Enable minimal config and tidy up global ACL

3 years ago · 294a09c8f1
parent d1dc58d46f
commit 294a09c8f1
6 changed files with 163 additions and 35 deletions
--- a/FreeDMR-MINIMAL.cfg
+++ b/FreeDMR-MINIMAL.cfg
@ -0,0 +1,42 @@
+#This empty config file will use defaults for everything apart from OBP and HBP config
+#This is usually a sensible choice. 
+
+
+[GLOBAL]
+SERVER_ID: 0000
+
+[REPORTS]
+
+[LOGGER]
+
+[ALIASES]
+
+[ALLSTAR]
+
+[SYSTEM]
+MODE: MASTER
+ENABLED: True
+REPEAT: True
+MAX_PEERS: 1
+EXPORT_AMBE: False
+IP: 127.0.0.1
+PORT: 54000
+PASSPHRASE:
+GROUP_HANGTIME: 5
+USE_ACL: True
+REG_ACL: DENY:1
+SUB_ACL: DENY:1
+TGID_TS1_ACL: PERMIT:ALL
+TGID_TS2_ACL: PERMIT:ALL
+DEFAULT_UA_TIMER: 60
+SINGLE_MODE: True
+VOICE_IDENT: True
+TS1_STATIC:
+TS2_STATIC:
+DEFAULT_REFLECTOR: 0
+ANNOUNCEMENT_LANGUAGE: en_GB
+GENERATOR: 100
+ALLOW_UNREG_ID: False
+PROXY_CONTROL: True
+OVERRIDE_IDENT_TG:
+
--- a/config.py
+++ b/config.py
@ -304,51 +304,51 @@ def build_config(_config_file):
                elif config.get(section, 'MODE') == 'MASTER':
                    CONFIG['SYSTEMS'].update({section: {
                        'MODE': config.get(section, 'MODE'),
-                        'ENABLED': config.getboolean(section, 'ENABLED'),
-                        'REPEAT': config.getboolean(section, 'REPEAT'),
-                        'MAX_PEERS': config.getint(section, 'MAX_PEERS'),
-                        'IP': config.get(section, 'IP'),
-                        'PORT': config.getint(section, 'PORT'),
-                        'PASSPHRASE': bytes(config.get(section, 'PASSPHRASE'), 'utf-8'),
-                        'GROUP_HANGTIME': config.getint(section, 'GROUP_HANGTIME'),
-                        'USE_ACL': config.getboolean(section, 'USE_ACL'),
-                        'REG_ACL': config.get(section, 'REG_ACL'),
-                        'SUB_ACL': config.get(section, 'SUB_ACL'),
-                        'TG1_ACL': config.get(section, 'TGID_TS1_ACL'),
-                        'TG2_ACL': config.get(section, 'TGID_TS2_ACL'),
-                        'DEFAULT_UA_TIMER': config.getint(section, 'DEFAULT_UA_TIMER'),
-                        'SINGLE_MODE': config.getboolean(section, 'SINGLE_MODE'),
-                        'VOICE_IDENT': config.getboolean(section, 'VOICE_IDENT'),
-                        'TS1_STATIC': config.get(section,'TS1_STATIC'),
-                        'TS2_STATIC': config.get(section,'TS2_STATIC'),
+                        'ENABLED': config.getboolean(section, 'ENABLED', fallback=True  ),
+                        'REPEAT': config.getboolean(section, 'REPEAT', fallback=True),
+                        'MAX_PEERS': config.getint(section, 'MAX_PEERS', fallback=1),
+                        'IP': config.get(section, 'IP', fallback='127.0.0.1'),
+                        'PORT': config.getint(section, 'PORT', fallback=54000),
+                        'PASSPHRASE': bytes(config.get(section, 'PASSPHRASE', fallback=''), 'utf-8'),
+                        'GROUP_HANGTIME': config.getint(section, 'GROUP_HANGTIME',fallback=5),
+                        'USE_ACL': config.getboolean(section, 'USE_ACL', fallback=False),
+                        'REG_ACL': config.get(section, 'REG_ACL', fallback=''),
