Home
| pfodApps/pfodDevices
| WebStringTemplates
| Java/J2EE
| Unix
| Torches
| Superannuation
|
| About
Us
|
Freebees - Webpage from Tacacs+ user logs
|
These mods are base on the Tacacs+ V2.1 source files. As well as writing to the normal log file, a line is written to the individual user files each time a user logs off. The line contains amoung other things the time the user was on line and the bytes down loaded.
Modifed tac_plus source file do_acct.c to write individual user log files in dir /var/log/users-time-dir These files are used to generate usage logs.
/* modified 22/7/97 by M.P.ford to write out stop line to indivigual user files */ ** Modification Copyright(c)1997 Forward Computing and Control Pty. Ltd. ** All rights reserved. ACN 003 669 994 NSW, Australia */
/* modified to write out acc_type= for CWW etc */ /* variable useraccpath holds path of these files */ /* Copyright (c) 1995 by Cisco systems, Inc. All rights reserved. Please NOTE: None of the TACACS code available here comes with any warranty or support. */ #include "tac_plus.h" static int acctfd = 0; static int userfd = 0; /* added 10/4/96 mpf */ #define USERFILELEN 1024 /* added 10/4/96 */ static char userfile[USERFILELEN+1]; /* added 10/4/96 */ static char useraccpath[]="/var/log/users-time-dir/"; /* added 22/7/97 */ /* Make a acct entry into the accounting file for accounting. Return 1 on error */ static int acct_write(string) char *string; { if (write(acctfd, string, strlen(string)) != strlen(string)) { report(LOG_ERR, "%s: couldn't write acct file %s %s", session.peer, session.acctfile, sys_errlist[errno]); return(1); } if (debug & DEBUG_ACCT_FLAG) report(LOG_DEBUG, "'%s'", string); return(0); } /* user_acct_write added 22/7/97 */ static int user_acct_write(char *string,int fd) /* char *string; */ { if (write(fd, string, strlen(string)) != strlen(string)) { report(LOG_ERR, "%s: couldn't write user time file %s %s\n%s", session.peer, userfile, sys_errlist[errno], string); return(1); } return(0); } /* Write a string or "unknown" into the accounting file. Return 1 on error */ static int user_acct_write_field(string) char *string; { if (string && string[0]) { if (acct_write(string)) return(1); } else { if (acct_write("unknown")) return(1); } return(0); } /* user_write added 10/4/96 */ static int user_write(string) char *string; { if (write(userfd, string, strlen(string)) != strlen(string)) { report(LOG_ERR, "%s: couldn't write user file %s %s", session.peer, userfile, sys_errlist[errno]); return(1); } return(0); } /* Write a string or "unknown" into the accounting file. Return 1 on error */ static int acct_write_field(string) char *string; { if (string && string[0]) { if (acct_write(string)) return(1); } else { if (acct_write("unknown")) return(1); } return(0); } /* user_write_field added 10/4/96 */ /* Write a string or "unknown" into the accounting file. Return 1 on error */ static int user_write_field(string) char *string; { if (string && string[0]) { if (user_write(string)) return(1); } else { if (user_write("unknown")) return(1); } return(0); } int do_acct(rec) struct acct_rec *rec; { int i, status; time_t t = time(NULL); char *ct = ctime(&t); char *usertype = NULL; /* added 21/9/97 for usertype lookup */ ct[24] = '\0'; if (!acctfd) { acctfd = open(session.acctfile, O_CREAT | O_WRONLY | O_APPEND, 0666); if (acctfd < 0) { report(LOG_ERR, "Can't open acct file %s -- %s", session.acctfile, sys_errlist[errno]); return(1); } } if (!tac_lockfd(session.acctfile, acctfd)) { rec->admin_msg = tac_strdup("Cannot lock log file"); report(LOG_ERR, "%s: Cannot lock %s", session.peer, session.acctfile); return(1); } status = 0; status += acct_write(ct); status += acct_write("\t"); status += acct_write_field(rec->identity->NAS_name); status += acct_write("\t"); status += acct_write_field(rec->identity->username); status += acct_write("\t"); status += acct_write_field(rec->identity->NAS_port); status += acct_write("\t"); status += acct_write_field(rec->identity->NAC_address); status += acct_write("\t"); switch(rec->acct_type) { case ACCT_TYPE_UPDATE: status += acct_write("update\t"); break; case ACCT_TYPE_START: status += acct_write("start\t"); break; case ACCT_TYPE_STOP: status += acct_write("stop\t"); break; default: status += acct_write("unknown\t"); break; } for (i=0; i < rec->num_args; i++) { status += acct_write(rec->args[i]); if (i < (rec->num_args-1)) status += acct_write("\t"); } status += acct_write("\n"); close(acctfd); acctfd = 0; /************* added 22/7/97 ********************/ if ((rec->acct_type == ACCT_TYPE_STOP)) { int fd = 0; #define USERFILESTRLEN 1024 char userfile[USERFILESTRLEN]; char unknownuser[] = "unknown-users"; /* test if have username else use unknown file */ if ((rec->identity->username) && (rec->identity->username[0])) { if ((strlen(useraccpath) + strlen(rec->identity->username) + 1) > USERFILESTRLEN) { report(LOG_ERR, "User filename too long %s%s",useraccpath,rec->identity->username); return(1); } /* lookup username */ if (!cfg_user_exists(rec->identity->username)) { /* does not exist so do not write account data */ report(LOG_ERR, "User not found '%s'",rec->identity->username); if (status) { return(1); } return (0); } /* else copy username to userfile */ usertype = cfg_get_pvalue(rec->identity->username, TAC_IS_USER, S_member, TAC_PLUS_NORECURSE); if (! usertype ) { /* memeber missing do not store accounting */ if (status) { return(1); } return (0); } strcpy(userfile,useraccpath); strcat(userfile,rec->identity->username); } else { /* unknown user just return */ /* get these for async8 when dialing up the external mail */ if (status) { return(1); } return (0); /* this code not used ********************* if ((strlen(useraccpath) + strlen(unknownuser) + 1) > USERFILESTRLEN) { report(LOG_ERR, "User filename too long %s%s",useraccpath,unknownuser); return(1); } strcpy(userfile,useraccpath); strcat(userfile,unknownuser); *******************************/ } fd = open(userfile, O_CREAT | O_WRONLY | O_APPEND, 0666); if (fd < 0) { report(LOG_ERR, "Can't open acct file %s -- %s", userfile, sys_errlist[errno]); return(1); } if (!tac_lockfd(userfile, fd)) { rec->admin_msg = tac_strdup("Cannot lock log file"); report(LOG_ERR, "%s: Cannot lock %s", session.peer, userfile); close(fd); return(1); } /* status = 0; use global status var */ status += user_acct_write_field(ct,fd); status += user_acct_write("\t",fd); for (i=0; i < rec->num_args; i++) { status += user_acct_write_field(rec->args[i],fd); if (i < (rec->num_args-1)) status += user_acct_write("\t",fd); } /* write out user member type */ status += user_acct_write("\tacc_type=",fd); status += user_acct_write_field(usertype,fd); status += user_acct_write("\r\n",fd); if (close(fd) != 0) { report(LOG_ERR, "%s: couldn't write return to user time file %s %s", session.peer, userfile, sys_errlist[errno]); return(1); } fd = 0; } /* *************** ********* ****************/ if (status) { return(1); } return (0); }
Refer to Conditions of Use
Contact Forward Computing and Control by
©Copyright 1996-2020 Forward Computing and Control Pty. Ltd.
ACN 003 669 994