BlueGreycalmElegant

Català-Valencià – Catalan中文 – Chinese (Simplified)中文 – Chinese (Traditional)Česky – CzechDansk – DanishNederlands – DutchEnglish – EnglishSuomi – FinnishFrançais – FrenchDeutsch – Germanעברית – Hebrewहिंदी – HindiMagyar – HungarianBahasa Indonesia – IndonesianItaliano – Italian日本語 – Japanese한국어 – KoreanМакедонски – Macedonianमराठी – MarathiNorsk – NorwegianPolski – PolishPortuguês – PortuguesePortuguês – Portuguese (Brazil)Русский – RussianSlovenčina – SlovakSlovenščina – SlovenianEspañol – SpanishSvenska – SwedishTürkçe – TurkishУкраїнська – UkrainianOëzbekcha – Uzbek

Compare Revisions

• This comparison shows the changes necessary to convert path

  → /scripts/ @ 2500

  → /scripts/ @ 2501

  ↔ Reverse comparison

• Compare Path:	Rev

  With Path:	Rev

Ignore whitespace Rev 2500 → Rev 2501

/scripts/alcasar-condown.sh
9,50 → 9,49
# This script is launched by coova after each logout
# Ce script est lancé par coova à chaque déconnexion d'usager
PASSWD_FILE="/root/ALCASAR-passwords.txt"
if [ -z $FRAMED_IP_ADDRESS ]; then
exit 1
fi
# Remove user from his IPSET (depending on FILTER_ID)
# Remove user from his IPSET
# FilterID Byte N°0 to 7
# 0: profile_1 (WEB)
# 1: profile_2 (WEB + Mail + Remote access)
# 2: profile_3 (Custom)
# 3: warn_user (if imputability report has been generated)
# 4: status_open_required (check user activity through status page)
# 5: WL
# 6: BL
# 7: HAVP
db_query="SELECT attribute, value FROM (( SELECT attribute, value FROM radreply WHERE (attribute='Alcasar-Filter' OR attribute='Alcasar-Filter-Proto' OR attribute='Alcasar-Status-Open-Required') AND username='$USER_NAME') UNION ( SELECT attribute, value FROM radgroupreply gr LEFT JOIN radusergroup ug ON gr.groupname = ug.groupname WHERE (attribute='Alcasar-Filter' OR attribute='Alcasar-Filter-Proto' OR attribute='Alcasar-Status-Open-Required') AND username = '$USER_NAME' ORDER BY ug.priority)) attrs GROUP BY attribute;"
db_res=$(mysql -u root -p$(cat $PASSWD_FILE | grep ^db_root= | cut -d'=' -f2-) -D radius -e "$db_query" -Ns)
if [ ${FILTER_ID:5:1} == '1' ]; then # HAVP_WL
filter=$(echo "$db_res" | awk '$1 == "Alcasar-Filter" { print $2 }')
filterProto=$(echo "$db_res" | awk '$1 == "Alcasar-Filter-Proto" { print $2 }')
statusOpenRequired=$(echo "$db_res" | awk '$1 == "Alcasar-Status-Open-Required" { print $2 }')
if [ "$filter" == '4' ]; then # HAVP_WL
set_filter="havp_wl"
elif [ ${FILTER_ID:6:1} == '1' ]; then # HAVP_BL
elif [ "$filter" == '3' ]; then # HAVP_BL
set_filter="havp_bl"
elif [ ${FILTER_ID:7:1} == '1' ]; then # HAVP
elif [ "$filter" == '2' ]; then # HAVP
set_filter="havp"
else # NOT_FILTERED
else # NOT_FILTERED
set_filter="not_filtered"
fi
if [ ${FILTER_ID:2:1} == '1' ]; then # PROFILE 3 (Custom)
set_proto="proto_3";
elif [ ${FILTER_ID:1:1} == '1' ]; then # PROFILE 2 (WEB + Mail + Remote access)
set_proto="proto_2";
elif [ ${FILTER_ID:0:1} == '1' ]; then # PROFILE 1 (WEB)
set_proto="proto_1";
if [ "$filterProto" == '4' ]; then # PROFILE 3 (Custom)
set_filterProto="proto_3";
elif [ "$filterProto" == '3' ]; then # PROFILE 2 (WEB + Mail + Remote access)
set_filterProto="proto_2";
elif [ "$filterProto" == '2' ]; then # PROFILE 1 (WEB)
set_filterProto="proto_1";
else # PROFILE 0 (Not filtered)
set_proto="proto_0";
set_filterProto="proto_0";
fi
ipset del $set_filter $FRAMED_IP_ADDRESS
ipset del $set_proto $FRAMED_IP_ADDRESS
ipset del $set_filter $FRAMED_IP_ADDRESS
ipset del $set_filterProto $FRAMED_IP_ADDRESS
# Remove IP address from active users
current_users_file="/var/tmp/havp/current_users.txt"
[ -e $current_users_file ] && sed -i "/^$FRAMED_IP_ADDRESS:/d" $current_users_file
# Debug : show all the coova parse variables (+ $set_filter + $set_proto).
# Debug : show all the coova parse variables (+ $set_filter + $set_filterProto).
# see "/src/chilli.c" for the complete list of parse variables
#echo "-----------------------------------------------" >> /tmp/debug-condown.txt
#echo `date` >> /tmp/debug-condown.txt
61,4 → 60,4
# echo "$i : ${!i}" >> /tmp/debug-condown.txt
#done
#echo "set_filter : $set_filter" >> /tmp/debug-condown.txt
#echo "set_proto : $set_proto" >> /tmp/debug-condown.txt
#echo "set_filterProto : $set_filterProto" >> /tmp/debug-condown.txt