+                        'SUB_ACL': config.get(section, 'SUB_ACL', fallback=''),
+                        'TG1_ACL': config.get(section, 'TGID_TS1_ACL', fallback=''),
+                        'TG2_ACL': config.get(section, 'TGID_TS2_ACL', fallback=''),
+                        'DEFAULT_UA_TIMER': config.getint(section, 'DEFAULT_UA_TIMER', fallback=10),
+                        'SINGLE_MODE': config.getboolean(section, 'SINGLE_MODE', fallback=True),
+                        'VOICE_IDENT': config.getboolean(section, 'VOICE_IDENT', fallback=True),
+                        'TS1_STATIC': config.get(section,'TS1_STATIC', fallback=''),
+                        'TS2_STATIC': config.get(section,'TS2_STATIC', fallback=''),
                        'DEFAULT_REFLECTOR': config.getint(section, 'DEFAULT_REFLECTOR'),
-                        'GENERATOR': config.getint(section, 'GENERATOR'),
-                        'ANNOUNCEMENT_LANGUAGE': config.get(section, 'ANNOUNCEMENT_LANGUAGE'),
-                        'ALLOW_UNREG_ID': config.getboolean(section,'ALLOW_UNREG_ID'),
-                        'PROXY_CONTROL' : config.getboolean(section,'PROXY_CONTROL'),
-                        'OVERRIDE_IDENT_TG': config.get(section, 'OVERRIDE_IDENT_TG')
+                        'GENERATOR': config.getint(section, 'GENERATOR', fallback=100),
+                        'ANNOUNCEMENT_LANGUAGE': config.get(section, 'ANNOUNCEMENT_LANGUAGE', fallback='en_GB'),
+                        'ALLOW_UNREG_ID': config.getboolean(section,'ALLOW_UNREG_ID', fallback=False),
+                        'PROXY_CONTROL' : config.getboolean(section,'PROXY_CONTROL', fallback=True),
+                        'OVERRIDE_IDENT_TG': config.get(section, 'OVERRIDE_IDENT_TG', fallback=False)
                    }})
                    CONFIG['SYSTEMS'][section].update({'PEERS': {}})
                    
                elif config.get(section, 'MODE') == 'OPENBRIDGE':
                    CONFIG['SYSTEMS'].update({section: {
                        'MODE': config.get(section, 'MODE'),
-                        'ENABLED': config.getboolean(section, 'ENABLED'),
+                        'ENABLED': config.getboolean(section, 'ENABLED', fallback=True),
                        'NETWORK_ID': config.getint(section, 'NETWORK_ID').to_bytes(4, 'big'),
                        #'OVERRIDE_SERVER_ID': config.getint(section, 'OVERRIDE_SERVER_ID').to_bytes(4, 'big'),
-                        'IP': config.get(section, 'IP'),
+                        'IP': config.get(section, 'IP', fallback=''),
                        'PORT': config.getint(section, 'PORT'),
                        'PASSPHRASE': bytes(config.get(section, 'PASSPHRASE').ljust(20,'\x00')[:20], 'utf-8'),
                        #'TARGET_SOCK': (gethostbyname(config.get(section, 'TARGET_IP')), config.getint(section, 'TARGET_PORT')),
                        'TARGET_IP': config.get(section, 'TARGET_IP'),
                        'TARGET_PORT': config.getint(section, 'TARGET_PORT'),
-                        'USE_ACL': config.getboolean(section, 'USE_ACL'),
-                        'SUB_ACL': config.get(section, 'SUB_ACL'),
-                        'TG1_ACL': config.get(section, 'TGID_ACL'),
