WebSVN – ALCASAR – Diff – /scripts/alcasar-watchdog.sh



#!/bin/bash
# $Id: alcasar-watchdog.sh 3214 2024-07-01 17:32:18Z rexy $
 
# alcasar-watchdog.sh
# by Rexy
# This script is distributed under the Gnu General Public License (GPL)
# - Ce script prévient les usagers de l'indisponibilité de l'accès Internet

#
# - This script tells users that Internet access is down
# - It logs out users whose PCs are quiet (their status tab is closed)
# - It logs out users whose MAC address is used by other systems (usurped)
 
export LC_ALL=C.UTF-8
CONF_FILE="/usr/local/etc/alcasar.conf"
EXTIF=`grep ^EXTIF= $CONF_FILE|cut -d"=" -f2`			# EXTernal InterFace
INTIF=`grep ^INTIF= $CONF_FILE|cut -d"=" -f2`			# INTernal InterFace
private_ip_mask=`grep ^PRIVATE_IP= $CONF_FILE|cut -d"=" -f2`
private_ip_mask=${private_ip_mask:=192.168.182.1/24}

			systemctl restart network
		else
			if [ "$MULTIWAN" == "off" ] || [ "$MULTIWAN" == "Off" ]
				then
				IP_GW=`/sbin/ip route list|grep ^default|cut -d" " -f3`
				arp_reply=`/usr/sbin/arping -I$EXTIF -c1 $IP_GW|grep response|cut -d" " -f2`
				if [ $arp_reply -eq "0" ]
					then
					LAN_DOWN="2"
				fi
			fi

				fi
			fi
			# IP usurpation test : process only equipment with an authenticated user
			if [[ $(expr $active_session) -eq 1 ]]
			then
				arp_reply=`/usr/sbin/arping -b -I$INTIF -s$PRIVATE_IP -c1 -w4 $active_ip|grep -c "Unicast reply"`
				# disconnect users whose equipement is usurped. For example, if there are 2 same @MAC it will make 2 lines in output.
				if [[ $(expr $arp_reply) -gt 1 ]]
					then 
					echo "[$(date +"%Y-%m-%d %H:%M:%S")] : alcasar-watchdog : $active_ip is usurped ($active_mac). Alcasar disconnect the user ($active_user)." >> /var/Save/security/watchdog.log
					logger -t alcasar-watchdog "$active_ip is usurped ($active_mac). Alcasar disconnect the user ($active_user)."

