def eap_auth(self, pkt):
# self.print_pkt(pkt)
print(binascii.b2a_hex(pkt["EAP-Message"][0]))
print(binascii.b2a_hex(pkt["Message-Authenticator"][0]))
print(binascii.b2a_hex(pkt.authenticator))
from pyrad.client import Client
import six
client = Client("172.16.110.4", secret=self.secret, dict=dictionary.Dictionary("dictionary"))
kwargs = dict()
new_pkt = client.CreateAuthPacket(code=packet.AccessRequest)
all_keys = ["User-Name", "NAS-Identifier", "NAS-IP-Address", "NAS-Port", "Framed-MTU", "NAS-Port-Type", "Called-Station-Id", "Calling-Station-Id"]
all_keys.append("EAP-Message")
all_keys.append("Message-Authenticator")
for key in pkt.keys():
if key in all_keys:
new_pkt[key] = pkt[key][0]
else:
print(key)
new_pkt.authenticator = pkt.authenticator
print(new_pkt.authenticator)
reply = client.SendPacket(new_pkt)
return self.SendReplyPacket(pkt.fd, reply)
reply = self.CreateReplyPacket(pkt)
reply.code = packet.AccessAccept
return self.SendReplyPacket(pkt.fd, reply)
def __init__(self, config):
self.logger = logging.getLogger(__name__)
dictfile = os.path.dirname(
os.path.realpath(__file__)) + "/raddictionary"
self.client = Client(
server=config['admin']['router_address'],
secret=config['admin']['radius_secret'].encode('ascii'),
dict=dictionary.Dictionary(dictfile))
def __init__(self, dict=None,trace=None,midware=None,runstat=None,debug=False):
_dict = dictionary.Dictionary(dict)
host.Host.__init__(self,dict=_dict)
self.debug = debug
self.user_trace = trace
self.midware = midware
self.runstat = runstat
self.auth_delay = utils.AuthDelay(int(store.get_param("reject_delay") or 0))
class RadiusDaemon(Process):
MAX_PACKET_SIZE = 4096
# We could use a dictionary file, but since we need
# such few attributes, we'll just include them here
DICTIONARY = dictionary.Dictionary(StringIO.StringIO("""
ATTRIBUTE User-Name 1 string
ATTRIBUTE User-Password 2 string
ATTRIBUTE NAS-Identifier 32 string
"""))
def listen(self, addr):
raise NotImplementedError()
def recvRequest(self, data):
raise NotImplementedError()
def run(self):
addr = self._args[0]
secr = self._args[1]
pswd = self._args[2]
outq = self._args[3]
if secr:
with open(secr) as file:
secr = file.read().strip()
data = self.listen(addr)
outq.put("started")
(buf, sock, addr) = self.recvRequest(data)
pkt = packet.AuthPacket(secret=secr,
dict=RadiusDaemon.DICTIONARY,
packet=buf)
usernm = []
passwd = []
for key in pkt.keys():
if key == 'User-Password':
passwd = map(pkt.PwDecrypt, pkt[key])
elif key == 'User-Name':
usernm = pkt[key]
reply = pkt.CreateReply()
replyq = {'user': usernm, 'pass': passwd}
if passwd == [pswd]:
reply.code = packet.AccessAccept
replyq['reply'] = True
else:
reply.code = packet.AccessReject
replyq['reply'] = False
outq.put(replyq)
if addr is None:
sock.send(reply.ReplyPacket())
else:
sock.sendto(reply.ReplyPacket(), addr)
sock.close()
def __init__(self,
address,
nases={},
dict=dictionary.Dictionary("dictionary")):
DatagramServer.__init__(self, address)
self.nases = nases
self.address = address
self.dict = dict
self.start()
self.socket.setsockopt(socket.SOL_SOCKET, socket.SO_RCVBUF, 10240000)
def handle(self, *args, **options):
srv = AuthServer(dict = dictionary.Dictionary( "app/radius/dicts/dictionary" ))
srv.hosts['192.168.39.211'] = server.RemoteHost('192.168.39.211','hotsp1','hotsp1.it-tim.net')
srv.hosts['192.168.70.211'] = server.RemoteHost('192.168.70.211','hotsp2','hotsp2.it-tim.net')
srv.hosts['10.11.8.30'] = server.RemoteHost('10.11.8.30','hotsp3','hotsp3.it-tim.net')
srv.hosts['192.168.33.33'] = server.RemoteHost('192.168.33.33','thedude','thedude.it-tim.net')
srv.hosts['192.168.33.152'] = server.RemoteHost('192.168.33.152','dev','dev.it-tim.net')
sleep(5)
srv.BindToAddress('192.168.33.70')
srv.Run()
def __init__(self, addr):
"""
This initialize the RADIUS server.
