{"id":557,"date":"2013-01-15T14:49:04","date_gmt":"2013-01-15T13:49:04","guid":{"rendered":""},"modified":"2018-11-01T00:46:12","modified_gmt":"2018-10-31T23:46:12","slug":"kamailio-call-establishment-permission-rules","status":"publish","type":"post","link":"https:\/\/nil.uniza.sk\/en\/kamailio-call-establishment-permission-rules\/","title":{"rendered":"Kamailio Call establishment permission rules"},"content":{"rendered":"

\n\tThis article talks about deploying permission control mechanism for call establishment in Kamailio SIP Proxy.<\/p>\n

\n\tIn many VoIP solutions, it is crutial to deploy numbering scheme and write down rules where users are\/aren't allowed to call.
\n\tOn top of that, a company can allow the people to call outside, for example to PSTN. The rules can change over time as well as the numbering scheme itself.<\/p>\n

\n\tThis increases the demand to maintain the numbering system and permission rules for system administrators in a easy-to-use way. It is not feasible to rewrite the configuration files all over again and again.<\/p>\n

\n\t <\/p>\n

\n\tThere is a module for Kamailio SIP server, called permissions<\/em><\/u><\/a>, which enables us to tell Kamailio to check every caller and callee info. Based on this info, Kamailio can decide if the call can be routed or not. The configuration is pretty easy and works for versions 3.3.x and 4.0.<\/p>\n

\n\tChanges for kamailio.cfg file:<\/strong><\/p>\n

\n\tFirst, we define a directive in the "defined values" section that we can use later to easily turn on\/off the permissions checking:<\/p>\n

\r\n#!define WITH_PERMISSIONS<\/pre>\n
\n\tNext, in the modules section, we actually have to load the module (We don't need to install it. It is a part of default installation of Kamailio):<\/p>\n
\r\n#!ifdef WITH_PERMISSIONS\r\nloadmodule "permissions.so"\r\n#!endif<\/pre>\n
\n\tIn the module parameters section we can define where the files that store the rules are:<\/p>\n
\r\n#!ifdef WITH_PERMISSIONS\r\nmodparam("permissions","default_allow_file","\/etc\/kamailio\/rules.allow")\r\nmodparam("permissions","default_deny_file","\/etc\/kamailio\/rules.deny")\r\n#!endif<\/pre>\n
\n\tnote: these are not the default names of the files, so they have to be specified. See the documentation of the permissions module for more information.<\/address>\n
\n\tThe last step is to incorporate the module functionality to the routing logic. In the main routing block "request_route" you can add<\/p>\n
\r\n#!ifdef\r\nroute(PERMISSIONS_AUTHORIZE);\r\n#!endif<\/pre>\n
\n\tright before route(SIPOUT);<\/em> if you didn't alter the routing logic before. The new route itself looks like:<\/p>\n
\r\nroute[PERMISSIONS_AUTHORIZE] {\r\n  #!ifdef WITH_PERMISSIONS\r\n  if(allow_routing())\r\n  {\r\n    xlog("L_NOTICE","Routing allowed for $fu calling $ru");\r\n  }\r\n  else\r\n  {\r\n    xlog("L_NOTICE","Routing denied for $fu calling $ru");\r\n    sl_send_reply("403","Routing Not Allowed");\r\n    exit;\r\n  }\r\n  #!endif\r\n}<\/pre>\n
\n\tAnd that's it! Now we have to create the files that will contain the permission rules. As we specified in the routing logic, we need files \/etc\/kamailio\/rules.allow<\/em> and \/etc\/kamailio\/rules.deny<\/em>.<\/p>\n
\n\tThis is an example of the allow file that comes with the Kamailio source code:<\/p>\n
\r\n# SIP Express Router permissions module config file\r\n# Syntax:\r\n# from_list [EXCEPT from_list] : req_uri_list [EXCEPT req_uri_list]\r\n#\r\n# from_list and req_uri_list are comma separated expressions\r\n# Expressions are treated as case insensitive POSIX Extended Regular Expressions\r\n# Keyword ALL matches any expression.\r\n#\r\n# Examples:\r\n# ALL : "^sip:361[0-9]*@abc.com$" EXCEPT "^sip:361[0-9]*3@abc.com$", "^sip:361[0-9]*4@abc.com$"\r\n#\r\n# "^sip:3677[0-9]*@abc.com$" : "^sip:361[0-9]*@abc.com$"\r\n#\r\n# ALL : ALL<\/pre>\n
\n\t <\/p>\n
