Subversion Repositories ALCASAR

Compare Revisions

Ignore whitespace Rev 1156 → Rev 1157

/scripts/alcasar-watchdog.sh
4,7 → 4,6
# alcasar-watchdog.sh
# by Rexy
# This script is distributed under the Gnu General Public License (GPL)
 
# Ce script prévient les usagers de l'indisponibilité de l'accès Internet
# il déconnecte les usagers dont
# - les équipements réseau ne répondent plus
12,7 → 11,7
# This script tells users that Internet access is down
# it logs out users whose
# - PCs are quiet
# - MAC address are in used by other systems (usurped)
# - MAC address is used by other systems (usurped)
 
EXTIF="eth0"
INTIF="eth1"
19,7 → 18,8
conf_file="/usr/local/etc/alcasar.conf"
private_ip_mask=`grep PRIVATE_IP= $conf_file|cut -d"=" -f2`
private_ip_mask=${private_ip_mask:=192.168.182.1/24}
PRIVATE_IP=`echo $private_ip_mask | cut -d"/" -f1` # ALCASAR LAN IP address
PRIVATE_IP=`echo "$private_ip_mask" |cut -d"/" -f1` # @ip du portail (côté LAN)
PRIVATE_IP=${PRIVATE_IP:=192.168.182.1}
tmp_file="/tmp/watchdog.txt"
DIR_WEB="/var/www/html"
Index_Page="$DIR_WEB/index.php"
27,7 → 27,7
IFS=$'\n'
 
function lan_down_alert ()
# users are redirected on ALCASAR IP address if LAN Pb detected
# users are redirected on ALCASAR IP address if a LAN problem is detected
{
case $LAN_DOWN in
"1")
42,7 → 42,7
;;
esac
net_pb=`cat /etc/dnsmasq.conf|grep "address=/#/"|wc -l`
if [ $net_pb = "0" ] # on alerte les usagers (si ce n'est pas déjà le cas).
if [ $net_pb = "0" ] # user alert
then
/bin/sed -i "s?^\$network_pb.*?\$network_pb = True;?g" $Index_Page
/bin/sed -i "s?^conf-dir=.*?address=\/#\/$PRIVATE_IP?g" /etc/dnsmasq-blackhole.conf
123,7 → 123,7
done
rm $tmp_file
fi
# on traite chaque équipements connus de chilli
# process each equipment known by chilli
for system in `/usr/sbin/chilli_query list |grep -v "\.0\.0\.0"`
do
active_ip=`echo $system |cut -d" " -f2`
130,16 → 130,20
active_session=`echo $system |cut -d" " -f5`
active_mac=`echo $system | cut -d" " -f1`
active_user=`echo $system |cut -d" " -f6`
# on ne traite que les équipements exploitées par un usager authentifié (test de 2 réponses en 4 secondes)
# process only equipment with an authenticated user
if [[ $(expr $active_session) -eq 1 ]]
then
then
arp_reply=`/usr/sbin/arping -b -I$INTIF -s$PRIVATE_IP -c2 -w4 $active_ip|grep "Unicast reply"|wc -l`
# on stocke les adresses IP des stations muettes
# store @IP of quiet equipments
if [[ $(expr $arp_reply) -eq 0 ]]
then
echo "$active_ip $active_mac $active_user" >> $tmp_file
PTN='^[[:xdigit:]][[:xdigit:]]-[[:xdigit:]][[:xdigit:]]-[[:xdigit:]][[:xdigit:]]-[[:xdigit:]][[:xdigit:]]-[[:xdigit:]][[:xdigit:]]-[[:xdigit:]][[:xdigit:]]$'
if [[ $(expr $active_user : $PTN) -eq 0 ]] # don't process @mac auth equipments
then
echo "$active_ip $active_mac $active_user" >> $tmp_file
fi
fi
# on deconnecte l'usager d'une stations usurpée (@MAC)
# disconnect users whose equipement is usurped (@MAC)
if [[ $(expr $arp_reply) -gt 2 ]]
then
echo "alcasar-watchdog : $active_ip is usurped ($active_mac). Alcasar disconnect the user ($active_user)." >> /var/Save/logs/security/watchdog.log