd0>
Date: Tue, 11 Apr 2006 20:51:39 +0000
Subject: This commit was manufactured by cvs2svn to create tag 'OREKA-0-5-8'.

git-svn-id: https://oreka.svn.sourceforge.net/svnroot/oreka/tags/OREKA-0-5-8@215 09dcff7a-b715-0410-9601-b79a96267cd0
---
 orkaudio/audiocaptureplugins/voip/VoIpConfig.cpp | 173 ++++++++++++++++++++++-
 1 file changed, 171 insertions(+), 2 deletions(-)

(limited to 'orkaudio/audiocaptureplugins/voip/VoIpConfig.cpp')

diff --git a/orkaudio/audiocaptureplugins/voip/VoIpConfig.cpp b/orkaudio/audiocaptureplugins/voip/VoIpConfig.cpp
index 7cb6dde..5a12214 100644
--- a/orkaudio/audiocaptureplugins/voip/VoIpConfig.cpp
+++ b/orkaudio/audiocaptureplugins/voip/VoIpConfig.cpp
@@ -24,6 +24,8 @@ VoIpConfig::VoIpConfig()
 	m_asciiLanMasks.push_back("192.168.255.255");
 	m_asciiLanMasks.push_back("10.255.255.255");
 	m_asciiLanMasks.push_back("172.31.255.255");
+	
+	m_sipDropIndirectInvite = false;
 }
 
 void VoIpConfig::Define(Serializer* s)
@@ -32,8 +34,13 @@ void VoIpConfig::Define(Serializer* s)
 	s->CsvValue("Devices", m_devices);
 	s->CsvValue("LanMasks", m_asciiLanMasks);
 	s->CsvValue("MediaGateways", m_asciiMediaGateways);
+
+	s->CsvValue("BlockedIpRanges", m_asciiBlockedIpRanges);
+	s->CsvValue("AllowedIpRanges", m_asciiAllowedIpRanges);
+
 	s->StringValue("PcapFile", m_pcapFile);
 	s->StringValue("PcapDirectory", m_pcapDirectory);
+	s->BoolValue("SipDropIndirectInvite", m_sipDropIndirectInvite);
 }
 
 void VoIpConfig::Validate()
@@ -50,7 +57,7 @@ void VoIpConfig::Validate()
 		}
 		else
 		{
-			throw (CStdString("VoIpConfig: invalid IP address in LanMasks:" + *it));
+			throw (CStdString("VoIpConfig: invalid IP address in LanMasks:" + *it)  + " please fix config.xml");
 		}
 	}
 
@@ -65,7 +72,100 @@ void VoIpConfig::Validate()
 		}
 		else
 		{
-			throw (CStdString("VoIpConfig: invalid IP address in MediaGateways:" + *it));
+			throw (CStdString("VoIpConfig: invalid IP address in MediaGateways:" + *it)  + " please fix config.xml");
+		}
+	}
+
+	// Iterate over ascii allowed IP ranges and populate the bit width and prefix lists
+	m_allowedIpRangePrefixes.clear();
+	m_allowedIpRangeBitWidths.clear();
+	for(it = m_asciiAllowedIpRanges.begin(); it != m_asciiAllowedIpRanges.end(); it++)
+	{
+		CStdString cidrPrefixLengthString;
+		unsigned int cidrPrefixLength = 32;		// by default, x.x.x.x/32
+		CStdString cidrIpAddressString;
+		struct in_addr cidrIpAddress;
+		
+		CStdString entry = *it;
+		int slashPosition = entry.Find('/');
+		if(slashPosition > 0)
+		{
+			cidrIpAddressString = entry.Left(slashPosition);
+			cidrPrefixLengthString = entry.Mid(slashPosition+1);
+
+			bool notAnInt = false;
+			try
+			{
+				cidrPrefixLength = StringToInt(cidrPrefixLengthString);
+			}
+			catch (...) {notAnInt = true;}
+			if(cidrPrefixLength < 1 || cidrPrefixLength > 32 || notAnInt)
+			{
+				throw (CStdString("VoIpConfig: invalid CIDR prefix length in AllowedIpRanges:" + entry) + " please fix config.xml");
+			}
+		}
+		else
+		{
+			cidrIpAddressString = entry;
+		}
+
+		if(ACE_OS::inet_aton((PCSTR)cidrIpAddressString, &cidrIpAddress))
+		{
+			unsigned int rangeBitWidth = 32-cidrPrefixLength;
+			unsigned int prefix = ntohl((unsigned int)cidrIpAddress.s_addr) >> (rangeBitWidth);
+			m_allowedIpRangePrefixes.push_back(prefix);
+			m_allowedIpRangeBitWidths.push_back(rangeBitWidth);
+		}
+		else
+		{
+			throw (CStdString("VoIpConfig: invalid IP range in AllowedIpRanges:" + entry) + " please fix config.xml");
+		}
+	}
+
+
+	// Iterate over ascii blocked IP ranges and populate the bit width and prefix lists
+	m_blockedIpRangePrefixes.clear();
+	m_blockedIpRangeBitWidths.clear();
+	for(it = m_asciiBlockedIpRanges.begin(); it != m_asciiBlockedIpRanges.end(); it++)
+	{
+		CStdString cidrPrefixLengthString;
+		unsigned int cidrPrefixLength = 32;		// by default, x.x.x.x/32
+		CStdString cidrIpAddressString;
+		struct in_addr cidrIpAddress;
+		
+		CStdString entry = *it;
+		int slashPosition = entry.Find('/');
+		if(slashPosition > 0)
+		{
+			cidrIpAddressString = entry.Left(slashPosition);
+			cidrPrefixLengthString = entry.Mid(slashPosition+1);
+
+			bool notAnInt = false;
+			try
+			{
+				cidrPrefixLength = StringToInt(cidrPrefixLengthString);
+			}
+			catch (...) {notAnInt = true;}
+			if(cidrPrefixLength < 1 || cidrPrefixLength > 32 || notAnInt)
+			{
+				throw (CStdString("VoIpConfig: invalid CIDR prefix length in blockedIpRanges:" + entry) + " please fix config.xml");
+			}
+		}
+		else
+		{
+			cidrIpAddressString = entry;
+		}
+
+		if(ACE_OS::inet_aton((PCSTR)cidrIpAddressString, &cidrIpAddress))
+		{
+			unsigned int rangeBitWidth = 32-cidrPrefixLength;
+			unsigned int prefix = ntohl((unsigned int)cidrIpAddress.s_addr) >> (rangeBitWidth);
+			m_blockedIpRangePrefixes.push_back(prefix);
+			m_blockedIpRangeBitWidths.push_back(rangeBitWidth);
+		}
+		else
+		{
+			throw (CStdString("VoIpConfig: invalid IP range in BlockedIpRanges:" + entry) + " please fix config.xml");
 		}
 	}
 }
@@ -94,6 +194,75 @@ bool VoIpConfig::IsMediaGateway(struct in_addr addr)
 	return false;
 }
 
