[rad] Re: pseudo-newbie exec scripts and session-time
Charles Gregory
cgregory at hwcn.org
Fri Jun 5 17:23:02 CEST 2009
Hello again!
Sorry, maybe I should take 'pseudo' out of the subject line...
Firstly, MY BAD. I forgot to post that I'm on CentOS 4, and therefore
limited to whatever syntax applies to "freeradius-1.0.1-3.RHEL4.5"
Hopefully what I want to do is so 'basic' it doesn't change.... :)
Secondly, anyone noticed that the basic MAN pages are hard to find on the
website? I happened to click the link to 'modular' on the home page and
found a link to man pages at the bottom of that page. So at least now I
can see the full list of manuals and start to RTFM. :)
On Thu, 4 Jun 2009, A.L.M.Buxey at lboro.ac.uk wrote:
>> I'm thinking:
>> Session-Timeout := %{exec:timecalc}
> pretty much....
Actually, I can't find a good working example from which to lift
the exact syntax. Is the above correct? Should I use back ticks?
I really don't want hand-holding, but sometimes a good working sample
is worth a thousand posts. :)
> .... you need to set this via the update reply style as
> recently posted several times this past month to the list
(nod) Found the posts... thanks...
> post-auth section - thats where you should set any return details
(nod) Good point. Thanks. Said I was newb. :)
>> Hmmm. While I'm here, if I set Session-Timeout to ZERO, what will happen?
> ;-) it should mean there is no session timeout (ie infinite session)
(smack forehead) Didn't think of that. But I can set a timeout of one
second and that will do the job of dropping someone who is out of time.
Probably better that way so that they don't get a message that their
userid and password are invalid.
Or is there a reply item that a Cisco AS5400 would pass on to the
dialing (probably) Windows PPP and have it display a meaningful
"you are out of time" message to the user during auth?
(Dare I dream? LOL)
Thanks.
- Charles
More information about the Freeradius-Users
mailing list