Subversion Repositories ALCASAR

Rev

Rev 2250 | Rev 2376 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log

Rev 2250 Rev 2278
Line 1... Line 1...
1
#!/bin/bash
1
#!/bin/bash
2
# $Id: alcasar-watchdog.sh 2250 2017-05-22 22:00:03Z tom.houdayer $
2
# $Id: alcasar-watchdog.sh 2278 2017-06-13 22:04:54Z richard $
3
 
3
 
4
# alcasar-watchdog.sh
4
# alcasar-watchdog.sh
5
# by Rexy
5
# by Rexy
6
# This script is distributed under the Gnu General Public License (GPL)
6
# This script is distributed under the Gnu General Public License (GPL)
7
# - Ce script prévient les usagers de l'indisponibilité de l'accès Internet
7
# - Ce script prévient les usagers de l'indisponibilité de l'accès Internet
Line 122... Line 122...
122
                                                logger "alcasar-watchdog : $active_ip ($active_mac) can't be contact. We disconnects the user ($active_user)."
122
                                                logger "alcasar-watchdog : $active_ip ($active_mac) can't be contact. We disconnects the user ($active_user)."
123
                                                /usr/sbin/chilli_query logout $active_mac
123
                                                /usr/sbin/chilli_query logout $active_mac
124
                                        fi
124
                                        fi
125
                                        # Remove the user's IP from 'current_users.txt'. Every user need to insert their @IP everytime to prove their connectivity.
125
                                        # Remove the user's IP from 'current_users.txt'. Every user need to insert their @IP everytime to prove their connectivity.
126
                                        sed -i "/^$active_ip/d" $current_users_file
126
                                        sed -i "/^$active_ip/d" $current_users_file
127
                                else # "/tmp/current_user.txt" does not exists. We disconnect every users.
127
                                else # "current_user.txt" does not exists. We disconnect every users.
128
                                        logger "alcasar-watchdog : The file /var/tmp/havp/current_users.txt doen't' exist. We disconnects the user $active_user"
128
                                        logger "alcasar-watchdog : The file /var/tmp/havp/current_users.txt doen't' exist. We disconnects the user $active_user"
129
                                        /usr/sbin/chilli_query logout $active_mac
129
                                        /usr/sbin/chilli_query logout $active_mac
130
                                fi
130
                                fi
131
                        fi
131
                        fi
132
                        # IP usurpation test : process only equipment with an authenticated user
132
                        # IP usurpation test : process only equipment with an authenticated user
133
                        if [[ $(expr $active_session) -eq 1 ]]
133
                        if [[ $(expr $active_session) -eq 1 ]]
134
                        then
134
                        then
135
                                arp_reply=`/usr/sbin/arping -b -I$INTIF -s$PRIVATE_IP -c2 -w4 $active_ip|grep "Unicast reply"|wc -l`
135
                                arp_reply=`/usr/sbin/arping -b -I$INTIF -s$PRIVATE_IP -c1 -w4 $active_ip|grep -c "Unicast reply"`
136
                                # disconnect users whose equipement is usurped. For example, if there are 2 same @MAC it will make 3 lines in output.
136
                                # disconnect users whose equipement is usurped. For example, if there are 2 same @MAC it will make 2 lines in output.
137
                                if [[ $(expr $arp_reply) -gt 2 ]]
137
                                if [[ $(expr $arp_reply) -gt 1 ]]
138
                                        then
138
                                        then
139
                                        echo "$(date "+[%x-%X] : ")alcasar-watchdog : $active_ip is usurped ($active_mac). Alcasar disconnect the user ($active_user)." >> /var/Save/security/watchdog.log
139
                                        echo "$(date "+[%x-%X] : ")alcasar-watchdog : $active_ip is usurped ($active_mac). Alcasar disconnect the user ($active_user)." >> /var/Save/security/watchdog.log
140
                                        logger "alcasar-watchdog : $active_ip is usurped ($active_mac). Alcasar disconnect the user ($active_user)."
140
                                        logger "alcasar-watchdog : $active_ip is usurped ($active_mac). Alcasar disconnect the user ($active_user)."
141
                                        /usr/sbin/chilli_query logout $active_mac
141
                                        /usr/sbin/chilli_query logout $active_mac
142
                                        chmod 644 /var/Save/security/watchdog.log
142
                                        chmod 644 /var/Save/security/watchdog.log