Disconnect packet

Johan Meiring jmeiring at pcservices.co.za
Mon Jan 12 11:44:27 CET 2009 

Johan Meiring wrote:
> Alan DeKok wrote:
>> Johan Meiring wrote:
>>> Any idea when?
>>
>>   There is no defined time frame.
>>
>>>>   What is generating the CoA packets?
>>>>
>>> It will also be freeradius (on a different machine), the actual radius
>>> server.
>>
>>   In the short term, alternatives are things like shell scripts.
>>
>>> Looking at the source, I see that it can at least identify the packets,
>>> but then ignores them, because they are not authentication/accounting
>>> packets.
>>
>>   It doesn't listen on port 3799, either.  That code needs to be added.
>>
>>> I dit a minor change, to not ignore the packet and pass it to the
>>> accounting module, but then the accounding module crashed.
>>
>>   Well... yes.  There are many, many, other changes that need to be made.
>>
>>>>> 2) Is anyone aware of other software that might listen on the coa port
>>>>> 1700/3799, receive a packet, parse it somehow and call my script to
>>>>> "disconnect" the client.  i.e. a "disconnect server". as per
>>>>> http://wiki.freeradius.org/DM
>>>>   There isn't much.
>>> Not much or nothing?
>>
>>   None freely available that I know of.
>>
>>   Alan DeKok.
>> -
>> List info/subscribe/unsubscribe? See 
>> http://www.freeradius.org/list/users.html
>>
>>
> 
> 
> OK I did the following VERY LARGE hack....
> 
> Rember I need something that will JUST receive a DISCONNECT_REQUEST 
> packet, run perl, and send back either a DISCONNECT_ACK or _NAK
> 
> 1) I created a listen section on port 3799 in radiusd.conf for auth.
> 2) I changed main/listen.c by adding PW_DISCONNECT_REQUEST to the case 
> statement to allow the packet.
> 3) I changed main/event.c  by adding PW_DISCONNECT_REQUEST to the case 
> statement to allow the packet.
> 4) I hacked main/auth.c to return a DISCONNECT_NAK/_ACK instead of an 
> ACCESS_ACK/_REJECT.
> 
> Seems to work......
> 
> Comments?
> 

Ok no replies.... I'm sure it so ugly that nobody's even interested.

Final question.

Instead of hacking auth.c to return DISCONNECT_NAK/_ACK instead of 
ACCESS_ACK/_REJECT.

Is there any way to force the return packet type (i.e. value that ends 
up in request->reply->code) to be a different packet type using rlm-perl?

Thanks!


-- 


Johan Meiring
Cape PC Services CC
Tel: (021) 883-8271
Fax: (021) 886-7782

More information about the Freeradius-Users mailing list