# Добиться авторизации без пароля с биллинга и выполнения команд.
# В скрипте events_inc.sh настраивается отправка событий.
# Можно целиком передавать событие в качестве аргументов доп. скрипту на стороне Carbon Reductor.
h2. Примеры скриптов
Редуктор - 10.0.0.1
h3. Carbon Billing 4: /var/lib/event/event_inc.sh
{code}
#!/bin/bash
/usr/bin/selfkiller -30:TERM -50:KILL & disown -a
LOG_LEVEL=ALL
SENDER=$1; shift
EVENT=$1; shift
DATA=$@
for VAR in $DATA; do
[[ "$VAR" = *"="* ]] && eval ${VAR%%=*}=\'${VAR#*=}\'
done
LOG INFO "$SENDER $EVENT $DATA"
ssh root@10.0.0.1 /app/reductor/cfg/userinfo/hooks/negbalset $SENDER $EVENT $DATA >/var/log/ssh10.0.0.1.log 2>&1
{code}
h3. Reductor: /app/reductor/cfg/userinfo/hooks/negbalset
{code}
#!/bin/bash
# Логика выставления negbal зависит от переданных переменных
# по правильному это должно быть на стороне биллинга.
LOGFILE=/var/log/negbalset.log
PROG=negbalset
Exit() {
local rc=$?
[ -z "$1" ] || rc="$1"
CATCHED=1
exit $rc
}
Warning() {
echo "$PROG: warning: $*" >&2
}
Fatal() {
echo "$PROG: $*" >&2
Exit 1
}
exit_handler()
{
local rc=$?
trap - EXIT
[ -n "$CATCHED" -o $rc -eq 0 ] ||
echo "$PROG: unhandled error, exiting..."
exit $rc
}
signal_handler() {
echo 'Interrupted!' >&2
Exit 1
}
Log() {
echo $(date +'%_d %b %T') " " $@
}
__ipset() {
Log "$@"
timeout -s 15 10s chroot /app/reductor/ ipset "$@"
}
trap exit_handler EXIT
trap signal_handler SIGHUP SIGPIPE SIGINT SIGTERM SIGQUIT
SENDER=$1; shift
EVENT=$1; shift
DATA=$@
for VAR in $DATA; do
[[ "$VAR" = *"="* ]] && eval ${VAR%%=*}=\'${VAR#*=}\'
done
# LOG INFO "$SENDER $EVENT $DATA"
case "$EVENT" in
"balance_negative")
Log "Negative balance for $ip - add from base negbal"
__ipset add negbal $ip
;;
"icsd_balance_negative")
Log "Negative balance for $ip - add from base negbal"
__ipset add negbal $ip
;;
"balance_positive")
if [ "$ceil_in" == "-1" ];then
Log "ignored $ip"
exit 0
fi
Log "Positive balance for $ip - del from base negbal"
__ipset del negbal $ip
;;
"user_data_changed")
if [ "$over_limit" == "1" ];then
Log "Data changed for blocked $ip - add from base negbal"
__ipset add negbal $ip
exit 0
fi
if [ "$ceil_in" == "-1" ];then
Log "ignored $ip"
exit 0
fi
Log "Data changed for $ip - del from base negbal"
__ipset del negbal $ip
;;
"rate_set")
if [ "$over_limit" == "1" ];then
Log "Data changed for blocked $ip - add from base negbal"
__ipset add negbal $ip
exit 0
fi
if [ "$ceil_in" == "-1" ];then
Log "ignored $ip"
exit 0
fi
Log "Rate set for $ip - del from base negbal"
__ipset del negbal $ip
;;
"login")
if [ "$over_limit" == "1" ];then
Log "Data changed for blocked $ip - add from base negbal"
__ipset add negbal $ip
exit 0
fi
if [ "$ceil_in" == "-1" ];then
Log "ignored $ip"
exit 0
fi
Log "Rate set for $ip - - del from base negbal"
__ipset del negbal $ip
;;
*)
:
;;
