1 |
#!/bin/sh
|
1 |
#!/bin/sh
|
2 |
#
|
2 |
#
|
3 |
# $Id: alcasar-macup.sh 2692 2019-01-25 23:18:50Z tom.houdayer $
|
3 |
# $Id: alcasar-macup.sh 2712 2019-03-10 23:28:36Z tom.houdayer $
|
4 |
#
|
4 |
#
|
5 |
# alcasar-macup.sh
|
5 |
# alcasar-macup.sh
|
6 |
#
|
6 |
#
|
7 |
# This script is distributed under the Gnu General Public License (GPL)
|
7 |
# This script is distributed under the Gnu General Public License (GPL)
|
8 |
|
8 |
|
9 |
PASSWD_FILE="/root/ALCASAR-passwords.txt"
|
9 |
PASSWD_FILE="/root/ALCASAR-passwords.txt"
|
10 |
|
10 |
|
11 |
if [ -z "$CALLING_STATION_ID" ]; then
|
11 |
if [ -z "$CALLING_STATION_ID" ]; then
|
12 |
exit 1
|
12 |
exit 1
|
13 |
fi
|
13 |
fi
|
14 |
|
14 |
|
15 |
dbRootPass=$(grep ^db_root= $PASSWD_FILE | cut -d'=' -f2-)
|
15 |
dbRootPass=$(grep ^db_root= $PASSWD_FILE | cut -d'=' -f2-)
|
16 |
|
16 |
|
17 |
chilli_query_res=$(chilli_query list mac $CALLING_STATION_ID)
|
17 |
chilli_query_res=$(chilli_query list mac $CALLING_STATION_ID)
|
18 |
[ -z "$chilli_query_res" ] && exit
|
18 |
[ -z "$chilli_query_res" ] && exit
|
19 |
|
19 |
|
20 |
is_connected=$(echo "$chilli_query_res" | awk '{ print $5 }')
|
20 |
is_connected=$(echo "$chilli_query_res" | awk '{ print $5 }')
|
21 |
current_mac=$CALLING_STATION_ID
|
21 |
current_mac=$CALLING_STATION_ID
|
22 |
|
22 |
|
23 |
if [ $is_connected == '0' ]; then
|
23 |
if [ $is_connected == '0' ]; then
|
24 |
db_query="SELECT username, IFNULL((UNIX_TIMESTAMP(NOW()) - UNIX_TIMESTAMP(acctstoptime)), 0) AS timeout, acctterminatecause FROM radacct WHERE callingstationid='$current_mac' ORDER BY acctstarttime DESC LIMIT 1;"
|
24 |
db_query="SELECT username, IFNULL((UNIX_TIMESTAMP(NOW()) - UNIX_TIMESTAMP(acctstoptime)), 0) AS timeout, acctterminatecause FROM radacct WHERE callingstationid='$current_mac' ORDER BY acctstarttime DESC LIMIT 1;"
|
25 |
db_res=$(mysql -u root -p"$dbRootPass" -D radius -e "$db_query" -Bs)
|
25 |
db_res=$(mysql -u root -p"$dbRootPass" -D radius -e "$db_query" -Bs)
|
26 |
|
26 |
|
27 |
if [ -n "$db_res" ]; then
|
27 |
if [ -n "$db_res" ]; then
|
28 |
username=$(echo "$db_res" | cut -f1)
|
28 |
username=$(echo "$db_res" | cut -f1)
|
29 |
timeout=$(echo "$db_res" | cut -f2)
|
29 |
timeout=$(echo "$db_res" | cut -f2)
|
30 |
acctterminatecause=$(echo "$db_res" | cut -f3)
|
30 |
acctterminatecause=$(echo "$db_res" | cut -f3)
|
31 |
|
31 |
|
32 |
if [ "$acctterminatecause" != "User-Request" ]; then
|
32 |
if [ "$acctterminatecause" != "User-Request" ]; then
|
- |
|
33 |
db_query_additionalGroups=''
|
- |
|
34 |
[ -n "$FILTER_ID" ] && db_query_additionalGroups="( SELECT attribute, value FROM radgroupreply WHERE groupname = '$FILTER_ID' AND (attribute='Alcasar-Reconnect-Timeout') ) UNION "
|
- |
|
35 |
db_query="SELECT attribute, value FROM ( \
