Change of Authorization

Peter Nixon listuser at peternixon.net
Sat Jan 27 11:47:09 CET 2007


On Sat 27 Jan 2007 02:08, Jeffrey Sewell wrote:
> Apologies if this has been addressed before, but I can't find any
> references in the Wiki or the archives for the use of rfc 3576 Change
> of Authorization messages.
>
> Does FreeRADIUS have any built in way to trigger and/or send a CoA?
> How have others dealt with users who have exceeded certain limits but
> have not yet reached session-timout?

Hi Jeffrey

As it would turn out I was reading RFC 3576 yesterday and added support for 
CoA and Disconnect packets to pyrad (A python RADIUS library not part of the 
FreeRADIUS project, but written by Wichert who is one of the FR developers 
also)

radiusd does not currently respond to or natively send CoA or Disconnect 
packets however radclient DOES suport them. This means that you can quite 
happily write an exec/perl/python module which executes radclient (or uses 
the pyrad library) to send CoA or Disconnect packets.. Please read my thread 
titled "RADIUS Disconnect support" on the freeradius-devel list which 
started on Tuesday this week for a little more dicussion of how I think this 
could be added natively to radiusd...

If you have any further suggestions please reply to that thread..

-- 

Peter Nixon
http://www.peternixon.net/
PGP Key: http://www.peternixon.net/public.asc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20070127/213a8017/attachment.pgp>


More information about the Freeradius-Users mailing list