From: Roman Bazalevsky Date: Fri, 1 Nov 2019 20:08:29 +0000 (+0300) Subject: Добавлено кеширование привязки IP-mac. X-Git-Url: https://git.rvb.name/lua-squid-acl-helper.git/commitdiff_plain/974503f46c01638519f9af457e849d88712c28bd Добавлено кеширование привязки IP-mac. --- diff --git a/src/arpcache.lua b/src/arpcache.lua index 1ae8136..b4b8478 100644 --- a/src/arpcache.lua +++ b/src/arpcache.lua @@ -4,19 +4,25 @@ config = require "config" _arpcache = {} _ARPCACHE4 = '/sbin/ip -4 n' -_ARPCACHE6 = '/sbin/ip -6 n' function _match_v4(ip) return string.match(ip,"%d*%.%d*%.%d*%.%d*") end +_arpcache.cache = {} + function _arpcache.get_mac(ip) + local rec = _arpcache.cache[ip] + if rec and rec.timestamp+config.arp_ttl > os.time() then + return rec["mac"] + end + local cmd if _match_v4(ip) then cmd = _ARPCACHE4 else - cmd = _ARPCACHE6 + return "OK" end local f = io.popen(cmd) @@ -38,11 +44,16 @@ function _arpcache.get_mac(ip) if w[1]==ip then res = w[5] + break end end + if res then + _arpcache.cache[ip] = { mac = res, timestamp = os.time() } + end + f:close() return res diff --git a/src/config.lua b/src/config.lua index 6c427cb..842b445 100644 --- a/src/config.lua +++ b/src/config.lua @@ -36,6 +36,12 @@ function _config.read(file) end end end + + _config.arp_ttl = 60 + + if cfg["arp-ttl"] then + _config.arp_ttl = tonumber(cfg["arp-ttl"]) + end end diff --git a/src/connection.lua b/src/connection.lua index e1eff46..f40dead 100644 --- a/src/connection.lua +++ b/src/connection.lua @@ -7,14 +7,15 @@ arpcache = require "arpcache" function _connection.auth(serv, localport, remoteport) local user = config.map_ip(serv) + local mac = nil if not user then - local mac = arpcache.get_mac(serv) + mac = arpcache.get_mac(serv) if mac then user = config.map_mac(mac) end end - + if user == "*ident" then user = ident.resolve(serv,localport,config.map_port(remoteport)) end diff --git a/src/helper.lua b/src/helper.lua index 79711e2..53712c4 100755 --- a/src/helper.lua +++ b/src/helper.lua @@ -25,7 +25,9 @@ function main() while true do str=io.read() vals = str:split(" ") - status, res = pcall(connection.auth,vals[1],vals[2],vals[3]) +-- status, res = pcall(connection.auth,vals[1],vals[2],vals[3]) + status = 1 + res = connection.auth(vals[1],vals[2],vals[3]) if status then if res and res ~= "" then io.write("OK user="..res.."\n")