int main(int argc, char *argv[])
{
char *host = "localhost";
struct libicmp *obj;
if (argc >= 2)
host = argv[1];
if (!(obj = icmp_open(host, 0x1337, 0)))
return 1;
return icmp_ping(obj, 0, 0) == -1;
}
/**Probably a misnomer, this function actually refreshes the entire client list's traffic counter, re-authenticates every client with the central server and update's the central servers traffic counters and notifies it if a client has logged-out.
* @todo Make this function smaller and use sub-fonctions
*/
void
fw_sync_with_authserver(void)
{
t_authresponse authresponse;
t_client *p1, *p2, *worklist, *tmp;
s_config *config = config_get_config();
if (-1 == iptables_fw_counters_update()) {
debug(LOG_ERR, "Could not get counters from firewall!");
return;
}
LOCK_CLIENT_LIST();
/* XXX Ideally, from a thread safety PoV, this function should build a list of client pointers,
* iterate over the list and have an explicit "client still valid" check while list is locked.
* That way clients can disappear during the cycle with no risk of trashing the heap or getting
* a SIGSEGV.
*/
client_list_dup(&worklist);
UNLOCK_CLIENT_LIST();
for (p1 = p2 = worklist; NULL != p1; p1 = p2) {
p2 = p1->next;
/* Ping the client, if he responds it'll keep activity on the link.
* However, if the firewall blocks it, it will not help. The suggested
* way to deal witht his is to keep the DHCP lease time extremely
* short: Shorter than config->checkinterval * config->clienttimeout */
icmp_ping(p1->ip);
/* Update the counters on the remote server only if we have an auth server */
if (config->auth_servers != NULL) {
auth_server_request(&authresponse, REQUEST_TYPE_COUNTERS, p1->ip, p1->mac, p1->token, p1->counters.incoming,
p1->counters.outgoing, p1->counters.incoming_delta, p1->counters.outgoing_delta);
}
time_t current_time = time(NULL);
debug(LOG_INFO,
"Checking client %s for timeout: Last updated %ld (%ld seconds ago), timeout delay %ld seconds, current time %ld, ",
p1->ip, p1->counters.last_updated, current_time - p1->counters.last_updated,
config->checkinterval * config->clienttimeout, current_time);
if (p1->counters.last_updated + (config->checkinterval * config->clienttimeout) <= current_time) {
/* Timing out user */
debug(LOG_INFO, "%s - Inactive for more than %ld seconds, removing client and denying in firewall",
p1->ip, config->checkinterval * config->clienttimeout);
LOCK_CLIENT_LIST();
tmp = client_list_find_by_client(p1);
if (NULL != tmp) {
logout_client(tmp);
} else {
debug(LOG_NOTICE, "Client was already removed. Not logging out.");
}
UNLOCK_CLIENT_LIST();
} else {
/*
* This handles any change in
* the status this allows us
* to change the status of a
* user while he's connected
*
* Only run if we have an auth server
* configured!
*/
LOCK_CLIENT_LIST();
tmp = client_list_find_by_client(p1);
if (NULL == tmp) {
UNLOCK_CLIENT_LIST();
debug(LOG_NOTICE, "Client was already removed. Skipping auth processing");
continue; /* Next client please */
}
if (config->auth_servers != NULL) {
switch (authresponse.authcode) {
case AUTH_DENIED:
debug(LOG_NOTICE, "%s - Denied. Removing client and firewall rules", tmp->ip);
fw_deny(tmp);
client_list_delete(tmp);
break;
case AUTH_VALIDATION_FAILED:
debug(LOG_NOTICE, "%s - Validation timeout, now denied. Removing client and firewall rules",
tmp->ip);
fw_deny(tmp);
client_list_delete(tmp);
break;
case AUTH_ALLOWED:
if (tmp->fw_connection_state != FW_MARK_KNOWN) {
debug(LOG_INFO, "%s - Access has changed to allowed, refreshing firewall and clearing counters",
tmp->ip);
//WHY did we deny, then allow!?!? benoitg 2007-06-21
//fw_deny(tmp->ip, tmp->mac, tmp->fw_connection_state); /* XXX this was possibly to avoid dupes. */
if (tmp->fw_connection_state != FW_MARK_PROBATION) {
tmp->counters.incoming_delta =
tmp->counters.outgoing_delta =
tmp->counters.incoming =
tmp->counters.outgoing = 0;
} else {
//We don't want to clear counters if the user was in validation, it probably already transmitted data..