addr: IP address of the server
dict: instance of dictionary.Dictionary
"""
self.addr = addr
self.running = False
self.log = logging.getLogger('nextestlog')
server.Server.__init__(self, dict=dictionary.Dictionary(\
"/usr/lib/python2.3/site-packages/pyrad/dictionary"))
def startService(self):
print("startService()")
self.sdb = SessionDB(redis=txredisapi.lazyConnectionPool(),
session_timeout=self.config.session_timeout,
removed_timeout=self.config.removed_timeout)
self.cleaner = SessionCleaner(session_db=self.sdb)
self._port = reactor.listenUDP(
1813,
RADIUSAccountingProtocol(
session_db=self.sdb,
hosts=self.hosts,
rad_dict=dictionary.Dictionary('dictionary')))
def runRaok():
raoklog.info("RAOK %s: testing RADIUS server" % (VERSION, ))
raoklog.info("RAOK %s: !! DON'T USE IN PRODUCTION !!" % (VERSION, ))
raoklog.info("...")
# load dictionary
sysdick = "/etc/raok/dictionary"
dick = None
if os.path.isfile(sysdick):
raoklog.info("loading dictionary from %s" % (sysdick, ))
dick = dictionary.Dictionary(sysdick)
else:
curdic = "etc/dictionary"
raoklog.info("loading dictionary from %s" % (curdic, ))
dick = dictionary.Dictionary(curdic)
srv = RaokServer(dict=dick)
# load config, fallback from /etc/raok to curr dir
syscfg = "/etc/raok/raok.cfg"
if os.path.isfile(syscfg):
raoklog.info("loading config from %s" % (syscfg, ))
srv.load_config(syscfg)
else:
curcfg = "etc/raok.cfg"
raoklog.info("loading config from %s" % (curcfg, ))
srv.load_config(curcfg)
srv.init_hosts()
if len(sys.argv) > 1:
for l in sys.argv[1:]:
raoklog.info("Binding to: %s" % (l, ))
srv.BindToAddress(l)
else:
srv.BindToAddress("0.0.0.0")
srv.Run()
class RadiusDaemon(Process):
MAX_PACKET_SIZE = 4096
DICTIONARY = dictionary.Dictionary(io.StringIO(radius_attributes))
def listen(self, addr):
raise NotImplementedError()
def recvRequest(self, data):
raise NotImplementedError()
def run(self):
addr = self._args[0]
secrfile = self._args[1]
pswd = self._args[2]
outq = self._args[3]
if secrfile:
with open(secrfile, 'rb') as file:
secr = file.read().strip()
else:
secr = b''
data = self.listen(addr)
outq.put("started")
(buf, sock, addr) = self.recvRequest(data)
pkt = packet.AuthPacket(secret=secr,
dict=RadiusDaemon.DICTIONARY,
packet=buf)
usernm = []
passwd = []
for key in pkt.keys():
if key == 'User-Password':
passwd = list(map(pkt.PwDecrypt, pkt[key]))
elif key == 'User-Name':
usernm = pkt[key]
reply = pkt.CreateReply()
replyq = {'user': usernm, 'pass': passwd}
if passwd == [pswd]:
reply.code = packet.AccessAccept
replyq['reply'] = True
else:
reply.code = packet.AccessReject
replyq['reply'] = False
outq.put(replyq)
if addr is None:
sock.send(reply.ReplyPacket())
else:
sock.sendto(reply.ReplyPacket(), addr)
sock.close()
def runRaok(bind_address="0.0.0.0"):
raoklog.info("RAOK %s: testing RADIUS server" % (VERSION, ))
if not Config.SERIOUS:
raoklog.info("RAOK %s: !! DON'T USE IN PRODUCTION !!" % (VERSION, ))
else:
raoklog.info("RAOK %s: running in strict mode" % (VERSION, ))
raoklog.info("...")
