The security of the DMR repeater from unregistered users.

Suggest new features here
Post Reply
Posts: 2
Joined: Mon Jul 06, 2020 6:19 pm

The security of the DMR repeater from unregistered users.

Post by RD3X »

Hello dear colleagues.
Is it possible to add an entrance safety function.
There are cases when unregistered users get into the repeater.
It is possible to apply the protection algorithm?

The user with the call sign (UB3XBQ) has a registered ID:2500290.
Creating a rule in the pi star sheet ID 1234567 = ID 2500290.
A user with the call sign UB3XBQ must specify this ID 1234567 in his radio station.
The user UB3XBQ makes a call to pi star (repeater) sees that this ID is in the list 1234567=2500290 and
makes it possible to allow the transmission of pi star (repeater).
In this way, the owners of repeaters can create a list of trusted user IDs and allow access to the transmission.

Thank you!
Posts: 11
Joined: Fri Jun 29, 2018 10:43 pm

Re: The security of the DMR repeater from unregistered users.

Post by ke8dpf »

It seems to me, that this is something the underlying MMDVMHost service would have to handle, not the pi-star GUI.

Pi-star's configuration page allows setting/configuring the features of daemons and services that lie "underneath" pi-star (such as the main MMDVMHost daemon that is the "real engine" of these hotspots), but the GUI itself does not "perform" the services of those underlying services and daemons.

Pi-star's admin page lets you connect/disconnect from servers, add and remove static talkgroups, and perform other such tasks by making requests to the servers on the other ends of those commands (such as the Brandmeister hosts), but pi-star itself does not "do" what it has to ask the remote servers to do.

Pi-star's "dashboard" page is merely a pretty "log watcher". It can not "create data out of thin air", to present in pretty ways. If the desired features do not exist in the daemons and services that pi-star manages, and if the wanted data isn't present in the config or log files used by, or generated by those daemons and services, there's no way pi-star can give you that info.

These are the foundations and limits of the pi-star GUI. It's basically a config file editor, and a log watcher, all wrapped in a webpage interface. If there's additional data you'd like to see, I always suggest to people that they first look in the /var/log/pi-star/MMDVM*.log files, to see if the data they want even gets put into the logs. If the info you want is not put into the log by the MMDVMHost service, the pi-star dashboard wont be able to get it from the logs, pretty it up, and show it to you in the GUI.

In other words, pi-star is too "after the fact" to perform the type of security you are asking for. The underlying MMDVMHost service has already forwarded the traffic. The dashboard can only tell you the traffic has already gone through, once MMDVMHost records what it has done, in the log.
Posts: 29
Joined: Sat Aug 25, 2018 10:49 pm

Re: The security of the DMR repeater from unregistered users.

Post by g6fgy »

Whilst the idea of filtering un-registered users is a reasonable one, it does really go against the concept of amateur radio, which is to be open to all licensed users. Unfortunately there's no real way to prevent unlicensed users as can be witnessed on many analogue channels/repeaters.

Aside from that, the management of such a filter by keepers would be a nightmare since each keeper would be responsible for creating their own filter lists, leaving the end user unsure if the repeater or repeaters they're accessing, especially whilst mobile, has their ID filtered or not.
Post Reply