From: kkalev <kkalev>
Date: Tue, 15 Mar 2005 13:24:51 +0000 (+0000)
Subject: Remove snmp_clearsession. It is replaced by clearsession which supports both snmp... 
X-Git-Url: https://git.entuzijast.net/?a=commitdiff_plain;h=7fd327037ceb80cf3e5b737e6d03db2814d448cd;p=freeradius-dialup-admin.git

Remove snmp_clearsession. It is replaced by clearsession which supports both snmp and telnet
methods of removing a user from an access server. Add corresponding configuration directives
general_sessionclear_method and nasXX_sessionclear_method
---

diff --git a/Changelog b/Changelog
index 95ca0de..e0fe24b 100644
--- a/Changelog
+++ b/Changelog
@@ -1,3 +1,7 @@
+Ver 1.80:
+* Remove snmp_clearsession. It is replaced by clearsession which supports both snmp and telnet
+  methods of removing a user from an access server. Add corresponding configuration directives
+  general_sessionclear_method and nasXX_sessionclear_method
 Ver 1.78:
 * Add a snmp_clearsession which can disconnect a user by using the Cisco AAA Session MIB
 * Add a configuration directive general_sessionclear_bin
diff --git a/bin/clearsession b/bin/clearsession
new file mode 100755
index 0000000..f7436ff
--- /dev/null
+++ b/bin/clearsession
@@ -0,0 +1,69 @@
+#!/usr/bin/perl
+
+$login = 'nas-login';
+$passwd = 'nas-password';
+
+$host=shift || '';
+$type = shift || 'snmp';
+$nastype = shift || 'cisco';
+$username=shift || '';
+$sessionid = shift || '';
+
+$port = 0;
+$comm = '';
+
+if ($type eq 'snmp'){
+$comm = shift || 'public';
+}
+if ($type eq 'telnet'){
+$port = shift || 0;
+}
+
+
+die "No \$host argument given\n" if ($host eq '');
+die "No \$username argument given\n" if ($username eq '');
+
+if ($nastype eq 'cisco' && $type eq 'telnet'){
+	die "Usage: clearsession \$host telnet cisco \$username \$sessionid \$port\n" if ($port  == 0);
+
+	if (eval require Net::Telnet::Cisco){
+		Net::Telnet::Cisco->import();
+
+		my $session = Net::Telnet::Cisco->new(Host => $host);
+		$session->login($login, $passwd);
+
+		if ($port >= 20000){  
+			my @output = $session->cmd("sh caller user $username");
+			foreach $line (@output){
+				if ($line =~ /User: $username, line (Vi\d+),/){
+					$session->cmd("clear interface $1");
+				}
+			}
+		}
+		else{
+			$session->cmd("clear line $port\n");
+		}
+
+		$session->close;
+	}
+}
+if ($nastype eq 'cisco' && $type eq 'snmp'){
+
+	$SNMPGET="/usr/local/bin/snmpget";
+	$SNMPSET="/usr/local/bin/snmpset";
+
+	die "Could not find snmpwalk binary. Please make sure that the \$SNMPGET variable points to the right location\n" if (! -x $SNMPGET);
+	die "Could not find snmpset binary. Please make sure that the \$SNMPSET variable points to the right location\n" if (! -x $SNMPSET);
+	die "Usage: clearsession \$host snmp \$username cisco \$sessionid \$community\n" if ($sessionid eq '' || $comm eq '');
+
+	if ($sessionid ne '' && $username ne ''){
+		print "$SNMPGET -v2c -c $comm $host .iso.org.dod.internet.private.enterprises.9.9.150.1.1.3.1.2.$sessionid\n";
+		$walk =`$SNMPGET -v2c -c $comm $host .iso.org.dod.internet.private.enterprises.9.9.150.1.1.3.1.2.$sessionid`;
+		unless ($walk =~ /^$/){
+			if ($walk =~ /$username/){
+				print "FOUND: $username\n";
+		`$SNMPSET -v2c -c $comm $host .iso.org.dod.internet.private.enterprises.9.9.150.1.1.3.1.5.$sessionid i 1`;
+			}
+		}
+	}
+}
diff --git a/bin/snmp_clearsession b/bin/snmp_clearsession
deleted file mode 100755
index 8e22ea1..0000000
--- a/bin/snmp_clearsession
+++ /dev/null
@@ -1,22 +0,0 @@
-#!/usr/bin/perl
-
-$SNMPGET="/usr/local/bin/snmpget";
-$SNMPSET="/usr/local/bin/snmpset";
-$host=shift;
-$comm=shift || 'public';
-$sessionid=shift;
-$username=shift;
-
-die "Could not find snmpwalk binary. Please make sure that the \$SNMPGET variable points to the right location\n" if (! -x $SNMPGET);
-die "Could not find snmpset binary. Please make sure that the \$SNMPSET variable points to the right location\n" if (! -x $SNMPSET);
-die "Usage: snmp_clearsession \$host \$community \$sessionid \$username\n" if ($username eq '');
-
-if ($sessionid ne '' && $username ne ''){
-	$walk =`$SNMPGET -v2c -c $comm $host .iso.org.dod.internet.private.enterprises.9.9.150.1.1.3.1.2.$sessionid`;
-	unless ($walk =~ /^$/){
-		if ($walk =~ /$username/){
-			print "FOUND: $username\n";
-	`$SNMPSET -v2c -c $comm $host .iso.org.dod.internet.private.enterprises.9.9.150.1.1.3.1.5.$sessionid i 1`;
-		}
-	}
-}
diff --git a/conf/admin.conf b/conf/admin.conf
index 2074079..6d9bf34 100644
--- a/conf/admin.conf
+++ b/conf/admin.conf
@@ -104,9 +104,13 @@ general_nas_type: cisco
 general_snmpfinger_bin: %{general_base_dir}/bin/snmpfinger
 #
 # Used by the 'Disconnect User' button in the Clear Open Sessions page
-# Uses the Cisco AAA Session MIB
+# Uses the Cisco AAA Session MIB or a telnet session
 #
-general_sessionclear_bin: %{general_base_dir}/bin/snmp_clearsession
+general_sessionclear_bin: %{general_base_dir}/bin/clearsession
+#
+# Can be one of telnet or snmp
+#
+general_sessionclear_method: snmp
 general_radclient_bin: %{general_radiusd_base_dir}/bin/radclient
 #
 # this information is used from the server check page
diff --git a/conf/naslist.conf b/conf/naslist.conf
index 4096d25..567893c 100644
--- a/conf/naslist.conf
+++ b/conf/naslist.conf
@@ -25,3 +25,7 @@ nas3_model: Cisco 5300 access server
 nas3_ip: 147.122.122.124
 nas3_port_num: 210
 nas3_community: public
+#
+# sessionclear method can also be set per NAS
+#
+nas3_sessionclear_method: telnet
diff --git a/htdocs/clear_opensessions.php3 b/htdocs/clear_opensessions.php3
index 2820522..62d0d1a 100644
--- a/htdocs/clear_opensessions.php3
+++ b/htdocs/clear_opensessions.php3
@@ -66,12 +66,23 @@ print <<<EOM
 EOM;
  
