Unlang write to file FreeRADIUS - radius

I know I might be facing an impossible mission. What I do want is radiusd to write down every mac received in an Acces-Request, for later on deny access to those MAC.
I know the policies file is written in unlang, bad news are that radiusd does not have any write permissions on any of the conf files...
Anyway, was anyone capable of WRITTING to a file in the POLICY PROCESSING of FreeRADIUS?
What I want to achieve would be something like this:
raddb/sites-available/default
authorize {
rewrite_calling_station_id
unauthorized_macs
if(ok) {
reject
}
else {
update control {
Auth-Type := Accept
}
GET MAC FROM CALLIN_STATION_ID ATTRIBUTE
WRITE THIS F***ING MAC TO unauthorized_macs FILE
}
}
Thanks to Arran, I could solve this the following way:
authorize {
rewrite_calling_station_id
authMac
if(ok) {
reject
}
else {
linelog
update control {
Auth-Type := Accept
}
}
}
Where linelog is configured as follows:
raddb/mods-enabled/linelog
linelog {
filename = /path/to/hell/authMac
format = "%{Calling-Station-ID}"
}

update request {
Tmp-String-0 := `echo "%{Calling-Station-ID}" >> "/path/to/f___ing_unauthorized_macs_file"`
}
There's also the linelog module which would be better in >= v3.0.x as it implements internal locking (in addition to flock) to prevent line interleaving.
See /etc/raddb/mods-available/linelog for examples.

Related

Spring Integration's `ImapIdleAdapter` doesn't mark messages as read

I have declared a mail listener with Spring Integration like this:
#Bean
public IntegrationFlow mailListener() {
return IntegrationFlows.from(
Mail.imapIdleAdapter(getUrl())
.searchTermStrategy((s, f) -> new FlagTerm(new Flags(Flags.Flag.SEEN), false))
.shouldMarkMessagesAsRead(true)
.shouldDeleteMessages(false)
.get())
.<Message>handle((payload, header) -> handle(payload)).get();
}
In my test mail account I have a few 'unread' and a few 'read' messages. Starting the application I see in the logs that the listener fetches all of the 'unread' messages over and over again without ever marking them as 'read'.
Given that I specified shouldMarkMessagesAsRead(true) I would expect the Adapter to mark a message as read after fetching it.
Am I understanding and/or doing something wrong?
Thanks to Artem Bilan's hint on activating debug output I found out that the mailbox was opened in read-only mode.
And thanks to Gary Russell's answer to another question I tried removing the .get() call on the ImapIdleChannelAdapterSpec:
#Bean
public IntegrationFlow mailListener() {
return IntegrationFlows.from(
Mail.imapIdleAdapter(getUrl())
.shouldMarkMessagesAsRead(true)
.shouldDeleteMessages(false))
.<Message>handle((payload, header) -> handle(payload)).get();
}
Now the mailbox gets opened in read-write mode and marking the messages with the SEEN flag works fine.
I also don't actually need the custom SearchTermStrategy now as Artem Bilan already suggested.
In this type of situations we recommend to set:
.javaMailProperties(p -> p.put("mail.debug", "true"))
on that Mail.imapIdleAdapter().
Probably your e-mail server really does not support that \seen flag, so the message is marked as read via some other flag.
So, with that mail debugging option you should see some interesting info in your logs.
The logic in our default DefaultSearchTermStrategy is like this around that Flags.Flag.SEEN :
if (supportedFlags.contains(Flags.Flag.SEEN)) {
NotTerm notSeen = new NotTerm(new FlagTerm(new Flags(Flags.Flag.SEEN), true));
if (searchTerm == null) {
searchTerm = notSeen;
}
else {
searchTerm = new AndTerm(searchTerm, notSeen);
}
}
See if you really need a custom strategy and why a default one is not enough for you: https://docs.spring.io/spring-integration/docs/current/reference/html/mail.html#search-term

openSIPS setup an onreply route if the call is picked up

I'm wondering if is it possible to set a condition for call answered/picked up in an onreply_route
something like this
onreply_route {
if(call picked up) {
xlog("ON AIR");
}
}
There are quite a few ways in which you can achieve this. For your case, I would use the tm module's t_check_status() function:
onreply_route {
if (t_check_status("2[0-9][0-9]")) {
xlog("ON AIR");
}
}
However, note that this will not work if your SIP proxy is stateless (i.e. if you don't use tm at all)! In this case, we would need to access the information in a more low-level way, by reading it straight off the received message using the $rs variable (SIP reply status):
onreply_route {
if ($rs == 200) { # or ($rs =~ "2[0-9][0-9]")
xlog("ON AIR");
}
}

How to add a plugin to Telegraf?