\n\tAs you can see, single-line comments begin with "#" sign and the syntax is explained. Let's have a look at our example rule:<\/p>\n
\n\t <\/p>\n
\r\n"^sip:1[0-9]{3}@awesome_domain.com$" EXCEPT "^sip:1111@awesome_domain.com$", "^sip:1112@awesome_domain.com$" : "^sip:2[0-9]{3}@awesome_domain.com"<\/pre>\n
\n\tThis rule tells us that users from our awesome domain with numbers from <1000-1999> range (except numbers 1111 and 1112) are allowed to call to numbers <2000-2999>.<\/p>\n
\n\tNow examine this example:<\/p>\n
\r\n"^sip:hr-*@awesome_domain.com$" : ALL EXCEPT "^sip:the-boss@awesome_domain.com"<\/pre>\n
\n\tThis states that HR department (with SIP URI hr-……..@awesome_domain.com) is not limited in making calls, except they can't call the boss to fire him \ud83d\ude42<\/p>\n
\n\t <\/p>\n
\n\tThese two examples were from the allow file! The same syntax applies for the deny rules as well.<\/p>\n
\n\tA single rule<\/p>\n
\r\nALL : ALL<\/pre>\n
\n\tin the deny file will deny all routing and you can only allow call you explicitly specify in the allow file.<\/p>\n
\n\tFor more information how the rules are treated and files evaluated, you should have a look at the documentation of permissions module, this section<\/a> in particular.<\/p>\n
\n\t <\/p>\n
\n\tKamailio needs to be restarted in order for the new configuration to take effect. Restart is also necessary everytime the rules files change.<\/p>\n
\r\nshell# \/etc\/init.d\/kamailio restart<\/pre>\n
\n\t <\/p>\n
\n\tThat concludes the configuration of Kamailio SIP server.<\/p>\n
\n\t <\/p>\n
\n\t <\/p>\n
\n\t <\/p>\n
\n\tWhat comes next is a consideration how to maintain the permission rules in the files. When Kamailio is running on a single node, it is not a problem to manage the rules simply by editing the files and restarting Kamailio. But what if many Kamailio instances run on many different nodes of a computer cluster to provide High Availability or Load Balancing? Or what if a computer breaks down and you lose the files? There is a need to keep the rules on some external storage (i.e. database) and configure cluster nodes to download them.<\/p>\n
\n\tThe next paragraph talks about ways how to do this. In the end the option I consider the best is explained more in depth as well as the configuration itself.<\/p>\n
\n\t <\/p>\n
\n\tOne option is to store the contents of the allow and deny files in the database. All that is required is a single table that would hold two rows (one for allow file and one for deny file). There are ways how to store text files in different database systems, like for example CLOB data type in Oracle. Mysql offers ways like using the LOAD DATA INFILE. Once the file contents are in database, all that remains is to write a script that will pull the data and save them in the local files on HDD. This can be done in many ways. Kamailio is capable of calling Lua scripting language. This language have resources of handling DB results and writing to local files (using modules SQLops, App_Lua and Rtimer). Using Lua would mean, that Kamailio itself would be responsible for downloading the files periodically. If Kamailio fails, files are not refreshed. (note: Keep in mind that if you are calling Lua script from Kamailio, the file which contains the script must belong to user running Kamailio). If you would like to keep it out of Kamailio, there is a possibility to call perl or python scripts directly from Linux, for example.<\/p>\n
\n\tDrawback of this solution is the fact that the whole content of the file is stored in one row od DB table. Once it is edited, the row has to be replaced by a new one.<\/p>\n
\n\tFrom the structure of the files we can see that it would be better to store the rules in database as 1 row = 1 rule. This would enable the administrator to add, remove or edit a single rule. Database can be accessed from many different systems, so creation of various interfaces for editing the rules is and easy task.<\/p>\n
