用Linux Shell腳本輕松管理Radius服務器
公司的無線環境采用mac地址認證的方式,mac地址被綁定到Radius的users配置文件中,將注冊了的mac地址作為用戶名和密碼。為了方便的管理這些mac地址,自己寫了一個shell腳本來管理。
shell腳本所特有的強大文本處理能力和各種命令函數的組合,使得管理員的工作能輕松不少。
下面就列出該腳本的功能以示參考:
- 添加mac地址
- 刪除mac地址
- 查找mac地址
- 去除重復mac地址
- 檢查mac地址合法性
- TODO,導入導出mac地址,添加注釋 </ul>
- 文本文件的列處理和行處理,如sed、awk等命令
- 字符串查找、過濾、大小寫轉換,bash和grep等命令
- 獲取、計算、比較字符串長度,bash和wc等命令
- mac地址正則表達式的處理和類型轉換
- shell編程操作、包括文件包含、函數、參數傳遞、返回值等
- 其他 </ul>
其中用到的Shell腳本技術包括但不限于:
代碼示例:
#!/bin/bash #Source function library.
. /etc/rc.d/init.d/functions
RADIUSD=/usr/sbin/radiusd LOCKF=/var/lock/subsys/radiusd CONFIG=/etc/raddb/radiusd.conf USERCONFIG=/etc/raddb/users
[ -f $RADIUSD ] || exit 0 [ -f $CONFIG ] || exit 0 [ -f $USERCONFIG ] || exit 0
RETVAL=0
OPERATION=$1 MACADDRESS=$2
function help() { clear echo $"" echo $"====================================================================================" echo $"For Radius on Fedora/CentOS/RadHat Linux Server, Written by Chris" echo $"====================================================================================" echo $"A tool to manage Radius server" echo $"" echo $"Usage: $0 {find|add|modify|delete|check|remove|start|stop|status|restart|reload} mac"
#TODO echo $"Usage: $0 {import|export|debug}" echo $"" echo $"For more information please contract dgdenterprise@gmail.com" echo $"====================================================================================" echo $"" exit 1}
function mac() { if [ -z $MACADDRESS ];then echo $"no mac address is signed! " echo $"\$2 is $MACADDRESS" exit 1 else if [[ "${#MACADDRESS}" != "12" ]] && [[ "${#MACADDRESS}" != "17" ]] ;then echo "mac length is ${#MACADDRESS}" echo "mac address is illegal! " exit 1
else
echo $"mac which you input is $MACADDRESS"
fi #echo $MACADDRESS | sed -nr '/[A-Fa-f0-9]{2}:[A-Fa-f0-9]{2}:[A-Fa-f0-9]{2}:[A-Fa-f0-9]{2}:[A-Fa-f0-9]{2}:[A-Fa-f0-9]{2}/p' #echo $MACADDRESS | sed -nr '/[A-Fa-f0-9]{2}-[A-Fa-f0-9]{2}-[A-Fa-f0-9]{2}-[A-Fa-f0-9]{2}-[A-Fa-f0-9]{2}-[A-Fa-f0-9]{2}/p' #echo $MACADDRESS | sed -nr '/[A-Fa-f0-9]{12}/p' if [[ `echo $MACADDRESS | grep -` ]];then PROMAC=`echo $MACADDRESS | sed -nr '/[A-Fa-f0-9]{2}-[A-Fa-f0-9]{2}-[A-Fa-f0-9]{2}-[A-Fa-f0-9]{2}-[A-Fa-f0-9]{2}-[A-Fa-f0-9]{2}/p' | tr '[:upper:]' '[:lower:]' | sed 's/-//g'` elif [[ `echo $MACADDRESS | grep :` ]];then PROMAC=`echo $MACADDRESS | sed -nr '/[A-Fa-f0-9]{2}:[A-Fa-f0-9]{2}:[A-Fa-f0-9]{2}:[A-Fa-f0-9]{2}:[A-Fa-f0-9]{2}:[A-Fa-f0-9]{2}/p' | tr '[:upper:]' '[:lower:]' | sed 's/://g'` else PROMAC=`echo $MACADDRESS | tr '[:upper:]' '[:lower:]'` fi echo $PROMAC fi}
function find() { MAC=
macecho $"accepted mac is $MAC" if [[grep $MAC $USERCONFIG]]; then MACLINE=grep -n $MAC $USERCONFIG | awk -F ':' '{print $1}'#echo $MACLINE MACLINECOUNT=$(echo $MACLINE | wc -w) #echo $MACLINECOUNT if [[ "$MACLINECOUNT" != "1" ]];then echo $"ERROR, this mac $MAC has duplicate record, you should use $0 remove $MAC to remove duplicate record" exit 1 fi echo $"Successfully find $MAC in $MACLINE line of file $USERCONFIG! " echo REVAL=$? else echo $"Can not find $MAC in file $USERCONFIG! " echo exit 1 REVAL=$? fi}
function add() { MAC=
macecho $"accepted mac is $MAC"#find $MAC LINENUM=`grep -n "Cleartext-Password :='" users | grep -v \# | head -n1 | awk -F ":" '{print $1}'` SEDOPERATION=$LINENUM"a" sed -i "$SEDOPERATION $MAC Cleartext-Password :='$MAC'" $USERCONFIG find $MAC restart}
function modify() { MAC=
macfind $MAC#TODO}
function delete() { MAC=
macecho $"accepted mac is $MAC" if [[grep $MAC $USERCONFIG]]; then MACLINE=grep -n $MAC $USERCONFIG | awk -F ':' '{print $1}'##echo $MACLINE #MACLINECOUNT=$(echo $MACLINE | wc -w) ##echo $MACLINECOUNT #if [[ "$MACLINECOUNT" != "1" ]];then # echo $"ERROR, this mac $MAC has duplicate record, you should use $0 remove $MAC to remove duplicate record" # exit 1 #fi echo $"Successfully find $MAC in $MACLINE line of file $USERCONFIG! " echo $"It will be deleted! " sed -i "$MACLINE d" $USERCONFIG #TODO echo $"If you see 'Can not find $MAC in file $USERCONFIG! ', it means successfully! " find $MAC echo REVAL=$? else echo $"Can not find $MAC in file $USERCONFIG! " echo REVAL=$? fi}
function check() { MAC=
macfind $MAC remove $MAC }function remove() { MAC=
macecho $"accepted mac is $MAC"#TODO #echo $"backuped file to file $FILENAME" if [[ `grep $MAC $USERCONFIG` ]]; then MACLINE=`grep -n $MAC $USERCONFIG | awk -F ':' '{print $1}'` #echo $MACLINE MACLINECOUNT=$(echo $MACLINE | wc -w) #echo $MACLINECOUNT if [[ "$MACLINECOUNT" == "1" ]];then echo $"WARNNING, this mac $MAC is good record, no duplicate record has found! " exit 0 fi TOREMOVE="$MAC Cleartext-Password :='$MAC'" sed -i "/^$TOREMOVE$/d" $USERCONFIG add $MAC fi}
function restart() { service radiusd restart }
function reload() { service radiusd reload }
function status() { service radiusd status }
case "$1" in find) find RETVAL=$? ;; add) add RETVAL=$? ;; modify) modify RETVAL=$? ;; delete) delete RETVAL=$? ;; check) check RETVAL=$? ;; remove) remove RETVAL=$? ;; start) start RETVAL=$? ;; stop) stop RETVAL=$? ;; status) status RETVAL=$? ;; restart) restart RETVAL=$? ;; reload) reload RETVAL=$? ;; *) help exit 1 ;; esac</pre>原文來自:urey_pp 的BLOG