AP機能のパケットキャプチャログ
WiresharkでもAiropeek/OmniPeekのカプセルに対応。
Signal/Noise/Data Rate/Channel等の表示がされている。
Probe Request (0x0004)を確認
Destination address : Broadcast(ff:ff:ff:ff:ff:ff)
BSS Id: Broadcast(ff:ff:ff:ff:ff:ff)
Wireless LAN management frame
SSID parameter:
Supported rates: 6, 9, 12, [Mbit/sec]
HT Capabilities : 802.11n D1.10
Extended Capabilities(8 octets)
Interworking
VHT Capabilities:
Vendor Specific: Microsof: unknown 8
Vendor Specific: Broadcom
Extended Capabilities: Octet 3
BSS Transition: Supported
Probe Response/Associate Requestにも同様にBSS Transition: Supportedが送信される。
Probe Response
Associate Request
2016年5月19日木曜日
2016年5月10日火曜日
ClearPass: Oauth
ClearPass Oauth Request送信方法。
参考リンク
http://community.arubanetworks.com/t5/AAA-NAC-Guest-Access-BYOD/How-to-create-update-delete-ClearPass-Guest-Accounts-using-REST/ta-p/243745
http://community.arubanetworks.com/aruba/attachments/aruba/aaa-nac-guest-access-byod/20924/1/Using%20the%20ClearPass%20HTTP%20APIs.pdf
curl -X POST "https://test.clearpassbeta.com/api/oauth" \
-H "Content-Type: application/json" \
-d $'{"grant_type": "password", "username": "qa", "password": "aruba123", "client_id": "meridian"}' \
-m 30 \
-v \
-k
---------------
Aruba-no-MacBook-Air-2:~ aruba$ curl -X POST "https://clearpass.arubademo.net/api/oauth" -H "Content-Type: application/json" -d $'{"grant_type": "password", "username": "kurokawa@hpe.com", "password": "3590", "client_id": "meridian"}' -m 30 -v -k
* Trying 104.36.251.158...
* Connected to clearpass.arubademo.net (104.36.251.158) port 443 (#0)
* TLS 1.2 connection using TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
* Server certificate: clearpass.arubademo.net
* Server certificate: Go Daddy Secure Certificate Authority - G2
* Server certificate: Go Daddy Root Certificate Authority - G2
> POST /api/oauth HTTP/1.1
> Host: clearpass.arubademo.net
> User-Agent: curl/7.43.0
> Accept: */*
> Content-Type: application/json
> Content-Length: 103
>
* upload completely sent off: 103 out of 103 bytes
< HTTP/1.1 200 OK
< Date: Tue, 10 May 2016 04:39:37 GMT
< Server: Apache
< X-Powered-By: PHP/5.5.30
< Cache-Control: no-store
< Pragma: no-cache
< Content-Length: 173
< Content-Type: application/json
<
* Connection #0 to host clearpass.arubademo.net left intact
{"access_token":"c646a32bb703c907502280bbee513c2a6f0e6e2d","expires_in":604800,"token_type":"Bearer","scope":null,"refresh_token":"f1953e0ed08e1b8b926d635aaf9669e4e33d33b6"}
Aruba-no-MacBook-Air-2:~ aruba$
-----------------
ClearPass API: access_tokenからの逆引き
https://clearpass.arubademo.net/api-docs/OperatorLogins-v1#!/GetAccount
Authorization:Bearer 7f216595d41eb90157944a8e67e76b09c2736376
{
"visitor_name": "TK",
"info": "XXX@hpe.com",
"name": "TK",
"guest_email": "XXX@hpe.com",
"badge_id": "102865"
}
-----------------
ClearPass API: access_tokenからの逆引きでcurlを使った場合
curl -X GET "https://clearpass.arubademo.net:443/api/oauth/me" \
-H "Accept: application/json" \
-H "Authorization: Bearer 7f216595d41eb90157944a8e67e76b09c2736376" \
-m 30 \
-v \
-k
Aruba-no-MacBook-Air-2:~ aruba$ curl -X GET "https://clearpass.arubademo.net:443/api/oauth/me" \
> -H "Accept: application/json" \
> -H "Authorization: Bearer 7f216595d41eb90157944a8e67e76b09c2736376" \
> -m 30 \
> -v \
> -k
* Trying 104.36.251.158...