 if ($drop_conns == 1){
+	$method = 'snmp';
+	$nastype = 'cisco';
+	if ($config[general_sessionclear_method] != '')
+		$method = $config[general_sessionclear_method];
+	if ($config[general_nas_type] != '')
+		$nastype = $config[general_nas_type];
 	if ($config[general_ld_library_path] != '')
 		putenv("LD_LIBRARY_PATH=$config[general_ld_library_path]");
+	$nas_by_ip = array();
+	$meth_by_ip = array();
+	$nastype_by_ip = array();
 	foreach ($nas_list as $nas){
 		if ($nas[ip] != ''){
 			$ip = $nas[ip];
 			$nas_by_ip[$ip] = $nas[community];
+			$meth_by_ip[$ip] = $nas[sessionclear_method];
+			$nastype_by_ip[$ip] = $nas[nas_type];
 		}
 	}
 
@@ -85,9 +96,16 @@ if ($drop_conns == 1){
 				$sessionid = $row[acctsessionid];
 				$sessionid = hexdec($sessionid);
 				$nas = $row[nasipaddress];
+				$port = $row[nasportid];
+				$meth = $meth_by_ip[$nas];
+				$nastype = ($nastype_by_ip[$nas] != '') ? $nastype_by_ip[$nas] : $nastype;
 				$comm = $nas_by_ip[$nas];
-				if ($comm != '')
-					exec("$config[general_sessionclear_bin] $nas $comm $sessionid $login");
+				if ($meth == '')
+					$meth = $method;
+				if ($meth == 'snmp' && $comm != '')
+					exec("$config[general_sessionclear_bin] $nas snmp $nastype $login $sessionid $comm");
+				if ($meth == 'telnet')
+					exec("$config[general_sessionclear_bin] $nas telnet $nastype $login $sessionid $port");
 			}
 		}
 		else