[ previous ] [ next ] [ threads ]
 
 From:  "Jonathan De Graeve" <Jonathan dot De dot Graeve at imelda dot be>
 To:  "Bryan Catlin" <bryancatlin at connectgroup dot net>
 Cc:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Second release of new Radius system - Update with 2GB wrap instead of 4GB
 Date:  Sat, 24 Sep 2005 00:06:28 +0200
I think so, I already catch up the attribute and store it as
auth_list['session_time']

I need to look how the current timeout stuff has been implemented. I
think Manuel can do it a lot faster than I do (because I think he wrote
it)

I will have a look at it.
I think I will only implement that as an extra option you have to enable
in the captive portal menu (since it breaks the rlm_sqlcounter module of
freeradius in volumes. (rlm_sqlcounter adapts the session-timeout, when
you have volume limits the session-timeout is not in seconds but in
MB...)


J.

--
Jonathan De Graeve
Network/System Administrator
Imelda vzw
Informatica Dienst
015/50.52.98
Jonathan dot de dot graeve at imelda dot be

-----Oorspronkelijk bericht-----
Van: Bryan Catlin [mailto:bryancatlin at connectgroup dot net] 
Verzonden: vrijdag 23 september 2005 23:49
Aan: Jonathan De Graeve
Onderwerp: RE: [m0n0wall] Second release of new Radius system - Update
with 2GB wrap instead of 4GB

Do you think you could make it so the session time limit of the
customers
could be loaded from the radius also?  I know they have a hacked job
that
runs each minute and checks the radius for the username, but it would
work A
LOT better if the time limit was gotten when the account was first
authorized and then just cut off after that time.

Bryan

-----Original Message-----
From: Jonathan De Graeve [mailto:Jonathan dot De dot Graeve at imelda dot be] 
Sent: Friday, September 23, 2005 3:01 PM
To: m0n0wall at lists dot m0n0 dot ch
Subject: RE: [m0n0wall] Second release of new Radius system - Update
with
2GB wrap instead of 4GB

After a discussion with the Freeradius people it seems that
Acct-Input-Octets and Acct-Output-Octets should be max 2^31-1 so I
changed
the wrapper from 4GB to 2GB value. It is included in this
release:

http://inf.imelda.be/downloads/m0n0wall/generic-pc-radius2_20050923_19-4
3.img


The main features are ready to be included in 1.2b11 (I hope Manuel will
allow it, so please contact me for the sources)

TODO: 
Implementation of different 'Terminate Causes'
Implementation of radius attributes in Authentication directly from the
socket of the original radius_authentication.inc using FD (after I have
figured out how I can read-in the response)

J.

--
Jonathan De Graeve
Network/System Administrator
Imelda vzw
Informatica Dienst
015/50.52.98
Jonathan dot de dot graeve at imelda dot be

-----Oorspronkelijk bericht-----
Van: Jonathan De Graeve [mailto:Jonathan dot De dot Graeve at imelda dot be]
Verzonden: vrijdag 23 september 2005 17:46
Aan: m0n0wall at lists dot m0n0 dot ch
Onderwerp: [m0n0wall] Second release of new Radius system

Can be downloaded from here (it doesn has the CF 1byte read sector patch
applied)

http://inf.imelda.be/downloads/m0n0wall/generic-pc-radius2_20050923_17-2
8.img

This release also includes support for RFC 2869 (Radius Extensions)
particulary Acct-Input-Gigawords and Acct-Output-Gigawords.

It makes it possible to have better accounting (usually the value wraps
@
2GB and the user can download 8GB, the radius system will only show
2GB)

The current wrap value is 2^32-1 which means 4GB instead of 2GB. Every
time
the counter wraps the value of gigawords is raised with 1.

This gives me:
2005-09-23 16:36:30 1 uren, 33 seconden 192.168.2.255 104.99 MBs 5.90
GBs

Instead of
2005-09-22 16:40:13 1 uren, 6 seconden 192.168.2.255 108.54 MBs 2.00 GBs


I'm still in conversation with the freeradius development team since it
seems they use a value of 2^31-1 instead of 2^32-1 like the RFC states.

I think that I will add an extra option in the config where you can
choose
what the value will be, so that no mather what, it works with your own
radius system.

Enjoy


J.

--
Jonathan De Graeve
Network/System Administrator
Imelda vzw
Informatica Dienst
015/50.52.98
jonathan dot de dot graeve at imelda dot be

---------
Always read the manual for the correct way to do things because the
number
of incorrect ways to do things is almost infinite
---------



---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch





---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch