On Saturday 29 May 2004 12:03, Dinesh Nair wrote:
> On Sat, 29 May 2004, Peter Curran wrote:
> > I have a rather crude hack to send START and STOP accounting records when
> > the user is added to and removed from the portal 'approved' list. This
> > works
> that's exactly what i'm already working on to handle RADIUS accounting.
Cool - I won't spend too much more time on my hack then :-)
Oh - I guess you have already discovered that the database needs extending to
remember the username of the user to send back in the accounting records?
> > a script on the radius server that will fiddle with the database to
> > reset the 'time available' data.
> dont really grok how this works ? you're returning a value from the RADIUS
> server which replaces the Hard Timeout settings on the m0n0wall ?
I haven't done that bit yet, but what I plan to do is send back a value when
authentication succeeds that will represent a max number of minutes. When
the database entry for the particular IP is written, I plan to set the hard
timeout with that value rather than the value taken from the GUI.
If the user logs out earlier then that is caught by the inactivity timeout.
Whenever an accounting STOP is received the RADIUS server goes off and
changes the 'minutes left' value in the database.
I am also playing around in my head with a logout mechanism so that the user
simple button that would send to the captive portal mini_httpd.
Does any of this make sense to you?
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.