hb_bridge_all.py get ACLs


Cort N0MJS <n0mjs@...>
 

Today I added Access Control Lists (ACLs) to hb_bridge_all.py

This was in response to those with no desire to re-write TGID or TS, but who wanted some ability to limit how/what traffic is forwarded. This isn’t quite as simple as a “whitelist” and/or a “blacklist” like MMDVM, because it’s inherently multipoint, with greater than 1 possible target each direction. But it does include most of the simplicity of the whitelist/blacklist approach.

For example, let’s say you want an upstream connection to Brandmeister, but want to keep TGIDs, 1,2,17,3000, and 41109 just on your systems… not a problem. Let’s say you want to block particular subscribers or ranges on a certain system? Not a problem.

ACLs include:

Subscriber ID (SID)
Talkgroup ID (TGID)

There are global SID and TGID ACLs and per-system SID and TGID ACLs

FIRST MATCH EXITS

Evaluation:
GLOBAL first, SYSTEM second

ACLs are evaluated on ingress and egress BOTH.

Each ACL may be either “PERMIT” or “DENY”, and may contain multiple entires that are single IDs, (e.g. 3120101), ranges of IDs, (e.g. 1-3000), or a special identifier “ALL” that will match all valid IDs.


Cort Buffington
785-865-7206

Join main@DVSwitch.groups.io to automatically receive all group messages.