Hello Bill -
On Wed, 15 Dec 1999, Bill wrote:
> I've got a check item of Simultaneous-Use=x, where x is the number
> of times a user is allowed to connect. The problem arises in that
> people rejected are simply logged as a FAIL.
> Can I use a hook and force it to log something like:
> timestamp username Simultaneous-Use=X exceeded:FAIL
> intead?
>
> Pointers as to where in the code to look, and/or which variety of
> hook to use would be much appreciated.
>
Here is the relevant code fragment from Handler.pm. As you can see, if you set
the debug level to Trace 3 (INFO), you will get the name and the reason for the
rejection in the log file.
# See if the user will exceed the max number of sessions
if ($p->code eq 'Access-Request')
{
# If we lost a Stop for this port, clean up the session database
$sessdb->delete($original_username, $nas_id, $nas_port, $p);
if (defined $self->{MaxSessions}
&& $sessdb->exceeded($self->{MaxSessions}, $original_username, $p))
{
# Issue a denial and bomb out
my $reason = "MaxSessions exceeded";
&main::log($main::LOG_INFO, "Access rejected for $name: $reason");
$rp->set_code('Access-Reject');
$rp->addAttrByNum($Radius::Radius::REPLY_MESSAGE,
'Request Denied');
$rp->addAttrByNum($Radius::Radius::REPLY_MESSAGE, $reason)
if $self->{RejectHasReason};
$p->{Client}->replyTo($rp, $p);
return;
}
}
AuthGeneric.pm sets the reject reason to:
"Simultaneous-Use of $max_sessions exceeded"
hth
Hugh
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8,
NT, Rhapsody
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
