Crash_Override/MMDVMHost-Private
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Merge pull request #90 from hacknix/master

Browse source 
Access Control for DMR
This commit is contained in:
Jonathan Naylor 2016-06-11 10:01:11 +01:00 committed by GitHub
parent c9f9d16bad 05c1b52540
commit 0be7f5954b
9 changed files with 353 additions and 21 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

52
Conf.cpp
View file

@ -90,6 +90,10 @@ m_dmrColorCode(2U),
m_dmrSelfOnly(false),
m_dmrPrefixes(),
m_dmrBlackList(),
m_dmrDstIdBlacklistSlot1(),
m_dmrDstIdBlacklistSlot2(),
m_dmrDstIdWhitelistSlot1(),
m_dmrDstIdWhitelistSlot2(),
m_dmrLookupFile(),
m_dmrTXHang(4U),
m_fusionEnabled(true),
@ -314,6 +318,38 @@ bool CConf::read()
m_dmrBlackList.push_back(id);
p = ::strtok(NULL, ",\r\n");
}
} else if (::strcmp(key, "DstIdBlackListSlot1") == 0) {
char* p = ::strtok(value, ",\r\n");
while (p != NULL) {
unsigned int id = (unsigned int)::atoi(p);
if (id > 0U)
m_dmrDstIdBlacklistSlot1.push_back(id);
p = ::strtok(NULL, ",\r\n");
}
} else if (::strcmp(key, "DstIdBlackListSlot2") == 0) {
char* p = ::strtok(value, ",\r\n");
while (p != NULL) {
unsigned int id = (unsigned int)::atoi(p);
if (id > 0U)
m_dmrDstIdBlacklistSlot2.push_back(id);
p = ::strtok(NULL, ",\r\n");
}
} else if (::strcmp(key, "DstIdWhiteListSlot1") == 0) {
char* p = ::strtok(value, ",\r\n");
while (p != NULL) {
unsigned int id = (unsigned int)::atoi(p);
if (id > 0U)
m_dmrDstIdWhitelistSlot1.push_back(id);
p = ::strtok(NULL, ",\r\n");
}
} else if (::strcmp(key, "DstIdWhiteListSlot2") == 0) {
char* p = ::strtok(value, ",\r\n");
while (p != NULL) {
unsigned int id = (unsigned int)::atoi(p);
if (id > 0U)
m_dmrDstIdWhitelistSlot2.push_back(id);
p = ::strtok(NULL, ",\r\n");
}
} else if (::strcmp(key, "LookupFile") == 0)
m_dmrLookupFile = value;
else if (::strcmp(key, "TXHang") == 0)
@ -626,7 +662,21 @@ std::vector<unsigned int> CConf::getDMRBlackList() const
{
return m_dmrBlackList;
}
std::vector<unsigned int> CConf::getDMRDstIdBlacklistSlot1() const
{
return m_dmrDstIdBlacklistSlot1;
}
std::vector<unsigned int> CConf::getDMRDstIdBlacklistSlot2() const
{
return m_dmrDstIdBlacklistSlot2;
}
std::vector<unsigned int> CConf::getDMRDstIdWhitelistSlot1() const
{
return m_dmrDstIdWhitelistSlot1;
}std::vector<unsigned int> CConf::getDMRDstIdWhitelistSlot2() const
{
return m_dmrDstIdWhitelistSlot2;
}
std::string CConf::getDMRLookupFile() const
{
return m_dmrLookupFile;

8
Conf.h
View file

@ -85,6 +85,10 @@ public:
bool getDMRSelfOnly() const;
std::vector<unsigned int> getDMRPrefixes() const;
std::vector<unsigned int> getDMRBlackList() const;
std::vector<unsigned int> getDMRDstIdBlacklistSlot1() const;
std::vector<unsigned int> getDMRDstIdBlacklistSlot2() const;
std::vector<unsigned int> getDMRDstIdWhitelistSlot1() const;
std::vector<unsigned int> getDMRDstIdWhitelistSlot2() const;
std::string getDMRLookupFile() const;
unsigned int getDMRTXHang() const;
@ -192,6 +196,10 @@ private:
bool m_dmrSelfOnly;
std::vector<unsigned int> m_dmrPrefixes;
std::vector<unsigned int> m_dmrBlackList;
std::vector<unsigned int> m_dmrDstIdBlacklistSlot1;
std::vector<unsigned int> m_dmrDstIdBlacklistSlot2;
std::vector<unsigned int> m_dmrDstIdWhitelistSlot1;
std::vector<unsigned int> m_dmrDstIdWhitelistSlot2;
std::string m_dmrLookupFile;
unsigned int m_dmrTXHang;

