21,7 → 21,7 |
PRIVATE_IP=`echo "$private_ip_mask" |cut -d"/" -f1` # @ip du portail (côté LAN) |
PRIVATE_IP=${PRIVATE_IP:=192.168.182.1} |
tmp_file="/tmp/watchdog.txt" |
tmp_users_file="/tmp/current_users.txt" |
current_users_file="/tmp/current_users.txt" |
DIR_WEB="/var/www/html" |
Index_Page="$DIR_WEB/index.php" |
IPTABLES="/sbin/iptables" |
105,67 → 105,42 |
;; |
*) |
lan_test |
# read file that contains IP address of user who are not in $tmp_users_file (its means that status.php has been closed) |
if [ -e $tmp_file ]; then |
cat $tmp_file | while read noresponse |
do |
noresponse_ip=`echo $noresponse | cut -d" " -f1` |
noresponse_mac=`echo $noresponse | cut -d" " -f2` |
noresponse_user=`echo $noresponse | cut -d" " -f3` |
data_user=$(/usr/sbin/chilli_query list | grep -v "\.0\.0\.0" | awk '$5 == 1' | grep $noresponse_ip) |
if [ $(echo $data_users | wc -l) -eq 1 ] #if it still connected ... |
then |
if [[ $noresponse_user != $noresponse_mac ]] # we let @mac auth equipments connected |
then |
logger "alcasar-watchdog $noresponse_ip ($noresponse_mac) can't be contact. Alcasar disconnects the user ($noresponse_user)." |
echo "Disconnect : $noresponse_ip $noresponse_mac $noresponse_user" |
/usr/sbin/chilli_query logout $noresponse_mac |
fi |
fi |
|
done |
rm $tmp_file |
# if [ -e $tmp_users_file ]; then |
# rm $tmp_users_file |
# fi |
|
fi |
|
# this temporary file contains every 'user IP address' which are connected to ALCASAR (status.php still open) |
if [ -e $tmp_users_file ]; then |
for ip_user in $(cat $tmp_users_file) |
# We disconnect inactive users (its means that status.php has been closed) |
# Each user inform about his connectivity by filling in /tmp/current_users.txt his own @IP |
# process each equipment known by chilli to check if any equipment is usurped (@MAC) |
for system in `/usr/sbin/chilli_query list |grep -v "\.0\.0\.0"` |
do |
# Check if thses users are also connected for chilli |
data_user=$(/usr/sbin/chilli_query list | grep -v "\.0\.0\.0" | awk '$5 == 1' | grep $ip_user) |
if [ $(echo $data_users | wc -l) -eq 0 ] #if user not in the file $tmp_users_file (it means that status.php has been closed) |
then |
#save info in tmp_file |
active_ip=`echo $data_user |cut -d" " -f2` |
active_mac=`echo $data_user | cut -d" " -f1` |
active_user=`echo $data_user |cut -d" " -f6` |
echo "$active_ip $active_mac $active_user" >> $tmp_file #save info for next time, user will be disconnected. |
fi |
done |
rm $tmp_users_file |
else |
for system in $(/usr/sbin/chilli_query list |grep -v "\.0\.0\.0" | awk '$5 == 1') |
do |
#disconnect all users |
active_ip=`echo $system |cut -d" " -f2` |
active_session=`echo $system |cut -d" " -f5` |
active_mac=`echo $system | cut -d" " -f1` |
active_user=`echo $system |cut -d" " -f6` |
echo "$active_ip $active_mac $active_user" >> $tmp_file |
done |
|
#We disconnect inactive user here : |
#We check if this is not an auth @MAC and if he is still connected |
if [ "$active_user" != "$active_mac" ] && [ $(echo $system | awk '$5 == 1' | wc -c) -gt 1 ]; then |
# If /tmp/current_user.txt exists ... |
if [ -e $current_users_file ]; then |
# We check if user @IP is in 'current_users.txt' |
cmp_user_ok=$(cat $current_users_file | grep $active_ip | wc -w) |
# If this @IP is not in this file, we disconnect this user. |
if [ $cmp_user_ok -eq 0 ]; then |
logger "alcasar-watchdog $active_ip ($active_mac) can't be contact. Alcasar disconnects the user ($active_user)." |
echo "Disconnect : $active_ip $active_mac $active_user" |
/usr/sbin/chilli_query logout $active_mac |
fi |
# We clean 'current_users.txt'. Every user need to inform their @IP everytime to prove thier connectivity. |
sed -i 'd' $current_users_file |
else # If /tmp/current_user.txt does not exists we disconnect every users. |
logger "Le fichier /tmp/current_users.txt n'existe pas." |
logger "alcasar-watchdog $active_ip ($active_mac) can't be contact. Alcasar disconnects the user ($active_user)." |
echo "Disconnect : $active_ip $active_mac $active_user" |
/usr/sbin/chilli_query logout $active_mac |
fi |
fi |
|
|
# process each equipment known by chilli to check if any equipment is usurped (@MAC) |
for system in `/usr/sbin/chilli_query list |grep -v "\.0\.0\.0"` |
do |
active_ip=`echo $system |cut -d" " -f2` |
active_session=`echo $system |cut -d" " -f5` |
active_mac=`echo $system | cut -d" " -f1` |
active_user=`echo $system |cut -d" " -f6` |
|
# process only equipment with an authenticated user |
if [[ $(expr $active_session) -eq 1 ]] |
then |
183,3 → 158,4 |
;; |
esac |
IFS=$OLDIFS |
|