void notify_add_route(struct brreq *brreq, char *mac) { t_client *client; t_redir_node *node; LOCK_REDIR(); node = redir_list_find(mac); if (!node) { debug(LOG_NOTICE, "%s: %s node not present, creating it with src interface %s\n",__func__,mac, brreq->ifname); node = redir_list_append(mac); if(node){ node->expiry = time(NULL); fw_mark_mangle(mac,1); } } if (!node) { UNLOCK_REDIR(); return; } node->ifindex = get_ifIndex(brreq->ifname); node->redir_pending = 1; // if (!node->redir_pending) { { struct in_addr src_ip; char cmd[256]; char *tmp_ptr; /* Get the Host IP address */ src_ip.s_addr = brreq->iph.saddr; memset(node->host_ip, 0, sizeof(node->host_ip)); tmp_ptr = inet_ntoa(src_ip); if (tmp_ptr) strcpy(node->host_ip, tmp_ptr); /* Copy the device name to node */ strcpy(node->dev, brreq->dev); /* Get the interface IP address */ memset(node->dev_ip, 0, sizeof(node->dev_ip)); tmp_ptr = get_iface_ip(node->dev); if (tmp_ptr) strcpy(node->dev_ip, tmp_ptr); /* Set the host route */ memset(cmd, 0, sizeof(cmd)); sprintf(cmd, "/sbin/ip route add %s/32 src %s dev %s", node->host_ip, node->dev_ip, node->dev); //printf("\nexecuting %s\n", cmd); execute(cmd, 0); node->route_added = 1; free(tmp_ptr); } UNLOCK_REDIR(); }
void test_IfTable_get_ifIndex(void) { netsnmp_variable_list data = {0}; void *lctx = NULL; void *dctx1 = NULL; void *dctx2 = NULL; void *dctx3 = NULL; size_t ret_len; uint32_t *ret_val; data.type = ASN_INTEGER; ifTable_get_first_data_point(&lctx, &dctx1, &data, NULL); ifTable_get_next_data_point(&lctx, &dctx2, &data, NULL); ifTable_data_free(dctx2, NULL); ifTable_get_next_data_point(&lctx, &dctx3, &data, NULL); TEST_ASSERT_NULL(dctx3); ifTable_loop_free(lctx, NULL); ret_val = get_ifIndex(dctx1, &ret_len); TEST_ASSERT_NOT_NULL(ret_val); TEST_ASSERT_EQUAL_UINT32(VALUE_ifIndex_1, *ret_val); TEST_ASSERT_EQUAL_UINT64(sizeof(*ret_val), ret_len); ifTable_data_free(dctx1, NULL); ifTable_get_first_data_point(&lctx, &dctx1, &data, NULL); ifTable_data_free(dctx1, NULL); ifTable_get_next_data_point(&lctx, &dctx2, &data, NULL); ifTable_get_next_data_point(&lctx, &dctx3, &data, NULL); TEST_ASSERT_NULL(dctx3); ifTable_loop_free(lctx, NULL); ret_val = get_ifIndex(dctx2, &ret_len); TEST_ASSERT_NOT_NULL(ret_val); TEST_ASSERT_EQUAL_UINT32(VALUE_ifIndex_2, *ret_val); TEST_ASSERT_EQUAL_UINT64(sizeof(*ret_val), ret_len); ifTable_data_free(dctx2, NULL); }
void notify_client_disconnect(char *mac, char *ifname) { t_client *client; t_redir_node *node; FILE *output; char *script, ip[16], rc; unsigned long long int counter; struct in_addr tempaddr; int ifIndex = get_ifIndex(ifname); // printf("Client Disconnected\n"); LOCK_REDIR(); node = redir_list_find(mac); if (node && node->redir_pending) { UNLOCK_REDIR(); safe_asprintf(&script, "%s %s", "iptables", "-v -n -x -t mangle -L " CHAIN_OUTGOING); iptables_insert_gateway_id(&script); output = popen(script, "r"); free(script); if (!output) { debug(LOG_ERR, "popen(): %s", strerror(errno)); return -1; } /* skip the first two lines */ while (('\n' != fgetc(output)) && !feof(output)) ; while (('\n' != fgetc(output)) && !feof(output)) ; while (output && !