API tools faq
paste
Advertisement
Guest User

Vadim

a guest
Aug 15th, 2013
79
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 8.12 KB | None | 0 0
raw download clone embed print report
  1. #!/usr/bin/env python
  2. # -*- coding: utf-8 -*-
  3.  
  4. import re
  5. import sys
  6. import sqlalchemy
  7. from decorator import decorator
  8. import radiusd
  9. import bitstring
  10. import ipaddress
  11. from _sql import *
  12. from _params import *
  13.  
  14. engine = None
  15. RADIUS_TYPE_MAP = (
  16.     (re.compile('^"(.*)"$'), lambda m: m.group(1)),
  17.     (re.compile('^(-?\d+)$'), lambda m: int(m.group(1))),)
  18.  
  19.  
  20. def radius_value(value_string):
  21.     if type(value_string) in (str, unicode):
  22.         for regexp, processor in RADIUS_TYPE_MAP:
  23.             m = regexp.match(value_string)
  24.             if m is not None:
  25.                 return processor(m)
  26.     return value_string
  27.  
  28.  
  29. @decorator
  30. def radius_function(f, params):
  31.     data = dict()
  32.     for name, value in params:
  33.         data[name] = radius_value(value)
  34.     try:
  35.         data = f(data)
  36.     except:
  37.         return radiusd.RLM_MODULE_FAIL
  38.     if type(data) is tuple:
  39.         res = (data[0],) + tuple(map(lambda d: tuple(d.iteritems()), data[1:]))
  40.     else:
  41.         res = data
  42.     return res
  43.  
  44.  
  45. @radius_function
  46. def attibutes(p):
  47.     return p
  48.  
  49.  
  50. def log(level, s):
  51.     radiusd.radlog(level, s)
  52.    
  53.                
  54. def instantiate(p):
  55.     global engine
  56.     engine = sqlalchemy.create_engine('mysql://root:xcxcxc@2510@localhost:3306/UTM5',pool_size=100, max_overflow=10)
  57.     log(radiusd.L_INFO, 'db connection: ' + str(engine))
  58.    
  59.  
  60. def authorize(p):
  61.     print "*** authorize ***"
  62.     print p
  63.     return radiusd.RLM_MODULE_OK
  64.            
  65.  
  66. def accounting(p):
  67.     print "*** accounting ***"
  68.     print p
  69.     return radiusd.RLM_MODULE_OK
  70.            
  71.  
  72. def pre_proxy(p):
  73.     print "*** pre_proxy ***"
  74.     print p
  75.     return radiusd.RLM_MODULE_OK
  76.  
  77.          
  78. def post_proxy(p):
  79.     print "*** post_proxy ***"
  80.     print p
  81.     return radiusd.RLM_MODULE_OK        
  82. #----------------------
  83. def answer(vendorid, ans):
  84.     if vendorid == 'synet':
  85.         return (radiusd.RLM_MODULE_OK, (circuit_id,remote_id,ns1,ns2,ntp,mask,router,ans,lease,serverid,domain,yiaddr,synet),())
  86.     else:
  87.         return (radiusd.RLM_MODULE_OK, (circuit_id,remote_id,ns1,ns2,ntp,mask,router,ans,lease,serverid,domain,yiaddr),())
  88.  
  89. #TODO: choose a better name
  90. def extract(nets):
  91.     mask = ('DHCP-Subnet-Mask', '{0}'.format(nets['mask']))
  92.     router = ('DHCP-Router-Address', '{0}'.format(nets['gw']))
  93.     yiaddr = ('DHCP-Your-IP-Address', '{0}'.format(nets['ip']))
  94.     return (mask, router, yiaddr)
  95.  
  96. #TODO: choose a better name
  97. def extract2(p):
  98.     vlan = bitstring.BitArray(p.get('DHCP-Relay-Circuit-Id', None))[16:-16].int
  99.     port = bitstring.BitArray(p.get('DHCP-Relay-Circuit-Id', None))[40:].int
  100.     switch = bitstring.BitArray(p.get('DHCP-Relay-Remote-Id', None))[16:].bytes
  101.     remote_id = ('DHCP-Relay-Remote-Id', '{0}'.format(p.get('DHCP-Relay-Remote-Id', None)))
  102.     circuit_id = ('DHCP-Relay-Circuit-Id', '{0}'.format(p.get('DHCP-Relay-Circuit-Id', None)))
  103.     return (vlan, port, switch, remote_id, circuit_id)
  104. #---------------------------
  105. def post_auth(p):
  106.     try:
  107.         dbHandle = engine.connect()
  108.     except sqlalchemy.exc.DatabaseError, e:
  109.         log(radiusd.L_ERR, str(e))
  110.         return radiusd.RLM_MODULE_FAIL
  111.                                      
  112.     p = attibutes(p)    
  113.    
  114.     msgtype = p.get('DHCP-Message-Type', None)    
  115.     chaddr = p.get('DHCP-Client-Hardware-Address', None)
  116.     vendorid = p.get('DHCP-Vendor-Class-Identifier', None)
  117.     xid = hex(int(p.get('DHCP-Transaction-Id', None)))
  118.     cid = p.get('DHCP-Client-Identifier',None)
  119.     rip = p.get('DHCP-Requested-IP-Address', None) if p.get('DHCP-Requested-IP-Address', None) != '0.0.0.0' else None
  120.     sid = p.get('DHCP-DHCP-Server-Identifier', None) if p.get('DHCP-DHCP-Server-Identifier', None) != '0.0.0.0' else None
  121.     cip = p.get('DHCP-Client-IP-Address', None) if p.get('DHCP-Client-IP-Address', None) != '0.0.0.0' else None    
  122.    
