authenticate_filaire.py 3.67 KB
Newer Older
Gabriel Detraz's avatar
Gabriel Detraz committed
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
import os, sys

proj_path = "/var/www/re2o/"
# This is so Django knows where to find stuff.
os.environ.setdefault("DJANGO_SETTINGS_MODULE", "re2o.settings")
sys.path.append(proj_path)

# This is so my local_settings.py gets loaded.
os.chdir(proj_path)

# This is so models get loaded.
from django.core.wsgi import get_wsgi_application
application = get_wsgi_application()

import argparse

17
from machines.models import Interface, IpList
Gabriel Detraz's avatar
Gabriel Detraz committed
18 19 20 21 22 23 24 25
from topologie.models import Room, Port, Switch
from users.models import User

from re2o.settings import RADIUS_VLAN_DECISION

VLAN_NOK = RADIUS_VLAN_DECISION['VLAN_NOK']
VLAN_OK = RADIUS_VLAN_DECISION['VLAN_OK']

26
def decide_vlan(switch_ip, port_number, mac_address):
Gabriel Detraz's avatar
Gabriel Detraz committed
27
        # Get port from switch and port number
28
        switch = Switch.objects.filter(switch_interface=Interface.objects.filter(ipv4=IpList.objects.filter(ipv4=switch_ip)))
Gabriel Detraz's avatar
Gabriel Detraz committed
29
        if switch:
30
            sw_name = str(switch[0].switch_interface)
Gabriel Detraz's avatar
Gabriel Detraz committed
31 32 33 34 35
            port = Port.objects.filter(switch=switch[0], port=port_number)
            if port:
                port = port[0]
                if port.radius == 'NO':
                # Aucune authentification sur ce port
36
                    decision = (sw_name, "Pas d'authentification sur ce port", VLAN_OK)
Gabriel Detraz's avatar
Gabriel Detraz committed
37
                elif port.radius == 'BLOQ':
38 39 40
                    # Prise désactivée
                    decision = (sw_name, 'Port desactive', VLAN_NOK)
                elif port.radius == 'COMMON':
Gabriel Detraz's avatar
Gabriel Detraz committed
41 42 43
		    # Authentification par mac
                    interface = Interface.objects.filter(mac_address=mac_address)
                    if not interface:
44 45 46 47 48 49 50 51 52 53 54 55
                        decision = (sw_name, 'Mac not found', VLAN_NOK)
                    elif not interface[0].is_active():
                        decision = (sw_name, 'Machine non active / adherent non cotisant', VLAN_NOK)
                    else:
                        decision = (sw_name, 'Machine OK', VLAN_OK)
                elif port.radius == 'STRICT':
                    if port.room:
                        user = User.objects.filter(room=Room.objects.filter(name=port.room))
                        if not user:
                            decision = (sw_name, 'Chambre non cotisante', VLAN_NOK)
                        elif not user[0].has_access():
                            decision = (sw_name, 'Resident desactive', VLAN_NOK)
Gabriel Detraz's avatar
Gabriel Detraz committed
56
                        else:
57 58 59 60 61 62 63 64
                            # Verification de la mac
                            interface = Interface.objects.filter(mac_address=mac_address)
                            if not interface:
                                decision = (sw_name, 'Chambre Ok, but mac not found', VLAN_NOK)
                            elif not interface[0].is_active():
                                decision = (sw_name, 'Chambre Ok, but machine non active / adherent non cotisant', VLAN_NOK)
                            else:
                                decision = (sw_name, 'Machine OK, Proprio OK', VLAN_OK)
Gabriel Detraz's avatar
Gabriel Detraz committed
65
                    else:
66
                        decision = (sw_name, 'Chambre inconnue', VLAN_NOK)
Gabriel Detraz's avatar
Gabriel Detraz committed
67
                else:
68
                    decision = (sw_name, 'VLAN forced', int(port.radius))
Gabriel Detraz's avatar
Gabriel Detraz committed
69
            else:
70
                decision = (sw_name, 'port not found!', VLAN_OK)
Gabriel Detraz's avatar
Gabriel Detraz committed
71
        else:
72
            decision = ('?', 'switch not found!', VLAN_OK)
Gabriel Detraz's avatar
Gabriel Detraz committed
73 74 75 76
        return decision

if __name__ == '__main__':
    parser = argparse.ArgumentParser(description='Decide radius vlan attribution')
77
    parser.add_argument('switch_ip', action="store")
Gabriel Detraz's avatar
Gabriel Detraz committed
78 79 80
    parser.add_argument('port_number', action="store", type=int)
    parser.add_argument('mac_address', action="store")
    args = parser.parse_args()
81
    print(decide_vlan(args.switch_ip, args.port_number, args.mac_address))
Gabriel Detraz's avatar
Gabriel Detraz committed
82