Wednesday, May 14, 2014

Barracuda + Linux != Fail (anymore)

Anyone using Linux on a network with a Barracuda web filter may have
encountered this problem.  Barracuda has an AD client that associates
your AD login with an IP address.  This works reasonably well with
Windows, but what if you are using Linux or Mac?   You are stuck
re-logging in every 5,10, 15 minutes, whatever the timeout is set to.

I searched for a solution online, but never found one.

I got sick of that yesterday finally and figured out how to script a
login for barracuda.

The following is the script, in Perl.  It's now in its second
iteration, with more comments and some cutout checks.  I run it from
cron every couple of minutes and it seems to work fine.

Obviously you'll want to replace the xxxx variables with the appropriate 
values. $cuda is (in my case) the IP of the barracuda.  It could be anything 
Net::Ping and accept for the barracuda's hostname.
#!/usr/bin/perl
# Copyleft Jonas Bull 2014
# GPLv2 license.  Google it.
use WWW::Mechanize;
use Net::Ping;
my $cuda='xxx.xx.xx.xx';
my $username='xxxxx';
my $password ='xxxxxxxxxxxxxx';
my $baseurl="http://$cuda/web/login";

my $p=Net::Ping->new();
die unless $p->ping($cuda);
# no need to continue unless cuda is present
my $mech = WWW::Mechanize->new();
$mech->get( $baseurl );
my @lines=$mech->response()->decoded_content;
my $redirect='';
foreach my $line (@lines){
if ($line=~/location\.replace/){
$line=~/'(.*)'/;
$redirect=$1;
break;
# since I don't have javascript or a url I have to pick the redir
}
}

$mech->get( $redirect);
@lines=$mech->response()->decoded_content;
foreach my $line (@lines){
if ($line=~/$username/){
print "Already logged in\n";
exit; # but I can drop out if the redir has my login name
}
}
# otherwise set form fields
$mech->form_name("main_form");
$mech->set_fields(login => $username,password => $password );
$mech->click_button(name=>'login_form_action');
# Now see if login succeeded
@lines=$mech->response()->decoded_content;
foreach my $line (@lines){
if ($line=~/$username/){
print "Success\n";
exit; # and exit when you know you're good. 
}
}
Comments, critiques and ports gladly accepted.  Fork it on github.

No comments:

Post a Comment