|
Home
| pfodApps/pfodDevices
| WebStringTemplates
| Java/J2EE
| Unix
| Torches
| Superannuation
|
| About
Us
|
|
|
Freebees - Webpage from Tacacs+ user logs
|
These mods are base on the Tacacs+ V2.1 source files. As well as writing to the normal log file, a line is written to the individual user files each time a user logs off. The line contains amoung other things the time the user was on line and the bytes down loaded.
Modifed tac_plus source file do_acct.c to write individual user log files in dir /var/log/users-time-dir These files are used to generate usage logs.
/* modified 22/7/97 by M.P.ford to write out stop line to indivigual user files */ ** Modification Copyright(c)1997 Forward Computing and Control Pty. Ltd. ** All rights reserved. ACN 003 669 994 NSW, Australia */
/* modified to write out acc_type= for CWW etc */
/* variable useraccpath holds path of these files */
/*
Copyright (c) 1995 by Cisco systems, Inc.
All rights reserved.
Please NOTE: None of the TACACS code available here comes with any
warranty or support.
*/
#include "tac_plus.h"
static int acctfd = 0;
static int userfd = 0; /* added 10/4/96 mpf */
#define USERFILELEN 1024 /* added 10/4/96 */
static char userfile[USERFILELEN+1]; /* added 10/4/96 */
static char useraccpath[]="/var/log/users-time-dir/"; /* added 22/7/97 */
/* Make a acct entry into the accounting file for accounting.
Return 1 on error */
static int
acct_write(string)
char *string;
{
if (write(acctfd, string, strlen(string)) != strlen(string)) {
report(LOG_ERR, "%s: couldn't write acct file %s %s",
session.peer,
session.acctfile, sys_errlist[errno]);
return(1);
}
if (debug & DEBUG_ACCT_FLAG)
report(LOG_DEBUG, "'%s'", string);
return(0);
}
/* user_acct_write added 22/7/97 */
static int
user_acct_write(char *string,int fd)
/* char *string; */
{
if (write(fd, string, strlen(string)) != strlen(string)) {
report(LOG_ERR, "%s: couldn't write user time file %s %s\n%s",
session.peer,
userfile, sys_errlist[errno], string);
return(1);
}
return(0);
}
/* Write a string or "unknown" into the accounting file.
Return 1 on error */
static int
user_acct_write_field(string)
char *string;
{
if (string && string[0]) {
if (acct_write(string))
return(1);
} else {
if (acct_write("unknown"))
return(1);
}
return(0);
}
/* user_write added 10/4/96 */
static int
user_write(string)
char *string;
{
if (write(userfd, string, strlen(string)) != strlen(string)) {
report(LOG_ERR, "%s: couldn't write user file %s %s",
session.peer,
userfile, sys_errlist[errno]);
return(1);
}
return(0);
}
/* Write a string or "unknown" into the accounting file.
Return 1 on error */
static int
acct_write_field(string)
char *string;
{
if (string && string[0]) {
if (acct_write(string))
return(1);
} else {
if (acct_write("unknown"))
return(1);
}
return(0);
}
/* user_write_field added 10/4/96 */
/* Write a string or "unknown" into the accounting file.