4
DMRControl.cpp
View file

@ -20,7 +20,7 @@
#include <cassert>
#include <algorithm>
CDMRControl::CDMRControl(unsigned int id, unsigned int colorCode, bool selfOnly, const std::vector<unsigned int>& prefixes, const std::vector<unsigned int>& blackList, unsigned int timeout, CModem* modem, CDMRIPSC* network, CDisplay* display, bool duplex, const std::string& lookupFile) :
CDMRControl::CDMRControl(unsigned int id, unsigned int colorCode, bool selfOnly, const std::vector<unsigned int>& prefixes, const std::vector<unsigned int>& blackList, const std::vector<unsigned int>& DstIdBlacklistSlot1, const std::vector<unsigned int>& DstIdWhitelistSlot1, const std::vector<unsigned int>& DstIdBlacklistSlot2, const std::vector<unsigned int>& DstIdWhitelistSlot2, unsigned int timeout, CModem* modem, CDMRIPSC* network, CDisplay* display, bool duplex, const std::string& lookupFile) :
m_id(id),
m_colorCode(colorCode),
m_selfOnly(selfOnly),
@ -38,7 +38,7 @@ m_lookup(NULL)
m_lookup = new CDMRLookup(lookupFile);
m_lookup->read();
CDMRSlot::init(id, colorCode, selfOnly, prefixes, blackList, modem, network, display, duplex, m_lookup);
CDMRSlot::init(id, colorCode, selfOnly, prefixes, blackList, DstIdBlacklistSlot1, DstIdWhitelistSlot1, DstIdBlacklistSlot2, DstIdWhitelistSlot2, modem, network, display, duplex, m_lookup);
}
CDMRControl::~CDMRControl()

2
DMRControl.h
View file

@ -30,7 +30,7 @@
class CDMRControl {
public:
CDMRControl(unsigned int id, unsigned int colorCode, bool selfOnly, const std::vector<unsigned int>& prefixes, const std::vector<unsigned int>& blackList, unsigned int timeout, CModem* modem, CDMRIPSC* network, CDisplay* display, bool duplex, const std::string& lookupFile);
CDMRControl(unsigned int id, unsigned int colorCode, bool selfOnly, const std::vector<unsigned int>& prefixes, const std::vector<unsigned int>& blackList, const std::vector<unsigned int>& DstIdBlacklistSlot1, const std::vector<unsigned int>& DstIdWhitelistSlot1, const std::vector<unsigned int>& DstIdBlacklistSlot2, const std::vector<unsigned int>& DstIdWhitelistSlot2, unsigned int timeout, CModem* modem, CDMRIPSC* network, CDisplay* display, bool duplex, const std::string& lookupFile);
~CDMRControl();
bool processWakeup(const unsigned char* data);