esac
{code}
# В скрипте events_inc.sh настраивается отправка событий.
# Можно целиком передавать событие в качестве аргументов доп. скрипту на стороне Carbon Reductor.
h2. Примеры скриптов
Редуктор - 10.0.0.1
h3. Carbon Billing 4: /var/lib/event/event_inc.sh
{code}
#!/bin/bash
/usr/bin/selfkiller -30:TERM -50:KILL & disown -a
LOG_LEVEL=ALL
SENDER=$1; shift
EVENT=$1; shift
DATA=$@
for VAR in $DATA; do
[[ "$VAR" = *"="* ]] && eval ${VAR%%=*}=\'${VAR#*=}\'
done
LOG INFO "$SENDER $EVENT $DATA"
ssh root@10.0.0.1 /app/reductor/cfg/userinfo/hooks/negbalset $SENDER $EVENT $DATA >/var/log/ssh10.0.0.1.log 2>&1
{code}
h3. Reductor: /app/reductor/cfg/userinfo/hooks/negbalset
{code}
#!/bin/bash
# Логика выставления negbal зависит от переданных переменных
# по правильному это должно быть на стороне биллинга.
LOGFILE=/var/log/negbalset.log
PROG=negbalset
Exit() {
local rc=$?
[ -z "$1" ] || rc="$1"
CATCHED=1
exit $rc
}
Warning() {
echo "$PROG: warning: $*" >&2
}
Fatal() {
echo "$PROG: $*" >&2
Exit 1
}
exit_handler()
{
local rc=$?
trap - EXIT
[ -n "$CATCHED" -o $rc -eq 0 ] ||
echo "$PROG: unhandled error, exiting..."
exit $rc
}
signal_handler() {
echo 'Interrupted!' >&2
Exit 1
}
Log() {
echo $(date +'%_d %b %T') " " $@
}
__ipset() {
Log "$@"
timeout -s 15 10s chroot /app/reductor/ ipset "$@"
}
trap exit_handler EXIT
trap signal_handler SIGHUP SIGPIPE SIGINT SIGTERM SIGQUIT
SENDER=$1; shift
EVENT=$1; shift
DATA=$@
for VAR in $DATA; do
[[ "$VAR" = *"="* ]] && eval ${VAR%%=*}=\'${VAR#*=}\'
done
# LOG INFO "$SENDER $EVENT $DATA"
case "$EVENT" in
"balance_negative")
Log "Negative balance for $ip - add from base negbal"
__ipset add negbal $ip
;;
"icsd_balance_negative")
Log "Negative balance for $ip - add from base negbal"
__ipset add negbal $ip
;;
"balance_positive")
if [ "$ceil_in" == "-1" ];then
Log "ignored $ip"
exit 0
fi
Log "Positive balance for $ip - del from base negbal"
__ipset del negbal $ip
;;
"user_data_changed")
if [ "$over_limit" == "1" ];then
Log "Data changed for blocked $ip - add from base negbal"
__ipset add negbal $ip
exit 0
fi
if [ "$ceil_in" == "-1" ];then
Log "ignored $ip"
exit 0
fi
Log "Data changed for $ip - del from base negbal"
__ipset del negbal $ip
;;
"rate_set")
if [ "$over_limit" == "1" ];then
Log "Data changed for blocked $ip - add from base negbal"
__ipset add negbal $ip
exit 0
fi
if [ "$ceil_in" == "-1" ];then
Log "ignored $ip"
exit 0
fi
Log "Rate set for $ip - del from base negbal"
__ipset del negbal $ip
;;
"login")
if [ "$over_limit" == "1" ];then
Log "Data changed for blocked $ip - add from base negbal"
__ipset add negbal $ip
exit 0
fi
if [ "$ceil_in" == "-1" ];then
Log "ignored $ip"
exit 0
fi
Log "Rate set for $ip - - del from base negbal"
__ipset del negbal $ip
;;
*)
:
;;
esac
{code}