+                        'USE_ACL': config.getboolean(section, 'USE_ACL', fallback=False),
+                        'SUB_ACL': config.get(section, 'SUB_ACL', fallback=''),
+                        'TG1_ACL': config.get(section, 'TGID_ACL', fallback=''),
                        'TG2_ACL': 'PERMIT:ALL',
-                        'RELAX_CHECKS': config.getboolean(section, 'RELAX_CHECKS'),
-                        'ENHANCED_OBP': config.getboolean(section, 'ENHANCED_OBP'),
-                        'VER' : config.getint(section, 'PROTO_VER')
+                        'RELAX_CHECKS': config.getboolean(section, 'RELAX_CHECKS', fallback=True),
+                        'ENHANCED_OBP': config.getboolean(section, 'ENHANCED_OBP',fallback=True),
+                        'VER' : config.getint(section, 'PROTO_VER', fallback=5)
                    }})

                    if CONFIG['SYSTEMS'][section]['VER'] in (0,2,3) or CONFIG['SYSTEMS'][section]['VER'] > 5:
--- a/hblink.py
+++ b/hblink.py
@ -476,16 +476,39 @@ class OPENBRIDGE(DatagramProtocol):
                        self.send_bcsq(_dst_id,_stream_id)
                        return
                    
-                    
+
                    #Low-level TG filtering 
                    if _call_type != 'unit':
                        _int_dst_id = int_id(_dst_id)
-                        if _int_dst_id <= 79 or (_int_dst_id >= 9990 and _int_dst_id <= 9999) or _int_dst_id == 900999:
+
+                        if _int_dst_id <= 79:
                            if _stream_id not in self._laststrid:
-                                logger.info('(%s) CALL DROPPED WITH STREAM ID %s FROM SUBSCRIBER %s BY GLOBAL TG FILTER', self._system, int_id(_stream_id), _int_dst_id)
+                                logger.info('(%s) CALL DROPPED WITH STREAM ID %s FROM SUBSCRIBER %s BY GLOBAL TG FILTER (local to repeater)', self._system, int_id(_stream_id), _int_dst_id)
                                self.send_bcsq(_dst_id,_stream_id)
                                self._laststrid.append(_stream_id)
                            return
+
+                        if (_int_dst_id >= 9990 and _int_dst_id <= 9999) or _int_dst_id == 900999:
+                            if _stream_id not in self._laststrid:
+                                logger.info('(%s) CALL DROPPED WITH STREAM ID %s FROM SUBSCRIBER %s BY GLOBAL TG FILTER (local to server)', self._system, int_id(_stream_id), _int_dst_id)
+                                self.send_bcsq(_dst_id,_stream_id)
+                                self._laststrid.append(_stream_id)
+                            return
+
+                        if (_int_dst_id >= 92 and _int_dst_id <= 199) and int(str(int.from_bytes(_source_server,'big'))[:4]) != int(str(_CONFIG['SERVER_ID'][:4])):
+                            if _stream_id not in self._laststrid:
+                                logger.info('(%s) CALL DROPPED WITH STREAM ID %s FROM SUBSCRIBER %s BY GLOBAL TG FILTER (local to server main ID)', self._system, int_id(_stream_id), _int_dst_id)
+                                self.send_bcsq(_dst_id,_stream_id)
+                                self._laststrid.append(_stream_id)
+                            return
