Modules - dictionary

Anirudh Malhotra 8zero2ops at gmail.com
Sun Feb 21 05:29:56 CET 2016


Hi,

So first the attributes shown and documented by your NAS says clearly that these can be changed by coa. Which does not mean that these have to be sent in a coa request.

Second the attributes which are to be sent to NAS in a coa request should be documented by your NAS Somewhere mostly it is calling-station-id and acct-session-id.

BR,
Anirudh Malhotra
8zero2
Mail: 8zero2.in at gmail.com
Facebook: www.facebook.com/8zero2
Twitter: @8zero2_in
Blog: blog.8zero2.in

On 21 Feb 2016, 04:49 +0530, Oscar Jofre<oscar at jofre.com>, wrote:
>  
> > > See the NAS documentation. If it supports CoA-Request or Disconnect-Request packets, yes. Read raddb/sites-available/originate-coa.
>  
> I've read the documentation but I don't understand where to activate CoA to send Disconnect-Request, on originate-coa:
>  
> # CoA packets can be originated when a normal Access-Request or
> # Accounting-Request packet is received. Simply update the
> # "coa" list:
> #
> # update coa {
> #&User-Name = "%{User-Name}"
> #&Acct-Session-Id = "%{Acct-Session-Id}"
> #&NAS-IP-Address = "%{NAS-IP-Address}"
> # }
> #
> # And the CoA packet will be sent. You can also send Disconnect
> # packets by using "update disconnect { ...".
>  
> Where I have to place the update coa to send info on interim, into sites-available/coa ?
>  
> I think I should add more data into update coa according to mikrotik documentation:
>  
> Change of Authorization
>  
> RADIUS disconnect and Change of Authorization (according to RFC3576) are supported as well. These attributes may be changed by a CoA request from the RADIUS server:
> Mikrotik-Group
> Mikrotik-Recv-Limit
> Mikrotik-Xmit-Limit
> Mikrotik-Rate-Limit
> Ascend-Data-Rate (only if Mikrotik-Rate-Limit is not present)
> Ascend-XMit-Rate (only if Mikrotik-Rate-Limit is not present)
> Mikrotik-Mark-Id
> Filter-Id
> Mikrotik-Advertise-Url
> Mikrotik-Advertise-Interval
> Session-Timeout
> Idle-Timeout
> Port-Limit
> Note that it is not possible to change IP address, pool or routes that way - for such changes a user must be disconnected first.
>  
> I misunderstand how to send on interim session-Timeout according to dailycounter that is working ok on authorization.
>  
>  
>  
> Thanks !
>  
> -----Mensaje original-----
> De: Freeradius-Users [mailto:freeradius-users-bounces+oscar=jofre.com at lists.freeradius.org] En nombre de Alan DeKok
> Enviado el: sábado, 20 de febrero de 2016 19:37
> Para: FreeRadius users mailing list
> Asunto: Re: Modules - dictionary
>  
> On Feb 19, 2016, at 8:23 PM, Oscar Jofre<oscar at jofre.com>wrote:
> > I have configured my mikrotik-hotspots interim to 6 minutes.
> > I would like to know if is possible to close the user connection when interim if limit is reached.
>  
> See the NAS documentation. If it supports CoA-Request or Disconnect-Request packets, yes. Read raddb/sites-available/originate-coa.
>  
> > Is it possible to filter by callingstationid (mac address) instead of username ?
>  
> Yes.
>  
> > What I should change ? Where I can see possible Key values ?
>  
> Edit the queries which have User-Name, and change them to Calling-Station-Id. The configuration files are text for a reason.
>  
> > Last think about groups I saw that radacct has groupname and I should use radgroupcheck but how parametrize to get radgroupcheck instead of radcheck ?
>  
> I don't know what that means.
>  
> The Wiki documents how the SQL module works. If you need something else from the module, you'll have to write "unlang" rules by hand, instead of using SQL.
>  
> Alan DeKok.
>  
>  
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>  
>  
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


More information about the Freeradius-Users mailing list