Merci Beaucoup, Ok I will take a look on it, but I m using a MACOSX that is not listed in your platform list, and mysql instead of a user file, so if I can make it work for my need I will send you a feedback about. Else I will build the cron script to handle it
Thanks Julien ----- Original Message ----- From: "Jean-Paul Chapalain" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, November 20, 2003 1:41 PM Subject: Re: Block User Account after 10 password failed > Julien Gabry wrote: > > Hello, > > > > I m sure that this question is redundant but I didn't found answer on my > > searchs. > > > > I would like to disable the user account after 10 (more or less) bad > > authententification. > > > > I imagine that I can add parameter on the SQL query > > > > for example, checking the bad request log with a cron, and set a count value > > in a table after X failed for the same login and then update the usergroup > > table. > > > > But I won't add to many SQL query on the system. So there is a better > > solutions to do it ? > > > > In a perfect world, the same events could send a mail to the user, and > > reenable the account automatically after 2 hours. > > > > If you have any links or module that can help be to implement it, you will > > be welcome > > > > > > Thanks in advance > > > > Julien > > > > > > - > > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > > Hi, > I've realized this with Simpe Event Correlator > (http://simple-evcorr.sourceforge.net/). > > SEC analyze logon messages in radius's log, modify radius users's file > if there is 'n' bad login and then restart radiusd deamon. > > See below my config for SEC : > > # Rule : 1 > #============= > type=Single > continue=TakeNext > ptype=RegExp > pattern=(.*)Auth: Login incorrect(.*)\[(.*)\](.*)\(from client (.*) > port(.*)cli (.*)\) > desc=login error with user $3 from $6 to $5 > action=eval %U ($nuser{$3}++; if ( $nuser{$3} > 3 ) {$nuser{$3} = 0; > system("/opt/freeradius/tools/revoke-user > /opt/freeradius/etc/raddb/users $3")} ) > > # Rule : 2 > #============= > type=Single > continue=TakeNext > ptype=RegExp > pattern=(.*)Auth: Login OK(.*)\[(.*)\](.*)\(from client (.*) port(.*)cli > (.*)\) > desc=login ok with user $3 from $6 to $5 > action=eval %U ($nuser{$3} = 0) > > -- > -- Jean-Paul Chapalain - GICM - Reseaux et Systemes Distribues > -- 32 rue Mirabeau - Le Relecq-Kerhuon - 29808 Brest Cedex 9, FRANCE > -- Tel +33298002873 - Fax +33298284005 - [EMAIL PROTECTED] > -- Key Fingerprint: 192C 1CFE F24A 050D F280 A086 AF15 8631 3ABB 4C7D > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
