[Radiusplugin-users] Re: Radiusplugin packet of disconnect

radiusplugin-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Radiusplugin-users] Re: Radiusplugin packet of disconnect

From:	Ralf Lübben
Subject:	[Radiusplugin-users] Re: Radiusplugin packet of disconnect
Date:	Thu, 3 Jan 2008 16:40:59 +0100
User-agent:	KMail/1.9.6

Hello,

thanks for your congratulations.

Your requested feature would be great, but it also would be an great extension 
to the existing plugin. 
The feature would need an own process which waits for the disconnect packet 
and than disconnects the user through the management interface of OpenVPN.

A simpler solution would be to use the option

--reneg-sec

of OpenVPN.

The authentication is repeated accordingly to the option "reneg-sec", so if 
the account of the user is revoked on the radius server the authentication 
will fail.
Maybe the difference between time exceedance and reauthentication is 
acceptable. The maximum error would be the value of "reneg-sec".

Regards,
Ralf



On Wednesday, 2. January 2008 20:34:08 you wrote:
> I would like to start out by saying congratulations on releasing the new
> version today.
>
> I am looking froward to using Radiusplugin in my setup.  It almost does
> everything I could want.  It authenticates the user, counts the data
> transmitted, and ... I am trying to figure out how to kill the user when
> there time has ended.  I did look around trying to figure out how to make
> sure the user was disconnected when their time ran out, but I did not see
> any info.  Also info on what these "vendor specific attributes by
> additional scripts" seams sparse.
>
> I would be happy to accomplish this via a expat script that Radiusplugin
> calls with the username to kill as a variable.  What I would be happy to do
> is when a user's time runs out, freeradius sends the packet of disconnect
> and then the Radiusplugin executes a script with the user name to kill sent
> as a variable.  I can not have users stay connected after their account has
> been revoked.
>
> I would be killing the user via the management interface, so if this is a
> new feature it could also be built in directly to no bother with a expat
> script, and just put in the config file the location, port and pass of the
> management interface.
>
> /usr/local/bin/kill-openvpn-user  username
>
> Thanks for your help.  If this feature to kill users who receive a packet
> of disconnect is not built into Radiusplugin I would be willing to
> compensate your for your time.  I have not actually got the Radiusplugin
> working yet because I do not have freeradius going yet, lets to get done.
>
> http://wiki.freeradius.org/Packet_of_Disconnect
>
> Thanks
> -Bryon

[Prev in Thread]

Current Thread

[Next in Thread]

[Radiusplugin-users] Re: Radiusplugin packet of disconnect, Ralf Lübben <=
- Re: [Radiusplugin-users] Re: Radiusplugin packet of disconnect, Ralf Lübben, 2008/01/05

Prev by Date: Re: [Radiusplugin-users] disconnected user disapear after 4 min on radius online user
Next by Date: Re: [Radiusplugin-users] Re: Radiusplugin packet of disconnect
Previous by thread: [Radiusplugin-users] Version 2.0b released
Next by thread: Re: [Radiusplugin-users] Re: Radiusplugin packet of disconnect
Index(es):
- Date
- Thread