(feof(output))) { rc = fscanf(output, "%*s %llu %*s %*s %*s %*s %*s %15[0-9.] %*s %*s %17[0-9a-fA-F:] %*s %*s 0x%*u", &counter, ip, mac); if (3 == rc && EOF != rc) { /* Sanity */ if (!inet_aton(ip, &tempaddr)) { debug(LOG_WARNING, "I was supposed to read an IP address but instead got [%s] - ignoring it", ip); continue; } debug(LOG_DEBUG, "Read outgoing traffic for %s(%s): Bytes=%llu", ip, mac, counter); LOCK_CLIENT_LIST(); if ((client = client_list_find_by_ip(ip))) { client->counters.outgoing = client->counters.outgoing_history + counter; client->counters.last_updated = time(NULL); UNLOCK_CLIENT_LIST(); pclose(output); return; } } } UNLOCK_CLIENT_LIST(); pclose(output); } if(node) if(node->ifindex != ifIndex) debug(LOG_NOTICE,"%s: %s connected to idx %d, recv'd disconnect evt from idx %d\n",__func__, mac, node->ifindex, ifIndex); if (node && (node->ifindex == ifIndex)) { if (node->redir_pending) { char command[100]; char fmac[13]; formatmacaddr(mac, &fmac); node->redir_pending = 0; debug(LOG_NOTICE,"%s: recv'd disconnect evt for %s from idx %d\n",__func__, mac, node->ifindex); snprintf(command,100,"echo %s > /proc/sys/net/bridge/bridge-http-redirect-del-mac",fmac); // printf("%s",command); execute(command,0); if (node->route_added) { memset(command, 0, sizeof(command)); sprintf(command, "/bin/ip route del %s/32 src %s dev %s", node->host_ip, node->dev_ip, node->dev); //printf("\nexecuting %s\n", command); execute(command, 0); } fw_mark_mangle(mac,0); } debug(LOG_NOTICE,"%s: removing node list for %s from idx %d\n",__func__, mac, node->ifindex); redir_list_delete(node); } UNLOCK_REDIR(); LOCK_CLIENT_LIST(); client = client_list_find_by_mac(mac); if (client) { /*fw_deny_raw(client->ip, client->mac, client->fw_connection_state);*/ iptables_fw_access(FW_ACCESS_DENY, client->ip, client->mac, client->fw_connection_state); client_list_delete(client); } UNLOCK_CLIENT_LIST(); }
void notify_client_connect(char *mac, char *ifname) { t_client *client; t_redir_node *node; s_config *config = config_get_config(); int ifIndex = get_ifIndex(ifname); if( !config->status[ifIndex] ) { debug(LOG_NOTICE, "Captive Portal is not enabled for %s", ifname); return; } LOCK_REDIR(); // config_cp_auth_status(ifname, mac, 1); /* Updating the cpAuthStatus to 1 */ node = redir_list_find(mac); if (!node) { node = redir_list_append(mac); } if (!node) { UNLOCK_REDIR(); return; } debug(LOG_NOTICE,"%s recv'd association req from mac %s %p\n",__func__,mac, node); /*post_event(ifname, mac, 1 << 0); *//* BIT0 is set which is a session query notification */ node->ifindex = ifIndex; node->wlindex = config->profile[ifIndex]; if (ifname) strncpy(node->dev, ifname, sizeof(node->dev)); node->cpAuthstatus = 1; node->expiry = time(NULL); if (!node->redir_pending) { char command[100]; char fmac[13]; formatmacaddr(mac, &fmac); node->redir_pending = 1; snprintf(command,100,"echo %s > /proc/sys/net/bridge/bridge-http-redirect-add-mac",fmac); // printf("%s",command); execute(command,0); fw_mark_mangle(mac,1); } if(config->operate_mode){ if((time(NULL) - timekeeper[0].timestamp) > MAX_HOSTNAME_RESOLVE_TIMEOUT){ make_proc_entry_for_url(config->portal[0], 0); timekeeper[0].timestamp = time(NULL); } }else{ if((time(NULL) - timekeeper[ifIndex].timestamp) > MAX_HOSTNAME_RESOLVE_TIMEOUT){ make_proc_entry_for_url(config->portal[ifIndex], ifIndex); timekeeper[ifIndex].timestamp = time(NULL); } } timekeeper[ifIndex].timestamp = time(NULL); UNLOCK_REDIR(); LOCK_CLIENT_LIST(); client = client_list_find_by_mac(mac); if (client) { /*fw_deny_raw(client->ip, client->mac, client->fw_connection_state); *//*PRATIK: Commented so that it doesn't invoke the firewall*/ iptables_fw_access(FW_ACCESS_DENY, client->ip, client->mac, client->fw_connection_state); client_list_delete(client); } UNLOCK_CLIENT_LIST(); }