Re: Accounting-Start packet question

Tue, 02 Dec 2003 11:57:24 -0800

At 12:46 PM 12/2/2003, Brian Clarkson wrote:
Chris Parker wrote:

At 12:27 PM 12/2/2003, Brian Clarkson wrote:

Accounting-Start packets are sent by the client ( which could be either the NAS or the end-user in the case of wireless auth, which is what i'm doing ).

No, it will be the NAS, it will not be the end-user.

that's what i thought ... but the 'client' definition almost makes it sound as any client though the chain of "clients" could send the packet. 

No, the chain of communication can't be side-stepped.  End-user can
talk to NAS can talk to Radius Server.  Beyond the immediate clients,
there is no chain of trust or state that would allow End-user <-> Radius
server direct communication.

If the NAS/AP doesn't send it, you don't get it.

is there some kind of way around this, like faking an Accounting-Start in the radgroupreply table ( in MySQL )? 

Yes.  Look at the 'radzap' program.  It functions by sending a spoofed
'Stop' packet to the server.

i fail to understand how a spoofed 'stop' packet will actually start the accounting process.

but this hits another issue i was having. my test user sucessfully authenticated but hasn't been 'kicked off' the network -- even though i've restarted the radius server *and* rebooted the NAS. ( a Buffalo AP in this case ). would the user not be disconnected because of the lack of "stop" packet? 

I was simply pointing that out as you asked how to fake an Accounting
Start packet.  That program sends an Accounting Stop.  It is a trivial
modification to make it send a different packet type.

Is there a particular problem you are trying to solve?  It might be
better to spell out your problem, and listen to the proposed solutions
than trying to jump straight to a solution as the one you see may not
be perhaps the 'best' for your particular problem.

-Chris
--
   \\\|||///  \          StarNet Inc.      \         Chris Parker
   \ ~   ~ /   \       WX *is* Wireless!    \   Director, Engineering
   | @   @ |    \   http://www.starnetwx.net \      (847) 963-0116
oOo---(_)---oOo--\------------------------------------------------------
                  \ Wholesale Internet Services - http://www.megapop.net



- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to