|
Ключ
Эта строка удалена.
Это слово было удалено. Это слово было добавлено.
Эта строка добавлена.
|
Изменения (91)
просмотр истории страницы| {code} |
| #!/bin/bash |
| # skip crab_syntax |
| TMPDIR=/tmp/${0##*/} |
... |
| trap __exit EXIT __exit() { |
| local ret=$? rm -f $TMPDIR/*.$$ return $ret |
| local ret=$? rm -f $TMPDIR/*.$$ return $ret |
| } function __radclient() { |
| res=$(radclient -c 1 -r 2 -t 1 -x $nas_ip:$coa_port $1 $coa_psw) |
| ret=$? set +x |
| ret=$? set +x |
| echo echo "$res" | grep -q "Error-Cause = 0\|Error-Cause = 200" && ret=0 |
| echo echo "$res" | grep -q "Error-Cause = Resources Unavailable" && ret=254 |
| echo "$res" | grep -q "no response from server" && ret=254 |
| echo "$res" | grep -q "no response from server" && ret=254 |
| if if echo "$res" | grep -q "Error-Cause = Session-Context-Not-Found\|Missing-Attribute"; then |
| echo -e "clear subscriber session username $login\nclear subscriber session username $ip"\ | ssh_send -q -e "$telnet_enpassword" -t "$telnet_type" -u "$telnet_login" -p "$telnet_password" "$telnet_ip" --port "${telnet_port:-22}" fi echo $res set -x return $ret |
| echo -e "clear subscriber session username $login\nclear subscriber session username $ip"\ | ssh_send -q -e "$telnet_enpassword" -t "$telnet_type" -u "$telnet_login" -p "$telnet_password" "$telnet_ip" --port "${telnet_port:-22}" fi echo $res set -x return $ret |
| } |
| |
| # Приходит при создании пользователя в биллинге # И при смене критичных параметров(ip, vlan, port etc.)(с новыми значениями) # Обычно/ используется для ip авторизации user_add() { |
| : |
| : |
| } |
... |
| # Обычно используется для ВСЕХ видов авторизации user_del() { |
| user_disconnect |
| user_disconnect |
| } |
... |
| # т.к. у любого оборудования есть ограничения на колличество отправляемых команд в секунду user_accept() { |
| echo "Cisco-Account-Info=\"S${ip}:vrf-id=${vrf}\",\ cisco-avpair+=\"subscriber:service-name=FWPOL_BLOCKED_TRUSTED\",\ cisco-avpair+=\"subscriber:command=deactivate-service\"" | __radclient coa |
| echo "Cisco-Account-Info=\"S${ip}:vrf-id=${vrf}\",\ cisco-avpair+=\"subscriber:service-name=FWPOL_BLOCKED_TRUSTED\",\ cisco-avpair+=\"subscriber:command=deactivate-service\"" | __radclient coa |
| |
| echo "Cisco-Account-Info=\"S${ip}:vrf-id=${vrf}\",\ cisco-avpair+=\"subscriber:service-name=FWPOL_BLOCKED_REDIRECT\",\ cisco-avpair+=\"subscriber:command=deactivate-service\"" | __radclient coa |
| echo "Cisco-Account-Info=\"S${ip}:vrf-id=${vrf}\",\ cisco-avpair+=\"subscriber:service-name=FWPOL_BLOCKED_REDIRECT\",\ cisco-avpair+=\"subscriber:command=deactivate-service\"" | __radclient coa |
| |
| echo "Cisco-Account-Info=\"S${ip}:vrf-id=${vrf}\",\ Cisco-Account-Info+=\"AFWPOL_ACCEPT\", Cisco-Account-Info+=\"AFWPOL_NOSHAPE\"" | __radclient coa |
| echo "Cisco-Account-Info=\"S${ip}:vrf-id=${vrf}\",\ cisco-avpair+=\"subscriber:service-name=FWPOL_ACCEPT\",\ cisco-avpair+=\"subscriber:command=activate-service\"" | __radclient coa |