|
- |
|
36 |
( SELECT attribute, value FROM radreply WHERE username = '$USER_NAME' AND (attribute='Alcasar-Reconnect-Timeout') ) UNION \
|
33 |
db_query="SELECT attribute, value FROM ((SELECT attribute, value FROM radreply WHERE (attribute='Alcasar-Reconnect-Timeout') AND username='$username') UNION (SELECT attribute, value FROM radgroupreply gr LEFT JOIN radusergroup ug ON gr.groupname = ug.groupname WHERE (attribute='Alcasar-Reconnect-Timeout') AND username = '$username' ORDER BY ug.priority) UNION (SELECT attribute, value FROM radgroupreply WHERE groupname = 'ldap' AND (attribute='Alcasar-Reconnect-Timeout'))) attrs GROUP BY attribute;"
|
37 |
( SELECT attribute, value FROM radgroupreply gr LEFT JOIN radusergroup ug ON gr.groupname = ug.groupname WHERE username = '$USER_NAME' AND (attribute='Alcasar-Reconnect-Timeout') ORDER BY ug.priority ) UNION \
|
- |
|
38 |
$db_query_additionalGroups \
|
- |
|
39 |
( SELECT attribute, value FROM radgroupreply WHERE groupname = 'default' AND (attribute='Alcasar-Reconnect-Timeout') ) \
|
- |
|
40 |
) attrs GROUP BY attribute;"
|
34 |
db_res=$(mysql -u root -p"$dbRootPass" -D radius -e "$db_query" -Bs)
|
41 |
db_res=$(mysql -u root -p"$dbRootPass" -D radius -e "$db_query" -Bs)
|
35 |
|
42 |
|
36 |
reconnectTimeout=$(echo "$db_res" | awk '$1 == "Alcasar-Reconnect-Timeout" { print $2 }')
|
43 |
reconnectTimeout=$(echo "$db_res" | awk '$1 == "Alcasar-Reconnect-Timeout" { print $2 }')
|
37 |
|
44 |
|
38 |
if [ -n "$reconnectTimeout" ] && [ $timeout -le $reconnectTimeout ]; then
|
45 |
if [ -n "$reconnectTimeout" ] && [ $timeout -le $reconnectTimeout ]; then
|
39 |
for i in {1..10}; do
|
46 |
for i in {1..10}; do
|
40 |
sleep 1
|
47 |
sleep 1
|
41 |
chilli_query authorize mac $current_mac username "$username"
|
48 |
chilli_query authorize mac $current_mac username "$username"
|
42 |
chilli_query_res=$(chilli_query list mac $current_mac)
|
49 |
chilli_query_res=$(chilli_query list mac $current_mac)
|
43 |
isPassing=$(echo "$chilli_query_res" | awk '{ print $3 }')
|
50 |
isPassing=$(echo "$chilli_query_res" | awk '{ print $3 }')
|
44 |
is_connected=$(echo "$chilli_query_res" | awk '{ print $5 }')
|
51 |
is_connected=$(echo "$chilli_query_res" | awk '{ print $5 }')
|
45 |
if [ "$is_connected" == '1' ] && [ "$isPassing" == 'pass' ]; then
|
52 |
if [ "$is_connected" == '1' ] && [ "$isPassing" == 'pass' ]; then
|
46 |
logger -t alcasar-macup "The MAC address \"$current_mac\" is reconnected with user \"$username\"."
|
53 |
logger -t alcasar-macup "The MAC address \"$current_mac\" is reconnected with user \"$username\"."
|
47 |
break
|
54 |
break
|
48 |
fi
|
55 |
fi
|
49 |
done
|
56 |
done
|
50 |
fi
|
57 |
fi
|
51 |
fi
|
58 |
fi
|
52 |
fi
|
59 |
fi
|
53 |
fi
|
60 |
fi
|
54 |
|
61 |
|