ABillS. External connection diagnostics.

Posted byVyacheslav Leave a comment on ABillS. External connection diagnostics.

Thanks to the external connection diagnostics, you can execute various commands directly from the ABillS interface (a button is added on the client page near the online session). In this article I will give some examples.

For example, I added the PING button (for example, from a server with billing, 15 ping packets are sent to the client with an interval of 0.2 seconds and the packet size is 1024 bytes, when the command is completed, the result of the command is displayed, if the client’s IP address does not respond to PING, the result will be empty):

$conf{INTERNET_EXTERNAL_DIAGNOSTIC}='PING:ping -c 15 -i 0.2 -s 1024 %FRAMED_IP_ADDRESS%';

Example result:

PING 172.18.11.75 (172.18.11.75) 1024(1052) bytes of data.
1032 bytes from 172.18.11.75: icmp_seq=1 ttl=62 time=0.842 ms
1032 bytes from 172.18.11.75: icmp_seq=2 ttl=62 time=0.695 ms
1032 bytes from 172.18.11.75: icmp_seq=3 ttl=62 time=0.688 ms
1032 bytes from 172.18.11.75: icmp_seq=4 ttl=62 time=0.632 ms
1032 bytes from 172.18.11.75: icmp_seq=5 ttl=62 time=0.610 ms
1032 bytes from 172.18.11.75: icmp_seq=6 ttl=62 time=0.666 ms
1032 bytes from 172.18.11.75: icmp_seq=7 ttl=62 time=0.580 ms
1032 bytes from 172.18.11.75: icmp_seq=8 ttl=62 time=0.706 ms
1032 bytes from 172.18.11.75: icmp_seq=9 ttl=62 time=0.660 ms
1032 bytes from 172.18.11.75: icmp_seq=10 ttl=62 time=0.504 ms
1032 bytes from 172.18.11.75: icmp_seq=11 ttl=62 time=0.554 ms
1032 bytes from 172.18.11.75: icmp_seq=12 ttl=62 time=0.576 ms
1032 bytes from 172.18.11.75: icmp_seq=13 ttl=62 time=0.583 ms
1032 bytes from 172.18.11.75: icmp_seq=14 ttl=62 time=0.741 ms
1032 bytes from 172.18.11.75: icmp_seq=15 ttl=62 time=0.592 ms

— 172.18.11.75 ping statistics —
15 packets transmitted, 15 received, 0% packet loss, time 2801ms
rtt min/avg/max/mdev = 0.504/0.641/0.842/0.089 ms

In a similar way, you can add other commands, for example arpping:

$conf{INTERNET_EXTERNAL_DIAGNOSTIC}='ARPPING:arping -i eno1 -c 5 %FRAMED_IP_ADDRESS%';

In order for arpping to start on behalf of the user the web server is running under, add it to /etc/sudoers:

www-data   ALL = NOPASSWD: /usr/sbin/arping

Nmap example:

NMAP:nmap %FRAMED_IP_ADDRESS% -Pn -p 1-100,137-139,443,554,5060,8080,8291 --host-timeout 5

You can specify several external commands, for example:

$conf{INTERNET_EXTERNAL_DIAGNOSTIC}='ARPPING:sudo arping -i eno1 -c 5 %FRAMED_IP_ADDRESS%;PING:ping -c 15 -i 0.2 -s 1024 %FRAMED_IP_ADDRESS%';

List of possible arguments:
USER_NAME
SESSION_START
ACCT_SESSION_TIME
ACCT_INPUT_OCTETS
ACCT_OUTPUT_OCTETS
EX_INPUT_OCTETS
EX_OUTPUT_OCTETS
CONNECT_TERM_REASON
FRAMED_IP_ADDRESS
LAST_UPDATE
NAS_PORT
NAS_IP_ADDRESS
CALLING_STATION_ID
CONNECT_INFO
ACCT_SESSION_ID
NAS_ID
ACCT_SESSION_STARTED
ACCT_INPUT_GIGAWORDS
ACCT_OUTPUT_GIGAWORDS
FILTER_ID

An example of tcpdump execution on the local server and remote:

$conf{INTERNET_EXTERNAL_DIAGNOSTIC}='TCPDUMP:/usr/bin/sudo /usr/sbin/tcpdump -c 3 -vv host %FRAMED_IP_ADDRESS%';

$conf{INTERNET_EXTERNAL_DIAGNOSTIC}='TCPDUMP:/usr/bin/ssh -o StrictHostKeyChecking=no -i /usr/abills/Certs/id_rsa.abills_admin abills_admin@%NAS_IP_ADDRESS% "/usr/bin/sudo /usr/sbin/tcpdump -c 3 -vv host %FRAMED_IP_ADDRESS%"';

You also need to add to /etc/sudoers:

www-data   ALL = NOPASSWD: /usr/sbin/tcpdump

See also my articles:
Packet capturing with tcpdump
Connect to SSH using the keys

Leave a comment

Leave a Reply