249
DMRSlot.cpp
View file

@ -31,6 +31,11 @@ unsigned int CDMRSlot::m_colorCode = 0U;
bool CDMRSlot::m_selfOnly = false;
std::vector<unsigned int> CDMRSlot::m_prefixes;
std::vector<unsigned int> CDMRSlot::m_blackList;
std::vector<unsigned int> CDMRSlot::m_dstBlackListSlot1;
std::vector<unsigned int> CDMRSlot::m_dstWhiteListSlot1;
std::vector<unsigned int> CDMRSlot::m_dstBlackListSlot2;
std::vector<unsigned int> CDMRSlot::m_dstWhiteListSlot2;
CModem* CDMRSlot::m_modem = NULL;
CDMRIPSC* CDMRSlot::m_network = NULL;
CDisplay* CDMRSlot::m_display = NULL;
@ -131,12 +136,31 @@ void CDMRSlot::writeModem(unsigned char *data)
if (lc == NULL)
return;
unsigned int id = lc->getSrcId();
unsigned int id;
unsigned int did;
id = lc->getSrcId();
if (!validateId(id)) {
LogMessage("DMR Slot %u, invalid access attempt from %u", m_slotNo, id);
LogMessage("DMR Slot %u, invalid access attempt from %u (blacklisted)", m_slotNo, id);
delete lc;
return;
}
// add check for valid dst id (e.g. TG)
// - G7RZU
did = lc->getDstId();
if (DstIdBlacklist(did,m_slotNo)) {
LogMessage("DMR Slot %u, invalid access attempt to TG %u (TG blacklisted)", m_slotNo, did);
delete lc;
return;
}
did = lc->getDstId();
// true sets allow greater than 4k. Need to add boolean in conf for this later.
if (!DstIdWhitelist(did,m_slotNo,true)) {
LogMessage("DMR Slot %u, invalid access attempt to TG %u (TG not in whitelist)", m_slotNo, did);
delete lc;
return;
}
m_rfLC = lc;
@ -251,6 +275,18 @@ void CDMRSlot::writeModem(unsigned char *data)
LogMessage("DMR Slot %u, invalid access attempt from %u", m_slotNo, srcId);
return;
}
// add check for valid dst id (e.g. TG)
// - G7RZU
if (DstIdBlacklist(dstId,m_slotNo)) {
LogMessage("DMR Slot %u, invalid access attempt to TG %u (TG blacklisted)", m_slotNo, dstId);
return;
}
// true sets allow greater than 4k. Need to add boolean in conf for this later.
if (!DstIdWhitelist(dstId,m_slotNo,true)) {
LogMessage("DMR Slot %u, invalid access attempt to TG %u (TG not in whitelist)", m_slotNo, dstId);
return;
}
m_rfFrames = dataHeader.getBlocks();
@ -309,6 +345,18 @@ void CDMRSlot::writeModem(unsigned char *data)
LogMessage("DMR Slot %u, invalid access attempt from %u", m_slotNo, srcId);
return;
}
// add check for valid dst id (e.g. TG)
// - G7RZU
if (DstIdBlacklist(dstId,m_slotNo)) {
LogMessage("DMR Slot %u, invalid access attempt to TG %u (TG blacklisted)", m_slotNo, dstId);
return;
}
// true sets allow greater than 4k. Need to add boolean in conf for this later.
if (!DstIdWhitelist(dstId,m_slotNo,true)) {
LogMessage("DMR Slot %u, invalid access attempt to TG %u (TG not in whitelist)", m_slotNo, dstId);
return;
}
// Regenerate the CSBK data
csbk.get(data + 2U);
@ -458,6 +506,23 @@ void CDMRSlot::writeModem(unsigned char *data)
delete lc;
return;
}
// add check for valid dst id (e.g. TG)
// - G7RZU
unsigned int did;
did = lc->getDstId();
if (DstIdBlacklist(did,m_slotNo)) {
LogMessage("DMR Slot %u, invalid access attempt to TG %u (TG blacklisted)", m_slotNo, did);
delete lc;
return;
}
did = lc->getDstId();
// true sets allow greater than 4k. Need to add boolean in conf for this later.
if (!DstIdWhitelist(did,m_slotNo,true)) {
LogMessage("DMR Slot %u, invalid access attempt to TG %u (TG not in whitelist)", m_slotNo, did);
delete lc;
return;
}
m_rfLC = lc;
@ -700,8 +765,8 @@ void CDMRSlot::writeEndNet(bool writeEnd)
closeFile();
#endif
}
void CDMRSlot::writeNetwork(const CDMRData& dmrData)
//add
void CDMRSlot::writeNetwork (const CDMRData& dmrData)
{
if (m_rfState != RS_RF_LISTENING && m_netState == RS_NET_IDLE)
return;
@ -724,12 +789,28 @@ void CDMRSlot::writeNetwork(const CDMRData& dmrData)
return;
}
// add check for valid dst id (e.g. TG)
// - G7RZU
unsigned int did;
did = m_netLC->getDstId();
if (DstIdBlacklist(did,m_slotNo)) {
LogMessage("DMR Network Slot %u, invalid traffic to TG %u (TG blacklisted) dataType: %s", m_slotNo, did,dataType);
return;
}
// true sets allow greater than 4k. Need to add boolean in conf for this later.
if (!DstIdWhitelist(did,m_slotNo,true)) {
LogMessage("DMR Network Slot %u, invalid traffic to TG %u (TG not in whitelist) dataType: %s", m_slotNo, did,dataType);
return;
}
// Store the LC for the embedded LC
