I've posted this before, but I guess it's about time to do it again.
I run this once a minute, and it kicks off duplicate users (without
affecting MPP connections), and will also do idle terminations iff the
total number of ports in use is above a certain threshold. Nice for
the people that are online at 4am...
#!/usr/local/bin/perl5
#
# bofh.pl - version 1.1 Copyright 1998 Stefan Hudson / Monterey Bay Internet
#
# Version 1.1 - Modified to work with SNMP 1.7
#
# Version 1.0 - Initial Release
#
# Run from a crontab with somethine like this:
# 0,5,10,15,20,25,30,35,40,45,50,55 * * * * (/usr/local/sbin/portcheck.pl)>/dev/null 2>/dev/null
$PMCOM='/usr/local/sbin/pmcom'; # Location of the "pmcom" command.
$BUSY = 250; # Number of ports that must be used before we start kicking people off
$IDLE = 840; # Idle timer in seconds (14 minutes) (when we are over $BUSY)
$LIMIT = 28800; # Session timer in seconds (8 hours) (all the time)
# Specify terminal servers to monitor here.
@SERVERS=("pm0", "pm1", "pm2", "pm3", "pm4", "pm5");
$COMMUNITY="foobar"; # SNMP read community for portmasters
$LOGSERV = 'local5|info'; # syslog service for logging. I use the same one the PMs use.
use SNMP 1.7;
use Sys::Syslog;
$Sys::Syslog::host = "localhost";
&SNMP::initMib();
&SNMP::addMibFiles("/usr/local/share/snmp/mibs/livingston.mib");
foreach $pm (@SERVERS) {
$session = new SNMP::Session ( DestHost => $pm, Community => $COMMUNITY );
next if(!$session);
$pinfo = new SNMP::VarList (
['livingstonSerialUser', 1], # 0
['livingstonSerialPortName', 1], # 1
['livingstonSerialStarted', 1], # 2
['livingstonSerialIdle', 1], # 3
['livingstonSerialIpAddress', 1], # 4
);
@ret = $session->get($pinfo);
while(@ret) {
# print join(" ", @ret), "\n";
@ret = $session->getnext($pinfo);
next if(!$ret[0]);
last if($pinfo->[0][$SNMP::Varbind::tag_f] !~ 'livingstonSerialUser\.\d+');
next if ($ret[0] eq 'PPP');
$ret[0]=~ s/(.ppp|.slip|.cslip)//;
$port[0] = $pm;
$port[1] = $ret[1]; # port name
$port[2] = $ret[0]; # username
$port[3] = $ret[4]; # address
$port[4] = int($ret[2]/100); # uptime
$port[5] = int($ret[3]/100); # busy
# print("$port[3]\n");
push(@ports, [@port]);
push(@{$users{$port[2]}}, [@port]);
}
}
foreach(@ports) {
if(($#ports > $BUSY && $_->[5] > $IDLE) || ($_->[4] > $LIMIT)) {
# print("$_->[1] $_->[2] $_->[3] $_->[4] $_->[5]\n");
&killport(@$_);
}
}
foreach $user (sort(keys(%users))) {
if($#{@users{$user}}) { # More than one port in use
# print("$user $users{$user}[0]->[3] $port->[3]\n");
foreach $port (@{$users{$user}}) { # Check each port user is on
if($port->[3] ne $users{$user}[0]->[3]) {
printf("%s duplicate $user ($users{$user}[0]->[3] $port->[3])\n", scalar(localtime()));
syslog($LOGSERV, "portcheck: duplicate $user ($users{$user}[0]->[3] $port->[3])\n");
foreach $port (@{$users{$user}}) {&killport(@{$port})};
last;
}
}
}
}
#print("$_ $#{@users{$_}} $users{$_}[0]->[3] $users{$_}[1]->[3]\n");
sub killport {
local(@port)=@_;
printf("%s terminating %s %s (up %s idle %s)\n", scalar(localtime()), $port[2], $port[3], timestr($port[4]), timestr($port[5]));
syslog($LOGSERV, "portcheck: terminating %s addr %s port %s %s (up %s idle %s)\n", $port[2], $port[3], $port[0], $port[1], timestr($port[4]), timestr($port[5]));
system($PMCOM, $port[0], "reset $port[1]");
}
sub timestr {
local($ttime) = @_;
$str=sprintf("%02d:%02d:%02d", int(($ttime%86400)/3600), int(($ttime%3600)/60), $ttime%60);
$str=sprintf("%d $str", int($ttime/86400)) if($ttime>86400);
return($str);
}
--
/// Stefan Hudson <hudson@mbay.net>
__ /// Senior Network Administrator - Monterey Bay Internet
\\\/// http://www.mbay.net/ - Email: info@mbay.net
\XX/ Voice: 408-642-6100 Fax: 408-642-6101 Modem: 408-642-6102
-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-users' in the body of the message.
Searchable list archive: <URL:http://www.livingston.com/Tech/archive/>