16,7 → 16,6 |
|
EXTIF="eth0" |
INTIF="eth1" |
macallowed_file="/usr/local/etc/alcasar-macallowed" |
conf_file="/usr/local/etc/alcasar.conf" |
private_ip_mask=`grep PRIVATE_IP= $conf_file|cut -d"=" -f2` |
private_ip_mask=${private_ip_mask:=192.168.182.1/24} |
104,24 → 103,19 |
;; |
*) |
lan_test |
# lecture du fichier contenant les adresses IP des stations muettes |
# read file that contains IP address of quiet equipments |
if [ -e $tmp_file ]; then |
cat $tmp_file | while read noresponse |
do |
noresponse_ip=`echo $noresponse | cut -d" " -f1` |
noresponse_mac=`echo $noresponse | cut -d" " -f2` |
noresponse_user=`echo $noresponse | cut -d" " -f3` |
arp_reply=`/usr/sbin/arping -b -I$INTIF -s$PRIVATE_IP -c1 -w4 $noresponse_ip|grep "Unicast reply"|wc -l` |
if [[ $(expr $arp_reply) -eq 0 ]] |
then |
mac_allowed=`cat $macallowed_file |grep $noresponse_mac | wc -l` |
if [ $mac_allowed -eq 0 ] |
then |
logger "alcasar-watchdog $noresponse_ip ($noresponse_mac) can't be contact. Alcasar disconnects the user." |
/usr/sbin/chilli_query logout $noresponse_mac |
else |
logger "alcasar-watchdog $noresponse_ip ($noresponse_mac - macallowed) can't be contact. Alcasar release the IP address" |
/usr/sbin/chilli_query dhcp-release $noresponse_mac |
fi |
logger "alcasar-watchdog $noresponse_ip ($noresponse_mac) can't be contact. Alcasar disconnects the user ($noresponce_user)." |
/usr/sbin/chilli_query logout $noresponse_mac |
/usr/sbin/chilli_query dhcp-release $noresponse_mac # release dhcp for mac_auth equipment |
fi |
done |
rm $tmp_file |
132,6 → 126,7 |
active_ip=`echo $system |cut -d" " -f2` |
active_session=`echo $system |cut -d" " -f5` |
active_mac=`echo $system | cut -d" " -f1` |
active_user=`echo $system |cut -d" " -f6` |
# on ne traite que les équipements exploitées par un usager authentifié (test de 2 réponses en 4 secondes) |
if [[ $(expr $active_session) -eq 1 ]] |
then |
139,12 → 134,13 |
# on stocke les adresses IP des stations muettes |
if [[ $(expr $arp_reply) -eq 0 ]] |
then |
echo "$active_ip $active_mac" >> $tmp_file |
echo "$active_ip $active_mac $active_user" >> $tmp_file |
fi |
# on deconnecte l'usager d'une stations usurpée (@MAC) |
if [[ $(expr $arp_reply) -gt 2 ]] |
then |
logger "alcasar-watchdog : $active_ip is usurped ($active_mac). Alcasar disconnect the user." |
echo "alcasar-watchdog : $active_ip is usurped ($active_mac). Alcasar disconnect the user ($active_user)." >> /var/Save/logs/security/watchdog.log |
logger "alcasar-watchdog : $active_ip is usurped ($active_mac). Alcasar disconnect the user ($active_user)." |
/usr/sbin/chilli_query logout $active_mac |
fi |
fi |