The person probably best able to address your questions is Dinesh... he's
done a lot of work on the captive portal code since Manuel first put it in.
I've seen a few questions on the list about if and how session timeouts and
accounting are handled on mono, but many usrs here are not Radius experts
(or sometimes even firewall experts ;-) so I think that many radius configs
to this point have been pretty basic.
I for one would appreciate some details on how you set up your radius to
work this way - there are existing notes on the list and I think there may
be some in the wiki - perhaps you could help us all out by providing some
The MAC issue has been requested by a few people - and a few others (myself
included) are looking for options to avoid use of the mac altogether...
Your contributions appreciated.
> -----Original Message-----
> From: Jason Brunk [mailto:jbrunk at wthosting dot com]
> Sent: Wednesday, October 20, 2004 12:16 PM
> To: m0n0wall at lists dot m0n0 dot ch
> Subject: [m0n0wall] some radius questions
> Hi, I am new to the group. I have an existing radius server set up that I
> used for a hotspot router that seems to be working great. The system
> currently works like this.
> Data Stored in MySQL DB (w/accounting)
> 1. When the users authenticates, the sql statement takes an attribute
> "Max-All-Session" This value is the grand total number of
> seconds the user
> can use on our system. Durring the authentication process, our radius
> server queries the accounting table to see how much was used,
> then subtracts
> the used from "Max-All-Session". Remainder - how much they can still use.
> When sending back the Access-Accept (i think that is what the OK response
> is). It also sends back a "Session-Timeout". This session timeout tells
> the box "this is how much time they have". So what I would like to do is
> do the same thing, i would like to have the m0n0wall time the
> user out after
> Session-Timeout seconds have passed. I would also like to be
> able to have
> the popup logout window display how much time they have with a
> stupid little
> javascrpt countdown or something.
> 2. During the authentication, i would like to have the accounting packet
> also pass in the attribute "CalledStationID" this would be nothing more
> than the mac address of the wan port on the m0n0wall. I would think this
> would be fairly simple.
> If anyone can give me any help or guidance that would be great.