diff --git a/hb_parrot.py b/hb_parrot.py index e1e0e93..2c87832 100755 --- a/hb_parrot.py +++ b/hb_parrot.py @@ -53,6 +53,57 @@ __status__ = 'pre-alpha' # Module gobal varaibles +# Import subscriber ACL +# ACL may be a single list of subscriber IDs +# Global action is to allow or deny them. Multiple lists with different actions and ranges +# are not yet implemented. +def build_acl(_sub_acl): + ACL = set() + try: + acl_file = import_module(_sub_acl) + logger.info('ACL file found, importing entries. This will take about 1.5 seconds per 1 million IDs') + sections = acl_file.ACL.split(':') + ACL_ACTION = sections[0] + entries_str = sections[1] + + + for entry in entries_str.split(','): + if '-' in entry: + start,end = entry.split('-') + start,end = int(start), int(end) + for id in range(start, end+1): + ACL.add(hex_str_3(id)) + else: + id = int(entry) + ACL.add(hex_str_3(id)) + + logger.info('ACL loaded: action "{}" for {:,} radio IDs'.format(ACL_ACTION, len(ACL))) + + except ImportError: + logger.info('ACL file not found or invalid - all subscriber IDs are valid') + ACL_ACTION = 'NONE' + + # Depending on which type of ACL is used (PERMIT, DENY... or there isn't one) + # define a differnet function to be used to check the ACL + global allow_sub + if ACL_ACTION == 'PERMIT': + def allow_sub(_sub): + if _sub in ACL: + return True + else: + return False + elif ACL_ACTION == 'DENY': + def allow_sub(_sub): + if _sub not in ACL: + return True + else: + return False + else: + def allow_sub(_sub): + return True + + return ACL + class parrot(HBSYSTEM): def __init__(self, _name, _config, _logger, _report): @@ -194,6 +245,9 @@ if __name__ == '__main__': # Set signal handers so that we can gracefully exit if need be for sig in [signal.SIGTERM, signal.SIGINT]: signal.signal(sig, sig_handler) + + # Build the Access Control List + ACL = build_acl('reg_acl') # ID ALIAS CREATION # Download