> > (2=success, 3=fail). I am currently playing around with an idea to have
> > the server send back a 'time' parameter that would establish the maximum
> > time the user could be connected without logging-in again. The would
> this possibly could be done with RADIUS accounting packets being
> sent/received between the m0n0wall and the RADIUS host. i'm currently
> looking at extending the RADIUS functionality in m0n0wall to include this.
> currently, setting the Hard Timeout parameter in m0n0wall will disconnect
> the user and force a relogin.
This won't help directly. RADIUS accounting is really a separate system and
does not directly interact with authentication.
I have a rather crude hack to send START and STOP accounting records when the
user is added to and removed from the portal 'approved' list. This works
(well almost - the hashing of the authenticator is a bit flakey), and I have
a script on the radius server that will fiddle with the database to reset the
'time available' data.
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.