\n\tLet's have a look how to do this. The following example works with Oracle DB which is accessed using UnixODBC, but changing the syntax to your DB system should not be a problem.<\/p>\n
\n\tWe can create a table permissions_rules that will look like this:<\/p>\n
\r\nCREATE TABLE permissions_rules (\r\n  type VARCHAR2(1) default '' CONSTRAINT check_type CHECK (type IN ('A','D')) NOT NULL,\r\n  rule VARCHAR2(300) NOT NULL,\r\n  last_change DATE NOT NULL\r\n);\r\nCREATE OR REPLACE TRIGGER permissions_rules_tr\r\nbefore insert on permissions_rules FOR EACH ROW\r\nBEGIN\r\n  :NEW.last_change:=sysdate;\r\nEND permissions_rules_tr;\r\n\/<\/pre>\n
\n\t <\/p>\n
\n\tThe column rule stores the specific rule and the column type holds the information whether the rule is of allow or deny type. Type can only have value of "A" or "D". Trigger before insert on this table only inputs the current sysdate to the last column.<\/p>\n
\n\t <\/p>\n
\n\tFollowing python script is used to download the rules and construct the files. Python is a part of many Linux distributions. You need to install package python-pyodbc (for Debian\/Ubuntu) or pyodbc (for Fedora\/RedHat).<\/p>\n
\n\tnote: The installation and configuration of UnixODBC is not a part of this example. Many good tutorials can be found online and ODBC can be configured to access all DB systems.<\/address>\n
\n\tInstall pyodbc:<\/p>\n
\r\n(for Debian\/Ubuntu) shell# apt-get install python-pyodbc\r\n(for Fedora\/RedHat) shell# yum install pyodbc<\/pre>\n
\n\tCreate a file named \/etc\/kamailio\/permissions_python.py:<\/p>\n
\r\nimport pyodbc\r\ncnxn=pyodbc.connect('DSN=OracleSIPGateway;UID=sipgateway_cs_ro;PWD=1%2%3%DB')\r\ncursor1=cnxn.cursor()\r\ncursor2=cnxn.cursor()\r\n\r\n###first allow file rules\r\n#open file for writing\r\nf=open('\/etc\/kamailio\/rules.allow','w')\r\n\r\n#write some header stuff to the file.. like syntax etc.\r\nf.write("# SIP Express Router permissions module config file\\n# allowfile\\n# Syntax:\\n")\r\nf.write("# from_list [EXCEPT from_list] : req_uri_list [EXCEPT req_uri_list]\\n#\\n")\r\nf.write("# from_list and req_uri_list are comma separated expressions\\n")\r\nf.write("# Expressions are treated as case insensitive POSIX Extended Regular Expressions\\n")\r\nf.write("# Keyword ALL matches any expression.\\n#\\n")\r\nf.write("# Examples:\\n# ALL : \\"^sip:361[0-9]*@abc.com$\\" EXCEPT \\"^sip:361[0-9]*3@abc.com$\\", \\"^sip:361[0-9]*4@abc.com$\\"\\n")\r\nf.write("#\\n# \\"^sip:3677[0-9]*@abc.com$\\" : \\"^sip:361[0-9]*@abc.com$\\"\\n#\\n# All : ALL\\n")\r\n\r\n#fetch rows and write them to file\r\nfor row in cursor1.execute("select rule from permissions_rules where type like 'A'"):\r\n    #you can do a lot of things with the rule before writing it to file.. for example syntaxt checking\r\n    f.write(row[0])\r\n    f.write('\\n')\r\n\r\nf.close()\r\n\r\n###the same for deny rules\r\nf=open('\/etc\/kamailio\/rules.deny','w')\r\n\r\n#write some header stuff to the file.. like syntax etc.\r\nf.write("# SIP Express Router permissions module config file\\n# denyfile\\n# Syntax:\\n")\r\nf.write("# from_list [EXCEPT from_list] : req_uri_list [EXCEPT req_uri_list]\\n#\\n")\r\nf.write("# from_list and req_uri_list are comma separated expressions\\n")\r\nf.write("# Expressions are treated as case insensitive POSIX Extended Regular Expressions\\n")\r\nf.write("# Keyword ALL matches any expression.\\n#\\n")\r\nf.write("# Examples:\\n# ALL : \\"^sip:361[0-9]*@abc.com$\\" EXCEPT \\"^sip:361[0-9]*3@abc.com$\\", \\"^sip:361[0-9]*4@abc.com$\\"\\n")\r\nf.write("#\\n# \\"^sip:3677[0-9]*@abc.com$\\" : \\"^sip:361[0-9]*@abc.com$\\"\\n#\\n# All : ALL\\n")\r\n\r\nfor row in cursor2.execute("select rule from permissions_rules where type like 'D'"):\r\n    #again, syntax verification etc. is possible here\r\n    f.write(row[0])\r\n    f.write('\\n')\r\n\r\nf.close()\r\n\r\ncnxn.close()<\/pre>\n
\n\t <\/p>\n
