Rev 64 | Rev 247 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log
| Rev | Author | Line No. | Line |
|---|---|---|---|
| 1 | root | 1 | #/bin/sh |
| 64 | franck | 2 | # $Id$ |
| 1 | root | 3 | # by rexy |
| 4 | # Ce script permet de déconnecter les usagers dont |
||
| 5 | # - les équipementis réseau ne répondent plus |
||
| 6 | # - les adresses MAC sont usurpées |
||
| 7 | # The aim of this script is to disconnect users whose |
||
| 8 | # - PCs are quiet |
||
| 9 | # - MAC address are in used by other systems (usurped) |
||
| 10 | |||
| 11 | INTIF="eth1" |
||
| 12 | PRIVATE_IP="192.168.182.1" |
||
| 13 | tmp_file="/tmp/watchdog.txt" |
||
| 14 | IFS=$'\n' |
||
| 15 | # lecture du fichier contenant les adresses IP des stations muettes |
||
| 16 | if [ -e $tmp_file ]; then |
||
| 17 | cat $tmp_file | while read noresponse |
||
| 18 | do |
||
| 19 | noresponse_ip=`echo $noresponse | cut -d" " -f1` |
||
| 20 | noresponse_mac=`echo $noresponse | cut -d" " -f2` |
||
| 109 | richard | 21 | arp_reply=`/usr/sbin/arping -b -I$INTIF -s$PRIVATE_IP -c1 -w4 $noresponse_ip|grep response|cut -d" " -f2` |
| 1 | root | 22 | if [[ $(expr $arp_reply) -eq 0 ]] |
| 23 | then |
||
| 18 | franck | 24 | logger "alcasar-watchdog $noresponse_ip ($noresponse_mac) reste muette. On déconnecte." |
| 1 | root | 25 | /usr/sbin/chilli_query logout $noresponse_mac |
| 26 | fi |
||
| 27 | done |
||
| 28 | rm $tmp_file |
||
| 29 | fi |
||
| 30 | # on traite chaque équipements connus de chilli |
||
| 31 | for system in `/usr/sbin/chilli_query list` |
||
| 32 | do |
||
| 33 | active_ip=`echo $system |cut -d" " -f2` |
||
| 34 | active_session=`echo $system |cut -d" " -f5` |
||
| 35 | active_mac=`echo $system | cut -d" " -f1` |
||
| 109 | richard | 36 | # on ne traite que les équipements exploitées par un usager authentifié (test de 2 réponses en 4 secondes) |
| 1 | root | 37 | if [[ $(expr $active_session) -eq 1 ]] |
| 38 | then |
||
| 109 | richard | 39 | arp_reply=`/usr/sbin/arping -b -I$INTIF -s$PRIVATE_IP -c2 -w4 $active_ip|grep response|cut -d" " -f2` |
| 1 | root | 40 | # on stocke les adresses IP des stations muettes |
| 41 | if [[ $(expr $arp_reply) -eq 0 ]] |
||
| 42 | then |
||
| 43 | echo "$active_ip $active_mac" >> $tmp_file |
||
| 44 | fi |
||
| 45 | # on deconnecte l'usager d'une stations usurpée (@MAC) |
||
| 46 | if [[ $(expr $arp_reply) -gt 2 ]] |
||
| 47 | then |
||
| 18 | franck | 48 | logger "alcasar-watchdog : $active_ip est usurpée ($active_mac). On déconnecte." |
| 1 | root | 49 | /usr/sbin/chilli_query logout $active_mac |
| 50 | fi |
||
| 51 | fi |
||
| 52 | done |