# load dictionary
sysdick = "/etc/raok/dictionary"
dick = None
if os.path.isfile(sysdick):
raoklog.info("loading dictionary from %s" % (sysdick, ))
dick = dictionary.Dictionary(sysdick)
else:
curdic = "etc/dictionary"
raoklog.info("loading dictionary from %s" % (curdic, ))
dick = dictionary.Dictionary(curdic)
srv = RaokServer(dick)
# load config, fallback from /etc/raok to curr dir
syscfg = "/etc/raok/raok.cfg"
if os.path.isfile(syscfg):
raoklog.info("loading config from %s" % (syscfg, ))
srv.load_config(syscfg)
else:
curcfg = "etc/raok.cfg"
raoklog.info("loading config from %s" % (curcfg, ))
srv.load_config(curcfg)
srv.init_hosts()
srv.init_redis()
srv.BindToAddress(bind_address)
srv.Run()
def __init__(self, addr, svraddr, secret, port=1700, svrport=1700):
"""
This initialize the RADIUS server.
addr: IP address of the server
dict: instance of dictionary.Dictionary
"""
self.addr = addr
self.svraddr = svraddr
self.secret=secret
#self.log=logging.getLogger('nextestlog')
self.client=client.Client(server=svraddr,secret=self.secret,dict=dictionary.Dictionary("/opt/nextest/lib/python2.3/site-packages/dictionary-pod"),authport=svrport)
self.client.bind((addr,port))
def __init__(self, addr, path):
"""
This initialize the RADIUS server.
addr: IP address of the server
dict: instance of dictionary.Dictionary
"""
self.addr = addr
self.running = False
self.prepaid = False
self.log = logging.getLogger('nextestlog')
# 32141
self.acclog = None
self.count = 0
self.respTime = 0
#PR 133009 Adding path variable to store radius packets
self.filename = path + '/rad-pkt.log'
self.pkt_copy = packet.Packet()
server.Server.__init__(self, dict=dictionary.Dictionary(\
"/usr/lib/python2.3/site-packages/pyrad/dictionary"))
def create_client(self, alias, address, port,
secret, raddict=DEFAULT_DICT,
authenticator=True):
""" Create Client: create a RADIUS session to a server.
- ``alias:`` Alias to identify the session to use.
- ``address:`` IP address of the RADIUS server.
- ``port:`` IP port of the RADIUS server.
- ``secret:`` RADIUS secret.
- ``raddict:`` Path to RADIUS dictionary.
- ``authenticator:`` Authenticator boolean switch.
Examples:
| Create Client | auth_client | 127.0.0.1 | 1812 | mysecret | |
| Create Client | acct_client | 127.0.0.1 | 1813 | mysecret | dictionary=mydict |
| Create Client | coa_client | 127.0.0.1 | 3799 | mysecret | authenticator=False |
The next step after creating a client is to create a request, using the `Create Access Request` keyword for example.
After creating a client, it is ready to send requests using the `Receive Access Request` keyword for example.
"""
sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
sock.bind(('', 0))
sock.settimeout(3.0)
sock.setblocking(0)
request = robot.utils.ConnectionCache('No Client Sessions Created')
response = robot.utils.ConnectionCache('No Client Response Created')
session = {'sock': sock,
'address': str(address),
'port': int(port),
'secret': six.b(str(secret)),
'dictionary': dictionary.Dictionary(raddict),
'authenticator': authenticator,
'request': request,
'response': response}
self._client.register(session, alias=alias)
return session
def rad_disconnect(id_port: int):
port = EqptPort.query.get(id_port)
rad_acct = RadAcct.query \
.filter_by(username=port.radius_user, acctstoptime=None) \
.order_by(
RadAcct.radacctid.desc()
).first()
if rad_acct is not None:
"""
# TO-DO: Need testing ------------------------------------
"""
acct_session_id = rad_acct.acctsessionid
nas_ip_address = rad_acct.nasipaddress
# create coa client
client = RadClient(
server=current_app.config['RADIUS_ADDRESS'],
secret=current_app.config['RADIUS_SECRET'],
dict=dictionary.Dictionary("dictionary")
)
# set coa timeout
client.timeout = current_app.config['RADIUS_TIMEOUT']
attr = {
"Acct-Session-Id": acct_session_id,
"User-Name": port.radius_user,
"NAS-IP-Address": nas_ip_address,
}
# create coa request packet
attributes = {k.replace("-", "_"): attr[k] for k in attr}
request = client.CreateCoAPacket(code=packet.DisconnectRequest, **attributes)
return client.SendPacket(request)
