[FUG-BR] PPPoE em Rede Wireless
Felipe Neuwald
felipe em neuwald.biz
Quarta Maio 23 14:33:24 BRT 2007
No meu caso, tá assim ó:
[root at venus /etc/ppp]# cat ppp.conf
default:
set log Chat Command Phase
enable pap
allow mode direct
enable proxy
disable ipv6cp
set mru 1472
set mtu 1472
set ifaddr 200.xxx.xxx.126 200.xxx.xxx.65-200.xxx.xxx.115
set radius /etc/ppp/radius.conf
accept dns
enable echo
enable lqr echo
set lqrperiod 15
[root at venus /etc/ppp]# cat ppp.linkup
default:
bg /etc/ppp/addclient.sh USER connect HISADDR INTERFACE
[root at venus /etc/ppp]# cat ppp.linkdown
default:
bg /etc/ppp/removeclient.sh USER connect HISADDR INTERFACE
[root at venus /etc/ppp]# cat addclient.sh
#!/bin/sh
user=$1
type=$2
clientip=$3
int=$4
fwcmd=/sbin/ipfw
if [ -z $user ]; then
echo no user
exit
fi
if [ -z $type ]; then
echo no type
exit
fi
if [ -z $clientip ]; then
echo no clientip
exit
fi
if [ -z $int ]; then
echo no int
exit
fi
usernum1=`echo $clientip | cut -d "." -f 1`
usernum2=`echo $clientip | cut -d "." -f 2`
usernum3=`echo $clientip | cut -d "." -f 3`
usernum4=`echo $clientip | cut -d "." -f 4`
usernum=`expr $usernum1 + $usernum2 + $usernum3 + $usernum4`
inkbps=`/usr/local/bin/php /etc/ppp/linkdown.php ""$user""`
outkbps=`/usr/local/bin/php /etc/ppp/linkup.php ""$user""`
initrule=5000
echo $usernum
echo $inkbps
echo $outkbps
pipein=`echo $usernum+$initrule | bc` #the firewall pipe and rule numbers
pipeout=`expr $pipein + 1` #get seeded by the usernumber
fwrulein=`expr $pipein + 1000`
fwruleout=`expr $fwrulein + 1`
fwholein=`expr $pipein + 33000`
fwholeout=`expr $fwholein + 1`
$fwcmd pipe $pipein config bw ${inkbps}Kbit/s #make an inbound pipe of
the right size
$fwcmd pipe $pipeout config bw ${outkbps}Kbit/s #same for outgoing
$fwcmd add $fwrulein pipe $pipein ip from any to $clientip in #force
traffic through the correct pipe
$fwcmd add $fwruleout pipe $pipeout ip from $clientip to any out #ditto
$fwcmd add $fwholein permit ip from any to $clientip #allow that traffic
through firewall
$fwcmd add $fwholeout permit ip from $clientip to any #ditto
echo `date`,$usernum,$user,CONNECT,$clientip,$int,$inkbps,$outkbps >>
/var/log/ppp.output #log-o-rama
[root at venus /etc/ppp]# cat removeclient.sh
#!/bin/sh
user=$1
type=$2
clientip=$3
int=$4
fwcmd=/sbin/ipfw
if [ -z $user ]; then
echo no user
exit
fi
if [ -z $type ]; then
echo no type
exit
fi
if [ -z $clientip ]; then
echo no clientip
exit
fi
if [ -z $int ]; then
echo no int
exit
fi
usernum1=`echo $clientip | cut -d "." -f 1`
usernum2=`echo $clientip | cut -d "." -f 2`
usernum3=`echo $clientip | cut -d "." -f 3`
usernum4=`echo $clientip | cut -d "." -f 4`
usernum=`expr $usernum1 + $usernum2 + $usernum3 + $usernum4`
inkbps=`/usr/local/bin/php /etc/ppp/linkdown.php ""$user""`
outkbps=`/usr/local/bin/php /etc/ppp/linkup.php ""$user""`
initrule=5000
echo $usernum
echo $inkbps
echo $outkbps
pipein=`echo $usernum+$initrule | bc`
pipeout=`expr $pipein + 1`
fwrulein=`expr $pipein + 1000`
fwruleout=`expr $fwrulein + 1`
fwholein=`expr $pipein + 33000`
fwholeout=`expr $fwholein + 1`
$fwcmd pipe delete $pipein
$fwcmd pipe delete $pipeout
$fwcmd delete $fwrulein pipe $pipein
$fwcmd delete $fwruleout pipe $pipeout
$fwcmd delete $fwholein
$fwcmd delete $fwholeout
echo `date`,$usernum,$user,DISCONNECT,$clientip,$int,$inkbps,$outkbps >>
/var/log/ppp.output
[root at venus /etc/ppp]# cat linkdown.php
#!/usr/local/bin/php
<?php
require('openconexao.php');
$result = mysql_query('SELECT * from radcheck where
UserName=\''.$argv[1].'\'') or die('falhou selec?o da tabela
'.mysql_error());
while ($row = mysql_fetch_object($result)) {
echo $row->linkdown;
}
mysql_free_result($result);
require('closeconexao.php');
?>
[root at venus /etc/ppp]# cat linkup.php
#!/usr/local/bin/php
<?php
require('openconexao.php');
$result = mysql_query('SELECT * from radcheck where
UserName=\''.$argv[1].'\'') or die('falhou selec?o da tabela
'.mysql_error());
while ($row = mysql_fetch_object($result)) {
echo $row->linkup;
}
mysql_free_result($result);
require('closeconexao.php');
?>
Entendeu? Eu tenho também na radcheck os campos 'linkdown' e 'linkup'.
Abs,
Felipe Neuwald.
ThOLOko escreveu:
> Entao
>
> Eu tb estou implementando assim... Mas e como farei a limitação??? Se eu nao
> sei qual será o IP do user???
>
> Abraços...
>
>
> Em 21/05/07, Felipe Neuwald <felipe at neuwald.biz> escreveu:
>
>> Mano,
>>
>> nops, a cada conexão o usuário obtem um endereço IP.
>>
>> Abs,
>>
>> Felipe.
>>
>> ThOLOko escreveu:
>>
>>> Certo,,, vc coloca o IP do usuario na tabela radreply correto???
>>>
>>>
>>> Em 21/05/07, Felipe Neuwald <felipe at neuwald.biz> escreveu:
>>>
>>>
>>>> Mano,
>>>> atualmente não rodo dhcpd na rede. Veja como está o meu
>>>> /etc/ppp/ppp.conf:
>>>> [root at venus /]# cat /etc/ppp/ppp.conf
>>>> default:
>>>> set log Chat Command Phase
>>>> enable pap
>>>> allow mode direct
>>>> enable proxy
>>>> disable ipv6cp
>>>> set mru 1472
>>>> set mtu 1472
>>>> set ifaddr 200.xxx.xxx.126 200.xxx.xxx.65-200.xxx.xxx.115
>>>> set radius /etc/ppp/radius.conf
>>>> accept dns
>>>> enable echo
>>>> enable lqr echo
>>>> set lqrperiod 10
>>>> Abs,
>>>> Felipe.
>>>> ThOLOko escreveu:
>>>>
>>>>
>>>>
>>>>
>>>>
>>>
>>>
>> -------------------------
>> Histórico: http://www.fug.com.br/historico/html/freebsd/
>> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>>
>>
>
>
>
>
Mais detalhes sobre a lista de discussão freebsd