Re: [SR-Users] Siremis error Call to a member function getQuoted()
Thanks for the suggestion. It doesn't seem to work. It produces the following query. SELECT T0.id, T0.name, T0.description FROM group T0 INNER JOIN `user_group` TX ON TX.group_id = T0.id WHERE TX.user_id = '1' On 3/23/2015 2:59 PM, Daniel-Constantin Mierla wrote: The right solution is to enclose the table name in between the quotations marks that allow any value there, including the reserved keywords. In mysql you can use the back ticks, e.g: SELECT * FROM `group`; The above will just work. But is not standard SQL, just mysql specific. That was the purpose of the getQuoted() function, which came as patch to make siremis work with postgress. But apparently the patch was not dealing with the association case. IIRC, postgress uses double quotes instead of back ticks. As a shorter fix would be using: $xtable = ` . $assoc[XTable] . `; In this way, you don't need to rename the table and change the name of it on php code. Cheers, Daniel On 23/03/15 16:20, canuck15 wrote: Ok, so the complete fix is: edit ...openbiz/bin/data/BizDataSql.php go to line 237 replace the line with. $xtable = $assoc[XTable]; mysql -p USE siremis; RENAME TABLE group TO grouptable; Or pick some other new name for the group table. edit ..siremis/modules/system/do Go through all the files in that directory and change Table=group To Table=grouptable Or whatever the new name given to the group table is. Now it all seems to work. On 3/23/2015 7:03 AM, canuck15 wrote: Hi, I figured that part out which is when I got the database error about the group table. So I will need to find where to change that table name. I should have mentioned that. On 3/23/2015 1:18 AM, Daniel-Constantin Mierla wrote: The issue is calling a function which is not member of the object referred to. We will look into fixing it properly, for the moment do following changes: - editi the file: /var/www/html/openbiz/bin/data/BizDataSql.php - go to line 237 - replace the line with: $xtable = $assoc[XTable]; Thanks for reporting and troubleshooting. Cheers, Daniel On 23/03/15 02:52, canuck15 wrote: I think I found the root cause. Siremis database has a table called group. That is a reserved word in mysql that cannot be used as a table name. http://dev.mysql.com/doc/refman/5.5/en/reserved-words.html Do the following to prove it. mysql USE siremis; SELECT * FROM group; error RENAME TABLE group TO group1; SELECT * FROM group1; no error On 3/21/2015 4:39 PM, canuck15 wrote: When you add/update/view Administrator usernames To reproduce Administration User Management Click on any existing username. The browser goes blank. Error in apache logs is: PHP Fatal error: Call to a member function getQuoted() on a non-object in /var/www/html/openbiz/bin/data/BizDataSql.php on line 237 This is on the latest Siremis v4.2.0 downloaded today I am using CentOS v6.6, php v5.3.3 ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users -- Daniel-Constantin Mierla http://twitter.com/#!/miconda -http://www.linkedin.com/in/miconda Kamailio World Conference, May 27-29, 2015 Berlin, Germany -http://www.kamailioworld.com ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users -- Daniel-Constantin Mierla http://twitter.com/#!/miconda -http://www.linkedin.com/in/miconda Kamailio World Conference, May 27-29, 2015 Berlin, Germany -http://www.kamailioworld.com ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Siremis error Call to a member function getQuoted()
Ok, so the complete fix is: edit ...openbiz/bin/data/BizDataSql.php go to line 237 replace the line with. $xtable = $assoc[XTable]; mysql -p USE siremis; RENAME TABLE group TO grouptable; Or pick some other new name for the group table. edit ..siremis/modules/system/do Go through all the files in that directory and change Table=group To Table=grouptable Or whatever the new name given to the group table is. Now it all seems to work. On 3/23/2015 7:03 AM, canuck15 wrote: Hi, I figured that part out which is when I got the database error about the group table. So I will need to find where to change that table name. I should have mentioned that. On 3/23/2015 1:18 AM, Daniel-Constantin Mierla wrote: The issue is calling a function which is not member of the object referred to. We will look into fixing it properly, for the moment do following changes: - editi the file: /var/www/html/openbiz/bin/data/BizDataSql.php - go to line 237 - replace the line with: $xtable = $assoc[XTable]; Thanks for reporting and troubleshooting. Cheers, Daniel On 23/03/15 02:52, canuck15 wrote: I think I found the root cause. Siremis database has a table called group. That is a reserved word in mysql that cannot be used as a table name. http://dev.mysql.com/doc/refman/5.5/en/reserved-words.html Do the following to prove it. mysql USE siremis; SELECT * FROM group; error RENAME TABLE group TO group1; SELECT * FROM group1; no error On 3/21/2015 4:39 PM, canuck15 wrote: When you add/update/view Administrator usernames To reproduce Administration User Management Click on any existing username. The browser goes blank. Error in apache logs is: PHP Fatal error: Call to a member function getQuoted() on a non-object in /var/www/html/openbiz/bin/data/BizDataSql.php on line 237 This is on the latest Siremis v4.2.0 downloaded today I am using CentOS v6.6, php v5.3.3 ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users -- Daniel-Constantin Mierla http://twitter.com/#!/miconda -http://www.linkedin.com/in/miconda Kamailio World Conference, May 27-29, 2015 Berlin, Germany -http://www.kamailioworld.com ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Siremis error Call to a member function getQuoted()