# return 'Off CoA paket - need testing. User online.'
else:
return 'No active user session found. User offline.'
def create_server(self, alias=None, address='127.0.0.1', port=0, secret='secret', raddict=DEFAULT_DICT):
""" Creates a RADIUS server.
- ``alias:`` Alias to identify the servr session to use.
- ``address:`` IP address of the RADIUS server.
- ``port:`` IP port of the RADIUS server.
- ``secret:`` RADIUS secret.
- ``raddict:`` Path to RADIUS dictionary.
Examples:
| Create Server | auth_server | 127.0.0.1 | 1812 | mysecret | |
| Create Server | acct_server | 127.0.0.1 | 1813 | mysecret | dictionary=mydict |
| Create Server | coa_server | 127.0.0.1 | 3799 | mysecret | |
After creating a server it is ready to receive requests using the `Receive Access Request` keyword for example.
"""
sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
sock.bind((address, int(port)))
#sock.settimeout(3.0)
sock.setblocking(0)
request = robot.utils.ConnectionCache('No Server Requests Created')
response = robot.utils.ConnectionCache('No Server Responses Created')
server = {'sock': sock,
'secret': six.b(str(secret)),
'dictionary': dictionary.Dictionary(raddict),
'request':request,
'response':response}
self._server.register(server, alias=alias)
return server
#!/usr/bin/python
from __future__ import print_function
from pyrad.client import Client
from pyrad import dictionary
from pyrad import packet
import sys
if len(sys.argv) != 4:
print("usage: disconnect.py <host> <secret> <session-id>")
sys.exit(1)
ADDRESS = sys.argv[1]
SECRET = sys.argv[2]
ATTRIBUTES = {"Acct-Session-Id": sys.argv[3]}
client = Client(server=ADDRESS,
secret=SECRET,
dict=dictionary.Dictionary("dictionary"))
client.timeout = 30
attributes = {k.replace("-", "_"): ATTRIBUTES[k] for k in ATTRIBUTES}
request = client.CreateCoAPacket(code=packet.DisconnectRequest, **attributes)
result = client.SendPacket(request)
print(result.code)
class TestServer(server.Server):
def _HandleAuthPacket(self, pkt):
server.Server._HandleAuthPacket(self, pkt)
passwd = []
for key in pkt.keys():
if key == "User-Password":
passwd = map(pkt.PwDecrypt, pkt[key])
reply = self.CreateReplyPacket(pkt)
if passwd == ['accept']:
reply.code = packet.AccessAccept
else:
reply.code = packet.AccessReject
self.SendReplyPacket(pkt.fd, reply)
srv = TestServer(
addresses=["localhost"],
hosts={"127.0.0.1": server.RemoteHost("127.0.0.1", "foo", "localhost")},
dict=dictionary.Dictionary(StringIO.StringIO(DICTIONARY)))
