[ previous ] [ next ] [ threads ]
 
 From:  "Alex M" <radiussupport at lrcommunications dot net>
 To:  "Monowall Support List" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Getting the current users list
 Date:  Wed, 8 Aug 2007 22:03:06 -0400
Ok Lee, Im gonna do the web management for current release of mono, I will
make it available via our PubNET service :-P

Does any one want to joint me on this?


-----Original Message-----
From: Paul Taylor [mailto:PaulTaylor at winn dash dixie dot com] 
Sent: Tuesday, August 07, 2007 11:54 AM
To: Alex M; Monowall Support List
Subject: RE: [m0n0wall] Getting the current users list


I can see where that would be very useful...  That's very similar to the
reason I wrote the code in the first place, except it correlates the
data from our one Monowall and about a dozen DD-WRT access points.  It
correlates the MAC address of each client attached to each access point
to the MAC address from the captive portal status page.  The end result
is a single sortable web page that shows who is connected, along with
which AP they are off of, the channel that AP is on, and the wireless
client's S/N ratio. 

This lets us see if someone is connected to the wireless network, but
not authenticated through the captive portal.  We can see that they
aren't logged in, but we know the AP they are connected to, so we have a
good idea of where they are physically located if we need to track them
down.

If we need to do maintenance on the AP's, we can check a single location
to see which ones are actively being used.  

This is all information that isn't too much of a pain to go out and
manually grab, but it's much nicer to have it all in a single place.

Paul

-----Original Message-----
From: Alex M [mailto:radiussupport at lrcommunications dot net] 
Sent: Tuesday, August 07, 2007 11:42 AM
To: Monowall Support List
Subject: RE: [m0n0wall] Getting the current users list

Ooo very interesting
Now I can create remote centralized web management for mono boxes :)

-----Original Message-----
From: Paul Taylor [mailto:PaulTaylor at winn dash dixie dot com] 
Sent: Tuesday, August 07, 2007 9:10 AM
To: Roberto Greiner; Monowall Support List
Subject: RE: [m0n0wall] Getting the current users list


This works for the captive portal (though I'm using the local
database...

This Ruby code will grab the page:

require 'net/http'
require 'net/https'

uri = URI.parse("https://yourmonoIPhere")
	
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true 
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
http.start do |http| 
	request = Net::HTTP::Get.new('/status_captiveportal.php') 
	request.basic_auth 'adminUsername', 'adminPassword' 
	response = http.request(request) 
	puts response.code 
	puts response.body 
	if response.code.to_i == 200
		open('\pathtoyourdata\fw.dat','w') { |f| f <<
response.body }
	end
end 	

I'm sure there's some pretty easy PHP code to do the same, or probably
even wget or curl.  I did it in Ruby because it was part of another
program gathering info from multiple devices, so I can consolidate it
all to one view.

To parse it, I did this quick 'n dirty PHP:

// Parse FW file
$file = 'fw.dat';
$raw_data = readfiletostr($file);

$raw_data = strip_tags($raw_data);

$raw_data_split = explode("\n",$raw_data);
$processing = 0;
$client_count = 0;
for ($x=0; $x < count($raw_data_split); $x++) {
    $line = $raw_data_split[$x];
    $pos = strpos($line,"Username");
    if ($pos > -1) {
        // Start Processing
        $processing = 1;
    }
    if ($processing == 1) {
        $pos = strpos($line,"Manuel Kasper");
        if ($pos > -1) {
            // Done Processing
            $processing = 0;
        }
    }
    // Ok, are we really ready to process?!  Yes!
    if ($processing == 1) {
        $tmp = trim($line);
        if (is_ipaddr($tmp)) {
            // Found an IP Address!
            $client_count++;
            $fw_data[$client_count]['ip'] = $tmp;
            $fw_data[$client_count]['mac'] =
strtoupper(str_replace('&nbsp;','',trim($raw_data_split[$x+1])));
            $fw_data[$client_count]['session_start'] =
trim($raw_data_split[$x+2]);
            $fw_data[$client_count]['download'] =
convert_bytes(trim($raw_data_split[$x+3]));
            $fw_data[$client_count]['upload'] =
convert_bytes(trim($raw_data_split[$x+4]));
            $fw_data[$client_count]['username'] =
str_replace('&nbsp;','',trim($raw_data_split[$x+5]));
            if (strlen($fw_data[$client_count]['mac']) < 10) {
                // Mac is unknown - Check DHCP data
                if (isset($dhcp_data[$fw_data[$client_count]['ip']])) {
                    $fw_data[$client_count]['mac'] =
$dhcp_data[$fw_data[$client_count]['ip']];
                }
            } 
            $x = $x + 5;
        }
    }
}

The $fw_data variable ends up containing the IP address, MAC, Session
start time, Download, Upload, and Username.   

Paul

-----Original Message-----
From: Roberto Greiner [mailto:mrgreiner at gmail dot com] 
Sent: Tuesday, August 07, 2007 8:44 AM
To: Monowall Support List
Subject: [m0n0wall] Getting the current users list

I'm having a small problem with my authentication system and Monowall.
When Monowall is rebooted (seldom, but happens), many users are not
properly cleared in the radius box (Freeradius 1.1.6 with Debian Etch),
giving me problems when I try to run a control with the
"Simultaneous-Use" option.

Freeradius has a tool to check if a user is really connected to the NAS
(checkrad), but there is no option available in that tool to work with
Monowall.

Checkrad usually uses SNMP (it can use other tools, like telnet), but
I've checked the SNMP results from monowall, and there is no entry
listing the connected users (at least not in Monowall 1.23). Is there
any other way to remotely get the current user list from Monowall?

Thank you for your help,

Marcos Roberto Greiner


-- 
  -----------------------------------------------------
                Marcos Roberto Greiner

   Os otimistas acham que estamos no melhor dos mundos
    Os pessimistas tem medo de que isto seja verdade
                                       Murphy
  -----------------------------------------------------
			

---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch


---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch


---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch


---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch