void notify_add_route(struct brreq *brreq, char *mac)
{
t_client *client;
t_redir_node *node;
LOCK_REDIR();
node = redir_list_find(mac);
if (!node) {
debug(LOG_NOTICE, "%s: %s node not present, creating it with src interface %s\n",__func__,mac, brreq->ifname);
node = redir_list_append(mac);
if(node){
node->expiry = time(NULL);
fw_mark_mangle(mac,1);
}
}
if (!node) {
UNLOCK_REDIR();
return;
}
node->ifindex = get_ifIndex(brreq->ifname);
node->redir_pending = 1;
// if (!node->redir_pending) {
{
struct in_addr src_ip;
char cmd[256];
char *tmp_ptr;
/* Get the Host IP address */
src_ip.s_addr = brreq->iph.saddr;
memset(node->host_ip, 0, sizeof(node->host_ip));
tmp_ptr = inet_ntoa(src_ip);
if (tmp_ptr)
strcpy(node->host_ip, tmp_ptr);
/* Copy the device name to node */
strcpy(node->dev, brreq->dev);
/* Get the interface IP address */
memset(node->dev_ip, 0, sizeof(node->dev_ip));
tmp_ptr = get_iface_ip(node->dev);
if (tmp_ptr)
strcpy(node->dev_ip, tmp_ptr);
/* Set the host route */
memset(cmd, 0, sizeof(cmd));
sprintf(cmd, "/sbin/ip route add %s/32 src %s dev %s", node->host_ip, node->dev_ip, node->dev);
//printf("\nexecuting %s\n", cmd);
execute(cmd, 0);
node->route_added = 1;
free(tmp_ptr);
}
UNLOCK_REDIR();
}
void
test_IfTable_get_ifIndex(void) {
netsnmp_variable_list data = {0};
void *lctx = NULL;
void *dctx1 = NULL;
void *dctx2 = NULL;
void *dctx3 = NULL;
size_t ret_len;
uint32_t *ret_val;
data.type = ASN_INTEGER;
ifTable_get_first_data_point(&lctx, &dctx1, &data, NULL);
ifTable_get_next_data_point(&lctx, &dctx2, &data, NULL);
ifTable_data_free(dctx2, NULL);
ifTable_get_next_data_point(&lctx, &dctx3, &data, NULL);
TEST_ASSERT_NULL(dctx3);
ifTable_loop_free(lctx, NULL);
ret_val = get_ifIndex(dctx1, &ret_len);
TEST_ASSERT_NOT_NULL(ret_val);
TEST_ASSERT_EQUAL_UINT32(VALUE_ifIndex_1, *ret_val);
TEST_ASSERT_EQUAL_UINT64(sizeof(*ret_val), ret_len);
ifTable_data_free(dctx1, NULL);
ifTable_get_first_data_point(&lctx, &dctx1, &data, NULL);
ifTable_data_free(dctx1, NULL);
ifTable_get_next_data_point(&lctx, &dctx2, &data, NULL);
ifTable_get_next_data_point(&lctx, &dctx3, &data, NULL);
TEST_ASSERT_NULL(dctx3);
ifTable_loop_free(lctx, NULL);
ret_val = get_ifIndex(dctx2, &ret_len);
TEST_ASSERT_NOT_NULL(ret_val);
TEST_ASSERT_EQUAL_UINT32(VALUE_ifIndex_2, *ret_val);
TEST_ASSERT_EQUAL_UINT64(sizeof(*ret_val), ret_len);
ifTable_data_free(dctx2, NULL);
}
void notify_client_disconnect(char *mac, char *ifname)
{
t_client *client;
t_redir_node *node;
FILE *output;
char *script, ip[16], rc;
unsigned long long int counter;
struct in_addr tempaddr;
int ifIndex = get_ifIndex(ifname);
// printf("Client Disconnected\n");
LOCK_REDIR();
node = redir_list_find(mac);
if (node && node->redir_pending) {
UNLOCK_REDIR();
safe_asprintf(&script, "%s %s", "iptables", "-v -n -x -t mangle -L " CHAIN_OUTGOING);
iptables_insert_gateway_id(&script);
output = popen(script, "r");
free(script);
if (!output) {
debug(LOG_ERR, "popen(): %s", strerror(errno));
return -1;
}
/* skip the first two lines */
while (('\n' != fgetc(output)) && !feof(output)) ;
while (('\n' != fgetc(output)) && !feof(output)) ;
while (output && !(feof(output))) {
rc = fscanf(output, "%*s %llu %*s %*s %*s %*s %*s %15[0-9.] %*s %*s %17[0-9a-fA-F:] %*s %*s 0x%*u", &counter, ip, mac);
if (3 == rc && EOF != rc) {
/* Sanity */
if (!inet_aton(ip, &tempaddr)) {
debug(LOG_WARNING, "I was supposed to read an IP address but instead got [%s] - ignoring it", ip);
continue;
}
debug(LOG_DEBUG, "Read outgoing traffic for %s(%s): Bytes=%llu", ip, mac, counter);
LOCK_CLIENT_LIST();
if ((client = client_list_find_by_ip(ip))) {
client->counters.outgoing = client->counters.outgoing_history + counter;
client->counters.last_updated = time(NULL);
UNLOCK_CLIENT_LIST();
pclose(output);
return;
}
}
}
UNLOCK_CLIENT_LIST();
pclose(output);
}
if(node)
if(node->ifindex != ifIndex)
debug(LOG_NOTICE,"%s: %s connected to idx %d, recv'd disconnect evt from idx %d\n",__func__, mac, node->ifindex, ifIndex);
if (node && (node->ifindex == ifIndex)) {
if (node->redir_pending) {
char command[100];
char fmac[13];
formatmacaddr(mac, &fmac);
node->redir_pending = 0;
debug(LOG_NOTICE,"%s: recv'd disconnect evt for %s from idx %d\n",__func__, mac, node->ifindex);
snprintf(command,100,"echo %s > /proc/sys/net/bridge/bridge-http-redirect-del-mac",fmac);
// printf("%s",command);
execute(command,0);
if (node->route_added) {
memset(command, 0, sizeof(command));
sprintf(command, "/bin/ip route del %s/32 src %s dev %s", node->host_ip, node->dev_ip, node->dev);
//printf("\nexecuting %s\n", command);
execute(command, 0);
}
fw_mark_mangle(mac,0);
}
debug(LOG_NOTICE,"%s: removing node list for %s from idx %d\n",__func__, mac, node->ifindex);
redir_list_delete(node);
}
UNLOCK_REDIR();
LOCK_CLIENT_LIST();
client = client_list_find_by_mac(mac);
if (client) {
/*fw_deny_raw(client->ip, client->mac, client->fw_connection_state);*/
iptables_fw_access(FW_ACCESS_DENY, client->ip, client->mac, client->fw_connection_state);
client_list_delete(client);
}
UNLOCK_CLIENT_LIST();
}
void notify_client_connect(char *mac, char *ifname)
{
t_client *client;
t_redir_node *node;
s_config *config = config_get_config();
int ifIndex = get_ifIndex(ifname);
if( !config->status[ifIndex] ) {
debug(LOG_NOTICE, "Captive Portal is not enabled for %s", ifname);
return;
}
LOCK_REDIR();
// config_cp_auth_status(ifname, mac, 1); /* Updating the cpAuthStatus to 1 */
node = redir_list_find(mac);
if (!node) {
node = redir_list_append(mac);
}
if (!node) {
UNLOCK_REDIR();
return;
}
debug(LOG_NOTICE,"%s recv'd association req from mac %s %p\n",__func__,mac, node);
/*post_event(ifname, mac, 1 << 0); *//* BIT0 is set which is a session query notification */
node->ifindex = ifIndex;
node->wlindex = config->profile[ifIndex];
if (ifname) strncpy(node->dev, ifname, sizeof(node->dev));
node->cpAuthstatus = 1;
node->expiry = time(NULL);
if (!node->redir_pending) {
char command[100];
char fmac[13];
formatmacaddr(mac, &fmac);
node->redir_pending = 1;
snprintf(command,100,"echo %s > /proc/sys/net/bridge/bridge-http-redirect-add-mac",fmac);
// printf("%s",command);
execute(command,0);
fw_mark_mangle(mac,1);
}
if(config->operate_mode){
if((time(NULL) - timekeeper[0].timestamp) > MAX_HOSTNAME_RESOLVE_TIMEOUT){
make_proc_entry_for_url(config->portal[0], 0);
timekeeper[0].timestamp = time(NULL);
}
}else{
if((time(NULL) - timekeeper[ifIndex].timestamp) > MAX_HOSTNAME_RESOLVE_TIMEOUT){
make_proc_entry_for_url(config->portal[ifIndex], ifIndex);
timekeeper[ifIndex].timestamp = time(NULL);
}
}
timekeeper[ifIndex].timestamp = time(NULL);
UNLOCK_REDIR();
LOCK_CLIENT_LIST();
client = client_list_find_by_mac(mac);
if (client) {
/*fw_deny_raw(client->ip, client->mac, client->fw_connection_state); *//*PRATIK: Commented so that it doesn't invoke the firewall*/
iptables_fw_access(FW_ACCESS_DENY, client->ip, client->mac, client->fw_connection_state);
client_list_delete(client);
}
UNLOCK_CLIENT_LIST();
}
