[ previous ] [ next ] [ threads ]
 
 From:  "Jonathan De Graeve" <Jonathan dot De dot Graeve at imelda dot be>
 To:  <m0n0wall at lists dot m0n0 dot ch>, <m0n0wall dash dev at lists dot m0n0 dot ch>
 Cc:  "Manuel Kasper" <mk at neon1 dot net>
 Subject:  RE: [m0n0wall] 1Minute reauthentication broke in 1.2 (also in 1.2b10)
 Date:  Tue, 11 Oct 2005 10:39:49 +0200
Tue Oct 11 10:27:12 2005 : Auth: Login OK: [jonathan/pass] (from client
hotspot-2 port 0)
Tue Oct 11 10:28:32 2005 : Auth: Login incorrect (Home Server says so):
[jonathan/pass] (from client hotspot-2 port 0)
Tue Oct 11 10:29:32 2005 : Auth: Login incorrect (Home Server says so):
[jonathan/pass] (from client hotspot-2 port 0)
Tue Oct 11 10:30:32 2005 : Auth: Login incorrect (Home Server says so):
[jonathan/pass] (from client hotspot-2 port 0)
Tue Oct 11 10:31:23 2005 : Auth: Login incorrect (Home Server says so):
[jonathan/pass] (from client hotspot-2 port 0)
Tue Oct 11 10:32:32 2005 : Auth: Login incorrect (Home Server says so):
[jonathan/pass] (from client hotspot-2 port 0)
Tue Oct 11 10:33:32 2005 : Auth: Login incorrect (Home Server says so):
[jonathan/pass] (from client hotspot-2 port 0)

From captive portal log:
Oct 11 10:33:32 RADIUS_DISCONNECT: jonathan, ....

As you can see it only logs the user out after about 6!!!! Rejects

J.

-- 
Jonathan De Graeve
Network/System Administrator
Imelda vzw
Informatica Dienst
015/50.52.98
jonathan dot de dot graeve at imelda dot be

---------
Always read the manual for the correct way to do things because the
number of incorrect ways to do things is almost infinite
---------

-----Oorspronkelijk bericht-----
Van: Jonathan De Graeve [mailto:Jonathan dot De dot Graeve at imelda dot be] 
Verzonden: dinsdag 11 oktober 2005 10:36
Aan: m0n0wall at lists dot m0n0 dot ch; m0n0wall dash dev at lists dot m0n0 dot ch
CC: Manuel Kasper
Onderwerp: [m0n0wall] 1Minute reauthentication broke in 1.2 (also in
1.2b10)

Captive portal option: 
"reauthenticate connected users every minute" seems to be broken in 1.2
and also in 1.2b10

I can see the authentication requests in my radius server logging:

Tue Oct 11 10:28:02 2005 : Auth: Invalid user (rlm_sqlcounter: Maximum
never usage time reached): [jonathan/ pass] (from client hotty port 0)
Tue Oct 11 10:29:07 2005 : Auth: Invalid user (rlm_sqlcounter: Maximum
never usage time reached): [jonathan/ pass] (from client hotty port 0)
Tue Oct 11 10:30:12 2005 : Auth: Invalid user (rlm_sqlcounter: Maximum
never usage time reached): [jonathan/pass] (from client hotty port 0)
Tue Oct 11 10:31:17 2005 : Auth: Invalid user (rlm_sqlcounter: Maximum
never usage time reached): [jonathan/pass] (from client hotty port 0)


But the user never gets logged out on the captive portal system.

I saw this behaviour when I wanted to test my own radius work and
thought it had something todo with my own work but it seems it also
doesn't work on the normal branch.

This is what my radius server returns:
rad_recv: Access-Reject packet from host radius1:1812, id=235, length=68
        Reply-Message = "Your maximum usage time has been reached"


Are there other people with the same issue? This worked in 1.2b9 without
any problem.



-- 
Jonathan De Graeve
Network/System Administrator
Imelda vzw
Informatica Dienst
015/50.52.98
jonathan dot de dot graeve at imelda dot be

---------
Always read the manual for the correct way to do things because the
number of incorrect ways to do things is almost infinite
---------



---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch