用Linux Shell脚本轻松管理Radius服务器
浏览数:28 /
时间:2015年06月20日
公司的无线环境采用mac地址认证的方式,mac地址被绑定到Radius的users配置文件中,将注册了的mac地址作为用户名和密码。为了方便的管理这些mac地址,自己写了一个shell脚本来管理。
shell脚本所特有的强大文本处理能力和各种命令函数的组合,使得管理员的工作能轻松不少。
下面就列出该脚本的功能以示参考:
添加mac地址
删除mac地址
查找mac地址
去除重复mac地址
检查mac地址合法性
TODO,导入导出mac地址,添加注释
其中用到的Shell脚本技术包括但不限于:
文本文件的列处理和行处理,如sed、awk等命令
字符串查找、过滤、大小写转换,bash和grep等命令
获取、计算、比较字符串长度,bash和wc等命令
mac地址正则表达式的处理和类型转换
shell编程操作、包括文件包含、函数、参数传递、返回值等
其他
代码示例:
#!/bin/bash
#
# Source function library.
. /etc/rc.d/init.d/functions
RADIUSD=/usr/sbin/radiusd
LOCKF=/var/lock/subsys/radiusd
CONFIG=/etc/raddb/radiusd.conf
USERCONFIG=/etc/raddb/users
[ -f $RADIUSD ] || exit 0
[ -f $CONFIG ] || exit 0
[ -f $USERCONFIG ] || exit 0
RETVAL=0
OPERATION=$1
MACADDRESS=$2
function help()
{
clear
echo $""
echo $"===================================================================================="
echo $"For Radius on Fedora/CentOS/RadHat Linux Server, Written by Chris"
echo $"===================================================================================="
echo $"A tool to manage Radius server"
echo $""
echo $"Usage: $0 {find|add|modify|delete|check|remove|start|stop|status|restart|reload} mac"
#TODO
echo $"Usage: $0 {import|export|debug}"
echo $""
echo $"For more information please contract [email protected]"
echo $"===================================================================================="
echo $""
exit 1
}
function mac()
{
if [ -z $MACADDRESS ];then
echo $"no mac address is signed! "
echo $"\$2 is $MACADDRESS"
exit 1
else
if [[ "${#MACADDRESS}" != "12" ]] && [[ "${#MACADDRESS}" != "17" ]] ;then
echo "mac length is ${#MACADDRESS}"
echo "mac address is illegal! "
exit 1
# else
# echo $"mac which you input is $MACADDRESS"
fi
#echo $MACADDRESS | sed -nr ‘/[A-Fa-f0-9]{2}:[A-Fa-f0-9]{2}:[A-Fa-f0-9]{2}:[A-Fa-f0-9]{2}:[A-Fa-f0-9]{2}:[A-Fa-f0-9]{2}/p‘
#echo $MACADDRESS | sed -nr ‘/[A-Fa-f0-9]{2}-[A-Fa-f0-9]{2}-[A-Fa-f0-9]{2}-[A-Fa-f0-9]{2}-[A-Fa-f0-9]{2}-[A-Fa-f0-9]{2}/p‘
#echo $MACADDRESS | sed -nr ‘/[A-Fa-f0-9]{12}/p‘
if [[ `echo $MACADDRESS | grep -` ]];then
PROMAC=`echo $MACADDRESS | sed -nr ‘/[A-Fa-f0-9]{2}-[A-Fa-f0-9]{2}-[A-Fa-f0-9]{2}-[A-Fa-f0-9]{2}-[A-Fa-f0-9]{2}-[A-Fa-f0-9]{2}/p‘ | tr ‘[:upper:]‘ ‘[:lower:]‘ | sed ‘s/-//g‘`
elif [[ `echo $MACADDRESS | grep :` ]];then
PROMAC=`echo $MACADDRESS | sed -nr ‘/[A-Fa-f0-9]{2}:[A-Fa-f0-9]{2}:[A-Fa-f0-9]{2}:[A-Fa-f0-9]{2}:[A-Fa-f0-9]{2}:[A-Fa-f0-9]{2}/p‘ | tr ‘[:upper:]‘ ‘[:lower:]‘ | sed ‘s/://g‘`
else
PROMAC=`echo $MACADDRESS | tr ‘[:upper:]‘ ‘[:lower:]‘`
fi
echo $PROMAC
fi
}
function find()
{
MAC=`mac`
echo $"accepted mac is $MAC"
if [[ `grep $MAC $USERCONFIG` ]]; then
MACLINE=`grep -n $MAC $USERCONFIG | awk -F ‘:‘ ‘{print $1}‘`
#echo $MACLINE
MACLINECOUNT=$(echo $MACLINE | wc -w)
#echo $MACLINECOUNT
if [[ "$MACLINECOUNT" != "1" ]];then
echo $"ERROR, this mac $MAC has duplicate record, you should use $0 remove $MAC to remove duplicate record"
exit 1
fi
echo $"Successfully find $MAC in $MACLINE line of file $USERCONFIG! "
echo
REVAL=$?
else
echo $"Can not find $MAC in file $USERCONFIG! "
echo
exit 1
REVAL=$?
fi
}
function add()
{
MAC=`mac`
echo $"accepted mac is $MAC"
#find $MAC
LINENUM=`grep -n "Cleartext-Password :=‘" users | grep -v \# | head -n1 | awk -F ":" ‘{print $1}‘`
SEDOPERATION=$LINENUM"a"
sed -i "$SEDOPERATION $MAC Cleartext-Password :=‘$MAC‘" $USERCONFIG
find $MAC
restart
}
function modify()
{
MAC=`mac`
find $MAC
#TODO
}
function delete()
{
MAC=`mac`
echo $"accepted mac is $MAC"
if [[ `grep $MAC $USERCONFIG` ]]; then
MACLINE=`grep -n $MAC $USERCONFIG | awk -F ‘:‘ ‘{print $1}‘`
##echo $MACLINE
#MACLINECOUNT=$(echo $MACLINE | wc -w)
##echo $MACLINECOUNT
#if [[ "$MACLINECOUNT" != "1" ]];then
# echo $"ERROR, this mac $MAC has duplicate record, you should use $0 remove $MAC to remove duplicate record"
# exit 1
#fi
echo $"Successfully find $MAC in $MACLINE line of file $USERCONFIG! "
echo $"It will be deleted! "
sed -i "$MACLINE d" $USERCONFIG
#TODO
echo $"If you see ‘Can not find $MAC in file $USERCONFIG! ‘, it means successfully! "
find $MAC
echo
REVAL=$?
else
echo $"Can not find $MAC in file $USERCONFIG! "
echo
REVAL=$?
fi
}
function check()
{
MAC=`mac`
find $MAC
remove $MAC
}
function remove()
{
MAC=`mac`
echo $"accepted mac is $MAC"
#TODO
#echo $"backuped file to file $FILENAME"
if [[ `grep $MAC $USERCONFIG` ]]; then
MACLINE=`grep -n $MAC $USERCONFIG | awk -F ‘:‘ ‘{print $1}‘`
#echo $MACLINE
MACLINECOUNT=$(echo $MACLINE | wc -w)
#echo $MACLINECOUNT
if [[ "$MACLINECOUNT" == "1" ]];then
echo $"WARNNING, this mac $MAC is good record, no duplicate record has found! "
exit 0
fi
TOREMOVE="$MAC Cleartext-Password :=‘$MAC‘"
sed -i "/^$TOREMOVE$/d" $USERCONFIG
add $MAC
fi
}
function restart()
{
service radiusd restart
}
function reload()
{
service radiusd reload
}
function status()
{
service radiusd status
}
case "$1" in
find)
find
RETVAL=$?
;;
add)
add
RETVAL=$?
;;
modify)
modify
RETVAL=$?
;;
delete)
delete
RETVAL=$?
;;
check)
check
RETVAL=$?
;;
remove)
remove
RETVAL=$?
;;
start)
start
RETVAL=$?
;;
stop)
stop
RETVAL=$?
;;
status)
status
RETVAL=$?
;;
restart)
restart
RETVAL=$?
;;
reload)
reload
RETVAL=$?
;;
*)
help
exit 1
;;
esac其中有一些可以改进的地方,比如换一种方法或者增强用户的使用体验都是可以的,欢迎大家提出意见。
本文出自 “通信,我的最爱” 博客,请务必保留此出处http://dgd2010.blog.51cto.com/1539422/1567085
郑重声明:本站内容如果来自互联网及其他传播媒体,其版权均属原媒体及文章作者所有。转载目的在于传递更多信息及用于网络分享,并不代表本站赞同其观点和对其真实性负责,也不构成任何其他建议。
