Add traffic source validation:

Change behaviour of NETWORK_ID in OPENBRIDGE config:

This should be the ID of remote system. If traffic received on this bridge is not shown as
from this ID, it will be disgarded.

Fix reporting of PEER so it actually takes the peer from the incoming connection, not NETWORK_ID:

So, in short:

SERVER_ID in [GLOBAL] - the ID you send to other servers via OBP
NETWORK_ID in OPENBRIDGE - the expected ** remote ** ID for the bridge.

bridge_master.py

@@ -416,9 +416,9 @@ def stream_trimmer_loop():
                     _sysconfig = CONFIG['SYSTEMS'][system]
                     #systems[system].STATUS[stream_id]['_fin'] = True
                     logger.info('(%s) *TIME OUT*   STREAM ID: %s SUB: %s PEER: %s TGID: %s TS 1 Duration: %.2f', \
-                        system, int_id(stream_id), get_alias(int_id(_stream['RFS']), subscriber_ids), get_alias(int_id(_sysconfig['NETWORK_ID']), peer_ids), get_alias(int_id(_stream['TGID']), talkgroup_ids), _stream['LAST'] - _stream['START'])
+                        system, int_id(stream_id), get_alias(int_id(_stream['RFS']), subscriber_ids), get_alias(int_id(_stream['RX_PEER']), peer_ids), get_alias(int_id(_stream['TGID']), talkgroup_ids), _stream['LAST'] - _stream['START'])
                     if CONFIG['REPORTS']['REPORT']:
-                            systems[system]._report.send_bridgeEvent('GROUP VOICE,END,RX,{},{},{},{},{},{},{:.2f}'.format(system, int_id(stream_id), int_id(_sysconfig['NETWORK_ID']), int_id(_stream['RFS']), 1, int_id(_stream['TGID']), _stream['LAST'] - _stream['START']).encode(encoding='utf-8', errors='ignore'))
+                            systems[system]._report.send_bridgeEvent('GROUP VOICE,END,RX,{},{},{},{},{},{},{:.2f}'.format(system, int_id(stream_id), int_id(_stream['RX_PEER']), int_id(_stream['RFS']), 1, int_id(_stream['TGID']), _stream['LAST'] - _stream['START']).encode(encoding='utf-8', errors='ignore'))
                     systems[system].STATUS[stream_id]['_to'] = True
                     continue
                 #except:
@@ -1185,6 +1185,7 @@ class routerOBP(OPENBRIDGE):
                             'CONTENTION':False,
                             'RFS':       _rf_src,
                             'TGID':      _dst_id,
+                            'RX_PEER': _peer_id
                         }
                         # Generate LCs (full and EMB) for the TX stream
                         try:
@@ -1333,7 +1334,8 @@ class routerOBP(OPENBRIDGE):
                     'TGID':      _dst_id,
                     '1ST': True,
                     'lastSeq': False,
-                    'lastData': False
+                    'lastData': False,
+                    'RX_PEER': _peer_id
 
                 }
 
@@ -1548,6 +1550,7 @@ class routerHBP(HBSYSTEM):
                                 'CONTENTION':False,
                                 'RFS':       _rf_src,
                                 'TGID':      _dst_id,
+                                'RX_PEER':   _peer_id
                             }
                             # Generate LCs (full and EMB) for the TX stream
                             dst_lc = b''.join([self.STATUS[_slot]['RX_LC'][0:3], _target['TGID'], _rf_src])

hblink.py

@@ -169,6 +169,9 @@ class OPENBRIDGE(DatagramProtocol):
 
             if compare_digest(_hash, _ckhs) and (_sockaddr == self._config['TARGET_SOCK'] or self._config['RELAX_CHECKS']):
                 _peer_id = _data[11:15]
+                if self._config['NETWORK_ID'] != _peer_id:
+                    logger.error('(%s) OpenBridge packet discarded because NETWORK_ID: %s Does not match sent Peer ID: %s', self._system, self._config['NETWORK_ID'], _peer_id)
+                    return
                 _seq = _data[4]
                 _rf_src = _data[5:8]
                 _dst_id = _data[8:11]