[ previous ] [ next ] [ threads ]
 From:  Dinesh Nair <dinesh at alphaque dot com>
 To:  m0n0wall dash dev at lists dot m0n0 dot ch
 Cc:  Peter Curran <peter at closeconsultants dot com>
 Subject:  Re: [m0n0wall-dev] Re: Captive Portal/Radius
 Date:  Sat, 29 May 2004 15:10:48 +0800 (MYT)
On Sat, 29 May 2004, Dinesh Nair wrote:

> On Fri, 28 May 2004 14:49:36 +0100, Peter Curran wrote:
> >
> > (2=success, 3=fail).  I am currently playing around with an idea to
> > have the server send back a 'time' parameter that would establish the
> > maximum time the user could be connected without logging-in again.
> > The would
> this possibly could be done with RADIUS accounting packets being
> sent/received between the m0n0wall and the RADIUS host. i'm currently

RADIUS accounting does not support the above, i was confusing it with idle
timeouts (which are already there on m0n0wall. apologies for the

however, while you can extend a RADIUS server to send a Reply-Message
attribute with a hard timeout as you suggest, this would mean that users
of this feature would also need to use a modified RADIUS server, and this
feature would not work with a stock RADIUS server.

what i am experimenting with is having the m0n0wall send a
Accounting-Request Start when the user successfully authenticates, and
sending an Accounting-Request Stop when the user logs out explicitly, or
is disconnected by the m0n0wall thru expiry of the idle or hard timeouts.
this would also necessitate a new page for the user to explicitly logout.

Regards,                           /\_/\   "All dogs go to heaven."
dinesh at alphaque dot com                (0 0)    http://www.alphaque.com/
| for a in past present future; do                                        |
|   for b in clients employers associates relatives neighbours pets; do   |
|   echo "The opinions here in no way reflect the opinions of my $a $b."  |
| done; done                                                              |