From ce290078f0d50c5933f43807aa5f9a85e20be033 Mon Sep 17 00:00:00 2001
From: "SIPLABS, LLC" <info@siplabs.ru>
Date: Fri, 13 Feb 2015 16:15:10 +0700
Subject: [PATCH] do not check trusted sources

---
 kamailio/acl-role.cfg          | 7 +++++++
 kamailio/rate-limiter-role.cfg | 6 ++++++
 2 files changed, 13 insertions(+)

diff --git a/kamailio/acl-role.cfg b/kamailio/acl-role.cfg
index a45365f..2439f9a 100644
--- a/kamailio/acl-role.cfg
+++ b/kamailio/acl-role.cfg
@@ -15,6 +15,13 @@ modparam("htable", "htable", "acl=>initval=-1;autoexpire=7200")
 ## Route for ACL functionality
 route[ACL_CHECK] {
 
+    # If packet came from platform or from 4 class MERA, do not check it
+    if (isflagset(FLAG_INTERNALLY_SOURCED) || isflagset(FLAG_TRUSTED_SOURCE) ) {
+        xlog("L_DEBUG", "$ci |ACL| Trusted source IP($si) ignoring");
+        return;
+    }
+
+
     if (isflagset(FLAG_IS_REPLY)) {
         $var(sip-packet) = $rs;
     } else {
diff --git a/kamailio/rate-limiter-role.cfg b/kamailio/rate-limiter-role.cfg
index 9f037b4..f39a184 100644
--- a/kamailio/rate-limiter-role.cfg
+++ b/kamailio/rate-limiter-role.cfg
@@ -13,6 +13,12 @@ modparam("htable", "htable", "rate_limits=>initval=-1;autoexpire=60")     # init
 
 route[DOS_PREVENTION] {
 
+    # If packet came from platform or from 4 class MERA, do not check it
+    if (isflagset(FLAG_INTERNALLY_SOURCED) || isflagset(FLAG_TRUSTED_SOURCE) ) {
+        xlog("L_DEBUG", "$ci |RL| Trusted source IP($si) ignoring");
+        return;
+    }
+
     # Initially we do not want to get data
     $var(with-realm-request) = "false";
     $var(with-realm-total) = "false";