* Connected to clearpass.arubademo.net (104.36.251.158) port 443 (#0)
* TLS 1.2 connection using TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
* Server certificate: clearpass.arubademo.net
* Server certificate: Go Daddy Secure Certificate Authority - G2
* Server certificate: Go Daddy Root Certificate Authority - G2
> GET /api/oauth/me HTTP/1.1
> Host: clearpass.arubademo.net
> User-Agent: curl/7.43.0
> Accept: application/json
> Authorization: Bearer 7f216595d41eb90157944a8e67e76b09c2736376
>
< HTTP/1.1 200 OK
< Date: Tue, 10 May 2016 04:45:58 GMT
< Server: Apache
< X-Powered-By: PHP/5.5.30
< Content-Length: 112
< Content-Type: application/json; charset=utf-8
<
* Connection #0 to host clearpass.arubademo.net left intact
{"visitor_name":"TK","info":"XXX@hpe.com","name":"TK","guest_email":"XXX@hpe.com","badge_id":"102865"}
Meridian: memo post message
meridianのpost message
今度はCamupusAppで挑戦
tcpdumpオプション。参考にしたページ。
http://qiita.com/LOUIS_rui/items/cc73ade2c115ee96b22a
tcpdump -A 'tcp dst port 80 and (tcp[((tcp[12:1] & 0xf0) >> 2):4] = 0x504f5354)’
[root@ip-172-31-27-217 ~]# tcpdump -A 'tcp dst port 80 and (tcp[((tcp[12:1] & 0xf0) >> 2):4] = 0x504f5354)'
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
21:18:51.765462 IP 155.195.178.107.gae.googleusercontent.com.42996 > ip-172-31-27-217.ap-northeast-1.compute.internal.http: Flags [P.], seq 1195380886:1195381436, ack 1221387923, win 338, options [nop,nop,TS val 2878997545 ecr 1231919], length 550
E..Z....,...k..........PG@..H......R.......
...).../POST /top2.html/ HTTP/1.1
Host: 52.196.145.104
Content-Type: application/x-www-form-urlencoded
Authorization: Bearer e72e16c7e42f292c6912e7710c838347ae178b4a
Accept: application/json
X-Cloud-Trace-Context: 01b58a7df47243fb52270f4f0176afc5/10054798598419312497
Content-Length: 113
Connection: Keep-alive
User-Agent: AppEngine-Google; (+http://code.google.com/appengine; appid: s~meridianedit)
Accept-Encoding: gzip,deflate,br
campaign_id=5838267693924352&broadcaster_id=85BAEDEA-1ACE-404B-874D-29AC21C18D58%3A1000%3A1000&device_id=b312hb12
今度はCamupusAppで挑戦
21:29:10.431804 IP 155.195.178.107.gae.googleusercontent.com.56676 > ip-172-31-27-217.ap-northeast-1.compute.internal.http: Flags [P.], seq 3938895029:3938895605, ack 1002172944, win 338, options [nop,nop,TS val 2879616190 ecr 1850577], length 576
E..t....,...k........d.P....;......RK......
..t...<.POST /top2.html/ HTTP/1.1
Host: 52.196.145.104
Accept-Language: en
Content-Type: application/x-www-form-urlencoded
Accept: application/json
X-Cloud-Trace-Context: c66fc58921ca8743c88a766b5bc0e585/11051419201282406574
Content-Length: 182
Connection: Keep-alive
User-Agent: AppEngine-Google; (+http://code.google.com/appengine; appid: s~meridianedit)
Accept-Encoding: gzip,deflate,br
is_enter=1&campaign_id=5838267693924352&broadcaster_id=85BAEDEA-1ACE-404B-874D-29AC21C18D58%3A16005%3A17237&device_id=34C1572A-FFB4-465E-B4D5-6AAB4D5C2CC3%3Acom.arubanetworks.Beacons
------------------------------------------------------------
[root@ip-172-31-27-217 ~]# tail /var/log/httpd/access_log
107.178.195.155 - - [09/May/2016:21:29:10 -0400] "POST /top2.html/ HTTP/1.1" 404 289 "-" "AppEngine-Google; (+http://code.google.com/appengine; appid: s~meridianedit)"
[root@ip-172-31-27-217 ~]# tail /var/log/httpd/access_log
107.178.195.155 - - [09/May/2016:21:29:10 -0400] "POST /top2.html/ HTTP/1.1" 404 289 "-" "AppEngine-Google; (+http://code.google.com/appengine; appid: s~meridianedit)"
AppViewerでキック
AppViewerでキック
22:08:57.887969 IP 155.195.178.107.gae.googleusercontent.com.36438 > ip-172-31-27-217.ap-northeast-1.compute.internal.http: Flags [P.], seq 32345798:32346490, ack 2670821938, win 338, options [nop,nop,TS val 2882003602 ecr 4238022], length 692
E...c...,.0.k........V.P.....1.2...R.c.....
.....@..POST /top2.html/ HTTP/1.1
Host: 52.196.145.104
Accept-Language: en
Content-Type: application/x-www-form-urlencoded
Authorization: Bearer 7f216595d41eb90157944a8e67e76b09c2736376
Accept: application/json
X-Cloud-Trace-Context: 833b1b781f70a2ec7c26fdc0e0781ee8/9675176237563929392
Content-Length: 235
Connection: Keep-alive
User-Agent: AppEngine-Google; (+http://code.google.com/appengine; appid: s~meridianedit)
Accept-Encoding: gzip,deflate,br
is_enter=1&access_token=7f216595d41eb90157944a8e67e76b09c2736376&campaign_id=5838267693924352&broadcaster_id=85BAEDEA-1ACE-404B-874D-29AC21C18D58%3A16005%3A17237&device_id=34C1572A-FFB4-465E-B4D5-6AAB4D5C2CC3%3Acom.arubanetworks.campus
登録:
投稿 (Atom)