m_netEmbeddedLC.setData(*m_netLC);
// Regenerate the LC data
fullLC.encode(*m_netLC, data + 2U, DT_VOICE_LC_HEADER);
// Regenerate the Slot Type
CDMRSlotType slotType;
slotType.setColorCode(m_colorCode);
@ -750,6 +831,7 @@ void CDMRSlot::writeNetwork(const CDMRData& dmrData)
m_netBits = 1U;
m_netErrs = 0U;
writeQueueNet(m_idle);
writeQueueNet(m_idle);
writeQueueNet(m_idle);
@ -794,7 +876,22 @@ void CDMRSlot::writeNetwork(const CDMRData& dmrData)
data[0U] = TAG_DATA;
data[1U] = 0x00U;
// add check for valid dst id (e.g. TG)
// - G7RZU
unsigned int did;
did = m_netLC->getDstId();
if (DstIdBlacklist(did,m_slotNo)) {
LogMessage("DMR Network Slot %u, invalid traffic to TG %u (TG blacklisted) dataType: %s", m_slotNo, did,dataType);
return;
}
// true sets allow greater than 4k. Need to add boolean in conf for this later.
if (!DstIdWhitelist(did,m_slotNo,true)) {
LogMessage("DMR Network Slot %u, invalid traffic to TG %u (TG not in whitelist) dataType: %s", m_slotNo, did,dataType);
return;
}
writeQueueNet(data);
#if defined(DUMP_DMR)
@ -807,7 +904,20 @@ void CDMRSlot::writeNetwork(const CDMRData& dmrData)
// Regenerate the LC data
CDMRFullLC fullLC;
fullLC.encode(*m_netLC, data + 2U, DT_TERMINATOR_WITH_LC);
// add check for valid dst id (e.g. TG)
// - G7RZU
unsigned int did;
did = m_netLC->getDstId();
if (DstIdBlacklist(did,m_slotNo)) {
LogMessage("DMR Network Slot %u, invalid traffic to TG %u (TG blacklisted) dataType: %s", m_slotNo, did,dataType);
return;
}
// true sets allow greater than 4k. Need to add boolean in conf for this later.
if (!DstIdWhitelist(did,m_slotNo,true)) {
LogMessage("DMR Network Slot %u, invalid traffic to TG %u (TG not in whitelist) dataType: %s", m_slotNo, did,dataType);
return;
}
// Regenerate the Slot Type
CDMRSlotType slotType;
slotType.setColorCode(m_colorCode);
@ -819,7 +929,7 @@ void CDMRSlot::writeNetwork(const CDMRData& dmrData)
data[0U] = TAG_EOT;
data[1U] = 0x00U;
writeQueueNet(data);
writeQueueNet(data);
writeQueueNet(data);
@ -854,7 +964,20 @@ void CDMRSlot::writeNetwork(const CDMRData& dmrData)
unsigned int dstId = dataHeader.getDstId();
m_netLC = new CDMRLC(gi ? FLCO_GROUP : FLCO_USER_USER, srcId, dstId);
// add check for valid dst id (e.g. TG)
// - G7RZU
unsigned int did;
did = m_netLC->getDstId();
if (DstIdBlacklist(did,m_slotNo)) {
LogMessage("DMR Network Slot %u, invalid traffic to TG %u (TG blacklisted) dataType: %s", m_slotNo, did,dataType);
return;
}
// true sets allow greater than 4k. Need to add boolean in conf for this later.
if (!DstIdWhitelist(did,m_slotNo,true)) {
LogMessage("DMR Network Slot %u, invalid traffic to TG %u (TG not in whitelist) dataType: %s", m_slotNo, did,dataType);
return;
}
// Regenerate the data header
dataHeader.get(data + 2U);
@ -873,7 +996,7 @@ void CDMRSlot::writeNetwork(const CDMRData& dmrData)
// Put a small delay into starting transmission
writeQueueNet(m_idle);
writeQueueNet(m_idle);
writeQueueNet(data);
m_netState = RS_NET_DATA;
@ -892,7 +1015,21 @@ void CDMRSlot::writeNetwork(const CDMRData& dmrData)
} else if (dataType == DT_VOICE_SYNC) {
if (m_netState == RS_NET_IDLE) {
m_netLC = new CDMRLC(dmrData.getFLCO(), dmrData.getSrcId(), dmrData.getDstId());
// add check for valid dst id (e.g. TG)
// - G7RZU
unsigned int did;
did = m_netLC->getDstId();
if (DstIdBlacklist(did,m_slotNo)) {
LogMessage("DMR Network Slot %u, invalid traffic to TG %u (TG blacklisted) dataType: %s", m_slotNo, did,dataType);
return;
}
// true sets allow greater than 4k. Need to add boolean in conf for this later.
if (!DstIdWhitelist(did,m_slotNo,true)) {
LogMessage("DMR Network Slot %u, invalid traffic to TG %u (TG not in whitelist) dataType: %s", m_slotNo, did,dataType);
return;
}
m_netTimeoutTimer.start();
writeQueueNet(m_idle);
@ -931,7 +1068,7 @@ void CDMRSlot::writeNetwork(const CDMRData& dmrData)
m_netState = RS_NET_AUDIO;
setShortLC(m_slotNo, m_netLC->getDstId(), m_netLC->getFLCO(), true);
std::string src = m_lookup->find(m_netLC->getSrcId());
std::string dst = m_lookup->find(m_netLC->getDstId());
@ -980,7 +1117,20 @@ void CDMRSlot::writeNetwork(const CDMRData& dmrData)
} else if (dataType == DT_VOICE) {
if (m_netState != RS_NET_AUDIO)
return;
// add check for valid dst id (e.g. TG)
