Hi all,

I was wondering whether nocat (http://nocat.net/) could be queried for
simultaneous use somehow. I've found only some outdated patch on
http://lists.nocat.net/pipermail/nocat/2003-October/003795.html

I've inspired from the idea and attached is a patch to checkrad.pl.in.
You need additional perl module HTTP::Lite(downloadable from CPAN). I've
tested and it's working well.

In order to deploy checkrad you need to set your nas type to "nocat" and 
enable simultaneous-use checking for your user(Simultaneous-Use:=1 in users 
file|radcheck|radgroupcheck) 
and your freeradius server has to be allowed in NAS firewall to access
http://$nas_ip:$nas_port/status

NAS> iptables -A INPUT -p tcp --dport <$nas_port> -s <$radius_server> -j ACCEPT

I hope this can help someone...


Milan Holub
holub (at) thenet (dot) ch

--------------------------------------
 TheNet-Internet Services AG,
 im Bernertechnopark, Morgenstr. 129
 CH-3018, Bern, Switzerland
 031 998 4333, Fax 031 998 4330
 http://www.thenet.ch
 http://wlan.thenet.ch
--------------------------------------
Index: src/main/checkrad.pl.in
===================================================================
RCS file: /source/radiusd/src/main/checkrad.pl.in,v
retrieving revision 1.33
diff -u -r1.33 checkrad.pl.in
--- src/main/checkrad.pl.in     1 May 2004 09:32:14 -0000       1.33
+++ src/main/checkrad.pl.in     30 Apr 2007 13:21:32 -0000
@@ -32,6 +32,7 @@
 #              mikrotik_telnet  1.1    Author: Evren Yurtesen <[EMAIL PROTECTED]>
 #              mikrotik_snmp    1.0    Author: Evren Yurtesen <[EMAIL PROTECTED]>
 #              redback_telnet          Author: Eduardo Roldan
+#              nocat_http              Author: Milan Holub
 #
 #      Config: $debug is the file you want to put debug messages in
 #              $snmpget is the location of your ``snmpget'' program
@@ -43,6 +44,9 @@
 #              $naspass is the location of your NAS admin password file
 #

+# for nocat gateway
+use HTTP::Lite;
+
 $prefix                = "@prefix@";
 $localstatedir = "@localstatedir@";
 $logdir                = "@logdir@";
@@ -1344,6 +1348,20 @@
     return 0;
 }

+sub nocat_http {
+    my ($nas_ip, $nas_port, $login, $session_id) = ($ARGV[1], $ARGV[2], $ARGV[3], $ARGV[4]);
+    my $http = new HTTP::Lite;
+    my $req = $http->request("http://$nas_ip:$nas_port/status";) or die "Unable to get document: $!";
+    die "Request failed ($req): ".$http->status_message() if $req ne "200";
+    my $body = $http->body();
+    #print $body;
+    if ($body =~ /^<tr><td>$login<\/td>.*<td.*>$session_id<\/td>.*<\/tr>$/m) {
+        print LOG "User is logged in!" if ($debug);
+        return 1;
+    }
+    return 0;
+}
+
 ###############################################################################

 # Poor man's getopt (for -d)
@@ -1418,6 +1436,8 @@
         $ret = &mikrotik_snmp;
 } elsif ($ARGV[0] eq 'redback'){
         $ret = &redback_telnet;
+} elsif ($ARGV[0] eq 'nocat'){
+        $ret = &nocat_http;
 } elsif ($ARGV[0] eq 'other') {
        $ret = 1;
 } else {
- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to