From dd2a49b39a4b0f4368c8d68b13ae16f9bd28a33a Mon Sep 17 00:00:00 2001 From: Gabriel Detraz Date: Mon, 16 Jan 2017 00:02:54 +0000 Subject: [PATCH] Adaptation pour juniper --- freeradius_utils/auth.py | 6 +++--- freeradius_utils/authenticate_filaire.py | 11 ++++++----- 2 files changed, 9 insertions(+), 8 deletions(-) mode change 100644 => 100755 freeradius_utils/authenticate_filaire.py diff --git a/freeradius_utils/auth.py b/freeradius_utils/auth.py index 0c441e40..3e4be5b2 100644 --- a/freeradius_utils/auth.py +++ b/freeradius_utils/auth.py @@ -183,11 +183,11 @@ def post_auth_fil(data): """Idem, mais en filaire. """ - nas = data.get('NAS-IP-Address', None) - port = data.get('NAS-Port', None) + nas = data.get('NAS-IP-Address', data.get('NAS-Identifier', None)) + port = data.get('NAS-Port-Id', data.get('NAS-Port', None)) mac = data.get('Calling-Station-Id', None) # Hack, à cause d'une numérotation cisco baroque - port = port[-2:] + port = port.split(".")[0].split('/')[-1][-2:] out = subprocess.check_output(['/usr/bin/python3', '/var/www/re2o/freeradius_utils/authenticate_filaire.py', nas, port, mac]) sw_name, reason, vlan_id = make_tuple(out) diff --git a/freeradius_utils/authenticate_filaire.py b/freeradius_utils/authenticate_filaire.py old mode 100644 new mode 100755 index 45a87667..78ad36ce --- a/freeradius_utils/authenticate_filaire.py +++ b/freeradius_utils/authenticate_filaire.py @@ -14,7 +14,8 @@ application = get_wsgi_application() import argparse -from machines.models import Interface, IpList +from django.db.models import Q +from machines.models import Interface, IpList, Domain from topologie.models import Room, Port, Switch from users.models import User @@ -23,9 +24,9 @@ from re2o.settings import RADIUS_VLAN_DECISION VLAN_NOK = RADIUS_VLAN_DECISION['VLAN_NOK'] VLAN_OK = RADIUS_VLAN_DECISION['VLAN_OK'] -def decide_vlan(switch_ip, port_number, mac_address): +def decide_vlan(switch_id, port_number, mac_address): # Get port from switch and port number - switch = Switch.objects.filter(switch_interface=Interface.objects.filter(ipv4=IpList.objects.filter(ipv4=switch_ip))) + switch = Switch.objects.filter(switch_interface=Interface.objects.filter(Q(ipv4=IpList.objects.filter(ipv4=switch_id)) | Q(domain=Domain.objects.filter(name=switch_id)))) if not switch: return ('?', 'Switch inconnu', VLAN_OK) @@ -70,9 +71,9 @@ def decide_vlan(switch_ip, port_number, mac_address): if __name__ == '__main__': parser = argparse.ArgumentParser(description='Decide radius vlan attribution') - parser.add_argument('switch_ip', action="store") + parser.add_argument('switch_id', action="store") parser.add_argument('port_number', action="store", type=int) parser.add_argument('mac_address', action="store") args = parser.parse_args() - print(decide_vlan(args.switch_ip, args.port_number, args.mac_address)) + print(decide_vlan(args.switch_id, args.port_number, args.mac_address))