\n\tNext thing to do is to create a bash script that will call this python code and in the end it will restart Kamailio.<\/p>\n
\n\tCreate file \/etc\/kamailio\/permissions_script.sh:<\/p>\n
\r\n#!\/bin\/bash\r\n\r\necho "Downloading Permissions rules and constructing files for Kamailio!" >> \/var\/log\/syslog #use \/var\/log\/messages on Fedora\/RedHat\r\n\r\n#fire python script\r\npython \/etc\/kamailio\/permissions_python.py\r\n\r\n#if only one Kamailio instance is running in a cluster, check if it is on this node:\r\nstr=`\/etc\/init.d\/kamailio status`\r\nif [[ "$str" == *pid* ]]\r\nthen\r\n  #if this node is running Kamailio, restart it\r\n  echo "Restarting Kamailio!" >> \/var\/log\/syslog #use \/var\/log\/messages on Fedora\/RedHat\r\n  \/etc\/init.d\/kamailio restart;\r\nfi<\/pre>\n
\n\t And don't forget to add execute rights<\/div>\n
\r\nshell# chmod +x \/etc\/kamailio\/permissions_script.sh<\/pre>\n
\n\tNow use cron <\/em>to call this script when you desire. For example, in some setups it is sufficient for permissions rules to be refreshed every 12 hours.<\/p>\n
\r\nshell# crontab -e<\/pre>\n
\n\tnote: you can change the cron default editor to your favorite one by shell command "export EDITOR=your_editor" \ud83d\ude42<\/address>\n
\n\tOnce you are at the cron edit screen, create your times:<\/p>\n
\r\n0 7,19 * * * \/etc\/kamailio\/permissions_script.sh<\/pre>\n
\n\tThis will download permissions rules every day at 7:00 and 19:00. Good idea is to customize cron to call the script when the server load is lowest within a single day.<\/p>\n
\n\tAfter editing crontab, restart crond:<\/p>\n
\r\nshell# \/etc\/init.d\/crond restart<\/pre>\n
\n\tAnd that's it. This will download the rules from the database and save them in your local files. The python script can be extended to verify the syntax of the rule and output some debug messages to syslog when opening the files or database connection.<\/p>\n
\n\tAnother great idea is to call this script before Kamailio starts. That can be achieved by modifying the \/etc\/init.d\/kamailio script, by adding line "python \/etc\/kamailio\/permissions_python.py" right in the beggining of the start() function.<\/p>\n
\n\t <\/p>\n
\n\t <\/p>\n
\n\tAs said before, there are many different ways how to interact with the database table and it's contents.<\/p>\n
\n\tLet's say that the administrator changes the content of a file locally and wants to populate the changes over all the nodes. Here is a small bash script that will allow him to upload new rules to database (while erasing all the old ones). This script also enables him to insert or remove a single rule from database (following the correct syntax) and check current contents of the database table.<\/p>\n
\n\tWe will name the script file "SIPuser":<\/p>\n
\n\t <\/p>\n
\r\n#!\/bin\/bash\r\n\r\ndomain="my_domain.com"\r\ndbdsn="myDSNfromODBCconfig"\r\ndbuser="Chewbacca"\r\ndbpassword="port123"\r\n\r\ncase "$1" in\r\n  permissions)\r\n    case "$2" in\r\n      add)\r\n        case "$3" in\r\n          allow)\r\n            type="A"\r\n            ;;\r\n          deny)\r\n            type="D"\r\n            ;;\r\n          *)\r\n            echo "Incorrect rule specification"\r\n            exit 1;\r\n            ;;\r\n        esac\r\n        #there can be rule validation here.. TODO\r\n        echo "insert into permissions_rules(type,rule) values ('$type','$4');" | isql $dbdsn $dbuser $dbpassword > \/dev\/null\r\n        echo "Rule added to database!"\r\n        ;;\r\n      rm)\r\n        case "$3" in\r\n          allow)\r\n            type="A"\r\n            ;;\r\n          deny)\r\n            type="D"\r\n            ;;\r\n          *)\r\n            echo "Incorrect rule specification"\r\n            exit 1;\r\n            ;;\r\n        esac\r\n        #there can be rule validation here.. TODO\r\n        echo "delete from permissions_rules where type like '$type' and rule like '$4';" | isql $dbdsn $dbuser $dbpassword > \/dev\/null\r\n        echo "Rule removed from database!"\r\n        ;;\r\n      show)\r\n        echo "rules.allow rules in database:"\r\n        echo "select rule from permissions_rules where type like 'A';" | isql $dbdsn $dbuser $dbpassword -du -b\r\n        echo\r\n        echo "rules.deny rules in database:"\r\n        echo "select rule from permissions_rules where type like 'D';" | isql $dbdsn $dbuser $dbpassword -du -b\r\n        ;;\r\n      upload)\r\n        echo "caution: use this only on machine, where Kamailio is running in order to maintain file consistency!"\r\n        read -p "Are you sure you want to continue? [y\/N] " decision\r\n        decision=`echo $decision | tr '[A-Z]' '[a-z]'`\r\n        if [ "$decision" == "y" ]; then\r\n          echo "Removing old rules from DB."\r\n          echo "delete from permissions_rules;" | isql $dbdsn $dbuser $dbpassword > \/dev\/null\r\n          echo "Done."\r\n          #allow rules:\r\n          echo -n "Parsing and uploading rules.allow file rules..."\r\n          cat \/etc\/kamailio\/rules.allow | while read line\r\n          do\r\n            if [ "${line:0:1}" != "#" ]; then\r\n              echo "insert into permissions_rules(type,rule) values('A','$line');" | isql $dbdsn $dbuser $dbpassword > \/dev\/null\r\n            fi\r\n          done\r\n          echo "Allow rules uploaded!"\r\n          #deny rules:\r\n          echo -n "Parsing and uploading rules.deny file rules..."\r\n          cat \/etc\/kamailio\/rules.deny | while read line\r\n          do\r\n            if [ "${line:0:1}" != "#" ]; then\r\n              echo "insert into permissions_rules(type,rule) values('D','$line');" | isql $dbdsn $dbuser $dbpassword > \/dev\/null\r\n            fi\r\n          done\r\n          echo "Deny rules uploaded!"\r\n        else\r\n          echo\r\n        fi\r\n        ;;\r\n      *)\r\n       echo "Incorect input."\r\n       exit 1;\r\n       ;;\r\n    esac\r\n    exit 0;\r\n    ;;\r\n  *)\r\n    echo "Syntax:"\r\n    echo "  permissions:"\r\n    echo "    SIPuser permissions add <allow|deny> '<rule>'   ...  adds new rule <rule> of type allow or deny to the database"\r\n    echo "                                                         (don't forget to enclose the <rule> in \\"'\\" signs)"\r\n    echo "    SIPuser permissions rm <allow|deny> '<rule>'    ...  removes rules <rule> of type allow or deny to the database"\r\n    echo "                                                         (don't forget to enclose the <rule> in \\"'\\" signs)"\r\n    echo "    SIPuser permissions show            ...  shows the database stored rules"\r\n    echo "    SIPuser permissions upload          ...  uploads the rules stored in local rules.allow|deny files to the database"\r\n    echo "                                             (caution: use this only on machine, where Kamailio is running in order to maintain"\r\n    echo "                                              file consistency!)"\r\n    echo\r\n    exit 2\r\n    ;;\r\nesac<\/pre>\n
\n\tThis script utilizes isql<\/em> command, which is part of the ODBC package. This script is only a simple example of interaction with the database, but can be used for quick tasks. Surely other, for example web-based applications can be developed to edit contents of the database.<\/p>\n
\n\t <\/p>\n
\n\tIn this article I tried to talk about permission checking for call establishment in Kamailio SIP server and synchronization of permissions rules across multiple cluster nodes.<\/p>\n
\n\tBear in mind that this is NOT the only way of achieving the goal :). Any comments are welcome.<\/p>","protected":false},"excerpt":{"rendered":"
\n\tThis article talks about deploying permission control mechanism for call establishment in Kamailio SIP Proxy.<\/p>\n
\n\tIn many VoIP solutions, it is crutial to deploy numbering scheme and write down rules where users are\/aren't allowed to call.
