Community discussions

MikroTik App
  4. RouterOS
  5. General

Script to kick PPPOE Connection

Post Reply
 
sarky
newbie
Topic Author
Posts: 37
Joined: Wed Jun 30, 2004 3:32 am

Script to kick PPPOE Connection

Sat Sep 11, 2004 12:28 am

Hello all,

Well this issue it would be nice if it is a feature but considering it is not, i have to look for another way of doing it.

Problem:
User test1 logs on, and for one reason or another test1 looses connection but it doesnt kick him off, even with idle-timeout set to 180s.

User test1 logs on, and diconnect properly but radius quit signal times out on the way, so the user is authenticated through mikrotik but radius thinks he is loged on.

Solution needed a script to be able to look into the log and see user ending with test1-1 and then kick test1 from mikrotik.

Or to make life easier if test1 is already loged on then mikrotik will kick test1 and log on the new test1, i have seen that before with dialup connection in the late 90's.

Hope i get some response .

Thanks in advice.

Sarky
Top
 
jonm
newbie
Posts: 47
Joined: Thu Jul 01, 2004 7:49 am
Location: Indiana, USA
Contact:
Contact jonm

Mon Sep 27, 2004 8:16 am

most access routers implement this feature with SNMP and most radius programs can check to see if a user is really online using snmp. I wonder, can we see the logged on hotspot users with snmp? If not, adding that feature would definetly fix the problem and make it compatible with the majority of radius packages.
Top
 
edzix
Member
Member
Posts: 333
Joined: Thu Jul 01, 2004 3:01 pm
Location: Latvia

Re: Script to kick PPPOE Connection

Mon Sep 27, 2004 12:16 pm

Hello all,

Well this issue it would be nice if it is a feature but considering it is not, i have to look for another way of doing it.

Problem:
User test1 logs on, and for one reason or another test1 looses connection but it doesnt kick him off, even with idle-timeout set to 180s.

User test1 logs on, and diconnect properly but radius quit signal times out on the way, so the user is authenticated through mikrotik but radius thinks he is loged on.

Solution needed a script to be able to look into the log and see user ending with test1-1 and then kick test1 from mikrotik.

Or to make life easier if test1 is already loged on then mikrotik will kick test1 and log on the new test1, i have seen that before with dialup connection in the late 90's.

Hope i get some response .

Thanks in advice.

Sarky
i the next beta release there will be possibility to terminate the session from radius server. We are also working radius management system which will be soon available for public use. It will allow you to realize what you've planned - give the user prepaid time after which his connection will be terminated.

Edgars
Top
 
bbhcb

killing duplicates

Tue Oct 19, 2004 8:31 am

hey sarky,

i have written that script recently for mikrotik 2.7.dontremember;

it will kill duplicate pppoe logins
i have tested it in several providers and it works just fine
you have to replace user with account with 'read'+'write' rights.

it is a pity that mikrotik does not support automated key based ssh login and we have to do stuff like this; but it works.

be careful to restrict the user/pass account to login only from specific ip address. the telnet protocol is not secure and if your servers share the same lan with users it cant be made secure...

for 2.8.xxx you have to modify it a bit - column is no more supported for print and when removed you will have to modify the second regex...

here it comes:
Code: Select all
#!/usr/bin/php4 -q
<? // $Id: mt_ck.php,v 1.2 2004/10/03 23:48:23 bbonev Exp $

    $addr='192.168.x.x';
    $port=23;
    $user='user';
    $pass='pass';
    $cmd='/interface pppoe-server print column=remote-address,user,name without-paging';

