Subversion Repositories ALCASAR

Compare Revisions

Ignore whitespace Rev 2375 → Rev 2376

/CHANGELOG
8,6 → 8,7
 
BUGS
- Fix the open of status.php when the user has a redirection URL attribute defined (force redirection to intercept.php after login instead of WISPr-Redirection-URL attribute value).
- IP address of active users are properly clean from "current_users.txt".
 
-------------------- 3.1.4 --------------------
NEWS
/alcasar.sh
1177,6 → 1177,7
echo "\$CONFIG Not found"
exit 0
}
current_users_file="/var/tmp/havp/current_users.txt" # file containing active users
RETVAL=0
prog="chilli"
case \$1 in
1185,6 → 1186,7
gprintf "chilli is already running"
else
gprintf "Starting \$prog: "
[ -e \$current_users_file ] && echo '' > \$current_users_file
rm -f /var/run/chilli* # cleaning
/usr/sbin/modprobe tun >/dev/null 2>&1
echo 1 > /proc/sys/net/ipv4/ip_forward
1222,6 → 1224,7
killproc /usr/sbin/chilli
RETVAL=\$?
[ \$RETVAL = 0 ] && rm -f \$pidfile
[ -e \$current_users_file ] && rm -f \$current_users_file
else
gprintf "chilli is not running"
fi
/scripts/alcasar-condown.sh
47,6 → 47,10
ipset del $set_filter $FRAMED_IP_ADDRESS
ipset del $set_proto $FRAMED_IP_ADDRESS
 
# Remove IP address from active users
current_users_file="/var/tmp/havp/current_users.txt"
[ -e $current_users_file ] && sed -i "/^$FRAMED_IP_ADDRESS\$/d" $current_users_file
 
# Debug : show all the coova parse variables (+ $set_filter + $set_proto).
# see "/src/chilli.c" for the complete list of parse variables
#echo "-----------------------------------------------" >> /tmp/debug-condown.txt
/scripts/alcasar-watchdog.sh
71,7 → 71,7
IP_GW=`/sbin/ip route list|grep ^default|cut -d" " -f3`
arp_reply=`/usr/sbin/arping -I$EXTIF -c1 $IP_GW|grep response|cut -d" " -f2`
if [ $arp_reply -eq "0" ]
then
then
LAN_DOWN="2"
fi
fi
116,14 → 116,15
if [ "$active_user" != "$active_mac" ] && [ $(expr $active_session) -eq 1 ]; then
if [ -e $current_users_file ]; then
# We check if user @IP is in 'current_users.txt'
cmp_user_ok=$(cat $current_users_file | grep $active_ip | wc -w)
cmp_user_ok=$(cat $current_users_file | grep "^$active_ip\$" -c)
# If not we disconnect this user.
if [ $cmp_user_ok -eq 0 ]; then
logger "alcasar-watchdog : $active_ip ($active_mac) can't be contact. We disconnects the user ($active_user)."
/usr/sbin/chilli_query logout $active_mac
else
# Remove the user's IP from 'current_users.txt'. Every user need to insert their @IP everytime to prove their connectivity.
sed -i "/^$active_ip\$/d" $current_users_file
fi
# Remove the user's IP from 'current_users.txt'. Every user need to insert their @IP everytime to prove their connectivity.
sed -i "/^$active_ip/d" $current_users_file
else # "current_user.txt" does not exists. We disconnect every users.
logger "alcasar-watchdog : The file /var/tmp/havp/current_users.txt doen't' exist. We disconnects the user $active_user"
/usr/sbin/chilli_query logout $active_mac
135,7 → 136,7
arp_reply=`/usr/sbin/arping -b -I$INTIF -s$PRIVATE_IP -c1 -w4 $active_ip|grep -c "Unicast reply"`
# disconnect users whose equipement is usurped. For example, if there are 2 same @MAC it will make 2 lines in output.
if [[ $(expr $arp_reply) -gt 1 ]]
then
then
echo "$(date "+[%x-%X] : ")alcasar-watchdog : $active_ip is usurped ($active_mac). Alcasar disconnect the user ($active_user)." >> /var/Save/security/watchdog.log
logger "alcasar-watchdog : $active_ip is usurped ($active_mac). Alcasar disconnect the user ($active_user)."
/usr/sbin/chilli_query logout $active_mac