[ previous ] [ next ] [ threads ]
 
 From:  Peter Curran <peter at closeconsultants dot com>
 To:  Dinesh Nair <dinesh at alphaque dot com>
 Cc:  m0n0wall dash dev at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall-dev] Re: Captive Portal/Radius
 Date:  Sat, 29 May 2004 13:05:32 +0100
On Saturday 29 May 2004 12:03, Dinesh Nair wrote:
> On Sat, 29 May 2004, Peter Curran wrote:
> > I have a rather crude hack to send START and STOP accounting records when
> > the user is added to and removed from the portal 'approved' list.  This
> > works
>
> that's exactly what i'm already working on to handle RADIUS accounting.
>

Cool - I won't spend too much more time on my hack then :-)

Oh - I guess you have already discovered that the database needs extending to 
remember the username of the user to send back in the accounting records?

> > a script on the radius server that will fiddle with the database to
> > reset the 'time available' data.
>
> dont really grok how this works ? you're returning a value from the RADIUS
> server which replaces the Hard Timeout settings on the m0n0wall ?
>

I haven't done that bit yet, but what I plan to do is send back a value when 
authentication succeeds that will represent a max number of minutes.  When 
the database entry for the particular IP is written, I plan to set the hard 
timeout with that value rather than the value taken from the GUI.

If the user logs out earlier then that is caught by the inactivity timeout.  
Whenever an accounting STOP is received the RADIUS server goes off and 
changes the 'minutes left' value in the database.

I am also playing around in my head with a logout mechanism so that the user 
can explicitly logout.  I think this would be a javascript popup with a 
simple button that would send to the captive portal mini_httpd.

Does any of this make sense to you?

Peter




-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.