# Write a sentinel character to let the parent process know we're listening.
sys.stdout.write("~")
sys.stdout.flush()
srv.Run()
const_attr = []
const_vendor = []
const_value = []
def makeKey(oid, code):
return oid << 32 | code
dicts = []
for _, _, files in os.walk('.'):
for filename in files:
if filename.startswith('dictionary.'):
if filename.find('rfc') > 0:
dicts.append(filename)
d = dictionary.Dictionary(*dicts)
for oid, name in d.vendors.backward.items():
if oid != 0:
const_vendor.append((oid, name))
for k in d.attributes:
attr = d.attributes[k]
oid = d.vendors[attr.vendor]
key = makeKey(oid, attr.code)
if attr.type == 'integer':
for vname, value in attr.values.forward.items():
newName = attr.name.replace('-', '') + '_' + vname.replace(
'-', '').replace('.', '')
const_value.append((key, tools.DecodeInteger(value), newName))
upload)
except (urllib2.URLError, urllib2.HTTPError), e:
if hasattr(e, 'code') and e.code == 404:
reply.code = packet.AccessReject
print "reject: %s" % mac_address
else:
if mac_address in member_cache:
reply.AddAttribute((14122, 8), '0')
reply.AddAttribute((14122, 7), '0')
print "accept [failover]: %s %s" % (
mac_address, member_cache[mac_address])
else:
print "accept [failover]: %s" % mac_address
reply.code = packet.AccessAccept
self.SendReplyPacket(pkt.fd, reply)
thread = threading.Thread(target=_handle)
thread.start()
srv = RadiusServer(addresses=[''], dict=dictionary.Dictionary("dictionary"))
srv.hosts["192.168.1.1"] = server.RemoteHost("192.168.1.1", "secret",
"localhost")
logger.info("starting server...")
try:
srv.Run()
except KeyboardInterrupt:
sys.exit(0)
action="store_true",
dest="noMixed",
help="Send mixed (acct and auth) messages",
default=False)
(cliOptions, args) = cliParser.parse_args()
# get options
testTime = cliOptions.testTime
testAuth = not cliOptions.noAuth
testAcct = not cliOptions.noAcct
testMixed = not cliOptions.noMixed
host = cliOptions.serverHost
# parse dictionaries
print '--- Parsing dictionary files ---'
dict = dictionary.Dictionary(main_config['PATHS']['dictionary_file'])
# start server itself
authport = main_config["SERVER"]["auth_port"]
acctport = main_config["SERVER"]["acct_port"]
srv = Client(server=host, secret="testing123", dict=dict)
### run tests ###
totalAuthRequests = 0
totalAcctRequests = 0
totalMixedRequests = 0
if testAuth:
startTime = time.time()
endTime = startTime + testTime
while (time.time() < endTime):
req = getAuthPacket(srv)
logFilePath = main_config['PATHS']['server_log_file']
info('--- Opening log file ---')
# check and/or create log directory
if not misc.checkDir(logDirPath, user=user, group=group):
misc.quit("Checking %s directory failed" % logDirPath, 1)
# open file
try:
logging.logFile = open(logFilePath, 'a+')
misc.setOwner(logFilePath, user, group)
except:
misc.printExceptionError()
quit('Can not open logfile')
# parse dictionaries
info('--- Parsing dictionary files ---')
dict = dictionary.Dictionary('dictionaries/dictionary')
# connect to database
if main_config['DATABASE']['enable']:
info('--- Connecting to database ---')
# set driver name
if main_config['DATABASE']['type'] == 'postgresql':
DatabaseConnection.dbadapterName = 'psycopg'
else:
DatabaseConnection.dbadapterName = 'MySQLdb'
# connect to host and store connection globally available
try:
DatabaseConnection.dbh1 = DatabaseConnection.DatabaseConnection('dbh1')
DatabaseConnection.dbh1.connect(
host=main_config['DATABASE']['host'],
def __init__(self, hosts={}, dict=dictionary.Dictionary()):
host.Host.__init__(self, dict=dict)
self.hosts = hosts
def main():
import argparse, json
from twisted.python.logfile import DailyLogFile
