radius CoA client for PPTP box

Brock Eastman brock at corp.digitalpath.net
Wed Oct 7 02:30:48 CEST 2015 

I was able to get this to work.  

The confusing portion of the sites-available/coa file has an entire new server section.  I kept getting the warning about not having a populated recv-coa section. You just need to add this if you want a NAS only server to recv requests. Just populate your clients.conf section with the correct attributes from your main radius box that will be sending requests and then add this for simple recv-coa php script at the bottom of your radiusd.conf file.

        recv-coa {
                `/usr/bin/php /usr/local/bin/radius_coa.php %{User-Name} %{NAS-Port} %{NAS-IP-Address} %{Framed-IP-Address}`
                ok
        }                 

Then just parse the argument list in php with argv and you're good to go.

Brock


-----Original Message-----
From: Freeradius-Users [mailto:freeradius-users-bounces+brock=corp.digitalpath.net at lists.freeradius.org] On Behalf Of Alan DeKok
Sent: Thursday, September 24, 2015 6:46 AM
To: FreeRadius users mailing list
Subject: Re: radius CoA client for PPTP box

On Sep 23, 2015, at 7:35 PM, Brock Eastman <brock at corp.digitalpath.net> wrote:
>  I am not trying to proxy anything, just straight listen for packets, 
> send the attributes to a secondary program and change rate shaping or 
> disconnect users on the fly.

  See the "exec" module.  You can run a program, and control which attributes it gets.

  See also "man unlang".  It documents how to run programs via back-ticks.

>        recv-coa {
> ...
>                update control {
> 
>                        Auth-Type:=`/usr/bin/php 
> /usr/local/bin/radius_coa.php %{User-Name}`

  Uh... why?  These are CoA packets.  There's no Auth-Type

> radiusd -X
...
> rad_recv: CoA-Request packet from host 198.204.208.XX port 39238, 
> id=55,
> length=38
> 
>        User-Name = "test"
> 
>        Framed-IP-Address = 198.204.209.33
> 
>        NAS-Port = 382
> 
>  WARNING: Empty recv-coa section.  Using default return values.
> 
>  WARNING: Empty send-coa section.  Using default return values.

  It's not using the virtual server you edited.  So... fix that.

  See the file raddb/sites-available/coa.  This is documented.

  Alan DeKok.


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

More information about the Freeradius-Users mailing list