| Line 1... |
Line 1... |
| 1 |
#!/bin/bash
|
1 |
#!/bin/bash
|
| 2 |
# $Id: alcasar-watchdog.sh 1688 2015-08-27 21:48:57Z richard $
|
2 |
# $Id: alcasar-watchdog.sh 1818 2016-04-07 13:38:05Z raphael.pion $
|
| 3 |
|
3 |
|
| 4 |
# alcasar-watchdog.sh
|
4 |
# alcasar-watchdog.sh
|
| 5 |
# by Rexy
|
5 |
# by Rexy
|
| 6 |
# This script is distributed under the Gnu General Public License (GPL)
|
6 |
# This script is distributed under the Gnu General Public License (GPL)
|
| 7 |
# Ce script prévient les usagers de l'indisponibilité de l'accès Internet
|
7 |
# Ce script prévient les usagers de l'indisponibilité de l'accès Internet
|
| Line 112... |
Line 112... |
| 112 |
noresponse_mac=`echo $noresponse | cut -d" " -f2`
|
112 |
noresponse_mac=`echo $noresponse | cut -d" " -f2`
|
| 113 |
noresponse_user=`echo $noresponse | cut -d" " -f3`
|
113 |
noresponse_user=`echo $noresponse | cut -d" " -f3`
|
| 114 |
arp_reply=`/usr/sbin/arping -b -I$INTIF -s$PRIVATE_IP -c1 -w4 $noresponse_ip|grep "Unicast reply"|wc -l`
|
114 |
arp_reply=`/usr/sbin/arping -b -I$INTIF -s$PRIVATE_IP -c1 -w4 $noresponse_ip|grep "Unicast reply"|wc -l`
|
| 115 |
if [[ $(expr $arp_reply) -eq 0 ]]
|
115 |
if [[ $(expr $arp_reply) -eq 0 ]]
|
| 116 |
then
|
116 |
then
|
| - |
|
117 |
#on vide les ip inactifs de l'ipset user_not_connected_yet
|
| - |
|
118 |
ipset del user_not_connected_yet $noresponse_ip
|
| 117 |
logger "alcasar-watchdog $noresponse_ip ($noresponse_mac) can't be contact. Alcasar disconnects the user ($noresponse_user)."
|
119 |
logger "alcasar-watchdog $noresponse_ip ($noresponse_mac) can't be contact. Alcasar disconnects the user ($noresponse_user)."
|
| 118 |
/usr/sbin/chilli_query logout $noresponse_mac
|
120 |
/usr/sbin/chilli_query logout $noresponse_mac
|
| 119 |
if [[ $noresponse_user == $noresponse_mac ]] # for @mac auth equipments, we must remove the arp entry
|
121 |
if [[ $noresponse_user == $noresponse_mac ]] # for @mac auth equipments, we must remove the arp entry
|
| 120 |
then /usr/sbin/chilli_query dhcp-release $noresponse_mac
|
122 |
then /usr/sbin/chilli_query dhcp-release $noresponse_mac
|
| 121 |
fi
|
123 |
fi
|
| Line 134... |
Line 136... |
| 134 |
if [[ $(expr $active_session) -eq 1 ]]
|
136 |
if [[ $(expr $active_session) -eq 1 ]]
|
| 135 |
then
|
137 |
then
|
| 136 |
arp_reply=`/usr/sbin/arping -b -I$INTIF -s$PRIVATE_IP -c2 -w4 $active_ip|grep "Unicast reply"|wc -l`
|
138 |
arp_reply=`/usr/sbin/arping -b -I$INTIF -s$PRIVATE_IP -c2 -w4 $active_ip|grep "Unicast reply"|wc -l`
|
| 137 |
# store @IP of quiet equipments
|
139 |
# store @IP of quiet equipments
|
| 138 |
if [[ $(expr $arp_reply) -eq 0 ]]
|
140 |
if [[ $(expr $arp_reply) -eq 0 ]]
|
| 139 |
then
|
141 |
then
|
| 140 |
echo "$active_ip $active_mac $active_user" >> $tmp_file
|
142 |
echo "$active_ip $active_mac $active_user" >> $tmp_file
|
| - |
|
143 |
|
| 141 |
fi
|
144 |
fi
|
| 142 |
# disconnect users whose equipement is usurped (@MAC)
|
145 |
# disconnect users whose equipement is usurped (@MAC)
|
| 143 |
if [[ $(expr $arp_reply) -gt 2 ]]
|
146 |
if [[ $(expr $arp_reply) -gt 2 ]]
|
| 144 |
then
|
147 |
then
|
| 145 |
echo "$(date "+[%x-%X] : ")alcasar-watchdog : $active_ip is usurped ($active_mac). Alcasar disconnect the user ($active_user)." >> /var/Save/security/watchdog.log
|
148 |
echo "$(date "+[%x-%X] : ")alcasar-watchdog : $active_ip is usurped ($active_mac). Alcasar disconnect the user ($active_user)." >> /var/Save/security/watchdog.log
|