Вы просматриваете старую версию данной страницы. Смотрите текущую версию.
Сравнить с текущим |
просмотр истории страницы
Настройка EVENT_INC.SH
#wall 'event_inc.sh' #selfkiller #selfkiller -30:TERM -50:KILL & disown -a #разблокируем gcount=$RANDOM do_session=0 # pasted by Dmitry from ZCN read octet1 octet2 octet3 octet4<<< "$(echo $ip |tr '.' ' ')" function unlock_telnet(){ flock -u -w 30 11 && LOG INFO "UnLock $lock Success" } function lock_telnet(){ #открываем файл блокировки lock="$gcount id=$id ip=$ip $RANDOM" exec 11>&- exec 11>/tmp/telnet.lock # попытка блокировать ждем 30 секунд пока другие все закончат LOG INFO "Try Lock $lock 30sec... " if flock -w 120 11 ; then LOG INFO "Lock $lock Success" else LOG INFO "Lock $lock failed. Create New Lock;" rm -f /tmp/telnet.lock; #rm -f защита от повисших скриптов exec 11>&- exec 11>/tmp/telnet.lock fi } SECONDS="" #LOG_LEVEL=ALL #LOGFILE="/var/log/event_sh.log" LOG_LEVEL=ALL nas_pass=Redback coa_port=3799 #if ! selflock 10; then # LOG WARN "reached time limit $$" # exit #fi SENDER=$1; shift EVENT=$1; shift DATA=$@ for VAR in $DATA; do [[ "$VAR" = *"="* ]] && eval ${VAR%%=*}=\'${VAR#*=}\' done LOG INFO "" LOG INFO " $gcount ***$EVENT*** $DATA" if [ "$EVENT" = "user_data_changed_before" ]; then echo "${DATA// / old_}" >/var/lib/event/before/$id.before fi if [ "$EVENT" = "user_data_changed" -a -f /var/lib/event/before/$id.before ]; then for VAR in $(</var/lib/event/before/$id.before); do [[ "$VAR" = *"="* ]] && eval ${VAR%%=*}=\'${VAR#*=}\' done fi function do_snmp(){ LOG INFO "$gcount do_snmp reconnect user ip=$ip id=$id" lock_telnet /bin/bash /var/lib/event/reconnect_snmp.sh 10.22.0.200 $ip $id statclips \ || { LOG INFO "$gcount do_snmp reconnect FAILED user ip=$ip id=$id do_reconnect expect" ; do_reconnect; } unlock_telnet #sleep 10 } function do_reconnect(){ LOG INFO "$gcount do_reconnect expect user ip=$ip id=$id" lock_telnet # /usr/local/bin/expect /var/lib/event/reconnect_user.tcl 10.22.0.200 $ip $id | grep -i 'Connection refused' # pasted by Dmitry from ZCN /usr/local/bin/expect /var/lib/event/reconnect_user.tcl 10.22.0.200 $ip $id $octet1 $octet2 $octet3 $octet4 | grep -i 'Connection refused' sleep 4 #3] /usr/local/bin/expect /var/lib/event/reconnect_user_mini.tcl 10.22.0.200 $ip $id | grep -i 'Connection refused' [ "$?" = 0 ] && { echo "Connection refused sleep 20" ; sleep 20; } # \ # && LOG INFO " reconect user "$ip $id \ # || LOG INFO " NOT changed user "$ip $id unlock_telnet } function do_policy(){ do_inet=1 # выключаем инет кому запрещен [ "$auth_type" = "6" -a "$tray_logged" = "0" ] && do_inet=0 [ "$logged" = -1 ] && do_inet=0 [ "$enabled" = "0" -o \ "$over_limit" = "1" -o "$deleted" = "1" ] && do_inet=0 if [ $do_inet = "1" ]; then LOG INFO "$gcount Enable Internet for id=$id ip=$ip" echo "Acct-Session-Id=\"$acct_session_id\",Forward-Policy=\"in:\""\ | radclient -x $nas_ip:$coa_port coa $nas_pass 2>&1 \ | grep -i "Session-Context-Not-Found" [ $? -eq 0 ] && do_session=1 else : LOG INFO "$gcount Disable Internet for id=$id ip=$ip enabled=$enabled over_limit=$over_limit deleted=$deleted tray_logged=$tray_logged" echo "Acct-Session-Id=\"$acct_session_id\",Forward-Policy=\"in:\",Forward-Policy=\"in:HTTP-REDIRECT\",HTTP-Redirect-URL=\"http://10.50.0.100/noauth\""| radclient -x $nas_ip:$coa_port coa $nas_pass \ | grep -i "Session-Context-Not-Found" [ $? -eq 0 ] && do_session=1 if [ $over_limit = 1 ]; then LOG INFO "$gcount Overlimit Disable Internet for id=$id ip=$ip enabled=$enabled over_limit=$over_limit deleted=$deleted tray_logged=$tray_logged" echo "Acct-Session-Id=\"$acct_session_id\",Forward-Policy=\"in:HTTP-REDIRECT\",HTTP-Redirect-URL=\"http://10.50.0.100/nomoney\""\ | radclient -x $nas_ip:$coa_port coa $nas_pass \ | grep -i "Session-Context-Not-Found" [ $? -eq 0 ] && do_session=1 fi fi } case "$EVENT" in login | tray_view_login | balance_negative | balance_positive) if [ "$nas_ip" = '192.168.1.11' ]; then if [ "$acct_session_id" != "" ]; then do_policy ## and set var do_session fi if [ "$acct_session_id" = "" -o "$do_session" = "1" ]; then #do_reconnect # не гарантированно будет новый логин поэтому политику вешаем do_snmp # do_police ideco бесполезно, здесь делать тк acct_session_id будет другой do_policy fi fi ;; rad_acc_start) [ "$auth_type" = "1" ] && do_policy ;; # TODO radius_update_err) # возможно надо убрать user_data_changed try_double_login|try_double_acc) if [ "$nas_ip" = '192.168.1.11' ]; then # sqlexec "update users_radiusauth set logged=0, radius_logged=0, RADIUS_CHECKED=0, # RADIUS_BREAK=0 where user_id=$id;" sleep 5 # sqlexec "update users_radiusauth set logged=0, radius_logged=0, RADIUS_CHECKED=0, # RADIUS_BREAK=0 where user_id=$id;" #do_reconnect do_snmp # do_policy fi ;; tray_view_mustlogon) [ "$radius_logged" = "1" ] && exit if [ -f /tmp/tray_view_mustlogon.$id ] && \ [ $(( `date +%s` - `stat -c "%Y" /tmp/tray_view_mustlogon.$id` )) -lt 30 ]; then LOG INFO "$gcount SKIP tray_view_mustlogon for id=$id ip=$ip. last<30sec from `cat /tmp/tray_view_mustlogon.$id`" exit 0 fi if [ "$nas_ip" = '192.168.1.11' ]; then echo "gcount=$gcount" > /tmp/tray_view_mustlogon.$id setsid bash -c "sleep 100; rm -f /tmp/tray_view_mustlogon.$id " & sleep 10 #do_reconnect do_snmp #do_policy fi ;; user_data_changed) if [ "$nas_ip" = '192.168.1.11' ]; then sleep 10 do_reconnect #do_snmp #do_policy fi ;; user_disconnect) if [ "$nas_ip" = '192.168.1.11' ]; then sleep 10 #do_reconnect do_snmp #do_policy fi ;; logout) rm -f /tmp/tray_view_mustlogon.$id ;; logout_TMP|tray_view_logout | tray_timeout) #todo logged=-1 do_policy ;; user_del|user_data_changed_before) # pasted by Dmitry from ZCN [ "$deleted" = "1" ] && sleep 15 lock_telnet LOG INFO "$gcount expect user_del user ip=$ip id=$id do_reconnect expect" # /usr/local/bin/expect /var/lib/event/del_user_ip.tcl 10.22.0.200 $ip $id \ # pasted by Dmitry from ZCN read octet1 octet2 octet3 octet4<<< "$(echo $ip |tr '.' ' ')" /usr/local/bin/expect /var/lib/event/del_user_ip.tcl 10.22.0.200 $ip $id $octet1 $octet2 $octet3 $octet4 \ && LOG INFO "$gcount deleted user "$ip $id \ || LOG INFO "$gcount NOT deleted user "$ip $id unlock_telnet [ "$EVENT" = "user_del" ] && sqlexec "update users set nas_ip=null where id=$id and deleted=1" ;; "rate_set") [ "$nas_ip" = '192.168.1.11' ] && \ if [ $ceil_in -ne -1 ] then let "burst_in = ceil_in * 1000 / 8" let "excess_burst_in = ceil_in * 1500 / 8" let "burst_out = ceil_out * 1000 / 8" let "excess_burst_out = ceil_out * 1500 / 8" echo "Acct-Session-Id=\"$acct_session_id\",Dynamic-QoS-Param += \"police-class-rate cls-all rate-absolute $ceil_in\",Dynamic-QoS-Param += \"police-class-burst cls-all $burst_in\", / Dynamic-QoS-Param += \"police-class-excess-burst cls-all $excess_burst_in\",Dynamic-QoS-Param += \"meter-class-rate cls-all rate-absolute $ceil_out\",Dynamic-QoS-Param += \"meter-class-burst cls-all $burst_out\", / Dynamic-QoS-Param += \"meter-class-excess-burst cls-all $excess_burst_out\""| radclient -x $nas_ip:$coa_port coa $nas_pass && LOG INFO " the user set ceil_in=$ceil_in and ceil_out=$ceil_out " $ip id=$id else LOG INFO " NOT changed ceil_in=$ceil_in and ceil_out=$ceil_out " $ip $id fi ;; *) : ;; esac