+
+                        if (_int_dst_id >= 80 and _int_dst_id <= 89) or (_int_dst_id >= 800 and _int_dst_id <= 899) and int(str(int.from_bytes(_source_server,'big'))[:3]) != int(str(_CONFIG['SERVER_ID'][:3])):
+                            if _stream_id not in self._laststrid:
+                                logger.info('(%s) CALL DROPPED WITH STREAM ID %s FROM SUBSCRIBER %s BY GLOBAL TG FILTER (local to MCC)', self._system, int_id(_stream_id), _int_dst_id)
+                                self.send_bcsq(_dst_id,_stream_id)
+                                self._laststrid.append(_stream_id)
+                            return
+
                    
                    # ACL Processing
                    if self._CONFIG['GLOBAL']['USE_ACL']:
@ -586,7 +609,7 @@ class OPENBRIDGE(DatagramProtocol):
                    if compare_digest(_hash, _ckhs):
                        logger.trace('(%s) *ProtoControl*  BCVE Version received, Ver: %s',self._system,_ver)
                        
-                        if _ver == 2 or _ver ==3:
+                        if _ver == 2 or _ver == 3 or _ver > 5:
                            logger.info('(%s) *ProtoControl*  BCVE Version not supported, Ver: %s',self._system,_ver)
                        elif _ver > self._config['VER']:
                            logger.info('(%s) *ProtoControl*  BCVE Version upgrade, Ver: %s',self._system,_ver)
@ -812,7 +835,6 @@ class HBSYSTEM(DatagramProtocol):

        # Extract the command, which is various length, all but one 4 significant characters -- RPTCL
        _command = _data[:4]
-
        if _command == DMRD:    # DMRData -- encapsulated DMR data frame
            _peer_id = _data[11:15]
            if _peer_id in self._peers \
--- a/json/file_checksums.json
+++ b/json/file_checksums.json
@ -0,0 +1 @@
+{"subscriber_ids": "24eea20129ab268dc70af9f1afd1800f2b37dc55b1f2104d393b2ccac15363ba6c2e34e98d848bdee84c72bb045acc90fc077cee4bceea9843281a4a1b43abcc", "peer_ids": "f07aeb9acf450b44b3086f3590e42de455fbf76b6b18ba87bb7dd34525ecf1f02c0adac14c3ee95a9e10ad0acf978e619b0ff14b6a68e6155ce631e6b084e850", "talkgroup_ids": "d639aaaab6973728f980e5034c606f60a33608457f1a58ae20145c8f4dfbdff6ee821f4850c70105d41cb7a9a998d7b21f046dac55ed16516c9979dd37ea4af7", "server_ids": "d9bebf6fb366670614df5c4a5228a4f2160b7fadc64940e2dab86bb0f054e4c2ea5c193475a800f32db9144320d1d256e62944198bdf033c9158eb3df191a764", "timestamp": 1674949570}
--- a/json/server_ids.tsv
+++ b/json/server_ids.tsv
@ -0,0 +1,62 @@
+Country	OPB Net ID	IP/Hostname	Password	Port
+Argentina	7221	argentina.freedmr.ar	passw0rd	62031
+Australia	5051	hotspot.vkfreedmr.com	passw0rd	62031
+Australia-2	5052	australia.oz-dmr.network	passw0rd	62031
+Australia-3	5053	hot.vkfreedmr.org	passw0rd	62031
+Belgium	2061	freedmr.be	PASSWORD	62031
+Bulgaria	2841	sofia.freedmr.link	passw0rd	62031
+Bulgaria-2	2842	lz5pn.freeddns.com	passw0rd	62031
+Brasil	7241	br1.freedmr-brasil.qsl.br	passw0rd	62031
+Canada-East	3022	freedmr.va2dfk.com	passw0rd	62031
+Chile	7301	hotspots.freedmr.cl	p455w0rd	62031
+China	4601	bd4two.site	passw0rd	62031
+Colombia	7321	n2fur.ddns.net	passw0rd	62031
+Colombia-Zona1	7322	freedmrcol.mine.nu	passw0rd	62031
+Costa Rica	7121	freedmrcr.net	passw0rd	62031
