On Jul 17, 1:35pm, Clement wrote:
> Subject: Re: (RADIATOR) Version 2.14 released
.....
> Mike McCauley wrote:
> > ...
> > New authentication module PORTLIMITCHECK, which can check
> > enforce simultaneous-use limits for arbitrary groups of users. This
> > can allow you to sell bundles of ports on a global or per-POP basis,
> > or DNIS etc. It can also set up Class attributes that depend on how
> > many users are currently logged in in that group, so you can have
> > different charging bands for normal and overflow usage etc. Requires
> > a that a be present in your Radiator config.
>
> Mike, this is a great feature. However, from your web pages, when the
> limit is reached, new callers will only be rejected. But he still have
> to pay Telstra 25c for the call. Since he does not know exactly why he
> is rejected, he will normally call again and again. Thus this
> implementation will become a great revenue generator for Telstra, sad!
>
> An Ascend user told me recently that using Ascend with the Ascend's own
> Radius, they can implement a similar thing by limiting the max. no. of
> sesssions per dial in number or dial in group. But they can return a
> busy tone to the callers after the limit is exceeded.
>
> Can this be done with Radiator? More can this be done together with our
> Bay RAC8000/5399s?
There was a recent posting about this to the list, with an example config for
Bay 5399. I have attached it again.
>
> > Changes to session databases so that when a NAS is checked for a
> > simultaneous use, the original username (prior to any
> > RewriteUsername) will be used.
>
> We rewrite user names to treat upper case and lower case names the
> name. This help new users a lot. With this new feature, will we have a
> risk that someone can log in simultaneously by using an upper case name
> and a lower case name separately?
Yes. You would have had the same risk with the old way of doing it too.
Hope that helps.
Cheers.
--
Mike McCauley [EMAIL PROTECTED]
Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au
Phone +61 3 9598-0985 Fax +61 3 9598-0955
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8,
NT, Rhapsody
Here are some instructions on using Radiator 2.14 and Bay 5399/8000 software
16.0 (or higher) to achieve effective SessionLimits.
<Handler Called-Station-Id=/^95555600|^95555656|^95555657/,
Service-Type=Outbound-User>
<AuthBy PORTLIMITCHECK>
SessionLimit 230
CountQuery select COUNT(*) from RADONLINE where DNIS='95555600' or
DNIS='95555656' or DNIS='95555657'
</AuthBy>
<AuthBy TEST>
</AuthBy TEST>
</Handler>
in the radius.cfg file.
The following 2 lines should be placed in the %gateway section of
config.annex :
radius_call_pooling 1
radius_call_pooling_calling_no 0
The 5399/8000 must be rebooted for these settings to take effect. The RAC
will then send out an Access-Request packet when the call arrives on the D
channel, and depending on whether it receives an -Accept or -Reject back
will answer or not answer the call.
You may wish to include the sample Session database entry (from the
documentation), and the above entry into the annex.cfg file in future
versions. I've tested the above handler entries which work quite well. I
know that some people have been looking to do this with the 5399s recently.
(Effectively reserving one particular number one channel, and allowing other
numbers to have a combined limit. A handler with a more general regexp, and
a SELECT line with some and DNIS != ... entries would do this as well).
Regards,
Andrew Foster
=============================================
Andrew Foster Tel: (02) 9927-8808
Nortel Networks Fax: (02) 9927-8899
Customer Network Engineer
Asia Pacific TSC
