/etc/netams# less lockuser
#!/bin/bash action=$1 # Действие(DENY|ALLOW) oid=$2 ip_user=$3 name=`grep $3 /etc/hosts|awk '{print $2}'` why=$4 # Причина(QUOTA|LOGIN|...) case "$action" in DENY) /sbin/iptables -A lock -s $ip_user -j DROP /usr/sbin/cutter $ip_user > /dev/null logger -t NETAMS "Blocked $name $ip_user by $why..." echo "NETAMS Blocked $name $ip_user by $why...`LANG=C date`"|mail -s "NETAMS Blocked $name $ip_user by $why..." root ;; ALLOW) /sbin/iptables -D lock -s $ip_user -j DROP logger -t NETAMS "Unblocked $name $ip_user by $why..." echo "NETAMS Unblocked $name $ip_user by $why...`LANG=C date`"|mail -s "NETAMS Unblocked $name $ip_user by $why..." root ;; *) logger -t NETAMS "Unknown option..." echo "NETAMS Unknown option...`LANG=C date`"|mail -s "NETAMS Unknown option..." root ;; esac
Cgi-обертка для установки квот
#!/usr/bin/tclsh package require ncgi #package require html ncgi::header puts {<html><head></head><body>} if {[::ncgi::query] ne ""} { array set q [::ncgi::nvlist] foreach n [array names q] { if ![string is integer -strict $q($n)] {set q($n) 1 } exec /home/sanych/netams_setquota $n $q($n) } set f [open quota w] puts $f [list array set q [array get q]] close $f puts "New quota is set" } source quota #puts [::html::tableFromArray q] puts {<h1>Internet daily quota in Mb</h1> <form method="post" action="/cgi-bin/q.cgi"> <table style="font-size:2em" border=1>} foreach name [lsort [array names q]] { puts "<tr><td>$name</td><td><input name=\"$name\" value=\"$q($name)\"></td></tr>" } puts {</table> <input type="submit"> </form></body></html>}
cat quota
array set q {lena 1 ira 30 gl_buhg 50 makarov 10 kassir 30 administrator 70 ksusha 10 kadry 30 art 30 akva 50}
Скрипт для установки квоты
$ cat ./netams_setquota
#! /bin/bash if [ $# -lt 2 ] ; then echo -e "usage `basename $0` name QUOTA_DAY_MB [QUOTA_MONTH_MB]"; exit 1 fi #echo $# #exit name_client=$1 quotad=$2 #ip_client=`grep $name_client /etc/hosts|awk '{print $1}'` if [ $# -eq 3 ] ; then quotam=$3 /usr/sbin/netamsctl -f /home/sanych/.netamsctl.rc -s "service quota 0 && set name $name_client day ${quotad}M in month ${quotam}M in && exit" else /usr/sbin/netamsctl -f /home/sanych/.netamsctl.rc -s "service quota 0 && set name $name_client day ${quotad}M in && exit" fi
todo: Надо переделать в божеский вид и закинуть в серверную сборку
до кучи этот бред:
#!/usr/bin/tclsh # mail.tcl user [lock|unlock] array set ips { 192.168.0.16 mail,tensor 192.168.0.3 mail 192.168.0.4 mail 192.168.0.2 mail 192.168.0.8 yandex 192.168.0.7 yandex 192.168.0.9 all 192.168.0.5 bca } array set serv { mail 94.100.176.0/20 tensor 85.158.55.7 yandex 87.250.224.0/19,93.158.128.0/18,213.180.192.0/19,77.88.0.0/18 all 0.0.0.0/0 bca 195.98.32.0/24 } if {$argc < 2} { puts {Usage: mail.tcl ip [lock|unlock]} exit 1 } set ip [lindex $argv 0] if {[array names ips $ip] eq ""} { exit 0 } set lock [lindex $argv 1] foreach s [split $ips($ip) ,] { foreach se [split $serv($s) ,] { if {$lock eq "unlock"} { exec /sbin/iptables -I FORWARD -s $ip -d $se -p tcp -m tcp --dport 25 -j ACCEPT exec /sbin/iptables -I FORWARD -s $ip -d $se -p tcp -m tcp --dport 110 -j ACCEPT } else { exec /sbin/iptables -D FORWARD -s $ip -d $se -p tcp -m tcp --dport 25 -j ACCEPT exec /sbin/iptables -D FORWARD -s $ip -d $se -p tcp -m tcp --dport 110 -j ACCEPT } } }