\n\tOn top of that, a company can allow the people to call outside, for example to PSTN. The rules can change over time as well as the numbering scheme itself.<\/p>","protected":false},"author":449,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_seopress_robots_primary_cat":"","_seopress_titles_title":"","_seopress_titles_desc":"","_seopress_robots_index":"","_kad_blocks_custom_css":"","_kad_blocks_head_custom_js":"","_kad_blocks_body_custom_js":"","_kad_blocks_footer_custom_js":"","_kad_post_transparent":"","_kad_post_title":"","_kad_post_layout":"","_kad_post_sidebar_id":"","_kad_post_content_style":"","_kad_post_vertical_padding":"","_kad_post_feature":"","_kad_post_feature_position":"","_kad_post_header":false,"_kad_post_footer":false,"footnotes":""},"categories":[781,685,771,677],"tags":[],"class_list":["post-557","post","type-post","status-publish","format-standard","hentry","category-kamailio-en","category-linux_-_howto-en","category-sip-en","category-ip-telephony-voip"],"taxonomy_info":{"category":[{"value":781,"label":"Kamailio"},{"value":685,"label":"Linux - HOWTO"},{"value":771,"label":"SIP"},{"value":677,"label":"VoIP"}]},"featured_image_src_large":false,"author_info":{"display_name":"","author_link":"https:\/\/nil.uniza.sk\/en\/author\/"},"comment_info":3,"category_info":[{"term_id":781,"name":"Kamailio","slug":"kamailio-en","term_group":0,"term_taxonomy_id":779,"taxonomy":"category","description":"","parent":771,"count":29,"filter":"raw","cat_ID":781,"category_count":29,"category_description":"","cat_name":"Kamailio","category_nicename":"kamailio-en","category_parent":771},{"term_id":685,"name":"Linux - HOWTO","slug":"linux_-_howto-en","term_group":0,"term_taxonomy_id":683,"taxonomy":"category","description":"","parent":0,"count":71,"filter":"raw","cat_ID":685,"category_count":71,"category_description":"","cat_name":"Linux - HOWTO","category_nicename":"linux_-_howto-en","category_parent":0},{"term_id":771,"name":"SIP","slug":"sip-en","term_group":0,"term_taxonomy_id":769,"taxonomy":"category","description":"","parent":0,"count":23,"filter":"raw","cat_ID":771,"category_count":23,"category_description":"","cat_name":"SIP","category_nicename":"sip-en","category_parent":0},{"term_id":677,"name":"VoIP","slug":"ip-telephony-voip","term_group":0,"term_taxonomy_id":675,"taxonomy":"category","description":"","parent":673,"count":3,"filter":"raw","cat_ID":677,"category_count":3,"category_description":"","cat_name":"VoIP","category_nicename":"ip-telephony-voip","category_parent":673}],"tag_info":false,"_links":{"self":[{"href":"https:\/\/nil.uniza.sk\/en\/wp-json\/wp\/v2\/posts\/557","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nil.uniza.sk\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nil.uniza.sk\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nil.uniza.sk\/en\/wp-json\/wp\/v2\/users\/449"}],"replies":[{"embeddable":true,"href":"https:\/\/nil.uniza.sk\/en\/wp-json\/wp\/v2\/comments?post=557"}],"version-history":[{"count":0,"href":"https:\/\/nil.uniza.sk\/en\/wp-json\/wp\/v2\/posts\/557\/revisions"}],"wp:attachment":[{"href":"https:\/\/nil.uniza.sk\/en\/wp-json\/wp\/v2\/media?parent=557"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nil.uniza.sk\/en\/wp-json\/wp\/v2\/categories?post=557"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nil.uniza.sk\/en\/wp-json\/wp\/v2\/tags?post=557"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}