diff --git a/configs/fne-config.example.yml b/configs/fne-config.example.yml index 19fa9d74..7ff4c9e2 100644 --- a/configs/fne-config.example.yml +++ b/configs/fne-config.example.yml @@ -95,6 +95,8 @@ master: # Flag indicating that terminators will be filtered by destination ID (i.e. valid RID or valid TGID). filterTerminators: true + # Flag indicating the FNE will drop all inbound Unit-to-Unit calls. + disallowAllUnitToUnit: false # List of peers that unit to unit calls are dropped for. dropUnitToUnit: [] diff --git a/src/fne/network/FNENetwork.cpp b/src/fne/network/FNENetwork.cpp index 5385b893..b0507f24 100644 --- a/src/fne/network/FNENetwork.cpp +++ b/src/fne/network/FNENetwork.cpp @@ -85,6 +85,7 @@ FNENetwork::FNENetwork(HostFNE* host, const std::string& address, uint16_t port, m_restrictGrantToAffOnly(false), m_filterHeaders(true), m_filterTerminators(true), + m_disallowU2U(false), m_dropU2UPeerTable(), m_enableInfluxDB(false), m_influxServerAddress("127.0.0.1"), @@ -161,6 +162,8 @@ void FNENetwork::setOptions(yaml::Node& conf, bool printOptions) ** Drop Unit to Unit Peers */ + m_disallowU2U = conf["disallowAllUnitToUnit"].as(false); + yaml::Node& dropUnitToUnit = conf["dropUnitToUnit"]; if (dropUnitToUnit.size() > 0U) { for (size_t i = 0; i < dropUnitToUnit.size(); i++) { @@ -184,6 +187,7 @@ void FNENetwork::setOptions(yaml::Node& conf, bool printOptions) LogInfo(" Restrict grant response by affiliation: %s", m_restrictGrantToAffOnly ? "yes" : "no"); LogInfo(" Traffic Headers Filtered by Destination ID: %s", m_filterHeaders ? "yes" : "no"); LogInfo(" Traffic Terminators Filtered by Destination ID: %s", m_filterTerminators ? "yes" : "no"); + LogInfo(" Disallow Unit-to-Unit: %s", m_disallowU2U ? "yes" : "no"); LogInfo(" InfluxDB Reporting Enabled: %s", m_enableInfluxDB ? "yes" : "no"); if (m_enableInfluxDB) { LogInfo(" InfluxDB Address: %s", m_influxServerAddress.c_str()); diff --git a/src/fne/network/FNENetwork.h b/src/fne/network/FNENetwork.h index c9e8238a..2a36a0c6 100644 --- a/src/fne/network/FNENetwork.h +++ b/src/fne/network/FNENetwork.h @@ -463,6 +463,7 @@ namespace network bool m_forceListUpdate; + bool m_disallowU2U; std::vector m_dropU2UPeerTable; bool m_enableInfluxDB; diff --git a/src/fne/network/callhandler/TagDMRData.cpp b/src/fne/network/callhandler/TagDMRData.cpp index fdd74957..ab0b9e4f 100644 --- a/src/fne/network/callhandler/TagDMRData.cpp +++ b/src/fne/network/callhandler/TagDMRData.cpp @@ -656,6 +656,8 @@ bool TagDMRData::processCSBK(uint8_t* buffer, uint32_t peerId, dmr::data::NetDat bool TagDMRData::isPeerPermitted(uint32_t peerId, data::NetData& data, uint32_t streamId, bool external) { if (data.getFLCO() == FLCO::PRIVATE) { + if (m_network->m_disallowU2U) + return false; if (!m_network->checkU2UDroppedPeer(peerId)) return true; return false; diff --git a/src/fne/network/callhandler/TagNXDNData.cpp b/src/fne/network/callhandler/TagNXDNData.cpp index 84ffc12b..996b0d18 100644 --- a/src/fne/network/callhandler/TagNXDNData.cpp +++ b/src/fne/network/callhandler/TagNXDNData.cpp @@ -463,6 +463,8 @@ bool TagNXDNData::peerRewrite(uint32_t peerId, uint32_t& dstId, bool outbound) bool TagNXDNData::isPeerPermitted(uint32_t peerId, lc::RTCH& lc, uint8_t messageType, uint32_t streamId, bool external) { if (!lc.getGroup()) { + if (m_network->m_disallowU2U) + return false; if (!m_network->checkU2UDroppedPeer(peerId)) return true; return false; diff --git a/src/fne/network/callhandler/TagP25Data.cpp b/src/fne/network/callhandler/TagP25Data.cpp index 5de7f021..f0c35540 100644 --- a/src/fne/network/callhandler/TagP25Data.cpp +++ b/src/fne/network/callhandler/TagP25Data.cpp @@ -882,6 +882,8 @@ bool TagP25Data::processTSDUToExternal(uint8_t* buffer, uint32_t srcPeerId, uint bool TagP25Data::isPeerPermitted(uint32_t peerId, lc::LC& control, DUID::E duid, uint32_t streamId, bool external) { if (control.getLCO() == LCO::PRIVATE) { + if (m_network->m_disallowU2U) + return false; if (!m_network->checkU2UDroppedPeer(peerId)) return true; return false;