| |
| echo "Cisco-Account-Info=\"S${ip}:vrf-id=${vrf}\",\ cisco-avpair+=\"subscriber:service-name=FWPOL_NOSHAPE\",\ cisco-avpair+=\"subscriber:command=activate-service\"" | __radclient coa |
| } |
... |
| # Рекомендуется избегать удаления пользователя из списков, для экономии очереди команд на оборудовании user_drop() { |
| echo "Cisco-Account-Info=\"S${ip}:vrf-id=${vrf}\",\ cisco-avpair+=\"subscriber:service-name=FWPOL_ACCEPT\",\ cisco-avpair+=\"subscriber:command=deactivate-service\"" | __radclient coa |
| echo "Cisco-Account-Info=\"S${ip}:vrf-id=${vrf}\",\ cisco-avpair+=\"subscriber:service-name=FWPOL_ACCEPT\",\ cisco-avpair+=\"subscriber:command=deactivate-service\"" | __radclient coa |
| |
| echo "Cisco-Account-Info=\"S${ip}:vrf-id=${vrf}\",\ cisco-avpair+=\"subscriber:service-name=FWPOL_NOSHAPE\",\ cisco-avpair+=\"subscriber:command=deactivate-service\"" | __radclient coa |
| echo "Cisco-Account-Info=\"S${ip}:vrf-id=${vrf}\",\ cisco-avpair+=\"subscriber:service-name=FWPOL_NOSHAPE\",\ cisco-avpair+=\"subscriber:command=deactivate-service\"" | __radclient coa |
| |
| echo "Cisco-Account-Info=\"S${ip}:vrf-id=${vrf}\",\ Cisco-Account-Info=\"AFWPOL_BLOCKED_REDIRECT\",\ Cisco-Account-Info+=\"AFWPOL_BLOCKED_TRUSTED\"" | __radclient coa |
| echo "Cisco-Account-Info=\"S${ip}:vrf-id=${vrf}\",\ cisco-avpair+=\"subscriber:service-name=FWPOL_BLOCKED_TRUSTED\",\ cisco-avpair+=\"subscriber:command=activate-service\"" | __radclient coa |
| |
| echo "Cisco-Account-Info=\"S${ip}:vrf-id=${vrf}\",\ cisco-avpair+=\"subscriber:service-name=FWPOL_BLOCKED_REDIRECT\",\ cisco-avpair+=\"subscriber:command=activate-service\"" | __radclient coa |
| } |
... |
| # Приходит при превышении лимита, либо при отключении услуги user_redirect() { |
| echo "Cisco-Account-Info=\"S${ip}:vrf-id=${vrf}\",\ cisco-avpair+=\"subscriber:service-name=FWPOL_ACCEPT\",\ cisco-avpair+=\"subscriber:command=deactivate-service\"" | __radclient coa |
| echo "Cisco-Account-Info=\"S${ip}:vrf-id=${vrf}\",\ cisco-avpair+=\"subscriber:service-name=FWPOL_ACCEPT\",\ cisco-avpair+=\"subscriber:command=deactivate-service\"" | __radclient coa |
| |
| echo "Cisco-Account-Info=\"S${ip}:vrf-id=${vrf}\",\ cisco-avpair+=\"subscriber:service-name=FWPOL_NOSHAPE\",\ cisco-avpair+=\"subscriber:command=deactivate-service\"" | __radclient coa |
| echo "Cisco-Account-Info=\"S${ip}:vrf-id=${vrf}\",\ cisco-avpair+=\"subscriber:service-name=FWPOL_NOSHAPE\",\ cisco-avpair+=\"subscriber:command=deactivate-service\"" | __radclient coa |
| |
| echo "Cisco-Account-Info=\"S${ip}:vrf-id=${vrf}\",\ Cisco-Account-Info=\"AFWPOL_NEGBAL_REDIRECT\",\ Cisco-Account-Info+=\"AFWPOL_NEGBAL_TRUSTED\"" | __radclient coa |
| echo "Cisco-Account-Info=\"S${ip}:vrf-id=${vrf}\",\ cisco-avpair+=\"subscriber:service-name=FWPOL_NEGBAL_REDIRECT\",\ cisco-avpair+=\"subscriber:command=activate-service\"" | __radclient coa echo "Cisco-Account-Info=\"S${ip}:vrf-id=${vrf}\",\ cisco-avpair+=\"subscriber:service-name=FWPOL_NEGBAL_TRUSTED\",\ cisco-avpair+=\"subscriber:command=activate-service\"" | __radclient coa |
