Flussonic Media Server documentation

Authorization configurator

Starting from Flussonic 18.05 you can declare complicated authorization configuration in config file.

Now you can specify black and white list for IP addresses, tokens, useragents and countries and include multiple parallel authorization http backends right in config file.

Configuration Anchor Anchor x2

Write this in config file:

auth_backend main {
  allow ip 127.0.0.1;
  allow ip 192.168.0.1;
  allow ip 172.16/24;
  deny ip 8.8.8.8;
  allow country RU US;
  deny country GB;
  allow token flusstest1;
  deny ua "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.10)";
  backend http://stalker-1.iptv.net/auth.php;
  backend http://stalker-1.iptv.net/auth.php;
}

allow declares white list. deny declares black list.

Flussonic goes in following order:

  • allow token
  • deny token
  • allow ip
  • deny ip
  • allow country
  • deny country
  • allow useragent
  • deny useragent
  • parallel backends request
  • if not specified allow default then deny

If any rule match, execution is terminated immediately. For example you can whitelist some IP but blacklist token and blacklisted token will have higher priority.

Use auth://main; to apply this auth-backend to a stream.

stream ort {
  url udp://239.255.0.1:1234;
  auth auth://main;
}

Examples Anchor Anchor x2

Multiauth HTTP + access from local network

auth_backend multi_local {
  allow ip 192.168.0/24;
  backend http://127.0.0.1/tv/auth; # iptv plugin
  backend http://<HOSTNAME>/stalker_portal/server/api/chk_flussonic_tmp_link.php;
}

Ban some IP addresses

auth_backend blacklist {
  deny ip 1.1.1.1;
  deny ip 2.2.2.2;
  deny ip 10.10/16;
  allow default;
}

HTTP backend and share tokens

auth_backend myauth {
  allow token friend1;
  allow token friend2;
  backend http://<HOSTNAME>/stalker_portal/server/api/chk_flussonic_tmp_link.php;
}

Allow some User-Agents, block other.

auth_backend agents {
  allow ua MAG;
  allow ua TVIP;
}