// - G7RZU
unsigned int did;
did = m_netLC->getDstId();
if (DstIdBlacklist(did,m_slotNo)) {
LogMessage("DMR Network Slot %u, invalid traffic to TG %u (TG blacklisted) dataType: %s", m_slotNo, did,dataType);
return;
}
// true sets allow greater than 4k. Need to add boolean in conf for this later.
if (!DstIdWhitelist(did,m_slotNo,true)) {
LogMessage("DMR Network Slot %u, invalid traffic to TG %u (TG not in whitelist) dataType: %s", m_slotNo, did,dataType);
return;
}
unsigned char fid = m_netLC->getFID();
if (fid == FID_ETSI || fid == FID_DMRA)
m_netErrs += m_fec.regenerateDMR(data + 2U);
@ -1037,7 +1187,20 @@ void CDMRSlot::writeNetwork(const CDMRData& dmrData)
bool gi = csbk.getGI();
unsigned int srcId = csbk.getSrcId();
unsigned int dstId = csbk.getDstId();
// add check for valid dst id (e.g. TG)
// - G7RZU
unsigned int did;
did = dstId;
if (DstIdBlacklist(did,m_slotNo)) {
LogMessage("DMR Network Slot %u, invalid traffic to TG %u (TG blacklisted) dataType: %s", m_slotNo, did,dataType);
return;
}
// true sets allow greater than 4k. Need to add boolean in conf for this later.
if (!DstIdWhitelist(did,m_slotNo,true)) {
LogMessage("DMR Network Slot %u, invalid traffic to TG %u (TG not in whitelist) dataType: %s", m_slotNo, did,dataType);
return;
}
// Regenerate the CSBK data
csbk.get(data + 2U);
@ -1255,7 +1418,7 @@ void CDMRSlot::writeQueueNet(const unsigned char *data)
m_queue.addData(data, len);
}
void CDMRSlot::init(unsigned int id, unsigned int colorCode, bool selfOnly, const std::vector<unsigned int>& prefixes, const std::vector<unsigned int>& blackList, CModem* modem, CDMRIPSC* network, CDisplay* display, bool duplex, CDMRLookup* lookup)
void CDMRSlot::init(unsigned int id, unsigned int colorCode, bool selfOnly, const std::vector<unsigned int>& prefixes, const std::vector<unsigned int>& blackList, const std::vector<unsigned int>& DstIdBlacklistSlot1, const std::vector<unsigned int>& DstIdWhitelistSlot1, const std::vector<unsigned int>& DstIdBlacklistSlot2, const std::vector<unsigned int>& DstIdWhitelistSlot2, CModem* modem, CDMRIPSC* network, CDisplay* display, bool duplex, CDMRLookup* lookup)
{
assert(id != 0U);
assert(modem != NULL);
@ -1267,6 +1430,10 @@ void CDMRSlot::init(unsigned int id, unsigned int colorCode, bool selfOnly, cons
m_selfOnly = selfOnly;
m_prefixes = prefixes;
m_blackList = blackList;
m_dstBlackListSlot1 = DstIdBlacklistSlot1;
m_dstWhiteListSlot1 = DstIdWhitelistSlot1;
m_dstBlackListSlot2 = DstIdBlacklistSlot2;
m_dstWhiteListSlot2 = DstIdWhitelistSlot2;
m_modem = modem;
m_network = network;
m_display = display;
@ -1303,6 +1470,58 @@ bool CDMRSlot::validateId(unsigned int id)
}
}
//is dst id blacklisted?
bool CDMRSlot::DstIdBlacklist(unsigned int did, unsigned int slot)
{
if (slot == 1) {
if (std::find(m_dstBlackListSlot1.begin(), m_dstBlackListSlot1.end(), did) != m_dstBlackListSlot1.end())
return true;
} else {
if (std::find(m_dstBlackListSlot2.begin(), m_dstBlackListSlot2.end(), did) != m_dstBlackListSlot2.end())
return true;
}
return false;
}
bool CDMRSlot::DstIdWhitelist(unsigned int did, unsigned int slot, bool gt4k)
{
if (slot == 1) {
if(m_dstWhiteListSlot1.size() == 0)
return true;
// No reflectors on slot1, so we only allow all IDs over 10000 unless specifically whitelisted.
if(gt4k) {
if (std::find(m_dstWhiteListSlot1.begin(), m_dstWhiteListSlot1.end(), did) != m_dstWhiteListSlot1.end() || did >= 10000) {
return true;
}
} else {
if (std::find(m_dstWhiteListSlot1.begin(), m_dstWhiteListSlot1.end(), did) != m_dstWhiteListSlot1.end())
return true;
}
} else {
if(m_dstWhiteListSlot2.size() == 0)
return true;
//On slot2 we allow reflector control IDs, but not secondary TG IDs unless specifically listed. Also allow echo.
if(gt4k) {
if (std::find(m_dstWhiteListSlot2.begin(), m_dstWhiteListSlot2.end(), did) != m_dstWhiteListSlot2.end() || did >= 4000) {
//if dstId in secondary TG range
if(did > 5000 && did < 10000)
return false;
return true;
}
} else {
if (std::find(m_dstWhiteListSlot2.begin(), m_dstWhiteListSlot2.end(), did) != m_dstWhiteListSlot2.end())
return true;
}
}
return false;
}
void CDMRSlot::setShortLC(unsigned int slotNo, unsigned int id, FLCO flco, bool voice)
{
assert(m_modem != NULL);