Hi, I figured that part out which is when I got the database error about the group table. So I will need to find where to change that table name. I should have mentioned that. On 3/23/2015 1:18 AM, Daniel-Constantin Mierla wrote: The issue is calling a function which is not member of the object referred to. We will look into fixing it properly, for the moment do following changes: - editi the file: /var/www/html/openbiz/bin/data/BizDataSql.php - go to line 237 - replace the line with: $xtable = $assoc[XTable]; Thanks for reporting and troubleshooting. Cheers, Daniel On 23/03/15 02:52, canuck15 wrote: I think I found the root cause. Siremis database has a table called group. That is a reserved word in mysql that cannot be used as a table name. http://dev.mysql.com/doc/refman/5.5/en/reserved-words.html Do the following to prove it. mysql USE siremis; SELECT * FROM group; error RENAME TABLE group TO group1; SELECT * FROM group1; no error On 3/21/2015 4:39 PM, canuck15 wrote: When you add/update/view Administrator usernames To reproduce Administration User Management Click on any existing username. The browser goes blank. Error in apache logs is: PHP Fatal error: Call to a member function getQuoted() on a non-object in /var/www/html/openbiz/bin/data/BizDataSql.php on line 237 This is on the latest Siremis v4.2.0 downloaded today I am using CentOS v6.6, php v5.3.3 ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users -- Daniel-Constantin Mierla http://twitter.com/#!/miconda -http://www.linkedin.com/in/miconda Kamailio World Conference, May 27-29, 2015 Berlin, Germany -http://www.kamailioworld.com ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Siremis error Call to a member function getQuoted()
I think I found the root cause. Siremis database has a table called group. That is a reserved word in mysql that cannot be used as a table name. http://dev.mysql.com/doc/refman/5.5/en/reserved-words.html Do the following to prove it. mysql USE siremis; SELECT * FROM group; error RENAME TABLE group TO group1; SELECT * FROM group1; no error On 3/21/2015 4:39 PM, canuck15 wrote: When you add/update/view Administrator usernames To reproduce Administration User Management Click on any existing username. The browser goes blank. Error in apache logs is: PHP Fatal error: Call to a member function getQuoted() on a non-object in /var/www/html/openbiz/bin/data/BizDataSql.php on line 237 This is on the latest Siremis v4.2.0 downloaded today I am using CentOS v6.6, php v5.3.3 ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
[SR-Users] Siremis error Call to a member function getQuoted()
When you add/update/view Administrator usernames To reproduce Administration User Management Click on any existing username. The browser goes blank. Error in apache logs is: PHP Fatal error: Call to a member function getQuoted() on a non-object in /var/www/html/openbiz/bin/data/BizDataSql.php on line 237 This is on the latest Siremis v4.2.0 downloaded today I am using CentOS v6.6, php v5.3.3 ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] What is the best SIP trunk authentication strategy
Please keep in mind that I have no control over SIP trunk providers. The vast majority do not allow me to do any of these things as far as I know. This is something that needs to be solved in Kamailio with standard user/pass/realm authentication. TLS is not an option for me. On 3/18/2015 11:36 PM, Juha Heinanen wrote: i suggest you use tls common names to identify servers behind your trunks, -- juha ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] What is the best SIP trunk authentication strategy
