| 16,7 → 16,6 |
|---|
| |
| EXTIF="eth0" |
| INTIF="eth1" |
| macallowed_file="/usr/local/etc/alcasar-macallowed" |
| conf_file="/usr/local/etc/alcasar.conf" |
| private_ip_mask=`grep PRIVATE_IP= $conf_file|cut -d"=" -f2` |
| private_ip_mask=${private_ip_mask:=192.168.182.1/24} |
| 104,24 → 103,19 |
|---|
| ;; |
| *) |
| lan_test |
| # lecture du fichier contenant les adresses IP des stations muettes |
| # read file that contains IP address of quiet equipments |
| if [ -e $tmp_file ]; then |
| cat $tmp_file | while read noresponse |
| do |
| noresponse_ip=`echo $noresponse | cut -d" " -f1` |
| noresponse_mac=`echo $noresponse | cut -d" " -f2` |
| noresponse_user=`echo $noresponse | cut -d" " -f3` |
| arp_reply=`/usr/sbin/arping -b -I$INTIF -s$PRIVATE_IP -c1 -w4 $noresponse_ip|grep "Unicast reply"|wc -l` |
| if [[ $(expr $arp_reply) -eq 0 ]] |
| then |
| mac_allowed=`cat $macallowed_file |grep $noresponse_mac | wc -l` |
| if [ $mac_allowed -eq 0 ] |
| then |
| logger "alcasar-watchdog $noresponse_ip ($noresponse_mac) can't be contact. Alcasar disconnects the user." |
| /usr/sbin/chilli_query logout $noresponse_mac |
| else |
| logger "alcasar-watchdog $noresponse_ip ($noresponse_mac - macallowed) can't be contact. Alcasar release the IP address" |
| /usr/sbin/chilli_query dhcp-release $noresponse_mac |
| fi |
| logger "alcasar-watchdog $noresponse_ip ($noresponse_mac) can't be contact. Alcasar disconnects the user ($noresponce_user)." |
| /usr/sbin/chilli_query logout $noresponse_mac |
| /usr/sbin/chilli_query dhcp-release $noresponse_mac # release dhcp for mac_auth equipment |
| fi |
| done |
| rm $tmp_file |
| 132,6 → 126,7 |
|---|
| active_ip=`echo $system |cut -d" " -f2` |
| active_session=`echo $system |cut -d" " -f5` |
| active_mac=`echo $system | cut -d" " -f1` |
| active_user=`echo $system |cut -d" " -f6` |
| # on ne traite que les équipements exploitées par un usager authentifié (test de 2 réponses en 4 secondes) |
| if [[ $(expr $active_session) -eq 1 ]] |
| then |
| 139,12 → 134,13 |
|---|
| # on stocke les adresses IP des stations muettes |
| if [[ $(expr $arp_reply) -eq 0 ]] |
| then |
| echo "$active_ip $active_mac" >> $tmp_file |
| echo "$active_ip $active_mac $active_user" >> $tmp_file |
| fi |
| # on deconnecte l'usager d'une stations usurpée (@MAC) |
| if [[ $(expr $arp_reply) -gt 2 ]] |
| then |
| logger "alcasar-watchdog : $active_ip is usurped ($active_mac). Alcasar disconnect the user." |
| echo "alcasar-watchdog : $active_ip is usurped ($active_mac). Alcasar disconnect the user ($active_user)." >> /var/Save/logs/security/watchdog.log |
| logger "alcasar-watchdog : $active_ip is usurped ($active_mac). Alcasar disconnect the user ($active_user)." |
| /usr/sbin/chilli_query logout $active_mac |
| fi |
| fi |