OK, it works. I create a table 'auth_count' and I save $ ua, $ auth_count, and $ Ts, then I implement de code. Finaly I use sqlop. Thank you so much for the support.
if (is_method("REGISTER")) { if(is_present_hf("Authorization")){ $var(max_attempts)= 3; if (sql_query("ca","select auth_count from auth_count where Blocked_user='$au'","auth_count")== $var(max_attempts) && $sht(a=>$au::auth_count)!= $null) { xlog("Other attempts auth ************************failed more than 3 times - src ip: $si\n"); $var(address) = $si; $var(ruri) = "[" + $var(address)+ "]" + ":" + $sp + ";" + "transport" + "=" + $proto; #Send a SIP Request signalling the problem and its reason on the body $uac_req(method)="MESSAGE"; $uac_req(ruri) = "sip:"+ $au + "@" + $var(ruri); $uac_req(furi) = " sip:kamai...@ericsson.net"; $uac_req(turi) = $fu; $uac_req(hdrs)="Max-Forwards: 70\r\nEvent: reg\r\nContent-Type: text/plain\r\nAccept-Contact:*;+g.ext.app.registration\r\n"; $uac_req(body)="Accout Blocked. Plese contact with your adminstrator"; uac_req_send(); exit; }else if($sht(a=>$au::auth_count)== $var(max_attempts)){ xlog("L_INFO","Insert the blocked user on database"); sql_query_async("ca", "insert into auth_count (Blocked_user, auth_count, Blocked_date) values ('$ua', '$sht(a=>$au::auth_count)', '$Ts')"); xlog("Other attempts auth failed more than 3 times - src ip: $si\n"); $var(address) = $si; $var(ruri) = "[" + $var(address)+ "]" + ":" + $sp + ";" + "transport" + "=" + $proto; #Send a SIP Request signalling the problem and its reason on the body $uac_req(method)="MESSAGE"; $uac_req(ruri) = "sip:"+ $au + "@" + $var(ruri); $uac_req(furi) = " sip:kamai...@ericsson.net"; $uac_req(turi) = $fu; $uac_req(hdrs)="Max-Forwards: 70\r\nEvent: reg\r\nContent-Type: text/plain\r\nAccept-Contact:*;+g.ext.app.registration\r\n"; $uac_req(body)="Accout Blocked. Plese contact with your adminstrator"; uac_req_send(); exit; }else if ($sht(a=>$au::auth_count)== $null){ xlog("L_INFO","Ponemos un cero ###################################################"); $sht(a=>$au::auth_count) = 0; } if(!www_authenticate("ericsson.net", "subscriber")) { if ($? == -1){ sl_send_reply("500", "Internal Server Error"); exit; } if ($? == -2){ $sht(a=>$au::auth_count) = $sht(a=>$au::auth_count) + 1; sl_send_reply("403", "Forbidden"); exit; } xlog("L_INFO","REPETIMOS ACCESO ###################################################"); www_challenge("$td"/*realm*/,"0"/*qop*/); exit; } xlog("L_INFO","AQUI ###################################################"); $sht(a=>$au::auth_count) = 0; } else { www_challenge("$td","0"); exit; } El mié., 27 may. 2020 a las 8:15, Daniel-Constantin Mierla (< mico...@gmail.com>) escribió: > Hello, > On 26.05.20 22:12, Ahmed Marsou wrote: > > Sorry, what I want is to block a user after 'n' incorrect login attempts > and leave it blocked until a user unblocks them from the website. I try > something with the htable module but I don't know if I can save the value > in the database. Is going to check if the number of login attempts is > > 'n', and if is > 'n', I gonna leave it blocked and send a MESSAGE to an app. > I starting with something like this: > > modparam("htable", "htable", "a=>size=8;autoexpire=920;") . . . > if(is_present_hf("Authorization")){ reg_fetch_contacts("location", "$fu", > "existingContact"); if($sht(a=>$au::auth_count)==3){ xlog("Other attempts > auth failed more than 3 times - src ip: $si\n"); $var(address) = $si; > $var(ruri) = "[" + $var(address)+ "]" + ":" + $sp + ";" + "transport" + "=" > + $proto; #Send a SIP Request signalling the problem and its reason on the > body $uac_req(method)="MESSAGE"; $uac_req(ruri) = "sip:"+ $au + "@" + > $var(ruri); $uac_req(furi) = "sip:kamai...@ericsson.net"; $uac_req(turi) > = $fu; $uac_req(hdrs)="Max-Forwards: 70\r\nEvent: reg\r\nContent-Type: > text/plain\r\nAccept-Contact:*;+g.ext.app.registration\r\n"; > $uac_req(body)="Accout Blocked. Plese contact with your adminstrator"; > uac_req_send(); exit; }else{ $sht(a=>$au::auth_count) = 0; } > if(!www_authenticate("ericsson.net", "subscriber")){ switch ($retcode) { > case -1: sl_send_reply("403", "Forbidden"); exit; case -2: > if($sht(a=>$au::auth_count) == $null) $sht(a=>$au::auth_count) = 0; > $sht(a=>$au::auth_count) = $sht(a=>$au::auth_count) + 1; break; } > www_challenge("$td"/*realm*/,"0"/*qop*/); exit; } $sht(a=>$au::auth_count) > = 0; } else { www_challenge("$td","0"); exit; } } > > But first problem: > Is not counting. I dont know if I have to configure any param more to > start counting attempts? > > Why do you say it is not counting? Have you checked the content of the > htable via rpc command to see if anything is stored there? > > > > Second problem: > I dont know the best option to save the login attempts on databes. Theres > is any module that can help? > > > Check the sqlops module, it allows to do any sql query. > > > Cheers, > Daniel > > > Thank you so much. > > > > > > > El mar., 26 may. 2020 a las 21:56, Daniel-Constantin Mierla (< > mico...@gmail.com>) escribió: > >> Hello, >> >> if you look for inserting into/querying from a database table from config >> script, look at sqlops module. >> >> If you need something else, provide more details about what you want to >> achieve. >> >> Cheers, >> Daniel >> On 26.05.20 20:38, Ahmed Marsou wrote: >> >> Hi; >> I have to control the login attempts, but blocking the user until I >> unlock him from web site. To do that I have to save the paramter on >> database. There is any table and column where I can save that parameter? >> I'm using the htable module to count the Authentification attempts. >> There's is any module that do that easily? >> Thank you. >> >> >> _______________________________________________ >> Kamailio (SER) - Users Mailing >> Listsr-users@lists.kamailio.orghttps://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users >> >> -- >> Daniel-Constantin Mierla -- www.asipto.comwww.twitter.com/miconda -- >> www.linkedin.com/in/miconda >> Funding: https://www.paypal.me/dcmierla >> >> -- > Daniel-Constantin Mierla -- www.asipto.comwww.twitter.com/miconda -- > www.linkedin.com/in/miconda > Funding: https://www.paypal.me/dcmierla > >
_______________________________________________ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users