4,22 → 4,12 |
# alcasar-watchdog-hl.sh |
# by 3abtux |
# This script is distributed under the Gnu General Public License (GPL) |
# - Ce script déconnecte les équipements réseau qui sont identifiés en 0.0.0.0 |
# - Ce script déconnecte les équipements réseau qui sont identifiés en 0.0.0.0 (lancé optionnellement par cron dans /etc/cron.d/alcasar-watchdog) |
# - This script disconnects the network equipments which are identified in 0.0.0.0 (optionally run by cron in /etc/cron.d/alcasar-watchdog) |
|
# - This script disconnects the network equipments which are identified in 0.0.0.0 |
|
|
CONF_FILE="/usr/local/etc/alcasar.conf" |
EXTIF=`grep ^EXTIF= $CONF_FILE|cut -d"=" -f2` # EXTernal InterFace |
INTIF=`grep ^INTIF= $CONF_FILE|cut -d"=" -f2` # INTernal InterFace |
private_ip_mask=`grep ^PRIVATE_IP= $CONF_FILE|cut -d"=" -f2` |
private_ip_mask=${private_ip_mask:=192.168.182.1/24} |
PRIVATE_IP="192.168.180.1" |
|
OLDIFS=$IFS |
IFS=$'\n' |
|
|
usage="Usage: alcasar-watchdog-hl.sh " |
case $1 in |
-\? | -h* | --h*) |
27,17 → 17,13 |
exit 0 |
;; |
*) |
# We disconnect inactive users (its means that their 'status.php' tab has been closed --> their ip address isn't in $current_users_file) |
# process each equipment known by chilli to check if IP address is usurped (with arping) |
# searching for 0.0.0.0 IP |
for system in `/usr/sbin/chilli_query list |grep "0\.0\.0\.0 dnat"` |
do |
active_mac=`echo $system | cut -d" " -f1` |
# echo "$active_mac associe à 0.0.0.0" |
# disconnect equipement is 0.0.0.0 |
echo "$(date "+[%x-%X] : ")alcasar-watchdog-hl : $active_mac is in bad lan. Alcasar release the equipment." >> /var/Save/security/watchdog-hl.log |
echo "$(date "+[%x-%X] : ")alcasar-watchdog-hl : $active_mac has 0.0.0.0 IP address. Alcasar release the equipment." >> /var/Save/security/watchdog-hl.log |
/usr/sbin/chilli_query dhcp-release $active_mac |
done |
# /usr/sbin/chilli_query list |grep "0\.0\.0\.0 dnat" |
;; |
esac |
IFS=$OLDIFS |