| 4,14 → 4,13 |
|---|
| # alcasar-watchdog.sh |
| # by Rexy |
| # This script is distributed under the Gnu General Public License (GPL) |
| # Ce script prévient les usagers de l'indisponibilité de l'accès Internet |
| # il déconnecte les usagers dont |
| # - les équipements réseau ne répondent plus ( si la fenetre status.php a été fermé. Les autorisations par adresse mac sont laissé de côté) |
| # - les adresses MAC sont usurpées |
| # This script tells users that Internet access is down |
| # it logs out users whose |
| # - PCs are quiet (it means that status.php has been closed. We put aside @MAC Authorization ) |
| # - MAC address is used by other systems (usurped) |
| # - Ce script prévient les usagers de l'indisponibilité de l'accès Internet |
| # - Il déconnecte les usagers dont les équipements réseau ne répondent plus (leur onglet 'status.php' a été fermé) |
| # - Il deconnecte les usagers dont les adresses MAC sont usurpées |
| # |
| # - This script tells users that Internet access is down |
| # - It logs out users whose PCs are quiet (their status tab is closed) |
| # - It logs out users whose MAC address is used by other systems (usurped) |
| |
| CONF_FILE="/usr/local/etc/alcasar.conf" |
| EXTIF=`grep ^EXTIF= $CONF_FILE|cut -d"=" -f2` # EXTernal InterFace |
| 20,8 → 19,7 |
|---|
| private_ip_mask=${private_ip_mask:=192.168.182.1/24} |
| PRIVATE_IP=`echo "$private_ip_mask" |cut -d"/" -f1` # @ip du portail (côté LAN) |
| PRIVATE_IP=${PRIVATE_IP:=192.168.182.1} |
| tmp_file="/tmp/watchdog.txt" |
| current_users_file="/tmp/current_users.txt" |
| current_users_file="/var/tmp/havp/current_users.txt" # file containing active users with their "status.php" tab open |
| DIR_WEB="/var/www/html" |
| Index_Page="$DIR_WEB/index.php" |
| IPTABLES="/sbin/iptables" |
| 105,10 → 103,8 |
|---|
| ;; |
| *) |
| lan_test |
| |
| # We disconnect inactive users (its means that status.php has been closed) |
| # Each user inform about his connectivity by filling in /tmp/current_users.txt his own @IP |
| # process each equipment known by chilli to check if any equipment is usurped (@MAC) |
| # We disconnect inactive users (its means that their 'status.php' tab has been closed --> their ip address isn't in $current_users_file) |
| # process each equipment known by chilli to check if IP address is usurped (with arping) |
| for system in `/usr/sbin/chilli_query list |grep -v "\.0\.0\.0"` |
| do |
| active_ip=`echo $system |cut -d" " -f2` |
| 115,37 → 111,31 |
|---|
| active_session=`echo $system |cut -d" " -f5` |
| active_mac=`echo $system | cut -d" " -f1` |
| active_user=`echo $system |cut -d" " -f6` |
| |
| #We disconnect inactive user here : |
| #We check if this is not an auth @MAC and if he is still connected |
| if [ "$active_user" != "$active_mac" ] && [ $(echo $system | awk '$5 == 1' | wc -c) -gt 1 ]; then |
| if [ "$active_user" != "$active_mac" ] && [ $(expr $active_session) -eq 1 ]; then |
| # If /tmp/current_user.txt exists ... |
| if [ -e $current_users_file ]; then |
| # We check if user @IP is in 'current_users.txt' |
| cmp_user_ok=$(cat $current_users_file | grep $active_ip | wc -w) |
| # If this @IP is not in this file, we disconnect this user. |
| # If not we disconnect this user. |
| if [ $cmp_user_ok -eq 0 ]; then |
| logger "alcasar-watchdog $active_ip ($active_mac) can't be contact. Alcasar disconnects the user ($active_user)." |
| echo "Disconnect : $active_ip $active_mac $active_user" |
| /usr/sbin/chilli_query logout $active_mac |
| fi |
| # We clean 'current_users.txt'. Every user need to inform their @IP everytime to prove thier connectivity. |
| sed -i 'd' $current_users_file |
| else # If /tmp/current_user.txt does not exists we disconnect every users. |
| # Remove the user's IP from 'current_users.txt'. Every user need to insert their @IP everytime to prove their connectivity. |
| sed -i "/^$active_ip/d" $current_users_file |
| else # "/tmp/current_user.txt" does not exists. We disconnect every users. |
| logger "Le fichier /tmp/current_users.txt n'existe pas." |
| logger "alcasar-watchdog $active_ip ($active_mac) can't be contact. Alcasar disconnects the user ($active_user)." |
| echo "Disconnect : $active_ip $active_mac $active_user" |
| /usr/sbin/chilli_query logout $active_mac |
| fi |
| fi |
| |
| |
| |
| # process only equipment with an authenticated user |
| # IP usurpation test : process only equipment with an authenticated user |
| if [[ $(expr $active_session) -eq 1 ]] |
| then |
| arp_reply=`/usr/sbin/arping -b -I$INTIF -s$PRIVATE_IP -c2 -w4 $active_ip|grep "Unicast reply"|wc -l` |
| # disconnect users whose equipement is usurped (@MAC). For example, if there are 2 same @MAC it will make 3 lines in output. |
| # disconnect users whose equipement is usurped. For example, if there are 2 same @MAC it will make 3 lines in output. |
| if [[ $(expr $arp_reply) -gt 2 ]] |
| then |
| echo "$(date "+[%x-%X] : ")alcasar-watchdog : $active_ip is usurped ($active_mac). Alcasar disconnect the user ($active_user)." >> /var/Save/security/watchdog.log |
| 158,4 → 148,3 |
|---|
| ;; |
| esac |
| IFS=$OLDIFS |
| |