Control reject delay per-request?
Alan DeKok
aland at deployingradius.com
Wed Feb 26 19:00:03 CET 2014
Phil Mayers wrote:
> We have a radius virtual server that takes macauth requests. We know for
> sure it won't receive user traffic and/or dictionary attacks.
>
> But it's in the same process as another, which might.
>
> Can we set a control: item or similar to set the reject delay to some
> requests and not others? I'd rather not break it out into a separate
> process for this sole reason.
Right now, no.
But it could be done via a simple patch. :)
See src/main/event.c, look for "request->root->reject_delay". There's
only one place which uses it to set the reject delay.
Honestly, this is the kind of thing which *could* be done on a
per-client level. It would be better to do that than to use an
attribute in the control list.
Alan DeKok.
More information about the Freeradius-Users
mailing list