It looks like auth_check() will work. It seems intelligent enough to scan all instances of the same domain as long as the username is unique so that should get things working. The problem here is that there is a fundamental difference between Asterisk and Kamailio authentication. Asterisk authentication works with FQDN or IP. However, Kamailio is not designed to authenticate anything with FQDN unless it is also a realm and identified as such by the UA. I believe that is the main issue here. SIP trunks typically do not use or care about realm. So after the initial invite response from Kamailio the SIP trunk provider typically responds with the IP address as the realm. It does almost seem like there should be a special module to deal with this sort of thing. None of the existing modules seem to be the right fit. On 3/18/2015 9:03 AM, Daniel Tryba wrote: On Wednesday 18 March 2015 08:32:10 canuck15 wrote: I can run a cron job every hour to DNS lookup and update the ip_addr table as needed so I think this is a satisfactory solution for IP authentication. Is there a mechanism to identify all originating servers for a hostname/domain? If the answer is no (and AFAIK is it) then this solution doesn't work. I used this in the past, a subscriber has a userpref with ip/port combo. But this ins't an answer for subaccounts on trunks (unles you can get the sender to actually use different ports). 3 is the whitelist for ip adresses on record. I abandoned this due to to much problems with trunks, they just have to authenticate or go elsewere. BTW only for tcp since udp sources can be spoofed. I guess the best way is to use tls with certificate verification (good luck getting the trunks to implement this :) route[AUTHENTICATE] { if(!is_method(REGISTER) allow_address(3, $si, $sp) $proto==tcp) { if(!avp_db_query(select username from usr_preferences where attribute='ip_authentication' and domain='$td' and (value='$si:$sp' or value like '$si:%') order by length(value) limit 1)) { xlog(L_ALERT,ACL: $rm from $fu (IP:$si:$sp)\n); sl_send_reply(403, Not Allowed by AUTHENTICATE ACL); exit; } $avp(au)=$avp(i:1); } else { $var(authenticated)=www_authenticate($td, subscriber); if (!www_authenticate($td, subscriber)) { xlog(L_ALERT,AUTHENTICATE: $rm from $fu to $tu (IP: $si:$sp)\n); www_challenge($td, 1); exit; } $avp(au)=$au; consume_credentials(); } ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
[SR-Users] What is the best SIP trunk authentication strategy
Been struggling with this for awhile now. So far I am finding it rather difficult to come up with way to authenticate SIP trunks taking into account all possible scenarios. My setup is Kamailio combined with Asterisk realtime. Everything is in a MySQL database. All authentication is done by Kamailio. Kamailio handles SIP extension (user) authentication quite well but seems poorly equipped for SIP trunk (peer) authentication. The biggest problem I have run into so far is that SIP trunks typically use DNS names and Kamailio is not at all designed to used DNS names. Also SIP trunks do not use named realms whereas that is a key part of Kamailio authentication. For IP authentication about the only solution I have found is to DNS lookup and save all returned IP addresses in the ip_addr mysql table. Then I do: #!ifdef WITH_IPAUTH if((!is_method(REGISTER)) allow_source_address() $au == ) { # source IP allowed return; } I can run a cron job every hour to DNS lookup and update the ip_addr table as needed so I think this is a satisfactory solution for IP authentication. SIP trunk user/pass authentication is the one I am now struggling with. This standard Kamailio authentication section does not work for SIP trunks. if (is_method(REGISTER|INVITE) || from_uri==myself) { # authenticate requests #if (!auth_check($fd, subscriber, 1)) { if (!auth_check($fd, subscriber, 0)) { auth_challenge($fd, 0); exit; } # user authenticated - remove auth header if(!is_method(REGISTER|PUBLISH)) consume_credentials(); This is a multidomain setup and therefore: modparam(auth_db, use_domain, 1) So the authentication section will try authenticate the realm of the trunk which will always be an IP address. However the SIP trunk realm will usually be saved in the subscriber database as the FQDN. There is no mechanism for auth_check() to directly or indirectly check against FQDN. The other problem is that even if I used the ip_addr table somehow it will only try use the user/pass of the first instance of a matching IP address. For SIP trunks it is possible I could have multiple subaccounts and therefore multiple instances of the same IP with different user/pass. So auth_check() is not designed for being used this way as far as I can tell. Seems to me like there should almost be a special kamailio module just for SIP trunks. I had a look a carrierroute module it's not designed for this either. ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Help with 407 Proxy Auth. Required
Specifically, after auth_check line add: xlog(The return code is $rc\n); Can add additional lines to view the values of other pseudovariables http://www.kamailio.org/wiki/cookbooks/4.0.x/pseudovariables On 3/9/2015 7:56 AM, Daniel-Constantin Mierla wrote: On 09/03/15 15:41, Agiftel wrote: Thanks Olle for reply but password is correct. Set the debug=3 in kamailio.cfg and check the log messages, you should get more hints for what part mismatches there. Also, after doing auth_check(), you can print the $rc to see the return code value. Cheers, Daniel ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
[SR-Users] What does it mean when auth_check and auth_challenge flags are 0?
