|
1
|
#!/usr/local/bin/php -f
|
|
2
|
<?php
|
|
3
|
|
|
4
|
/*
|
|
5
|
* cp_allow cpzone=.... ip=... username=... [mac=...] [attrs=...] ...
|
|
6
|
* output on stdout: sessionid
|
|
7
|
*/
|
|
8
|
|
|
9
|
global $cpzone;
|
|
10
|
|
|
11
|
$ip = $username = $mac = $cpzone = null;
|
|
12
|
$attributes = Array();
|
|
13
|
|
|
14
|
array_shift($argv);
|
|
15
|
foreach ($argv as $arg) {
|
|
16
|
list($name, $value) = explode('=', $arg, 2);
|
|
17
|
switch($name) {
|
|
18
|
case 'ip':
|
|
19
|
$ip=$value;
|
|
20
|
break;
|
|
21
|
case 'username':
|
|
22
|
$username=$value;
|
|
23
|
break;
|
|
24
|
case 'mac':
|
|
25
|
$mac=$value;
|
|
26
|
break;
|
|
27
|
case 'nameid':
|
|
28
|
$nameid=$value;
|
|
29
|
break;
|
|
30
|
case 'cpzone':
|
|
31
|
$cpzone=$value;
|
|
32
|
break;
|
|
33
|
default:
|
|
34
|
$attributes[$name]=$value;
|
|
35
|
}
|
|
36
|
}
|
|
37
|
|
|
38
|
// check IP format (ipv4 only)
|
|
39
|
if (! preg_match( '/^(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]\d|\d)(?:[.](?:25[0-5]|2[0-4]\d|1\d\d|[1-9]\d|\d)){3}$/', $ip)) {
|
|
40
|
exit(2);
|
|
41
|
}
|
|
42
|
|
|
43
|
if ( $mac == null ) {
|
|
44
|
// search MAC in ARP cache
|
|
45
|
require("util.inc");
|
|
46
|
$mac=arp_get_mac_by_ip($ip);
|
|
47
|
}
|
|
48
|
|
|
49
|
// check MAC format
|
|
50
|
if (! preg_match( '/^([0-9A-F]{2}:){5}[0-9A-F]{2}$/i', $mac)) {
|
|
51
|
exit(3);
|
|
52
|
}
|
|
53
|
|
|
54
|
// check if cpzone is defined
|
|
55
|
if ( $cpzone == null ) {
|
|
56
|
exit(4);
|
|
57
|
}
|
|
58
|
|
|
59
|
require("captiveportal.inc");
|
|
60
|
@captiveportal_logportalauth( $username, $mac, $ip, "LOGIN", '(' . $nameid . ')' );
|
|
61
|
$pfsenseid = portal_allow( $ip, $mac, $username );
|
|
62
|
echo $pfsenseid;
|
|
63
|
|
|
64
|
?>
|