  123.     if msgtype == "DHCP-Discover":
  124.         if ('DHCP-Relay-Remote-Id' in p) and ('DHCP-Relay-Circuit-Id' in p):
  125.             (vlan, port, switch, remote_id, circuit_id) = extract2(p);
  126.      
  127.             res = dbHandle.execute(select_mac.format(switch,chaddr)).fetchall()
  128.            
  129.             if res:
  130.                 if len(res) == 1:
  131.                     nets = [n for n in res][0]
  132.                     ipnet = ipaddress.ip_address(u"{0}".format(nets['ip'])) in ipaddress.ip_network(u'{0}/{1}'.format(nets['net'],nets['mask']))
  133.                     if ipnet:
  134.                         log(radiusd.L_INFO, DHCP_Discover.format(xid,switch,port,vlan,chaddr,vendorid))
  135.                         (mask, router, yiaddr) = extract(nets)
  136.                        
  137.                         log(radiusd.L_INFO, DHCP_Offer.format(xid,switch,port,vlan,chaddr,yiaddr[1],vendorid))
  138.                         answer(vendorid, msgoffer)
  139.                     else:
  140.                         log(radiusd.L_INFO, DHCP_NAK_error_ip_net.format(xid,switch,port,vlan,chadddr,ciaddr,vendorid))
  141.                         return radiusd.RLM_MODULE_NOTFOUND
  142.                 else:
  143.                         log(radiusd.L_INFO, DHCP_Discover_duble_mac.format(xid,switch,port,vlan,chaddr,vendorid))
  144.                         return radiusd.RLM_MODULE_NOOP
  145.                                                                        
  146.             else:
  147.                 log(radiusd.L_INFO, DHCP_Discover_free.format(xid,switch,port,vlan,chaddr,vendorid))
  148.                 return radiusd.RLM_MODULE_NOOP
  149.         else:
  150.             log(radiusd.L_INFO, DHCP_Discover_not82.format(xid,chaddr,vendorid))
  151.             return radiusd.RLM_MODULE_NOOP
  152.                                                
  153.                    
  154.     elif msgtype == "DHCP-Request":
  155.         if sid and not cip: #SELECTING
  156.             if ('DHCP-Relay-Remote-Id' in p) and ('DHCP-Relay-Circuit-Id' in p):
  157.                 (vlan, port, switch, remote_id, circuit_id) = extract2(p);                                        
  158.                 res = dbHandle.execute(select_ip.format(switch,rip)).fetchall()
  159.                
  160.                 if res:
  161.                     if len(res) == 1:
  162.                         nets = [n for n in res][0]
  163.                         ipnet = ipaddress.ip_address(u"{0}".format(nets['ip'])) in ipaddress.ip_network(u'{0}/{1}'.format(nets['net'],nets['mask']))
  164.                         if ipnet:
  165.                             (mask, router, yiaddr) = extract(nets)
  166.                            
  167.                             log(radiusd.L_INFO, DHCP_Request_select.format(xid,switch,port,vlan,chaddr,yiaddr[1],vendorid))
  168.                             log(radiusd.L_INFO, DHCP_ASK_select.format(xid,switch,port,vlan,chaddr,yiaddr[1],vendorid))
  169.                             answer(vendorid, msgask)
  170.                         else:
  171.                             log(radiusd.L_INFO, DHCP_NAK_error_ip_net.format(xid,switch,port,vlan,chaddr,reqipaddr,vendorid))
  172.                                 return radiusd.RLM_MODULE_NOTFOUND
  173.                     else:
  174.                         log(radiusd.L_INFO, DHCP_NAK_duble.format(xid,switch,port,vlan,chaddr,reqipaddr,vendorid))
  175.                         return radiusd.RLM_MODULE_NOTFOUND
  176.                 else:
  177.                         log(radiusd.L_INFO, DHCP_NAK_req_free.format(xid,switch,port,vlan,chaddr,reqipaddr,vendorid))
  178.                     return radiusd.RLM_MODULE_NOTFOUND                        
  179.                                                
  180.  
  181.         elif not sid and not cip and rip: #INIT-REBOOT
  182.             print "#INIT-REBOOT"
  183.  
  184.         elif not sid and cip and not rip: #RENEWING or REBINDING
  185.             print "#RENEWING or REBINDING"            
  186.        
  187.         else:
  188.             return radiusd.RLM_MODULE_NOOP
  189.  
  190.            
  191.     elif msgtype == "DHCP-Release":
  192.         return radiusd.RLM_MODULE_NOOP
  193.  
  194.        
  195.     elif msgtype == "DHCP-Inform":
  196.         return radiusd.RLM_MODULE_NOOP
  197.  
  198.        
  199.     elif msgtype == "DHCP-Decline":
  200.         return radiusd.RLM_MODULE_NOOP
  201.  
  202. def recv_coa(p):
  203.     print "*** recv_coa ***"
  204.     print p
  205.     return radiusd.RLM_MODULE_OK
  206.  
  207.        
  208. def send_coa(p):
  209.     print "*** send_coa ***"
  210.     print p
  211.     return radiusd.RLM_MODULE_OK
  212.  
  213.    
  214. def detach(_p):
  215.     print "*** detach ***"
  216.     return radiusd.RLM_MODULE_OK
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!