Reject Calling-Station-Id

Arran Cudbard-Bell arran.cudbard-bell at hp.com
Tue Jan 5 19:28:52 CET 2010


On 1/5/2010 5:58 AM, EasyHorpak.com wrote:
> Charles wrote:
>> I am also facing the same problem - Need to blacklist range of IPs
>>
>>     ----- Original Message -----
>>     *From:* Neville <mailto:nev at itsnev.co.uk>
>>     *To:* freeradius-users at lists.freeradius.org
>>     <mailto:freeradius-users at lists.freeradius.org>
>>     *Sent:* Tuesday, January 05, 2010 11:55 AM
>>     *Subject:* Reject Calling-Station-Id
>>
>>     First, please let me wish everyone a Happy New Year in the list. 
>>     I've learned a lot in the past 12 months and have a fairly stable
>>     installation of 2.1.6 on CentOS 5.4.
>>     The question, I would like to ask is how can I improve on this
>>     and use a DB List/Table to Blacklist certain IP addresses.
>>     if(Calling-Station-Id == 218.18.XX.XX){
>>             reject
>>     }
>>     if(Calling-Station-Id == 113.237.XX.XX){
>>             reject
>>     }
>>     The reason I'm having to do this is that we offer a 1hr Free
>>     Trial of our services and use the Email Address and IP address at
>>     the point of registration to ensure that the same person does not
>>     keep requesting more and more free trials.  Obviously this not
>>     perfect and manages to address most of our requirements.
>>     However, there are a view people out there, that registered with
>>     a spoof IP Address and another free hotmail account etc, thus
>>     getting another Free Trial over and over again.  The way I'm stop
>>     this currently, is manually check the record we had at the point
>>     of request for the Free Trial, and the IP address used to access
>>     the Service, if these are different then I block the IP address
>>     using the unlang above.
>>     There is only a few currently, but should this increase and I
>>     would like a more fool proof way to manage this and register the
>>     fact that someone has abused our free trial service and BLOCK
>>     there IP from accessing our service, even if they have been given
>>     a Username/Password via the Free Trial Page.
>>     Thanks in advance,
>>     Nev
>>     ________________________________________________________________
>>
>>     5 free Domains with Select Hosting Plans. Get yours!
>>
>>     			
>>
>>     ------------------------------------------------------------------------
>>     -
>>     List info/subscribe/unsubscribe? See
>>     http://www.freeradius.org/list/users.html
>>
>> ________________________________________________________________
>>
>> 5 free Domains with Select Hosting Plans. Get yours!
>>
>> 			
>>
>> ------------------------------------------------------------------------
>>
>> -
>> List info/subscribe/unsubscribe? Seehttp://www.freeradius.org/list/users.html
> if (Calling-Station-Id == "%{sql: SELECT mac FROM `lrc_banlist` WHERE 
> mac='%{Calling-Station-Id}'}") {
>
>
>         update reply {
>                     Reply-Message = "Hello Hello Hello"
>            }
> reject
>      }
>
> Read Uncle Alan has replied this.

To save the followup exchange:

         update reply {
                     Reply-Message := "Hello Hello Hello"
            }

Uncle Alan?...

-Arran
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20100105/f0938496/attachment.html>


More information about the Freeradius-Users mailing list