Subversion Repositories ALCASAR

Rev

Rev 2094 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log

Rev 2094 Rev 2234
Line 1... Line 1...
1 
#!/bin/sh
 1 
#!/bin/sh
- 
 
 2 
#
- 
 
 3 
# $Id$
- 
 
 4 
#
- 
 
 5 
# Le script 'macdown' est appelé par coovachilli pendant le DHCP down (release)
- 
 
 6 
# Depuis la version 3.1 de ALCASAR, le système d'interception a changé.
- 
 
 7 
# Pour une adresse mac authorisée pour laquelle coovachilli effectue un DHCP release, l'@IP sera retiré de l'ipset 'not_filtered'
2 
 
 8 
 
3 
#Le script 'macdown' est appelé par coovachilli pendant le DHCP down (release)
 - 
 
4 
#Depuis la version 3.1 de ALCASAR, le système d'interception a changé.
 9 
if [ -z $CALLING_STATION_ID ]; then
5 
#Pour une adresse mac authorisée pour laquelle coovachilli effectue un DHCP release, l'@IP sera retiré de l'ipset 'not_filtered'
 - 
 
- 
 
 10 
	exit 1
- 
 
 11 
fi
6 
 
 12 
 
7 
chilli_current_mac=$(chilli_query list | grep $CALLING_STATION_ID)
 13 
chilli_current_mac=$(chilli_query list | grep $CALLING_STATION_ID)
8 
is_connected=$(echo $chilli_current_mac | cut -d' ' -f5)
 14 
is_connected=$(echo $chilli_current_mac | cut -d' ' -f5)
9 
current_mac=$(echo $chilli_current_mac | cut -d' ' -f1)
 15 
current_mac=$(echo $chilli_current_mac | cut -d' ' -f1)
10 
current_name=$(echo $chilli_current_mac | cut -d' ' -f6)
 16 
current_name=$(echo $chilli_current_mac | cut -d' ' -f6)
11 
current_ip=$(echo $chilli_current_mac | cut -d' ' -f2)
 17 
current_ip=$(echo $chilli_current_mac | cut -d' ' -f2)
12 
 
 18 
 
- 
 
 19 
 
13 
if [ $is_connected == "1" ] && [ $current_mac == $current_name ]; then
 20 
if [ $is_connected == "1" ] && [ $current_mac == $current_name ]; then
14 
	#Lecture du Filter-Id de l'équipement authentifié afin de le retirer de son ipset
 21 
	#Lecture du Filter-Id de l'équipement authentifié afin de le retirer de son ipset
15 
	PASSWD_FILE="/root/ALCASAR-passwords.txt"
 22 
	PASSWD_FILE="/root/ALCASAR-passwords.txt"
16 
	QUERY="SELECT value from radreply where username='$current_mac'"
 23 
	QUERY="SELECT value FROM radreply WHERE attribute='Filter-Id' AND username='$current_mac';"
17 
	FILTER_ID=$(mysql -D radius -u root -p$(cat $PASSWD_FILE | grep "root /" | rev | cut -d' '  -f1 | rev)<<<"$QUERY" | tail -1)
 24 
	FILTER_ID=$(mysql -D radius -u root -p$(cat $PASSWD_FILE | grep "root /" | rev | cut -d' ' -f1 | rev) -e "$QUERY" -Ns)
18 
 
