Untitled

#!/usr/bin/env python
# -*- coding: utf-8 -*-

import re
import sys
import sqlalchemy
from decorator import decorator
import radiusd
import bitstring
import ipaddress
from _sql import *
from _params import *

engine = None
RADIUS_TYPE_MAP = (
    (re.compile('^"(.*)"$'), lambda m: m.group(1)),
    (re.compile('^(-?\d+)$'), lambda m: int(m.group(1))),)


def radius_value(value_string):
    if type(value_string) in (str, unicode):
        for regexp, processor in RADIUS_TYPE_MAP:
            m = regexp.match(value_string)
            if m is not None:
                return processor(m)
    return value_string


@decorator
def radius_function(f, params):
    data = dict()
    for name, value in params:
        data[name] = radius_value(value)
    try:
        data = f(data)
    except:
        return radiusd.RLM_MODULE_FAIL
    if type(data) is tuple:
        res = (data[0],) + tuple(map(lambda d: tuple(d.iteritems()), data[1:]))
    else:
        res = data
    return res


@radius_function
def attibutes(p):
    return p


def log(level, s):
    radiusd.radlog(level, s)


def instantiate(p):
    global engine
    engine = sqlalchemy.create_engine('mysql://root:xcxcxc@2510@localhost:3306/UTM5',pool_size=100, max_overflow=10)
    log(radiusd.L_INFO, 'db connection: ' + str(engine))


def authorize(p):
    print "*** authorize ***"
    print p
    return radiusd.RLM_MODULE_OK


def accounting(p):
    print "*** accounting ***"
    print p
    return radiusd.RLM_MODULE_OK


def pre_proxy(p):
    print "*** pre_proxy ***"
    print p
    return radiusd.RLM_MODULE_OK


def post_proxy(p):
    print "*** post_proxy ***"
    print p
    return radiusd.RLM_MODULE_OK


def post_auth(p):
    try:
    dbHandle = engine.connect()
    except sqlalchemy.exc.DatabaseError, e:
    log(radiusd.L_ERR, str(e))
        return radiusd.RLM_MODULE_FAIL

    p = attibutes(p)

    msgtype = p.get('DHCP-Message-Type', None)
    chaddr = p.get('DHCP-Client-Hardware-Address', None)
    vendorid = p.get('DHCP-Vendor-Class-Identifier', None)
    xid = hex(int(p.get('DHCP-Transaction-Id', None)))
    cid = p.get('DHCP-Client-Identifier',None)
    rip = p.get('DHCP-Requested-IP-Address', None) if p.get('DHCP-Requested-IP-Address', None) != '0.0.0.0' else None
    sid = p.get('DHCP-DHCP-Server-Identifier', None) if p.get('DHCP-DHCP-Server-Identifier', None) != '0.0.0.0' else None
    cip = p.get('DHCP-Client-IP-Address', None) if p.get('DHCP-Client-IP-Address', None) != '0.0.0.0' else None

    if msgtype == "DHCP-Discover":
    if ('DHCP-Relay-Remote-Id' in p) and ('DHCP-Relay-Circuit-Id' in p):
            vlan = bitstring.BitArray(p.get('DHCP-Relay-Circuit-Id', None))[16:-16].int
            port = bitstring.BitArray(p.get('DHCP-Relay-Circuit-Id', None))[40:].int
            switch = bitstring.BitArray(p.get('DHCP-Relay-Remote-Id', None))[16:].bytes
            remote_id = ('DHCP-Relay-Remote-Id', '{0}'.format(p.get('DHCP-Relay-Remote-Id', None)))
            circuit_id = ('DHCP-Relay-Circuit-Id', '{0}'.format(p.get('DHCP-Relay-Circuit-Id', None)))

        res = dbHandle.execute(select_mac.format(switch,chaddr)).fetchall()

        if res:
        if len(res) == 1:
            nets = [n for n in res][0]
            ipnet = ipaddress.ip_address(u"{0}".format(nets['ip'])) in ipaddress.ip_network(u'{0}/{1}'.format(nets['net'],nets['mask']))
            if ipnet == True:
            log(radiusd.L_INFO, DHCP_Discover.format(xid,switch,port,vlan,chaddr,vendorid))

            mask = ('DHCP-Subnet-Mask', '{0}'.format(nets['mask']))
            router = ('DHCP-Router-Address', '{0}'.format(nets['gw']))
            yiaddr = ('DHCP-Your-IP-Address', '{0}'.format(nets['ip']))

            log(radiusd.L_INFO, DHCP_Offer.format(xid,switch,port,vlan,chaddr,yiaddr[1],vendorid))
            if vendorid == 'synet':
                return (radiusd.RLM_MODULE_OK, (circuit_id,remote_id,ns1,ns2,ntp,mask,router,msgoffer,lease,serverid,domain,yiaddr,synet),())
            else:
                return (radiusd.RLM_MODULE_OK, (circuit_id,remote_id,ns1,ns2,ntp,mask,router,msgoffer,lease,serverid,domain,yiaddr),())