/scripts/alcasar-conup.sh
9,53 → 9,52
# This script is launched by coova after each successfull login
# Ce script est lancé par coova à chaque connexion d'usager (authentification réussi)
PASSWD_FILE="/root/ALCASAR-passwords.txt"
if [ -z $FRAMED_IP_ADDRESS ]; then
exit 1
fi
# Add user to his IPSET (depending on FILTER_ID)
# Add user to his IPSET
# FilterID Byte N°0 to 7
# 0: profile_1 (WEB)
# 1: profile_2 (WEB + Mail + Remote access)
# 2: profile_3 (Custom)
# 3: warn_user (if imputability report has been generated)
# 4: status_open_required (check user activity through status page)
# 5: WL
# 6: BL
# 7: HAVP
db_query="SELECT attribute, value FROM (( SELECT attribute, value FROM radreply WHERE (attribute='Alcasar-Filter' OR attribute='Alcasar-Filter-Proto' OR attribute='Alcasar-Status-Open-Required') AND username='$USER_NAME') UNION ( SELECT attribute, value FROM radgroupreply gr LEFT JOIN radusergroup ug ON gr.groupname = ug.groupname WHERE (attribute='Alcasar-Filter' OR attribute='Alcasar-Filter-Proto' OR attribute='Alcasar-Status-Open-Required') AND username = '$USER_NAME' ORDER BY ug.priority)) attrs GROUP BY attribute;"
db_res=$(mysql -u root -p$(cat $PASSWD_FILE | grep ^db_root= | cut -d'=' -f2-) -D radius -e "$db_query" -Ns)
if [ ${FILTER_ID:5:1} == '1' ]; then # HAVP_WL
filter=$(echo "$db_res" | awk '$1 == "Alcasar-Filter" { print $2 }')
filterProto=$(echo "$db_res" | awk '$1 == "Alcasar-Filter-Proto" { print $2 }')
statusOpenRequired=$(echo "$db_res" | awk '$1 == "Alcasar-Status-Open-Required" { print $2 }')
if [ "$filter" == '4' ]; then # HAVP_WL
set_filter="havp_wl"
elif [ ${FILTER_ID:6:1} == '1' ]; then # HAVP_BL
elif [ "$filter" == '3' ]; then # HAVP_BL
set_filter="havp_bl"
elif [ ${FILTER_ID:7:1} == '1' ]; then # HAVP
elif [ "$filter" == '2' ]; then # HAVP
set_filter="havp"
else # NOT_FILTERED
else # NOT_FILTERED
set_filter="not_filtered"
fi
if [ ${FILTER_ID:2:1} == '1' ]; then # PROFILE 3 (Custom)
set_proto="proto_3";
elif [ ${FILTER_ID:1:1} == '1' ]; then # PROFILE 2 (WEB + Mail + Remote access)
set_proto="proto_2";
elif [ ${FILTER_ID:0:1} == '1' ]; then # PROFILE 1 (WEB)
set_proto="proto_1";
if [ "$filterProto" == '4' ]; then # PROFILE 3 (Custom)
set_filterProto="proto_3";
elif [ "$filterProto" == '3' ]; then # PROFILE 2 (WEB + Mail + Remote access)
set_filterProto="proto_2";
elif [ "$filterProto" == '2' ]; then # PROFILE 1 (WEB)
set_filterProto="proto_1";
else # PROFILE 0 (Not filtered)
set_proto="proto_0";
set_filterProto="proto_0";
fi
ipset add $set_filter $FRAMED_IP_ADDRESS
ipset add $set_proto $FRAMED_IP_ADDRESS
ipset add $set_filter $FRAMED_IP_ADDRESS
ipset add $set_filterProto $FRAMED_IP_ADDRESS
# Add user IP permanently to current_users.txt if no status_open_required
current_users_file="/var/tmp/havp/current_users.txt"
[ ! -e $current_users_file ] && touch $current_users_file && chown apache:apache $current_users_file
if [ ${FILTER_ID:4:1} == '1' ]; then # no status_open_required
if [ "$statusOpenRequired" == '2' ]; then # no status_open_required
echo "$FRAMED_IP_ADDRESS:PERM" >> $current_users_file
fi
# Debug : show all the coova parse variables (+ $set_filter + $set_proto).
# Debug : show all the coova parse variables (+ $set_filter + $set_filterProto).
# see "/src/chilli.c" for the complete list of parse variables
#echo "-----------------------------------------------" >> /tmp/debug-conup.txt
#echo `date` >> /tmp/debug-conup.txt
64,5 → 63,5
# echo "$i : ${!i}" >> /tmp/debug-conup.txt
#done
#echo "set_filter : $set_filter" >> /tmp/debug-conup.txt
#echo "set_proto : $set_proto" >> /tmp/debug-conup.txt
#echo "set_filterProto : $set_filterProto" >> /tmp/debug-conup.txt