 - 
 
19 
	#Valeur de FILTER-ID : 12345678
 - 
 
20 
	#1-> profile1
 - 
 
21 
	#2-> profile2
 - 
 
22 
	#3-> profile3
 - 
 
23 
	#4-> warn_user (if imputability report has been generated)
 - 
 
24 
	#6-> WL + HAVP
 - 
 
25 
	#7-> BL + HAVP
 - 
 
26 
	#8-> HAVP
 - 
 
27 
 
 - 
 
28 
	if [ ${FILTER_ID:7:1} -eq '1' ] #HAVP
 - 
 
29 
	then
- 
 
30 
		set="havp"
 - 
 
31 
		if [ ${FILTER_ID:0:1} -eq '1' ]
 - 
 
32 
		then
- 
 
33 
			set_proto="proto_1";
 - 
 
34 
		fi
 - 
 
35 
 
 - 
 
36 
		if [ ${FILTER_ID:1:1} -eq '1' ]
 - 
 
37 
		then
- 
 
38 
			set_proto="proto_2";
 - 
 
39 
		fi
 - 
 
40
- 
 
41 
		if [ ${FILTER_ID:2:1} -eq '1' ]
 - 
 
42 
		then
- 
 
43 
			set_proto="proto_3";
 - 
 
44 
		fi
 - 
 
45 
 
 - 
 
46 
		if [ -z "$set_proto"  ]
 - 
 
47 
		then
- 
 
48 
			set_proto="proto_0";
 - 
 
49 
		fi
 - 
 
50 
	fi
 - 
 
51 
 
 - 
 
52 
 
 - 
 
53 
	if [ ${FILTER_ID:6:1} -eq '1' ] #HAVP_BL
 - 
 
54 
	then
- 
 
55 
		set="havp_bl"
 - 
 
56 
		if [ ${FILTER_ID:0:1} -eq '1' ]
 - 
 
57 
		then
- 
 
58 
			set_proto="proto_1";
 - 
 
59 
		fi
 - 
 
60 
 
 - 
 
61 
		if [ ${FILTER_ID:1:1} -eq '1' ]
 - 
 
62 
		then
- 
 
63 
			set_proto="proto_2";
 - 
 
64 
		fi
 - 
 
65
- 
 
66 
		if [ ${FILTER_ID:2:1} -eq '1' ]
 - 
 
67 
		then
- 
 
68 
			set_proto="proto_3";
 - 
 
69 
		fi
 - 
 
70 
 
 - 
 
71 
		if [ -z "$set_proto"  ]
 - 
 
72 
		then
- 
 
73 
			set_proto="proto_0";
 - 
 
74 
		fi
 - 
 
75 
	fi
 - 
 
76 
 
 25 
 
77 
	if [ ${FILTER_ID:5:1} -eq '1' ] #HAVP_WL
 26 
	# FilterID Byte N°0 to 7
78 
	then
27 
	#  0: profile_1 (WEB)
- 
 
 28 
	#  1: profile_2 (WEB + Mail + Remote access)
79 
		set="havp_wl"
 29 
	#  2: profile_3 (Custom)
80 
		if [ ${FILTER_ID:0:1} -eq '1' ]
 30 
	#  3: warn_user (if imputability report has been generated)
81 
		then
31 
	#  5: WL
82 
			set_proto="proto_1";
 32 
	#  6: BL
83 
		fi
 33 
	#  7: HAVP
84 
 
 34 
 
85 
		if [ ${FILTER_ID:1:1} -eq '1' ]
 35 
	if [ ${FILTER_ID:7:1} == '1' ]; then	# HAVP
86 
		then
36 
		set_filter="havp"
- 
 
 37 
	elif [ ${FILTER_ID:6:1} == '1' ]; then	# HAVP_BL
87 
			set_proto="proto_2";
 38 
		set_filter="havp_bl"
88 
		fi
 - 
 
89
- 
 
90 
		if [ ${FILTER_ID:2:1} -eq '1' ]
 39 
	elif [ ${FILTER_ID:5:1} == '1' ]; then	# HAVP_WL
91 
		then
- 
 
92 
			set_proto="proto_3";
 40 
		set_filter="havp_wl"
93 
		fi
 - 
 
94 
 
 - 
 
95 
		if [ -z "$set_proto"  ]
 41 
	else					# NOT_FILTERED
96 
		then
- 
 
97 
			set_proto="proto_0";
 42 
		set_filter="not_filtered"
98 
		fi
 - 
 
99 
	fi
 43 
	fi
100 
 
 44 
 
101 
 
 - 
 
102 
 
 - 
 
103 
	if [ -z "$set"  ] #NOT_FILTERED
 - 
 
104 
	then
- 
 
105 
		set="not_filtered"
 - 
 
106 
		if [ ${FILTER_ID:0:1} -eq '1' ]
 45 
	if [ ${FILTER_ID:0:1} == '1' ]; then	# PROFILE 1 (WEB)
107 
		then
- 
 
108 
			set_proto="proto_1";
 46 
		set_proto="proto_1";
109 
		fi
 - 
 
110 
 
 - 
 
111 
		if [ ${FILTER_ID:1:1} -eq '1' ]
 47 
	elif [ ${FILTER_ID:1:1} == '1' ]; then	# PROFILE 2 (WEB + Mail + Remote access)
112 
		then
- 
 
113 
			set_proto="proto_2";
 48 
		set_proto="proto_2";
114 
		fi
 - 
 
115
- 
 
116 
		if [ ${FILTER_ID:2:1} -eq '1' ]
 49 
	elif [ ${FILTER_ID:2:1} == '1' ]; then	# PROFILE 3 (Custom)
117 
		then
- 
 
118 
			set_proto="proto_3";
 50 
		set_proto="proto_3";
119 
		fi
 - 
 
120 
 
 - 
 
121 
		if [ -z "$set_proto"  ]
 51 
	else					# PROFILE 0 (Not filtered)
122 
		then
- 
 
123 
			set_proto="proto_0";
 52 
		set_proto="proto_0";
124 
		fi
 - 
 
125 
	fi
 53 
	fi
126 
 
 54 
 
127 
 
 - 
 
128 
	ipset del $set $current_ip
 55 
	ipset del $set_filter $current_ip
129 
	ipset del $set_proto $current_ip
 56 
	ipset del $set_proto $current_ip
130 
 
 - 
 
131 
fi
 57 
fi
132 
 
 -