    $header1=chr(0xFF).chr(0xFB).chr(0x1F).chr(0xFF).chr(0xFB).
    chr(0x20).chr(0xFF).chr(0xFB).chr(0x18).chr(0xFF).chr(0xFB).
    chr(0x27).chr(0xFF).chr(0xFD).chr(0x01).chr(0xFF).chr(0xFB).
    chr(0x03).chr(0xFF).chr(0xFD).chr(0x03).chr(0xFF).chr(0xFC).
    chr(0x23).chr(0xFF).chr(0xFC).chr(0x24).chr(0xFF).chr(0xFA).
    chr(0x1F).chr(0x00).chr(0x50).chr(0x00).chr(0x18).chr(0xFF).
    chr(0xF0).chr(0xFF).chr(0xFA).chr(0x20).chr(0x00).chr(0x33).
    chr(0x38).chr(0x34).chr(0x30).chr(0x30).chr(0x2C).chr(0x33).
    chr(0x38).chr(0x34).chr(0x30).chr(0x30).chr(0xFF).chr(0xF0).
    chr(0xFF).chr(0xFA).chr(0x27).chr(0x00).chr(0xFF).chr(0xF0).
    chr(0xFF).chr(0xFA).chr(0x18).chr(0x00).chr(0x58).chr(0x54).
    chr(0x45).chr(0x52).chr(0x4D).chr(0xFF).chr(0xF0);
    $header2=chr(0xFF).chr(0xFC).chr(0x01).chr(0xFF).chr(0xFC).
    chr(0x22).chr(0xFF).chr(0xFE).chr(0x05).chr(0xFF).chr(0xFC).chr(0x21);

    $fp=fsockopen($addr,$port);
    fputs($fp,$header1);
    usleep(125000);
    fputs($fp,$header2);
    usleep(125000);
    fputs($fp,"{$user}\n");
    usleep(125000);
    fputs($fp,"{$pass}\n");
    usleep(125000);
    fputs($fp,"$cmd\r\n");
    usleep(125000);
    fputs($fp,"quit\r\n");
    usleep(2*125000);
    do {
        $nl=fread($fp,800);
        $output.=$nl;
        $stat=socket_get_status($fp);
    } while ($stat["unread_bytes"]);
    fclose($fp);

    preg_match("|[#][ ]+REMOTE[-]ADDRESS[ ]+USER|",$output,$matches);
    $begpos=strpos($output,$matches[0]);
    $output=substr($output,$begpos);
    $output=str_replace("\r",'',$output);
    preg_match_all("|\n[ ]+([0-9]+)[ ]+R[ ]+([0-9A-F]+:[0-9A-F]+:[0-9A-F]+:[0-9A-F]+:[0-9A-F]+:[0-9A-F]+)[ ]+([0-9a-z.]+)[ ]+([<][^>]+[>])|",$output,$matches);
    $users=array();
    $logins=array();
    for ($i=0;$i<count($matches[1]);$i++) {
        $users[]=array('mac'=>$matches[2][$i],'user'=>$matches[3][$i]);
        $logins[$matches[3][$i]]['cnt']++;
        $logins[$matches[3][$i]]['ints'][]=$matches[4][$i];
    }
    $cmds='';
    while (list($k,$v)=each($logins)) {
        if ($v['cnt']>1) {
            while (list($dummy,$vv)=each($v['ints']))
                $cmds.='/interface pppoe-server remove "'.$vv.'"'."\r\n";
        }
    }
    if ($cmds!='') {
        $cmd=$cmds."quit\r\n";
        echo $cmd;
        $fp=fsockopen($addr,$port);
        fputs($fp,$header1);
        usleep(125000);
        fputs($fp,$header2);
        usleep(125000);
        fputs($fp,"{$user}\n");
        usleep(125000);
        fputs($fp,"{$pass}\n");
        usleep(125000);
        fputs($fp,"$cmd\r\n");
        usleep(125000);
        # show the output
        do {
            $nl=fread($fp,800);
            $output.=$nl;
            $stat=socket_get_status($fp);
        } while ($stat["unread_bytes"]);

        echo $output;
        fclose($fp);
    }

?>
Top
Post Reply
  4. RouterOS
  5. General