            else:
            log(radiusd.L_INFO, DHCP_NAK_error_ip_net.format(xid,switch,port,vlan,chadddr,ciaddr,vendorid))
                    return radiusd.RLM_MODULE_NOTFOUND
                else:
                    log(radiusd.L_INFO, DHCP_Discover_duble_mac.format(xid,switch,port,vlan,chaddr,vendorid))
                    return radiusd.RLM_MODULE_NOOP

        else:
        log(radiusd.L_INFO, DHCP_Discover_free.format(xid,switch,port,vlan,chaddr,vendorid))
        return radiusd.RLM_MODULE_NOOP
    else:
        log(radiusd.L_INFO, DHCP_Discover_not82.format(xid,chaddr,vendorid))
        return radiusd.RLM_MODULE_NOOP


    elif msgtype == "DHCP-Request":
    if sid and not cip: #SELECTING
        if ('DHCP-Relay-Remote-Id' in p) and ('DHCP-Relay-Circuit-Id' in p):
        vlan = bitstring.BitArray(p.get('DHCP-Relay-Circuit-Id', None))[16:-16].int
        port = bitstring.BitArray(p.get('DHCP-Relay-Circuit-Id', None))[40:].int
        switch = bitstring.BitArray(p.get('DHCP-Relay-Remote-Id', None))[16:].bytes
        remote_id = ('DHCP-Relay-Remote-Id', '{0}'.format(p.get('DHCP-Relay-Remote-Id', None)))
        circuit_id = ('DHCP-Relay-Circuit-Id', '{0}'.format(p.get('DHCP-Relay-Circuit-Id', None)))

        res = dbHandle.execute(select_ip.format(switch,rip)).fetchall()

        if res:
            if len(res) == 1:
            nets = [n for n in res][0]
            ipnet = ipaddress.ip_address(u"{0}".format(nets['ip'])) in ipaddress.ip_network(u'{0}/{1}'.format(nets['net'],nets['mask']))
            if ipnet == True:
                mask = ('DHCP-Subnet-Mask', '{0}'.format(nets['mask']))
                router = ('DHCP-Router-Address', '{0}'.format(nets['gw']))
                yiaddr = ('DHCP-Your-IP-Address', '{0}'.format(nets['ip']))

                log(radiusd.L_INFO, DHCP_Request_select.format(xid,switch,port,vlan,chaddr,yiaddr[1],vendorid))
                log(radiusd.L_INFO, DHCP_ASK_select.format(xid,switch,port,vlan,chaddr,yiaddr[1],vendorid))
                if vendorid == 'synet':
                return (radiusd.RLM_MODULE_OK, (circuit_id,remote_id,ns1,ns2,ntp,mask,router,msgask,lease,serverid,domain,yiaddr,synet),())
                else:
                return (radiusd.RLM_MODULE_OK, (circuit_id,remote_id,ns1,ns2,ntp,mask,router,msgask,lease,serverid,domain,yiaddr),())
            else:
                log(radiusd.L_INFO, DHCP_NAK_error_ip_net.format(xid,switch,port,vlan,chaddr,reqipaddr,vendorid))
                            return radiusd.RLM_MODULE_NOTFOUND
                    else:
            log(radiusd.L_INFO, DHCP_NAK_duble.format(xid,switch,port,vlan,chaddr,reqipaddr,vendorid))
                        return radiusd.RLM_MODULE_NOTFOUND
                else:
                    log(radiusd.L_INFO, DHCP_NAK_req_free.format(xid,switch,port,vlan,chaddr,reqipaddr,vendorid))
                    return radiusd.RLM_MODULE_NOTFOUND


    elif not sid and not cip and rip: #INIT-REBOOT
        print "#INIT-REBOOT"

    elif not sid and cip and not rip: #RENEWING or REBINDING
        print "#RENEWING or REBINDING"

    else:
        return radiusd.RLM_MODULE_NOOP


    elif msgtype == "DHCP-Release":
    return radiusd.RLM_MODULE_NOOP


    elif msgtype == "DHCP-Inform":
    return radiusd.RLM_MODULE_NOOP


    elif msgtype == "DHCP-Decline":
    return radiusd.RLM_MODULE_NOOP

def recv_coa(p):
    print "*** recv_coa ***"
    print p
    return radiusd.RLM_MODULE_OK


def send_coa(p):
    print "*** send_coa ***"
    print p
    return radiusd.RLM_MODULE_OK


def detach(_p):
    print "*** detach ***"
    return radiusd.RLM_MODULE_OK