parser = argparse.ArgumentParser()
parser.add_argument('-dict',
'--dictfile',
type=str,
default=None,
dest='dictfile',
help='dict file')
parser.add_argument('-auth',
'--authport',
type=int,
default=0,
dest='authport',
help='auth port')
parser.add_argument('-acct',
'--acctport',
type=int,
default=0,
dest='acctport',
help='acct port')
parser.add_argument('-admin',
'--adminport',
type=int,
default=0,
dest='adminport',
help='admin port')
parser.add_argument('-c',
'--conf',
type=str,
default=None,
dest='conf',
help='conf file')
parser.add_argument('-d',
'--debug',
nargs='?',
type=bool,
default=False,
dest='debug',
help='debug')
args = parser.parse_args(sys.argv[1:])
if not args.conf or not os.path.exists(args.conf):
print 'no config file user -c or --conf cfgfile'
return
_config = json.loads(open(args.conf).read())
_database = _config['database']
_radiusd = _config['radiusd']
_secret = _config['secret']
# update aescipher
utils.update_secret(_secret)
# init args
if args.authport: _radiusd['authport'] = args.authport
if args.acctport: _radiusd['acctport'] = args.acctport
if args.adminport: _radiusd['adminport'] = args.adminport
if args.dictfile: _radiusd['dictfile'] = args.dictfile
if args.debug: _radiusd['debug'] = bool(args.debug)
#init dbconfig
settings.db_config.update(**_config)
store.__cache_timeout__ = _radiusd['cache_timeout']
# start logging
log.startLogging(sys.stdout)
_trace = UserTrace()
_runstat = statistics.RunStat()
_middleware = middleware.Middleware()
_debug = _radiusd['debug'] or settings.debug
# init coa clients
_coa_clients = {}
for bas in store.list_bas():
_coa_clients[bas['ip_addr']] = CoAClient(bas,
dictionary.Dictionary(
_radiusd['dictfile']),
debug=_debug)
def start_servers():
auth_protocol = RADIUSAccess(dict=_radiusd['dictfile'],
trace=_trace,
midware=_middleware,
runstat=_runstat,
debug=_debug)
acct_protocol = RADIUSAccounting(dict=_radiusd['dictfile'],
trace=_trace,
midware=_middleware,
runstat=_runstat,
debug=_debug)
reactor.listenUDP(_radiusd['authport'], auth_protocol)
reactor.listenUDP(_radiusd['acctport'], acct_protocol)
_task = task.LoopingCall(auth_protocol.process_delay)
_task.start(2.7)
from autobahn.twisted.websocket import WebSocketServerFactory
factory = WebSocketServerFactory("ws://0.0.0.0:%s" % args.adminport,
debug=False)
factory.protocol = AdminServerProtocol
factory.protocol.user_trace = _trace
factory.protocol.midware = _middleware
factory.protocol.runstat = _runstat
factory.protocol.coa_clients = _coa_clients
factory.protocol.auth_server = auth_protocol
factory.protocol.acct_server = acct_protocol
reactor.listenTCP(_radiusd['adminport'], factory)
start_servers()
reactor.run()
print("Received a disconnect request %d" % pkt.code)
print(" Attributes: ")
for attr in pkt.keys():
print(" %s: %s" % (attr, pkt[attr]))
reply = self.CreateReplyPacket(pkt)
# try ACK or NACK
# reply.code = packet.DisconnectNAK
reply.code = packet.DisconnectACK
self.SendReplyPacket(pkt.fd, reply)
if __name__ == '__main__':
prctl.set_name('radius-FakeCoA-client')
if len(sys.argv) != 2:
print ("usage: client-coa.py 3799")
sys.exit(1)
bindport=int(sys.argv[1])
# create server/coa only and read dictionary
# bind and listen only on 127.0.0.1:argv[1]
coa = FakeCoA(addresses=["127.0.0.1"], dict=dictionary.Dictionary("dictionary"), coaport=bindport, auth_enabled=False, acct_enabled=False, coa_enabled=True)
# add peers (address, secret, name)
coa.hosts["127.0.0.1"] = server.RemoteHost("127.0.0.1", b"Kah3choteereethiejeimaeziecumi", "localhost")
# start
coa.Run()
print("Attributes: ")
for attr in pkt.keys():
print("%s: %s" % (attr, pkt[attr]))
reply = self.CreateReplyPacket(pkt)
