On Mon 16 Oct 2006 16:25, Guilherme Franco wrote: > Hi, > > Does anyone already have a program to block freeradius on-the-fly? > > ie: user has PAID = YES in radcheck table. Whenever I set PAID = NO, > the user would no longer authenticate the next time he/ she logs in. > OK, this works, but, if the user is already loged in, even if I set > PAID = NO, the user would not be rejected (for obvious reasons). This > is important because the grand number of Router mode ADSL users, that > never logs out. I'm building a program to verify every x minutes the > database and if PAID = NO, return a flag to freeradius and then reject > the user.
Thats the wrong way to do it. Simply disconnect the user on your NAS at the same time as setting PAID = NO. The way you do this depends on your NAS but PoD comes to mind: http://wiki.freeradius.org/POD -- Peter Nixon http://www.peternixon.net/ PGP Key: http://www.peternixon.net/public.asc - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
