Q-algorithm (qPT = q Protocol Type - example: qAU = q APRS UDP) { Place into TNC-2 format If a q construct is last in the path (no call following the qPT) delete the qPT } All packets from an inbound connection that would normally be passed per current validation algorithm: If the packet entered the server from an UDP port: { if a q construct with a single call exists in the packet Replace the q construct with ,qAU,SERVERLOGIN else if more than a single call exists after the q construct Invalid header, drop packet as error else Append ,qAU,SERVERLOGIN Quit q processing } If the packet entered the server from an unverified connection AND the FROMCALL equals the client login AND the header has been successfully converted to TCPXX format (per current validation algorithm): { (All packets not deemed "OK" from an unverified connection should be dropped.) if a q construct exists in the packet Replace the q construct with ,qAX,SERVERLOGIN else Append ,qAX,SERVERLOGIN Quit q processing } If the packet entered the server from a verified client-only connection AND the FROMCALL does not match the login: { if a q construct exists in the packet if the q construct is at the end of the path AND it equals ,qAR,login Replace qAR with qAo else if the path is terminated with ,login,I Replace ,login,I with qAo,login else Append ,qAO,login Skip to "All packets with q constructs" } If a q construct exists in the header: Skip to "All packets with q constructs" If header is terminated with ,I: { If the VIACALL preceding the ,I matches the login: Change from ,VIACALL,I to ,qAR,VIACALL Else Change from ,VIACALL,I to ,qAr,VIACALL } Else If the FROMCALL matches the login: { Append ,qAC,SERVERLOGIN Quit q processing } Else Append ,qAS,login Skip to "All packets with q constructs" } If packet entered the server from an outbound connection (to another server's port 1313, for instance) AND no q construct exists in the header: { If header is terminated with ,I: Change from ,VIACALL,I to ,qAr,VIACALL Else Append ,qAS,IPADDR (IPADDR is an 8 character hex representation of the IP address of the remote server) } All packets with q constructs: { if ,qAZ, is the q construct: { Dump to the packet to the reject log Quit processing the packet } If ,SERVERLOGIN is found after the q construct: { Dump to the loop log with the sender's IP address for identification Quit processing the packet } If a callsign-SSID is found twice in the q construct: { Dump to the loop log with the sender's IP address for identification Quit processing the packet } If a verified login other than this login is found in the q construct AND that login is not allowed to have multiple verified connects (the IPADDR of an outbound connection is considered a verified login): { Dump to the loop log with the sender's IP address for identification Quit processing the packet } If the packet is from an inbound port AND the login is found after the q construct but is not the LAST VIACALL: { Dump to the loop log with the sender's IP address for identification Quit processing the packet } If trace is on, the q construct is qAI, or the FROMCALL is on the server's trace list: { If the packet is from a verified port where the login is not found after the q construct: Append ,login else if the packet is from an outbound connection Append ,IPADDR Append ,SERVERLOGIN } }
Return to the main page of od5.org
| |||||||||||