self.SendReplyPacket(pkt.fd, reply)
def HandleDisconnectPacket(self, pkt):
print("Received an disconnect request")
print("Attributes: ")
for attr in pkt.keys():
print("%s: %s" % (attr, pkt[attr]))
reply = self.CreateReplyPacket(pkt)
# COA NAK
reply.code = 45
self.SendReplyPacket(pkt.fd, reply)
if __name__ == '__main__':
# create server and read dictionary
srv = FakeServer(dict=dictionary.Dictionary("dictionary"), coa_enabled=True)
# add clients (address, secret, name)
srv.hosts["127.0.0.1"] = server.RemoteHost("127.0.0.1", b"Kah3choteereethiejeimaeziecumi", "localhost")
srv.BindToAddress("0.0.0.0")
# start server
srv.Run()
print "Received an authentication request"
print "Attributes: "
for attr in pkt.keys():
print "%s: %s" % (attr, pkt[attr])
print
reply = self.CreateReplyPacket(pkt)
reply.code = packet.AccessAccept
self.SendReplyPacket(pkt.fd, reply)
def _HandleAcctPacket(self, pkt):
server.Server._HandleAcctPacket(self, pkt)
print "Received an accounting request"
print "Attributes: "
for attr in pkt.keys():
print "%s: %s" % (attr, pkt[attr])
print
reply = self.CreateReplyPacket(pkt)
self.SendReplyPacket(pkt.fd, reply)
srv = FakeServer(dict=dictionary.Dictionary("dictionary"))
srv.hosts["127.0.0.1"] = server.RemoteHost("127.0.0.1",
"Kah3choteereethiejeimaeziecumi",
"localhost")
srv.BindToAddress("")
srv.Run()
self.SendReplyPacket(pkt.fd, reply)
def HandleDisconnectPacket(self, pkt):
print("Received an disconnect request")
print("Attributes: ")
for attr in pkt.keys():
print("%s: %s" % (attr, pkt[attr]))
reply = self.CreateReplyPacket(pkt)
# COA NAK
reply.code = 45
self.SendReplyPacket(pkt.fd, reply)
if __name__ == '__main__':
proxyClient = Client(server="127.0.0.1", authport=11812, acctport=11813, secret=b"Kah3choteereethiejeimaeziecumi",
dict=Dictionary("dictionary"))
proxyClient.retries = 1
proxyClient.timeout = 500
# create server and read dictionary
srv = FakeServer(authport=21812, acctport=21813,dict=dictionary.Dictionary("dictionary"), coa_enabled=False)
# add clients (address, secret, name)
srv.hosts["127.0.0.1"] = server.RemoteHost("127.0.0.1", b"Kah3choteereethiejeimaeziecumi", "localhost")
srv.BindToAddress("0.0.0.0")
# start server
srv.Run()
"""
# RCS filename: $RCSfile$
# Author: $Author: root $
# File version: $Revision: 75 $
# Last changes (GMT): $Date: 2005-11-29 21:56:55 +0200 (Ot, 29 Nov 2005) $
# Branch (or tag): $Name$
# import modules
import sys
sys.path.insert(0, './lib')
from pyrad import server, dictionary
# bsdradius modules
import BsdRadiusServer
print "Starting server"
dict = dictionary.Dictionary(
'/usr/home/valdiic/dev/bsdradius/dictionaries/dictionary')
#sys.exit(0)
srv = BsdRadiusServer.BsdRadiusServer(dict=dict)
# add valid server client hosts
srv.hosts["127.0.0.1"] = server.RemoteHost("127.0.0.1", "testing123",
"localhost")
# bind to all IP addresses
srv.BindToAddress("")
# run server
srv.Run()
#!/usr/bin/python
from __future__ import print_function
from pyrad.client import Client
from pyrad import dictionary
from pyrad import packet
import sys
if len(sys.argv) != 6:
print ("usage: coa.py <host> <secret> <session-id> <ingress-policy> <egress-policy>")
sys.exit(1)
ADDRESS = sys.argv[1]
SECRET = sys.argv[2]
ATTRIBUTES = {"Acct-Session-Id": sys.argv[3]}
ATTRIBUTES["ERX-Ingress-Policy-Name"] = sys.argv[4]
ATTRIBUTES["ERX-Egress-Policy-Name"] = sys.argv[5]
client = Client(server=ADDRESS, secret=SECRET, dict=dictionary.Dictionary("dictionary"))
client.timeout = 30
attributes = {k.replace("-", "_"): ATTRIBUTES[k] for k in ATTRIBUTES}
request = client.CreateCoAPacket(**attributes)
result = client.SendPacket(request)
print(result.code)