/scripts/alcasar-generate_log.sh
156,21 → 156,10
echo "</body>" >> $TMP_HTML
echo "</HTML>" >> $TMP_HTML
#inform users about that by setting the fourth bit of Filter-Id at 1.
QUERY="SELECT username from radreply INTO OUTFILE '$TMP_USERS' FIELDS TERMINATED BY ',' ENCLOSED BY '' LINES TERMINATED BY '\n';"
# inform users about that by setting the Alcasar-Imputability-Warning attribute
QUERY="INSERT INTO radreply (username, attribute, value, op) SELECT ui.username, 'Alcasar-Imputability-Warning', '1' , ':=' FROM userinfo ui LEFT JOIN radreply rr ON rr.username = ui.username AND rr.attribute = 'Alcasar-Imputability-Warning' WHERE rr.username IS NULL;"
mysql -u root -p"$DB_ROOT_PW" -D radius -e "$QUERY"
if [ -e $TMP_USERS ] && [ $(cat $TMP_USERS | wc -l) -gt 0 ]
then
for user in $(cat $TMP_USERS)
do
QUERY="set @CurrentFilter=(SELECT value from radreply where username='$user');set @CurrentFilterLeft=(SELECT LEFT(@CurrentFilter,3));set @CurrentFilterRight=(SELECT RIGHT(@CurrentFilter,4));UPDATE radreply SET value = CONCAT((@CurrentFilterLeft),'1', (@CurrentFilterRight)) WHERE username='$user' ;"
mysql -u root -p"$DB_ROOT_PW" -D radius -e "$QUERY"
done
fi
rm $TMP_USERS
/usr/bin/wkhtmltopdf $TMP_HTML $TMP_PDF