IP Whitelist - refuse session

[SPQR]

Dear List

I am trying to get a ip address based whitelist rejection method implemented.

At the moment i am looking at the accessControl Plugin where i would try to evalute the incoming session and check its ipaddress and refuse it if it is not on my whitelist.

i hooked up the activateSession() callback but now i dont see a clean way to retrieve the corresponding ipaddress associated with it.

Bare with me here as i am new to your library.

So how would i retrieve that info from within the activateSession() function ?

Or are there any other natural ways to refuse a certain ip on opening the sessions.

Thx in advance

Regards Robert

[Julius Pfrommer]

Hey there,

the AccessControl plugin receives the SessionId for the activation.

You can use internal API (that might change in the future) to retrieve the session.

https://github.com/open62541/open62541/blob/master/src/server/ua_server_internal.h#L234

The session contains a pointer to the socket file descriptor you can use to get more information and compare with the white-list.

If you want to prevent non-whitelisted clients to connect, you can make a private fork of the networking code.

This is under the CC0 license and comes with no strings attached.

https://github.com/open62541/open62541/blob/master/arch/network_tcp.c

Regards, Julius