puppet/modules/rhizo_base/templates/make_sgsn_acl_config.erb

#!/bin/bash
_auth=`psql postgresql://rhizomatica:<%= @pgsql_pwd %>@localhost:5432/rhizomatica -t -c "SELECT msisdn from subscribers where subscription_status=1" | grep . | sed -n '1h;1!H;${g;s/\n/,/g;p;}'`
cat << EOF
!
! Osmocom SGSN configuration
!
!
log stderr
 logging level set-all fatal
 logging print category 1
 logging print file basename last
 logging print level 1
 logging print extended-timestamp 1
 logging level gprs error
 logging level mm error
 logging level llc error
line vty
 no login
!
sgsn
 gtp local-ip <%= @vpn_ip_address %>
 ggsn 0 remote-ip <%= @ggsn_ip_address %>
 ggsn 0 gtp-version 1
 ggsn 0 echo-interval 60
 auth-policy acl-only
EOF
echo "SELECT imsi from subscriber where extension in ($_auth) ORDER BY imsi;" | sudo /usr/bin/sqlite3 /var/lib/osmocom/hlr.sqlite3 | grep "^[0-9].*" | sed 's/\(.*\)/ imsi-acl add \1/'
cat << EOF
 !gsup remote-ip <%= @vpn_ip_address %>
 !gsup remote-port 4222
!
ns
 timer tns-block 3
 timer tns-block-retries 3
 timer tns-reset 3
 timer tns-reset-retries 3
 timer tns-test 30
 timer tns-alive 3
 timer tns-alive-retries 10
 bind udp local
  listen 172.16.0.1 23000
  accept-ipaccess
!
bssgp
!
EOF