[ previous ] [ next ] [ threads ]
 
 From:  Peter Curran <peter at closeconsultants dot com>
 To:  Dinesh Nair <dinesh at alphaque dot com>, m0n0wall dash dev at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall-dev] Re: Captive Portal/Radius
 Date:  Sat, 29 May 2004 11:54:01 +0100 
Dinesh

> > (2=success, 3=fail).  I am currently playing around with an idea to have
> > the server send back a 'time' parameter that would establish the maximum
> > time the user could be connected without logging-in again.  The would
>
> this possibly could be done with RADIUS accounting packets being
> sent/received between the m0n0wall and the RADIUS host. i'm currently
> looking at extending the RADIUS functionality in m0n0wall to include this.
> currently, setting the Hard Timeout parameter in m0n0wall will disconnect
> the user and force a relogin.
>

This won't help directly.  RADIUS accounting is really a separate system and 
does not directly interact with authentication.

I have a rather crude hack to send START and STOP accounting records when the 
user is added to and removed from the portal 'approved' list.  This works  
(well almost - the hashing of the authenticator is a bit flakey), and I have 
a script on the radius server that will fiddle with the database to reset the 
'time available' data.

Peter


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.