From fa20a25852e69b4594cdb9dfbd2c712b1db37888 Mon Sep 17 00:00:00 2001 From: Simon Date: Tue, 15 Jun 2021 00:24:49 +0100 Subject: [PATCH] Add traffic source validation: Change behaviour of NETWORK_ID in OPENBRIDGE config: This should be the ID of remote system. If traffic received on this bridge is not shown as from this ID, it will be disgarded. Fix reporting of PEER so it actually takes the peer from the incoming connection, not NETWORK_ID: So, in short: SERVER_ID in [GLOBAL] - the ID you send to other servers via OBP NETWORK_ID in OPENBRIDGE - the expected ** remote ** ID for the bridge. --- bridge_master.py | 9 ++++++--- hblink.py | 3 +++ 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/bridge_master.py b/bridge_master.py index b7e6dcd..40205d7 100755 --- a/bridge_master.py +++ b/bridge_master.py @@ -416,9 +416,9 @@ def stream_trimmer_loop(): _sysconfig = CONFIG['SYSTEMS'][system] #systems[system].STATUS[stream_id]['_fin'] = True logger.info('(%s) *TIME OUT* STREAM ID: %s SUB: %s PEER: %s TGID: %s TS 1 Duration: %.2f', \ - system, int_id(stream_id), get_alias(int_id(_stream['RFS']), subscriber_ids), get_alias(int_id(_sysconfig['NETWORK_ID']), peer_ids), get_alias(int_id(_stream['TGID']), talkgroup_ids), _stream['LAST'] - _stream['START']) + system, int_id(stream_id), get_alias(int_id(_stream['RFS']), subscriber_ids), get_alias(int_id(_stream['RX_PEER']), peer_ids), get_alias(int_id(_stream['TGID']), talkgroup_ids), _stream['LAST'] - _stream['START']) if CONFIG['REPORTS']['REPORT']: - systems[system]._report.send_bridgeEvent('GROUP VOICE,END,RX,{},{},{},{},{},{},{:.2f}'.format(system, int_id(stream_id), int_id(_sysconfig['NETWORK_ID']), int_id(_stream['RFS']), 1, int_id(_stream['TGID']), _stream['LAST'] - _stream['START']).encode(encoding='utf-8', errors='ignore')) + systems[system]._report.send_bridgeEvent('GROUP VOICE,END,RX,{},{},{},{},{},{},{:.2f}'.format(system, int_id(stream_id), int_id(_stream['RX_PEER']), int_id(_stream['RFS']), 1, int_id(_stream['TGID']), _stream['LAST'] - _stream['START']).encode(encoding='utf-8', errors='ignore')) systems[system].STATUS[stream_id]['_to'] = True continue #except: @@ -1185,6 +1185,7 @@ class routerOBP(OPENBRIDGE): 'CONTENTION':False, 'RFS': _rf_src, 'TGID': _dst_id, + 'RX_PEER': _peer_id } # Generate LCs (full and EMB) for the TX stream try: @@ -1333,7 +1334,8 @@ class routerOBP(OPENBRIDGE): 'TGID': _dst_id, '1ST': True, 'lastSeq': False, - 'lastData': False + 'lastData': False, + 'RX_PEER': _peer_id } @@ -1548,6 +1550,7 @@ class routerHBP(HBSYSTEM): 'CONTENTION':False, 'RFS': _rf_src, 'TGID': _dst_id, + 'RX_PEER': _peer_id } # Generate LCs (full and EMB) for the TX stream dst_lc = b''.join([self.STATUS[_slot]['RX_LC'][0:3], _target['TGID'], _rf_src]) diff --git a/hblink.py b/hblink.py index 2e89b92..c24aae5 100755 --- a/hblink.py +++ b/hblink.py @@ -169,6 +169,9 @@ class OPENBRIDGE(DatagramProtocol): if compare_digest(_hash, _ckhs) and (_sockaddr == self._config['TARGET_SOCK'] or self._config['RELAX_CHECKS']): _peer_id = _data[11:15] + if self._config['NETWORK_ID'] != _peer_id: + logger.error('(%s) OpenBridge packet discarded because NETWORK_ID: %s Does not match sent Peer ID: %s', self._system, self._config['NETWORK_ID'], _peer_id) + return _seq = _data[4] _rf_src = _data[5:8] _dst_id = _data[8:11]