Programming freeradius to react in different way for accepts and rejects

Diogo Montagner diogo.montagner at gmail.com
Wed Oct 8 16:55:42 CEST 2008


Hello all,

I'm looking for some tutorial that explain how I can programming the
freeradius to work as described below.

At my lab environment I have two situations: access-accept (the password is
correct) and access-reject (the password is wrong).

I would like to programming the freeradius to after the fifth try of an user
to authenticate (all five tries was reject), the freeradius authenticate the
user within a specific policy for this case. I know how to send different
policies to user, but I don't know how to make freeradius answer accept
after the fifth try of authentication.

Example:

user test passwd test123

time: 00:00:00
1st try: test passwd test456 -> radius answer reject
2nd try: test passwd test456 -> radius answer reject
3rd try: test passwd test456 -> radius answer reject
4th try: test passwd test456 -> radius answer reject
5th try: test passwd test456 -> radius answer reject
time: 00:05:00
6th try: test passwd test456 -> radius answer accept but athenticate the
user in a specific policy to block its access but keep it authenticated.

If in five minutes the user has received more than 5 access-reject then I
would like to authenticate and block its access with a specific policy.

Thanks in advance!

./diogo -montagner
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20081008/df3b98aa/attachment-0001.html>


More information about the Freeradius-Users mailing list