+Dominican Republic	3701	1skynet.ddns.net	passw0rd	62031
+Ecuador	7401	hc3lrc.ddns.net	passw0rd	62031
+EU	2349	freedmreu.gb7fr.org.uk	passw0rd	62031
+El Salvador	7061	fdmr-ys1ys.ddns.net	passw0rd	62031
+France-Francophonie	2088	francophonie.link	passw0rd	62031
+France-Isère	2082	alpes-grenoble.ovh	passw0rd	62031
+France-Lyon & Rhone	2081	lugdunum.francophonie.link	passw0rd	62031
+France-Yvelines	2083	yvelines.freedmr.fr	PASSWORD	62031
+Germany	2621	178.254.30.151	passw0rd	62031
+Greece	2021	185.243.214.85	passw0rd	62031
+Italy	2221	hotspots.freedmr.it	PASSWORD	62031
+Italy-Calabria	2226	freedmr.italynetwork.org	passw0rd	62031
+Italy-2222	2222	freedmr-italy2222.ns0.it	passw0rd	62031
+Italy-Sicily-1	2223	freedmrsicily1.duckdns.org	passw0rd	62031
+Japan	4401	ji2gycdmr.pgw.jp	passw0rd	62031
+Maroc	6041	135.125.205.162	passw0rd	62031
+Mexico	3341	master.freedmr.org.mx	passw0rd	62031
+New Zealand 	5301	freedmr.dvnz.nz	passw0rd	62031
+Nicaragua	7101	freedmr-nicaragua.ddns.net	passw0rd	62031
+Pakistan	4101	dmr.pakhams.com	passw0rd	62031
+Panama	7141	freedmr-hp.ddns.net	passw0rd	62031
+Panama-City	7142	143.198.163.147	passw0rd	62031
+Peru	7161	free.dmr-peru.net	passw0rd	62031
+Philippines	5151	DX2ACV-FreeDMR.ddns.net	passw0rd	62031
+Portugal	2681	freedmr.pt	PASSWORD	62031
+Reunion Island	6471	freedmr-reunion.ddns.net	passw0rd	62031
+Reunion Island 2	6472	vmi946983.contaboserver.net	passw0rd	62031
+Russia	2501	rasp-freedmr.rn3a.online	passw0rd	62031
+Sardinia	2224	freedmr-sardegna.ns0.it	passw0rd	62031
+Spain	2141	freedmr-spain.duckdns.org	passw0rd	62031
+Spain2	2142	freedmr-spain2.duckdns.org	passw0rd	62031
+Sweden	2401	2401.freedmrsweden.se	passw0rd	62031
+Switzerland	2281	freedmr-ch.ddns.net	passw0rd	62031
+Thailand	5201	freedmrthailand.ddns.net	passw0rd	62031
+United Kingdom	2341	hotspot.uk.freedmr.link	passw0rd	62031
+United Kingdom-CYMRU	2342	cy.freedmr.cymru	passw0rd	62031
+United Kingdom-OZ-DMR	2343	dmr.oz-dmr.network	passw0rd	62031
+United Kingdom-SWC	2344			
+United Kingdom-Scotland	2345	freedmr.m0xfn.radio	passw0rd	62031
+USA-New England	3102	155.138.154.33	passw0rd	62031
+USA-San Francisco	3103	us-sf.freedmr.host	passw0rd	62031
+USA-New York	3106	hs.wny-digital.network	passw0rd	62031
+USA-South East	3104	usasoutheast.net	passw0rd	62031
+USA-Central	3105	usacentral.ddns.net	passw0rd	62031
+USA-Los Angeles	3107	socal-freedmr.ddns.net	passw0rd	62031
+Venezuela	7341	freedmr-venezuela.ddns.net	passw0rd	62031
+Venezuela 2	7342	fdmrvzla2.ddns.net	passw0rd	62031
--- a/json/sub_map.pkl
+++ b/json/sub_map.pkl
@ -0,0 +1 @@
+<EFBFBD>}<7D>.
				`@ -0,0 +1 @@`
				{"subscriber_ids": "24eea20129ab268dc70af9f1afd1800f2b37dc55b1f2104d393b2ccac15363ba6c2e34e98d848bdee84c72bb045acc90fc077cee4bceea9843281a4a1b43abcc", "peer_ids": "f07aeb9acf450b44b3086f3590e42de455fbf76b6b18ba87bb7dd34525ecf1f02c0adac14c3ee95a9e10ad0acf978e619b0ff14b6a68e6155ce631e6b084e850", "talkgroup_ids": "d639aaaab6973728f980e5034c606f60a33608457f1a58ae20145c8f4dfbdff6ee821f4850c70105d41cb7a9a998d7b21f046dac55ed16516c9979dd37ea4af7", "server_ids": "d9bebf6fb366670614df5c4a5228a4f2160b7fadc64940e2dab86bb0f054e4c2ea5c193475a800f32db9144320d1d256e62944198bdf033c9158eb3df191a764", "timestamp": 1674949570}