9
DMRSlot.h
View file

@ -50,7 +50,7 @@ public:
void clock();
static void init(unsigned int id, unsigned int colorCode, bool selfOnly, const std::vector<unsigned int>& prefixes, const std::vector<unsigned int>& blackList, CModem* modem, CDMRIPSC* network, CDisplay* display, bool duplex, CDMRLookup* lookup);
static void init(unsigned int id, unsigned int colorCode, bool selfOnly, const std::vector<unsigned int>& prefixes, const std::vector<unsigned int>& blackList, const std::vector<unsigned int>& DstIdBlacklistSlot1, const std::vector<unsigned int>& DstIdWhitelistSlot1, const std::vector<unsigned int>& DstIdBlacklistSlot2, const std::vector<unsigned int>& DstIdWhitelistSlot2, CModem* modem, CDMRIPSC* network, CDisplay* display, bool duplex, CDMRLookup* lookup);
private:
unsigned int m_slotNo;
@ -90,6 +90,11 @@ private:
static bool m_selfOnly;
static std::vector<unsigned int> m_prefixes;
static std::vector<unsigned int> m_blackList;
static std::vector<unsigned int> m_dstBlackListSlot1;
static std::vector<unsigned int> m_dstBlackListSlot2;
static std::vector<unsigned int> m_dstWhiteListSlot1;
static std::vector<unsigned int> m_dstWhiteListSlot2;
static CModem* m_modem;
static CDMRIPSC* m_network;
static CDisplay* m_display;
@ -125,6 +130,8 @@ private:
static void setShortLC(unsigned int slotNo, unsigned int id, FLCO flco = FLCO_GROUP, bool voice = true);
static bool validateId(unsigned int id);
static bool DstIdBlacklist(unsigned int did,unsigned int slot);
static bool DstIdWhitelist(unsigned int did,unsigned int slot,bool gt4k);
};
#endif

