Closed lukasjuhrich closed 7 years ago
Sketch of the implementation (me no guarantee correctness):
def get_port_auth_attempts(nasipaddress, nasportid):
"""
Return all auth attempts of a particular MAC address.
:param str nasipaddress: The IP address of the NAS
:param str nasportid: The NAS port identifier
:return: An iterable that yields (Packet-Type, Reply-Message, Auth-Date)-tuples ordered by Auth-Date descending
:rtype: iterable[(str, str, datetime)]
"""
connection = get_connection()
result = connection.execute(
select([radpostauth.c.packettype, radpostauth.c.replymessage,
radpostauth.c.authdate])
.where(and_(radpostauth.c.nasipaddress == nasipaddress,
radpostauth.c.nasportid == nasportid))
.order_by(radpostauth.c.authdate.desc()))
return iter(result)
Maybe we should extend a bit and provide more meaningful information. The Egress-VLAN-Name
for example, otherwise we do only have the custom Reply-Message
field.
I propose the following, updated function signature:
def get_port_auth_attempts(nasipaddress, nasportid, limit=100):
"""
:rtype: iterable[(packettype: str, replymessage: str, username: str,
auth_date: datetime, egress_vlan: int)]
"""
pass
I will update the Fake API (used for testing in pycroft) so it returns according to this signature and design the HadesLogs
Extension against it.
The RPC api (
hades/tasks.py
) should provide a function to list all recent auth attempts on a certain switch's port.