Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - joern

Pages1
#1
German - Deutsch / Re: CaptivePortal API - beliebige Session loeschen
July 02, 2019, 10:38:29 AM
curl -k -u "xxxxxx":"xxxx" -d '{"sessionId": "ID"}' -H 'Content-Type: application/json'  \
https:/IP-Adresse/api/captiveportal/session/disconnect/0/ scheint zu funktionieren.
#2
German - Deutsch / [SOLVED] CaptivePortal API - beliebige Session loeschen
July 01, 2019, 12:18:42 PM
Hallo,

ist es moeglich, mit Hilfe der API eine beliebige Session zu loeschen?

/api/captiveportal/access/logoff mit {"ipAddress": "10.10.101.153"} meldet: {"clientState":"UNKNOWN","ipAddress":"10.10.101.203"}

Die 10.10.101.153 ist dabei die IP Adresse bzw. Session, die ich loeschen will, und die 10.10.101.203 ist die IP Adresse, von der der Request abgesetzt wurde. {"sessionId": "sWZ0S1wyhR8MPqTLrNrPZA=="}' bringt die gleiche Meldung.

Die Session ist vorhanden:
"...bytes_out":1674477,"ipAddress":"10.10.101.153","packets_in":3831}...

In /usr/local/opnsense/mvc/app/controllers/OPNsense/CaptivePortal/Api/AccessController.php ist das definiert, werde aber nicht wirklich schlau draus..

Code Select

   /**
     * logoff client
     * @param int|string zone id number
     * @return array
     * @throws \OPNsense\Base\ModelException
     */
    public function logoffAction($zoneid = 0)
    {
        if ($this->request->isOptions()) {
            // return empty result on CORS preflight
            return array();
        } else {
            $this->sessionClose();
            $clientSession = $this->clientSession((string)$zoneid);
            if ($clientSession['clientState'] == 'AUTHORIZED' &&
                $clientSession['authenticated_via'] != '---ip---' &&
                $clientSession['authenticated_via'] != '---mac---'
            ) {
                // you can only disconnect a connected client
                $backend = new Backend();
                $statusRAW = $backend->configdpRun(
                    "captiveportal disconnect",
                    array($zoneid, $clientSession['sessionId'], 'json')
                );
                $status = json_decode($statusRAW, true);
                if ($status != null) {
                    $this->getLogger("captiveportal")->info(
                        "LOGOUT " . $clientSession['userName'] .  " (".$this->getClientIp().") zone " . $zoneid
                    );
                    return $status;
                }
            }
        }
        return array("clientState" => "UNKNOWN", "ipAddress" => $this->getClientIp());
    }


Vielen Dank fuers lesen und Gruesse, Joern

edit:

OPNsense 19.1.9-amd64
FreeBSD 11.2-RELEASE-p10-HBSD
OpenSSL 1.0.2s 28 May 2019
Pages1