Rev 3190	Rev 3214
Line 1...	Line 1...
1	`#!/bin/bash`	1	`#!/bin/bash`
2	`# $Id: alcasar-watchdog.sh 3190 2024-04-07 22:35:03Z rexy $`	2	`# $Id: alcasar-watchdog.sh 3214 2024-07-01 17:32:18Z rexy $`
3		3
4	`# alcasar-watchdog.sh`	4	`# alcasar-watchdog.sh`
5	`# by Rexy`	5	`# by Rexy`
6	`# This script is distributed under the Gnu General Public License (GPL)`	6	`# This script is distributed under the Gnu General Public License (GPL)`
7	`# - Ce script prévient les usagers de l'indisponibilité de l'accès Internet`	7	`# - Ce script prévient les usagers de l'indisponibilité de l'accès Internet`
Line 10...	Line 10...
10	`#`	10	`#`
11	`# - This script tells users that Internet access is down`	11	`# - This script tells users that Internet access is down`
12	`# - It logs out users whose PCs are quiet (their status tab is closed)`	12	`# - It logs out users whose PCs are quiet (their status tab is closed)`
13	`# - It logs out users whose MAC address is used by other systems (usurped)`	13	`# - It logs out users whose MAC address is used by other systems (usurped)`
14		14
-		15	`export LC_ALL=C.UTF-8`
15	`CONF_FILE="/usr/local/etc/alcasar.conf"`	16	`CONF_FILE="/usr/local/etc/alcasar.conf"`
16	EXTIF=`grep ^EXTIF= $CONF_FILE\|cut -d"=" -f2` # EXTernal InterFace	17	EXTIF=`grep ^EXTIF= $CONF_FILE\|cut -d"=" -f2` # EXTernal InterFace
17	INTIF=`grep ^INTIF= $CONF_FILE\|cut -d"=" -f2` # INTernal InterFace	18	INTIF=`grep ^INTIF= $CONF_FILE\|cut -d"=" -f2` # INTernal InterFace
18	private_ip_mask=`grep ^PRIVATE_IP= $CONF_FILE\|cut -d"=" -f2`	19	private_ip_mask=`grep ^PRIVATE_IP= $CONF_FILE\|cut -d"=" -f2`
19	`private_ip_mask=${private_ip_mask:=192.168.182.1/24}`	20	`private_ip_mask=${private_ip_mask:=192.168.182.1/24}`
Line 80...	Line 81...
80	`systemctl restart network`	81	`systemctl restart network`
81	`else`	82	`else`
82	`if [ "$MULTIWAN" == "off" ] \|\| [ "$MULTIWAN" == "Off" ]`	83	`if [ "$MULTIWAN" == "off" ] \|\| [ "$MULTIWAN" == "Off" ]`
83	`then`	84	`then`
84	IP_GW=`/sbin/ip route list\|grep ^default\|cut -d" " -f3`	85	IP_GW=`/sbin/ip route list\|grep ^default\|cut -d" " -f3`
85	arp_reply=`LANG=en_US.UTF-8 /usr/sbin/arping -I$EXTIF -c1 $IP_GW\|grep response\|cut -d" " -f2`	86	arp_reply=`/usr/sbin/arping -I$EXTIF -c1 $IP_GW\|grep response\|cut -d" " -f2`
86	`if [ $arp_reply -eq "0" ]`	87	`if [ $arp_reply -eq "0" ]`
87	`then`	88	`then`
88	`LAN_DOWN="2"`	89	`LAN_DOWN="2"`
89	`fi`	90	`fi`
90	`fi`	91	`fi`
Line 162...	Line 163...
162	`fi`	163	`fi`
163	`fi`	164	`fi`
164	`# IP usurpation test : process only equipment with an authenticated user`	165	`# IP usurpation test : process only equipment with an authenticated user`
165	`if [[ $(expr $active_session) -eq 1 ]]`	166	`if [[ $(expr $active_session) -eq 1 ]]`
166	`then`	167	`then`
167	arp_reply=`LANG=en_US.UTF-8 /usr/sbin/arping -b -I$INTIF -s$PRIVATE_IP -c1 -w4 $active_ip\|grep -c "Unicast reply"`	168	arp_reply=`/usr/sbin/arping -b -I$INTIF -s$PRIVATE_IP -c1 -w4 $active_ip\|grep -c "Unicast reply"`
168	`# disconnect users whose equipement is usurped. For example, if there are 2 same @MAC it will make 2 lines in output.`	169	`# disconnect users whose equipement is usurped. For example, if there are 2 same @MAC it will make 2 lines in output.`
169	`if [[ $(expr $arp_reply) -gt 1 ]]`	170	`if [[ $(expr $arp_reply) -gt 1 ]]`
170	`then`	171	`then`
171	`echo "[$(date +"%Y-%m-%d %H:%M:%S")] : alcasar-watchdog : $active_ip is usurped ($active_mac). Alcasar disconnect the user ($active_user)." >> /var/Save/security/watchdog.log`	172	`echo "[$(date +"%Y-%m-%d %H:%M:%S")] : alcasar-watchdog : $active_ip is usurped ($active_mac). Alcasar disconnect the user ($active_user)." >> /var/Save/security/watchdog.log`
172	`logger -t alcasar-watchdog "$active_ip is usurped ($active_mac). Alcasar disconnect the user ($active_user)."`	173	`logger -t alcasar-watchdog "$active_ip is usurped ($active_mac). Alcasar disconnect the user ($active_user)."`

Subversion Repositories ALCASAR

(root)/scripts/alcasar-watchdog.sh – Rev 3190 → 3214