From 418a1820a3f96daba08b354ee122911fdf0b7628 Mon Sep 17 00:00:00 2001 From: "SIPLABS, LLC" Date: Thu, 19 Mar 2015 19:19:35 +0700 Subject: [PATCH] fix ACL logic --- kamailio/acl-role.cfg | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/kamailio/acl-role.cfg b/kamailio/acl-role.cfg index c940cad..eb0bac1 100644 --- a/kamailio/acl-role.cfg +++ b/kamailio/acl-role.cfg @@ -45,7 +45,6 @@ route[ACL_CHECK] { $var(acl-realm-request) = "true"; } else if ($var(realm-decision) == 1 ){ # We have cached decision, let's use it xlog("L_INFO", "$ci |ACL| $var(sip-packet) from $si is permitted by ACL for $var(realm)\n"); - return; } else { if (!isflagset(FLAG_IS_REPLY)) { sl_send_reply(ACL_CODE_DENY, ACL_MESSAGE_DENY); @@ -67,7 +66,6 @@ route[ACL_CHECK] { $var(acl-device-request) = "true"; } else if ($var(device-decision) == 1 ){ # We have cached decision, let's use it xlog("L_INFO", "$ci |ACL| $var(sip-packet) from $si is permitted by ACL for $var(device)\n"); - return; } else { if (!isflagset(FLAG_IS_REPLY)) { sl_send_reply(ACL_CODE_DENY, ACL_MESSAGE_DENY); @@ -77,7 +75,7 @@ route[ACL_CHECK] { } } - if ($var(acl-realm-request) == "true" || $var(acl-device-request)) { + if ($var(acl-realm-request) == "true" || $var(acl-device-request) == "true") { if (not_empty("$fU")) $var(query) = "{'Event-Category': 'acl', 'Event-Name': 'query', 'Entity': '" + $var(device) + "', 'With-Realm': " + $var(acl-realm-request) + "}"; else @@ -100,9 +98,10 @@ route[ACL_CHECK] { } } - route(ACL_CHECK_REALM); - if (not_empty("$fU")) { - route(ACL_CHECK_DEVICE); + route(ACL_CHECK_REALM); + if (not_empty("$fU")) { + route(ACL_CHECK_DEVICE); + } } }