debug(LOG_INFO,
"%s - Skipped clearing counters after all, the user was previously in validation",
tmp->ip);
}
fw_allow(tmp, FW_MARK_KNOWN);
}
break;
case AUTH_VALIDATION:
/*
* Do nothing, user
* is in validation
* period
*/
debug(LOG_INFO, "%s - User in validation period", tmp->ip);
break;
case AUTH_ERROR:
debug(LOG_WARNING, "Error communicating with auth server - leaving %s as-is for now", tmp->ip);
break;
default:
debug(LOG_ERR, "I do not know about authentication code %d", authresponse.authcode);
break;
}
}
UNLOCK_CLIENT_LIST();
}
}
client_list_destroy(worklist);
}
//*******************************************************************************************
//
// Function : key_process
// Description : Process all key code from get_key_code function
//
//*******************************************************************************************
void menu_process ( void )
{
static BYTE key_hold_count=0, key_hold_step_delay=0;
BYTE rxtx_buffer[MAX_RXTX_BUFFER];
BYTE key_code, temp;
static BYTE backlight_sec=31, backlight_seccount=250;
// get switch value from port
key_code = SW_PIN & ( _BV( SW_DW ) | _BV( SW_UP ) | _BV( SW_EXIT ) | _BV( SW_MENU ) );
// Check key press?
if ( key_code == ( _BV( SW_DW ) | _BV( SW_UP ) | _BV( SW_EXIT ) | _BV( SW_MENU ) ) )
{
flag1.bits.key_is_executed = 0;
flag2.bits.key_hold = 0;
key_hold_count = 0;
key_hold_step_delay = 0;
// lcd backlight control
// lcd backlight off after key is unpress ( 30 seconds)
if ( backlight_sec )
{
if ( --backlight_seccount > 250 )
{
backlight_seccount = 250;
if ( --backlight_sec == 1 )
{
backlight_sec = 0;
// lcd backlight off
LCD_BL_PORT &= ~_BV( LCD_BL_PIN );
}
}
}
return;
}
// lcd backlight on
// and hold-on 30 seconds
backlight_sec = 31;
LCD_BL_PORT |= _BV( LCD_BL_PIN );
// check hold key
if ( ++key_hold_count == 200 )
{
key_hold_count = 0;
flag2.bits.key_hold = 1;
}
if ( flag2.bits.key_hold )
{
if ( ++key_hold_step_delay == 30 )
{
key_hold_step_delay = 0;
if ( key_code == ((~_BV ( SW_UP ) ) & 0xf0) )
{
key_up_process ();
}
// if down key is pressed
else if ( key_code == ((~_BV ( SW_DW ) ) & 0xf0) )
{
key_dw_process ();
}
display_menu();
}
}
// key code already executed
if ( flag1.bits.key_is_executed )
return;
// check key code, what is key pressed?
// if menu key is pressed
if ( key_code == ((~_BV ( SW_MENU ) ) & 0xf0) )
{
// enter to main menu
if( menu_index == 0 )
{
setting_cursor = 0;
menu_index = 1;
submenu_index = 1;
}
// enter to submenu
else if( menu_index == 1 )
{
menu_stack = menu_index;
submenu_stack = submenu_index;
menu_index = submenu_index + menu_index;
submenu_index = 1;
}
// ping server
else if ( menu_index == 5 )
{
// Show on lcd first line
lcd_putc( '\f' );
lcd_print ( (BYTE *)menu_list[ 4 ] );
lcd_putc( '\n' );
if ( icmp_ping ( (BYTE*)rxtx_buffer, (BYTE*)&server_mac, (BYTE*)&server_ip ) )
{
lcd_print_p ( PSTR ( "Ping OK." ) );
}
else
{
lcd_print_p ( PSTR ( "Not found." ) );
}
flag1.bits.lcd_busy = 1;
menu_index = 0;
submenu_index = 0;
flag1.bits.key_is_executed = 1;
return;
}
// change cursor setting on each menu
else
{
temp = pgm_read_byte ( (PGM_P)(setting_cursor_max + menu_index - 2) );
if ( ++setting_cursor == temp )
setting_cursor = 0;
}
}
// if exit key is pressed
else if ( key_code == ((~_BV ( SW_EXIT ) ) & 0xf0) )
{
setting_cursor = 0;
if(menu_index > 1)
{
menu_index = menu_stack;
submenu_index = submenu_stack;
}
else
{
menu_index = 0;
submenu_index = 0;
}
}
// if up key is pressed
else if ( key_code == ((~_BV ( SW_UP ) ) & 0xf0) )
{
key_up_process ();
}
// if down key is pressed
else if ( key_code == ((~_BV ( SW_DW ) ) & 0xf0) )
{
key_dw_process ();
}
// display menu information on LCD
display_menu();
flag1.bits.key_is_executed = 1;
flag1.bits.lcd_busy = 0;
}