| } # Приходит после оплаты, если хватило денег на включение услуги user_redirect_cancel() { |
| echo "Cisco-Account-Info=\"S${ip}:vrf-id=${vrf}\",\ cisco-avpair+=\"subscriber:service-name=FWPOL_NEGBAL_TRUSTED\",\ cisco-avpair+=\"subscriber:command=deactivate-service\"" | __radclient coa |
| echo "Cisco-Account-Info=\"S${ip}:vrf-id=${vrf}\",\ cisco-avpair+=\"subscriber:service-name=FWPOL_NEGBAL_TRUSTED\",\ cisco-avpair+=\"subscriber:command=deactivate-service\"" | __radclient coa |
| |
| echo "Cisco-Account-Info=\"S${ip}:vrf-id=${vrf}\",\ cisco-avpair+=\"subscriber:service-name=FWPOL_NEGBAL_REDIRECT\",\ cisco-avpair+=\"subscriber:command=deactivate-service\"" | __radclient coa |
| echo "Cisco-Account-Info=\"S${ip}:vrf-id=${vrf}\",\ cisco-avpair+=\"subscriber:service-name=FWPOL_NEGBAL_REDIRECT\",\ cisco-avpair+=\"subscriber:command=deactivate-service\"" | __radclient coa |
| |
| echo "Cisco-Account-Info=\"S${ip}:vrf-id=${vrf}\",\ Cisco-Account-Info+=\"AFWPOL_ACCEPT\", Cisco-Account-Info+=\"AFWPOL_NOSHAPE\"" | __radclient coa |
| echo "Cisco-Account-Info=\"S${ip}:vrf-id=${vrf}\",\ cisco-avpair+=\"subscriber:service-name=FWPOL_ACCEPT\",\ cisco-avpair+=\"subscriber:command=activate-service\"" | __radclient coa |
| |
| echo "Cisco-Account-Info=\"S${ip}:vrf-id=${vrf}\",\ cisco-avpair+=\"subscriber:service-name=FWPOL_NOSHAPE\",\ cisco-avpair+=\"subscriber:command=activate-service\"" | __radclient coa |
| } |
... |
| # Или включения\выключении услуги(турбокнопка, ночной форсаж и т.д.) user_rate_set() { |
| echo "Cisco-Account-Info=\"S${ip}:vrf-id=${vrf}\",\ Cisco-Account-Info+=\"QU;${ceil_in}000;D;${ceil_out}000\"" | __radclient coa |
| echo "Cisco-Account-Info=\"S${ip}:vrf-id=${vrf}\",\ Cisco-Account-Info+=\"QU;${ceil_in}000;D;${ceil_out}000\"" | __radclient coa |
| } |
... |
| user_disconnect() { # на самом деле User-Name cisco игнорирует, но он должен быть и быть не пустым иначе ошибка |
| echo "User-Name=\"$login\",Cisco-Account-Info=\"S${ip}:vrf-id=${vrf}\",\ |
| cisco-avpair+=\"subscriber:command=account-logoff\"" | __radclient coa #TODO_OSV echo "User-name=\"1\",Cisco-Account-Info=\"S10.255.0.2\",cisco-avpair+=\"subscriber:command=account-logoff\"" | radclient 185.8.158.73:3799 coa servicemode |
| cisco-avpair+=\"subscriber:command=account-logoff\"" | __radclient coa #TODO_OSV echo "User-name=\"1\",Cisco-Account-Info=\"S10.255.0.2\",cisco-avpair+=\"subscriber:command=account-logoff\"" | radclient 185.8.158.73:3799 coa servicemode |
| } # Приходит при нажатии кнопки info в учетной записи user_info() { |
| echo echo '<pre>' > /tmp/${user_id}_user_info.new |
| # echo "User-Name=\"$login\",Cisco-Account-Info=\"S${ip}:vrf-id=${vrf}\",\ # cisco-avpair+=\"subscriber:command=profile-status-query\"" | __radclient coa &>>/tmp/${user_id}_user_info.new |