I am trying to decipher a kamailio.cfg file for a particular open source project. There are problems with authentication and I am trying to understand why. They use the following lines for authentication check if (!auth_check($fd, subscriber, 0)) { auth_challenge($fd, 0); exit; The documentation only talks about using 1 and not 0. So I am trying to understand what the above statement with 0 is actually doing. Any help in this regard would be greatly appreciated. ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] how can I use WITH_IPAUTH when the IP may be stored in the DB as a FQDN?
Thanks for this suggestion. I ended up replacing permissions module |allow_source_address() with sql queries. |Not sure how well it will scale but seems to work ok on a test system. |In order to use allow_source_address() I would need to save all returned IP addresses in the database. The problem with that is it will not automatically update if DNS changes||. I still have not ruled out doing that if this ends up bogging down when the server gets busy. Excessive DNS queries/delays do not appear to be a problem with this because it is cached in Kamailio DNS resolver. It renews every 120 seconds by default unless configured otherwise. You can view the contents of the dns resolver by running kamcmd dns.view. Here is the replaced IPAUTH section I created for anyone who may be interested. modparam(sqlops, sqlcon, kamailio=unixodbc:///kamailio-connector) . . . #!ifdef WITH_IPAUTH if((!is_method(REGISTER)) $au == ) { sql_query(kamailio, SELECT ip_addr FROM address, ka); if($dbr(ka=rows)0) { $var(dnsname) = $null; $var(i) = 0; while($var(i)$dbr(ka=rows)) { $var(dnsname) = $dbr(ka=[$var(i),0]); if (dns_int_match_ip($var(dnsname), $si)) { # source IP allowed, leave the 'while' parent loop. $var(i) = $dbr(ka=rows); return; } $var(i) = $var(i) + 1; } return; } sql_result_free(ka); return; } | On 3/9/2015 4:27 AM, Daniel-Constantin Mierla wrote: Hello, On 08/03/15 21:38, canuck15 wrote: Here is is the relevant section of kamailio.cfg $var(tempfU) = $fU; #!ifdef WITH_IPAUTH if((!is_method(REGISTER)) allow_source_address() $au == ) { # Loading $fU from database using IP sql_pvquery(elxpbx, SELECT name FROM sip WHERE host = '$si' AND sippasswd IS NULL, $var(tempfU)); # source IP allowed return; } The problem is that when host= somefqdn.com the above will fail since $si will always be an IP address as far as I can tell. More often than not host= is a fqdn and requiring it to always be an IP address is not an option. Converting it to IP before storing it in the DB is also not an option because it needs to be able to work of the IP address changes. So how can the above be done to accomodate the possibility that host= somefqdn.com or an IP address. Preferably in such a way that it can scale to hundreds/thousands of rows in the database without slowing things down or crashing. as first remark, note that permissions module can work with hostanmes in the address table. On the other hand, having what you want might not work. If you want to test if a request comes from xyz.com, doing a dns query on xyz.com can return a different IP than what was used for sending. If xyz.com has many IP addresses associated with and they do load balancing, they are usually returning just a subset of their IP addresses, not all of them. In this case, the best is to discover the subnet addresses used by xyz.com and store them in the address table, then use permissions in the config. Otherwise, you can try by doing a query and extract all hostnames from the database with sqlops and then loop through them and test with the functions from ipops module. You must have a fast dns server in order to not slow down the processing in the case you have lots of hostnames. Cheers, Daniel ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
[SR-Users] does ipops module dns_int_match_ip(hostname, ipaddr) search all returned records?