Hello I would to know if someone have all ready add a plugin to telegraf for Influxdb.
I have my go code which is working. What do I need next and where to put theses files?
I've found that I need to do something like this:
type ReadFile struct {
//buf []byte
//MemoryBytes int64
//PID int
}
func (s *ReadFile) Description() string {
return "This is a test plugin to read data from a file and send them to influxdb" }
func (s *ReadFile) SampleConfig() string {
return "ok = true # indicate if everything is fine"
}
func Gather(acc plugins.Accumulator) error {
readFile(alarmFile)
acc.Add("alarm", result_of_readFile_here, tags)
}
}
func init() {
plugins.Add("readFile", func() plugins.Plugin { &ReadFile{} })
}
But is this my entire Go plugin or another file in Go to add with my Go program?
And where does the file.conf is store?
[tags]
dc = "alarm"
[agent]
interval = "10s"
# OUTPUTS
[outputs]
[outputs.influxdb]
url = "http://127.0.0.1:8086" # required.
database = "summer" # required.
precision = "s"
# PLUGINS
[readFile]
If you have a list of what I need, how to structure it, where I store file or maybe an example could be really helpful.
Thanks!!
-> I receive this, it gave me a better understanding, I think it could be helpful:
https://github.com/influxdata/telegraf/blob/master/CONTRIBUTING.md
"His plugin code looks good to go. He needs to place that file in $GOPATH/src/github.com/influxdata/telegraf/plugin/inputs/testPlugin/testPlugin.go
He should write a test for the plugin and place it at $GOPATH/src/github.com/influxdata/telegraf/plugin/inputs/testPlugin/testPlugin_test.go
After this is complete he needs to register the plugin at $GOPATH/src/github.com/influxdata/telegraf/plugin/inputs/all/all.go
Then he should run make from $GOPATH/src/github.com/influxdata/telegraf. This will place the new telegraf binary in $GOPATH/bin/telegraf.
Run the binary with the following flags to generate the valid configuration:
$GOPATH/bin/telegraf -sample-config -input-filter testPlugin -output-filter influxdb > testPlugin_config.conf
From there you can run the binary with the -test flag by passing it the sample config:
$GOPATH/bin/telegraf -config testPlugin_config.conf -test
This will output the line protocol that is to be inserted into the database."
-> And the testPlugin.go that he talks about:
package testPlugin
import (
"time"
)
type ReadFile struct {
counter int64
}
func (s *TestPlugin) Description() string {
return "This is a test plugin to write data to influxdb with a plugin"
}
func (s *TestPlugin) SampleConfig() string {
return "ok = true # indicate if everything is fine"
}
func Gather(acc telegraf.Accumulator) error {
c := time.Tick(10 * time.Second)
for now := range c {
counter := counter + 1
acc.Add("counter",counter, tags)
}
}
func init() {
inputs.Add("testPlugin", func() telegraf.Input { return &TestPlugin{} })
}
There's an opened issue for external plugin support which might be part of Telegraf 1.4.0. If will probably load external *.so files.
Until then all plugins are supposed to be merged into master repository via PRs. There are already many plugins waiting in review process. This model is obviously not very scalable.

spray.io strange get/delete/detach directives behavior

I have written the following code using spray routing directives:
path("goal" / Segment) { id =>
get {
detach(ec) {
val goal = srv.find(id)
complete(goal)
}
} ~
delete {
detach(ec) {
srv.delete(id)
complete(OK)
}
}
}
The problem is the execution path is strange. First it goes to get->detach->srv.find->complete
then to delete -> detach -> srv.delete -> complete
and then it comes back to get->detach->... and completes there. The issue is srv.delete is executed which is not a desired behavior because I loose data. Can anyone explain me this behavior and tell me how to fix it ?
Thanks in advance.
I don't understand why but it seems that this modification works properly:
path("goal" / Segment) { id =>
get {
detach(ec) {
val goal = srv.find(id)
complete(goal)
}
} ~
delete {
detach(ec) {
complete {
srv.delete(id) // here
OK
}
}
}
}
Examples in the documentation here shows only cases where after detach comes only complete/reject directive. Therefore I suspect it was tested only with these.
I had the same issue, it looks like something related to Spray route DSL, I solved it adding the command in the path:
(get & path("goal" / Segment)) { id =>
detach(ec) {
val goal = srv.find(id)
complete(goal)
}
} ~
(delete & path("goal" / Segment)) { id =>
detach(ec) {
srv.delete(id)
complete(OK)
}
}
It would be nice to see another solution to be honest instead of having to always replicate the path but up to now this was the only thing which worked.

Raising events in KRL without using explicit

I'm writing an app that raises events, similar to how Phil Windley's personal data manager application works. However, if I try to use any event domain but explicit, the events don't get propagated. The following rules work fine with explicit as the domain, but not with driverreg.
rule driver_info_submit {
select when web pageview ".*"
pre {
driver_name = "Joe Driver";
driver_phone = "111-555-1212";
msg = <<
Current driver info: #{ent:driver_name}, #{ent:driver_phone}
>>;
}
notify("Started", msg);
fired {
raise explicit event new_driver_data with driver_name=driver_name and driver_phone=driver_phone;
}
}
// Save driver name
rule save_driver_name {
select when explicit new_driver_data
pre {
driver_name = event:param("driver_name") || ent:driver_name;
driver_phone = event:param("driver_phone") || ent:driver_phone;
}
noop();
always {
set ent:driver_name driver_name;
set ent:driver_phone driver_phone;
raise explicit event driver_data_updated;
}
}
rule driver_info_updated {
select when explicit driver_data_updated
{
notify("Driver name", ent:driver_name);
notify("Driver phone", ent:driver_phone);
}
}
It doesn't seem to be a problem with whether the app is deployed, as I've tried it both ways. What am I missing?
Only certain domains are allowed as domains in the raise statement:
explicit
http
system
notification
error
pds
This may be relaxed in the future.
This is covered in the documents here: https://kynetxdoc.atlassian.net/wiki/display/docs/Raising+Explicit+Events+in+the+Postlude
(note that this is a temporary home for the documentation)