+bool VoIpConfig::IsPacketWanted(IpHeaderStruct* ipHeader)
+{
+	bool wanted = true;	// keep packet by default
+
+	// If source or destination IP address does not match any existing allowing mask, drop packet
+	if(m_allowedIpRangePrefixes.size() > 0)
+	{
+		wanted = false;	// Presence of allowing ranges -> drop packet by default
+
+		bool sourceWanted = false;
+		std::list<unsigned int>::iterator bitWidthIt = m_allowedIpRangeBitWidths.begin();
+		std::list<unsigned int>::iterator prefixIt = m_allowedIpRangePrefixes.begin();
+		while(prefixIt != m_allowedIpRangePrefixes.end())
+		{
+			unsigned int bitWidth = *bitWidthIt;
+			unsigned int prefix = *prefixIt;
+			unsigned int packetSourcePrefix = ntohl((unsigned int)ipHeader->ip_src.s_addr) >> bitWidth;
+			if(packetSourcePrefix == prefix)
+			{
+				sourceWanted = true;
+				break;
+			}
+			prefixIt++; 
+			bitWidthIt++;
+		}
+		if(sourceWanted)
+		{
+			std::list<unsigned int>::iterator bitWidthIt = m_allowedIpRangeBitWidths.begin();
+			std::list<unsigned int>::iterator prefixIt = m_allowedIpRangePrefixes.begin();
+			while(prefixIt != m_allowedIpRangePrefixes.end())
+			{
+				unsigned int bitWidth = *bitWidthIt;
+				unsigned int prefix = *prefixIt;
+				unsigned int packetDestPrefix = ntohl((unsigned int)ipHeader->ip_dest.s_addr) >> bitWidth;
+				if(packetDestPrefix == prefix)
+				{
+					wanted = true;
+					break;
+				}
+				prefixIt++; 
+				bitWidthIt++;
+			}
+		}
+	}
+	// If source or destination IP address does match any existing blocking range, drop packet
+	std::list<unsigned int>::iterator bitWidthIt = m_blockedIpRangeBitWidths.begin();
+	std::list<unsigned int>::iterator prefixIt = m_blockedIpRangePrefixes.begin();
+
+	while(prefixIt != m_blockedIpRangePrefixes.end() && wanted == true)
+	{
+		unsigned int bitWidth = *bitWidthIt;
+		unsigned int prefix = *prefixIt;
+		unsigned int packetSourcePrefix = ntohl((unsigned int)ipHeader->ip_src.s_addr) >> bitWidth;
+		unsigned int packetDestPrefix = ntohl((unsigned int)ipHeader->ip_dest.s_addr) >> bitWidth;
+
+		if(packetSourcePrefix == prefix)
+		{
+			wanted = false;
+		}
+		if(packetDestPrefix == prefix)
+		{
+			wanted = false;
+		}
+		prefixIt++; 
+		bitWidthIt++;
+	}
+	return wanted;
+}
+
 bool VoIpConfig::IsDeviceWanted(CStdString device)
 {
 	if(device.Equals(m_device))
-- 
cgit v1.2.3