I am reading the documentation for the ipops module dns_int_match_ip() function and it states the following: Returns TRUE if ipaddr is associated by DNS to hostname. FALSE otherwise. It uses internal DNS resolver. At this moment, the function might not check all the IP addresses as returned by dns_sys_match_ip(), because the internal resolver targets to discover the first address to be used for relaying SIP traffic. Thus is better to use dns_sys_match_ip() if the host you want to check has many IP addresses, in different address famililies (IPv4/6). I am not sure what that statement means. I will be using this for IP authentication where the records it is checking against are in a mysql database and may or may not be be using the DNS name instead of the IP. Many of those DNS names could return several IP addresses and the incoming call could be on any one of those IP addresses. So when I do a check of a hostname against an IP address I want all returned A or srv IP's to be checked against the IP. Not just the first IP returned when checked. I do not believe dns_sys_match() will be fast enough on a busy server so I would prefer to using dns_int_match_ip(). If anyone can clarify what that statement means regarding internal resolver targets to discover the first address and whether that would affect my use it would be greatly appreciated. On a related note, is there any way to check the contents of the dns resolver cache? I looked through kamctl and kamcmd but didn't find anything. I tried kamctl address show but that didn't return anything. ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] how can I use WITH_IPAUTH when the IP may be stored in the DB as a FQDN?
After further investigation I am considering the ipops module dns_query() command. http://kamailio.org/docs/modules/4.3.x/modules/ipops.html It needs to be fast to prevent a bottleneck so I have a few things I need to verify. Will it save to/check internal DNS resolver cache first and if so how many dns_querys can this handle before it starts to affect performance or use excessive amounts of memory etc? If not what can I use that uses the DNS resolver cache? For what I am doing it would need to scale to many hundreds of DNS Authenticated SIP trunks. So perhaps hundreds of querys/sec I suppose. Perhaps many thousands of SIP extensions using those trunks but not directly using DNS authentication themselves. On 3/9/2015 4:27 AM, Daniel-Constantin Mierla wrote: Hello, On 08/03/15 21:38, canuck15 wrote: Here is is the relevant section of kamailio.cfg $var(tempfU) = $fU; #!ifdef WITH_IPAUTH if((!is_method(REGISTER)) allow_source_address() $au == ) { # Loading $fU from database using IP sql_pvquery(elxpbx, SELECT name FROM sip WHERE host = '$si' AND sippasswd IS NULL, $var(tempfU)); # source IP allowed return; } The problem is that when host= somefqdn.com the above will fail since $si will always be an IP address as far as I can tell. More often than not host= is a fqdn and requiring it to always be an IP address is not an option. Converting it to IP before storing it in the DB is also not an option because it needs to be able to work of the IP address changes. So how can the above be done to accomodate the possibility that host= somefqdn.com or an IP address. Preferably in such a way that it can scale to hundreds/thousands of rows in the database without slowing things down or crashing. as first remark, note that permissions module can work with hostanmes in the address table. On the other hand, having what you want might not work. If you want to test if a request comes from xyz.com, doing a dns query on xyz.com can return a different IP than what was used for sending. If xyz.com has many IP addresses associated with and they do load balancing, they are usually returning just a subset of their IP addresses, not all of them. In this case, the best is to discover the subnet addresses used by xyz.com and store them in the address table, then use permissions in the config. Otherwise, you can try by doing a query and extract all hostnames from the database with sqlops and then loop through them and test with the functions from ipops module. You must have a fast dns server in order to not slow down the processing in the case you have lots of hostnames. Cheers, Daniel ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
[SR-Users] how can I use WITH_IPAUTH when the IP may be stored in the DB as a FQDN?
Here is is the relevant section of kamailio.cfg $var(tempfU) = $fU; #!ifdef WITH_IPAUTH if((!is_method(REGISTER)) allow_source_address() $au == ) { # Loading $fU from database using IP sql_pvquery(elxpbx, SELECT name FROM sip WHERE host = '$si' AND sippasswd IS NULL, $var(tempfU)); # source IP allowed return; } The problem is that when host= somefqdn.com the above will fail since $si will always be an IP address as far as I can tell. More often than not host= is a fqdn and requiring it to always be an IP address is not an option. Converting it to IP before storing it in the DB is also not an option because it needs to be able to work of the IP address changes. So how can the above be done to accomodate the possibility that host= somefqdn.com or an IP address. Preferably in such a way that it can scale to hundreds/thousands of rows in the database without slowing things down or crashing. ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users