Cover V12, I07
jul2003.tar

Listing 1 RADIUS configuration scripts

dbLogin.tcl (replace with db username with read only permissions and
put in file without world read permissions):

set dbLogon "username/password@database"
set dbHandle [oralogon $dbLogon]
set dbCursor [oraopen  $dbHandle]

extractUsers.tcl:
#!/usr/local/bin/tclsh
package require Oratcl
proc Usage {} {
        puts stderr "Usage: extractUsers.tcl {free|open}"
        exit 2
}
# check that we have one of [open|free]
if {$argc != 1} {
        Usage
} elseif {[string first "free" [lindex $argv 0]] > -1} {
        set style free
} else {
        set style open
}
set dir "."
source dbLogin.tcl
set sql "select mac_address from wireless_user_mac"
set sqlReturn [orasql $dbCursor "$sql"]

exec cp $dir/users.top $dir/users
set outFile [open "$dir/users" a]

while {[set row [orafetch $dbCursor]] != ""} {
    set regsubReturn [regsub -all -- : $row - macAddress]
    set macAddress [string tolower $macAddress]
    if {$style == "free"} {
        puts $outFile "$macAddress    Password==NOPASSWORD"
    } else {
        puts $outFile "$macAddress    clear-password = \"NOPASSWORD\""
    }
}
close $outFile
exec cat ${dir}/users.end >> ${dir}/users

exit


extractClients.tcl:
#!/usr/local/bin/tclsh
package require Oratcl

proc Usage {} {
    puts stderr "Usage: extractClients.tcl {free|open}"
    exit 2
}

# check that we have one of [open|free]
if {$argc != 1} {
    Usage
} elseif {[string first "free" [lindex $argv 0]] > -1} {
    set style free
    set outFileName "clients.conf"
} else {
    set style open
    set outFileName "clients"
}

# some day make this a command-line parameter maybe
set dir "."
set defaultSecret "blah"
source dbLogin.tcl

set sql "select device_name, ip_address, radius_key from wireless_device"
set sqlReturn [orasql $dbCursor "$sql"]

exec cp $dir/clients-$style.top $dir/$outFileName
set outFile [open "$dir/$outFileName" a]

while {[set row [orafetch $dbCursor]] != ""} {
    set deviceName "[lindex $row 0]".
    set shortName  [lindex [split $deviceName .] 0]
    set ipAddress  [lindex $row 1]
    if {[string length [lindex $row 2]] == 0} {
        set secret    $defaultSecret
    } else {
        set secret    [lindex $row 2]
    if {$style == "free"} {
            set outString  "client\t$deviceName {\n"
            append outString "\tsecret=$secret\n"
            append outString "\tshortname=$shortName\n"
            append outString "}\n"
            puts $outFile $outString
    } else {
        puts $outFile "$ipAddress\t$secret"
    }
}

close $outFile
exec cat $dir/clients-$style.end >> $dir/$outFileName

exit
 
© 2005 CMP Media LLC. All Rights Reserved.
www.sysadminmag.com