| # echo "User-Name=\"$login\",Cisco-Account-Info=\"S${ip}:vrf-id=${vrf}\",\ # cisco-avpair+=\"subscriber:command=profile-status-query\"" | __radclient coa &>>/tmp/${user_id}_user_info.new |
| ( ( . $EVENT_HANDLERS_DIR/${NAS_SCRIPT_NAME%.sh}.d/user_info ) >> /tmp/${user_id}_user_info.new || true |
| echo echo '</pre>' >> /tmp/${user_id}_user_info.new |
| |
| mv mv -f /tmp/${user_id}_user_info.new /tmp/${user_id}_user_info |
| chown apache:apache /tmp/${user_id}_user_info |
| chown apache:apache /tmp/${user_id}_user_info |
| [ [ "${is_daemon:--}" != 1 ] && cat /tmp/${user_id}_user_info |
| } |
... |
| # Приходит при нажатии кнопки тест в учетной записи user_test() { |
| echo > "/tmp/${user_id}_user_info" |
| echo > "/tmp/${user_id}_user_info" |
| echo "User-Name=\"$login\",Cisco-Account-Info=\"S${ip}:vrf-id=${vrf}\",cisco-avpair+=\"subscriber:command=profile-status-query\"" echo "User-Name=\"$login\",Cisco-Account-Info=\"S${ip}:vrf-id=${vrf}\",cisco-avpair+=\"subscriber:command=profile-status-query\"" | __radclient coa &>>"/tmp/${user_id}_user_info" |
| cat /tmp/${user_id}_user_info |
| cat /tmp/${user_id}_user_info |
| } # Хук - вызывается перед каждым событием user_event_before() { |
| : |
| : |
| } # Хук - вызывается после каждого события user_event_after() { |
| : |
| : |
| } # Приходит при добавлении услуги абоненту usluga_add(){ |
| : |
| # Доступ к социально значимым ресурсам для физиков if [ "$usluga_system_type_id" == "15" ]; then echo "Cisco-Account-Info=\"S${ip}:vrf-id=${vrf}\",\ Cisco-Account-Info=\"AFWPOL_FREE_INTERNET\"" | __radclient coa fi |
| } # Приходит при удалении услуги у абонента usluga_del(){ |
| : |
| # Отмена доступа к социально значимым ресурсам для физиков if [ "$usluga_system_type_id" == "15" ]; then echo "Cisco-Account-Info=\"S${ip}:vrf-id=${vrf}\",\ cisco-avpair+=\"subscriber:service-name=FWPOL_FREE_INTERNET\",\ cisco-avpair+=\"subscriber:command=deactivate-service\"" | __radclient coa fi |
| } |
| users_from_nas(){ : } |
| # Приходит при активации услуги usluga_activated(){ |
| : |
| : |
| } # Приходит при деактивации услуги usluga_deactivated(){ |
| : |
| : |
| } send_cmd() { |
| ip=$1 cmd=user_${2} set -x echo "env $env_str" $cmd set +x |
| ip=$1 cmd=user_${2} set -x echo "env $env_str" $cmd set +x |
| } main() { |
| . /usr/local/bin/user_env $ip . $oss_pathname/main.ini |
| . /usr/local/bin/user_env $ip . $oss_pathname/main.ini |
| |
| [ [ -z "$vrf" ] && vrf="global" |
| abonent_log_dir="/var/log/abonents/${abonent_id}/" mkdir -p "$abonent_log_dir" |
| abonent_log_dir="/var/log/abonents/${abonent_id}/" mkdir -p "$abonent_log_dir" |
| |
| PS4=" PS4=" \D{%Y-%m-%d %T} ssh ${SSH_CLIENT%% *} $HOSTNAME rtsh session "$@"[$$]: " |
| |
| echo echo '' >> "${abonent_log_dir}/rtsh_${user_id}.log" |
| send_cmd send_cmd "$@" 2>&1 | tee -a "${abonent_log_dir}/rtsh_${user_id}.log" |
| } |
... |
| # пока временно if [ "${is_daemon:--}" != 1 ]; then |
| main "$@" exit $? |
| main "$@" exit $? |
| fi oss_pathname=${EVENT_HANDLERS_DIR%/*} #todo export from daemon . $oss_pathname/main.ini |
| {code} |