| Line 1... |
Line 1... |
| 1 |
#!/bin/bash
|
1 |
#!/bin/bash
|
| 2 |
# $Id: alcasar-watchdog.sh 1535 2014-12-21 22:14:47Z richard $
|
2 |
# $Id: alcasar-watchdog.sh 1688 2015-08-27 21:48:57Z richard $
|
| 3 |
|
3 |
|
| 4 |
# alcasar-watchdog.sh
|
4 |
# alcasar-watchdog.sh
|
| 5 |
# by Rexy
|
5 |
# by Rexy
|
| 6 |
# This script is distributed under the Gnu General Public License (GPL)
|
6 |
# This script is distributed under the Gnu General Public License (GPL)
|
| 7 |
# Ce script prévient les usagers de l'indisponibilité de l'accès Internet
|
7 |
# Ce script prévient les usagers de l'indisponibilité de l'accès Internet
|
| Line 114... |
Line 114... |
| 114 |
arp_reply=`/usr/sbin/arping -b -I$INTIF -s$PRIVATE_IP -c1 -w4 $noresponse_ip|grep "Unicast reply"|wc -l`
|
114 |
arp_reply=`/usr/sbin/arping -b -I$INTIF -s$PRIVATE_IP -c1 -w4 $noresponse_ip|grep "Unicast reply"|wc -l`
|
| 115 |
if [[ $(expr $arp_reply) -eq 0 ]]
|
115 |
if [[ $(expr $arp_reply) -eq 0 ]]
|
| 116 |
then
|
116 |
then
|
| 117 |
logger "alcasar-watchdog $noresponse_ip ($noresponse_mac) can't be contact. Alcasar disconnects the user ($noresponse_user)."
|
117 |
logger "alcasar-watchdog $noresponse_ip ($noresponse_mac) can't be contact. Alcasar disconnects the user ($noresponse_user)."
|
| 118 |
/usr/sbin/chilli_query logout $noresponse_mac
|
118 |
/usr/sbin/chilli_query logout $noresponse_mac
|
| - |
|
119 |
if [[ $noresponse_user == $noresponse_mac ]] # for @mac auth equipments, we must remove the arp entry
|
| 119 |
/usr/sbin/chilli_query dhcp-release $noresponse_mac # release dhcp for mac_auth equipment
|
120 |
then /usr/sbin/chilli_query dhcp-release $noresponse_mac
|
| - |
|
121 |
fi
|
| 120 |
fi
|
122 |
fi
|
| 121 |
done
|
123 |
done
|
| 122 |
rm $tmp_file
|
124 |
rm $tmp_file
|
| 123 |
fi
|
125 |
fi
|
| 124 |
# process each equipment known by chilli
|
126 |
# process each equipment known by chilli
|
| Line 133... |
Line 135... |
| 133 |
then
|
135 |
then
|
| 134 |
arp_reply=`/usr/sbin/arping -b -I$INTIF -s$PRIVATE_IP -c2 -w4 $active_ip|grep "Unicast reply"|wc -l`
|
136 |
arp_reply=`/usr/sbin/arping -b -I$INTIF -s$PRIVATE_IP -c2 -w4 $active_ip|grep "Unicast reply"|wc -l`
|
| 135 |
# store @IP of quiet equipments
|
137 |
# store @IP of quiet equipments
|
| 136 |
if [[ $(expr $arp_reply) -eq 0 ]]
|
138 |
if [[ $(expr $arp_reply) -eq 0 ]]
|
| 137 |
then
|
139 |
then
|
| 138 |
PTN='^[[:xdigit:]][[:xdigit:]]-[[:xdigit:]][[:xdigit:]]-[[:xdigit:]][[:xdigit:]]-[[:xdigit:]][[:xdigit:]]-[[:xdigit:]][[:xdigit:]]-[[:xdigit:]][[:xdigit:]]$'
|
- |
|
| 139 |
if [[ $(expr $active_user : $PTN) -eq 0 ]] # don't process @mac auth equipments
|
- |
|
| 140 |
then
|
- |
|
| 141 |
echo "$active_ip $active_mac $active_user" >> $tmp_file
|
140 |
echo "$active_ip $active_mac $active_user" >> $tmp_file
|
| 142 |
fi
|
- |
|
| 143 |
fi
|
141 |
fi
|
| 144 |
# disconnect users whose equipement is usurped (@MAC)
|
142 |
# disconnect users whose equipement is usurped (@MAC)
|
| 145 |
if [[ $(expr $arp_reply) -gt 2 ]]
|
143 |
if [[ $(expr $arp_reply) -gt 2 ]]
|
| 146 |
then
|
144 |
then
|
| 147 |
echo "$(date "+[%x-%X] : ")alcasar-watchdog : $active_ip is usurped ($active_mac). Alcasar disconnect the user ($active_user)." >> /var/Save/security/watchdog.log
|
145 |
echo "$(date "+[%x-%X] : ")alcasar-watchdog : $active_ip is usurped ($active_mac). Alcasar disconnect the user ($active_user)." >> /var/Save/security/watchdog.log
|