Return 1 on error */
static int
user_write_field(string)
char *string;
{
if (string && string[0]) {
if (user_write(string))
return(1);
} else {
if (user_write("unknown"))
return(1);
}
return(0);
}
int
do_acct(rec)
struct acct_rec *rec;
{
int i, status;
time_t t = time(NULL);
char *ct = ctime(&t);
char *usertype = NULL; /* added 21/9/97 for usertype lookup */
ct[24] = '\0';
if (!acctfd) {
acctfd = open(session.acctfile, O_CREAT | O_WRONLY | O_APPEND, 0666);
if (acctfd < 0) {
report(LOG_ERR, "Can't open acct file %s -- %s",
session.acctfile, sys_errlist[errno]);
return(1);
}
}
if (!tac_lockfd(session.acctfile, acctfd)) {
rec->admin_msg = tac_strdup("Cannot lock log file");
report(LOG_ERR, "%s: Cannot lock %s",
session.peer, session.acctfile);
return(1);
}
status = 0;
status += acct_write(ct);
status += acct_write("\t");
status += acct_write_field(rec->identity->NAS_name);
status += acct_write("\t");
status += acct_write_field(rec->identity->username);
status += acct_write("\t");
status += acct_write_field(rec->identity->NAS_port);
status += acct_write("\t");
status += acct_write_field(rec->identity->NAC_address);
status += acct_write("\t");
switch(rec->acct_type) {
case ACCT_TYPE_UPDATE:
status += acct_write("update\t");
break;
case ACCT_TYPE_START:
status += acct_write("start\t");
break;
case ACCT_TYPE_STOP:
status += acct_write("stop\t");
break;
default:
status += acct_write("unknown\t");
break;
}
for (i=0; i < rec->num_args; i++) {
status += acct_write(rec->args[i]);
if (i < (rec->num_args-1))
status += acct_write("\t");
}
status += acct_write("\n");
close(acctfd);
acctfd = 0;
/************* added 22/7/97 ********************/
if ((rec->acct_type == ACCT_TYPE_STOP)) {
int fd = 0;
#define USERFILESTRLEN 1024
char userfile[USERFILESTRLEN];
char unknownuser[] = "unknown-users";
/* test if have username else use unknown file */
if ((rec->identity->username) && (rec->identity->username[0])) {
if ((strlen(useraccpath) + strlen(rec->identity->username) + 1) > USERFILESTRLEN) {
report(LOG_ERR, "User filename too long %s%s",useraccpath,rec->identity->username);
return(1);
}
/* lookup username */
if (!cfg_user_exists(rec->identity->username)) {
/* does not exist so do not write account data */
report(LOG_ERR, "User not found '%s'",rec->identity->username);
if (status) {
return(1);
}
return (0);
}
/* else copy username to userfile */
usertype = cfg_get_pvalue(rec->identity->username, TAC_IS_USER,
S_member, TAC_PLUS_NORECURSE);
if (! usertype ) { /* memeber missing do not store accounting */
if (status) {
return(1);
}
return (0);
}
strcpy(userfile,useraccpath);
strcat(userfile,rec->identity->username);
} else {
/* unknown user just return */
/* get these for async8 when dialing up the external mail */
if (status) {
return(1);
}
return (0);
/* this code not used *********************
if ((strlen(useraccpath) + strlen(unknownuser) + 1) > USERFILESTRLEN) {
report(LOG_ERR, "User filename too long %s%s",useraccpath,unknownuser);
return(1);
}
strcpy(userfile,useraccpath);
strcat(userfile,unknownuser);
*******************************/
}
fd = open(userfile, O_CREAT | O_WRONLY | O_APPEND, 0666);
if (fd < 0) {
report(LOG_ERR, "Can't open acct file %s -- %s",
userfile, sys_errlist[errno]);
return(1);
}
if (!tac_lockfd(userfile, fd)) {
rec->admin_msg = tac_strdup("Cannot lock log file");
report(LOG_ERR, "%s: Cannot lock %s",
session.peer, userfile);
close(fd);
return(1);
}
/* status = 0; use global status var */
status += user_acct_write_field(ct,fd);
status += user_acct_write("\t",fd);
for (i=0; i < rec->num_args; i++) {
status += user_acct_write_field(rec->args[i],fd);
if (i < (rec->num_args-1))
status += user_acct_write("\t",fd);
}
/* write out user member type */
status += user_acct_write("\tacc_type=",fd);
status += user_acct_write_field(usertype,fd);
status += user_acct_write("\r\n",fd);
if (close(fd) != 0) {
report(LOG_ERR, "%s: couldn't write return to user time file %s %s",
session.peer,
userfile, sys_errlist[errno]);
return(1);
}
fd = 0;
}
/* *************** ********* ****************/
if (status) {
return(1);
}
return (0);
}
Refer to Conditions of Use
Contact Forward Computing and Control by
©Copyright 1996-2020 Forward Computing and Control Pty. Ltd.
ACN 003 669 994