Control reject delay per-request?

Alan DeKok aland at
Wed Feb 26 19:00:03 CET 2014

Phil Mayers wrote:
> We have a radius virtual server that takes macauth requests. We know for
> sure it won't receive user traffic and/or dictionary attacks.
> But it's in the same process as another, which might.
> Can we set a control: item or similar to set the reject delay to some
> requests and not others? I'd rather not break it out into a separate
> process for this sole reason.

  Right now, no.

  But it could be done via a simple patch.  :)

  See src/main/event.c, look for "request->root->reject_delay".  There's
only one place which uses it to set the reject delay.

  Honestly, this is the kind of thing which *could* be done on a
per-client level.  It would be better to do that than to use an
attribute in the control list.

  Alan DeKok.

More information about the Freeradius-Users mailing list