6
MMDVM.ini
View file

@ -55,6 +55,12 @@ SelfOnly=0
# Prefixes=234,235
LookupFile=DMRIds.dat
TXHang=4
#Blacklist=
#DstIDBlackListSlot1=
#DstIDBlackListSlot2=
#DstIDWhiteListSlot1=
#DstIDWhiteListSlot2=
[System Fusion]
Enable=1

16
MMDVMHost.cpp
View file

@ -290,6 +290,10 @@ int CMMDVMHost::run()
bool selfOnly = m_conf.getDMRSelfOnly();
std::vector<unsigned int> prefixes = m_conf.getDMRPrefixes();
std::vector<unsigned int> blackList = m_conf.getDMRBlackList();
std::vector<unsigned int> dstIDBlackListSlot1 = m_conf.getDMRDstIdBlacklistSlot1();
std::vector<unsigned int> dstIDBlackListSlot2 = m_conf.getDMRDstIdBlacklistSlot2();
std::vector<unsigned int> dstIDWhiteListSlot1 = m_conf.getDMRDstIdWhitelistSlot1();
std::vector<unsigned int> dstIDWhiteListSlot2 = m_conf.getDMRDstIdWhitelistSlot2();
unsigned int timeout = m_conf.getTimeout();
std::string lookupFile = m_conf.getDMRLookupFile();
unsigned int txHang = m_conf.getDMRTXHang();
@ -299,13 +303,23 @@ int CMMDVMHost::run()
LogInfo(" Color Code: %u", colorCode);
LogInfo(" Self Only: %s", selfOnly ? "yes" : "no");
LogInfo(" Prefixes: %u", prefixes.size());
if (blackList.size() > 0U)
LogInfo(" Black List: %u", blackList.size());
if (dstIDBlackListSlot1.size() > 0U)
LogInfo(" Slot 1 Destination ID Black List: %u entries", dstIDBlackListSlot1.size());
if (dstIDBlackListSlot2.size() > 0U)
LogInfo(" Slot 2 Destination ID Black List: %u entries", dstIDBlackListSlot2.size());
if (dstIDWhiteListSlot1.size() > 0U)
LogInfo(" Slot 1 Destination ID White List: %u entries", dstIDWhiteListSlot1.size());
if (dstIDWhiteListSlot2.size() > 0U)
LogInfo(" Slot 2 Destination ID White List: %u entries", dstIDWhiteListSlot2.size());
LogInfo(" Timeout: %us", timeout);
LogInfo(" Lookup File: %s", lookupFile.length() > 0U ? lookupFile.c_str() : "None");
LogInfo(" TX Hang: %us", txHang);
dmr = new CDMRControl(id, colorCode, selfOnly, prefixes, blackList, timeout, m_modem, m_dmrNetwork, m_display, m_duplex, lookupFile);
dmr = new CDMRControl(id, colorCode, selfOnly, prefixes, blackList,dstIDBlackListSlot1,dstIDWhiteListSlot1, dstIDBlackListSlot2, dstIDWhiteListSlot2, timeout, m_modem, m_dmrNetwork, m_display, m_duplex, lookupFile);
m_dmrTXTimer.setTimeout(txHang);
}

28
README.DMR_ACL Normal file
View file

@ -0,0 +1,28 @@
To use DMR Access Control you can add the following fields to your MMDVM.ini:
Blacklist= <comma separated list of source-id's to block on RF>
DstIdBlackListSlot1= <comma separated list TGs to block on RF and Network Slot1>
DstIdBlackListSlot2= <comma separated list TGs to block on RF and Network Slot1>
DstIdWhiteListSlot1= <comma separated list TGs to allow on RF and Network Slot1>
DstIdWhiteListSlot2= <comma separated list TGs to allow on RF and Network Slot1>
So, for example:
DstIdBlackListSlot1=91 - block the TG91 net.
DstIdWhiteSlot1=9.5057,9990 - allows TG9, APRS SMS Gateway and Echo.
If the whitelist is null and commented out, it is disabled.
The whitelist behaves slightly differently on Slot1 than is does on Slot2.
For Slot1, the whitelist will allow all IDs above 10000 and everything in the whitelist.
For Slot2, the whitelist will allow all IDs between 4000 and 5000, IDs above 10000 and everything in the whitelist.
You can use the blacklist with the whitelist if you want to specifically block IDs within the allowed ranges above.
For example, to block users from disconnecting the reflectors, you could block ID 4000.
To block users connecting to reflector 4400 you could add ID 4400 to the blacklist for that slot.