[RADIATOR] Control the Status-Server requests

Gerard Alcorlo Bofill galcorlo at cesca.cat
Thu Dec 23 06:00:23 CST 2010


Thank you Hugh,

I've misunderstood the reference manual. So at the moment the best
option is the hack suggested by Remo...

In my opinion, some kind of improvement in relation to the control of
the Status-Server' requests, would be welcome.

Thanks,

--
Gerard


Al 23/12/10 10:48, En/na Hugh Irvine ha escrit:
> 
> Hello Gerard - 
> 
> The Status-Server request is processed by the Client clause - it doesn't get passed to any Handler(s).
> 
> See the code in Radius/Client.pm.
> 
> regards
> 
> Hugh
> 
> 
> On 23 Dec 2010, at 20:08, Gerard Alcorlo Bofill wrote:
> 
>> Hello Hugh,
>>
>> any other ideas why is not capturing this kind of requests my handler?
>>
>> Thank you in advance.
>>
>> --
>> Gerard
>>
>> Al 17/12/10 14:18, En/na Ryter Remo ha escrit:
>>> Hi Gerard,
>>>
>>> You are totally right - this hack won't survive any updates.
>>> A config based solution would definitely be preferred. 
>>>
>>> You are right as well with the handler - at least a valid
>>> client handler will be needed in order to accept a request
>>> (or default handler will probably do it as well).
>>>
>>> Cheers,
>>> --Remo
>>>
>>> -----Original Message-----
>>> From: Gerard Alcorlo Bofill [mailto:galcorlo at cesca.cat] 
>>> Sent: Freitag, 17. Dezember 2010 13:18
>>> To: Ryter Remo
>>> Cc: radiator at open.com.au
>>> Subject: Re: [RADIATOR] Control the Status-Server requests
>>>
>>> Hi Remo,
>>>
>>> thank you for your solution.
>>> This reminds me that I did something similar for an old version of
>>> Radiator but after upgrading I forgot to add this hack.
>>> If nobody can give an alternative I'll add your solution. But a config
>>> solution would be better because we wouldn't need to remember to add
>>> the hack after an upgrade. And in fact, my handler would have to match
>>> this queries, wouldn't it?
>>>
>>> Thanks!
>>>
>>> --
>>> Gerard
>>>
>>>
>>> Al 17/12/10 12:57, En/na Ryter Remo ha escrit:
>>>> Hi Gerard,
>>>>
>>>> I had the same goal but I simply did a small change in Client.pm (look for this code snippet: "if ($code eq 'Status-Server')").
>>>>
>>>> There I just add a small if clause to ensure that only requests from the localhost were accepted. Something like this: "if ($self->{Name} == "127.0.0.1") { }"
>>>>
>>>> So I provide the detailed statistics for requests from localhost and only a simple "I'm OK" when everybody else asks - I think this can be easily extended to allow a list of trusted clients.
>>>>
>>>> Hope this helps.
>>>> --Remo
>>>>
>>>> -----Original Message-----
>>>> From: radiator-bounces at open.com.au [mailto:radiator-bounces at open.com.au] On Behalf Of Gerard Alcorlo Bofill
>>>> Sent: Freitag, 17. Dezember 2010 12:38
>>>> To: radiator at open.com.au
>>>> Subject: [RADIATOR] Control the Status-Server requests
>>>>
>>>> Hi,
>>>>
>>>> I'm trying to control the Status-Server requests. My goal is just to
>>>> permit the querying of my radius status only by some clients.
>>>> My first handler in the configuration is this one below, but no request
>>>> matches it.
>>>>
>>>> <Handler Request-Type=Status-Server>
>>>>    <AuthBy FILE>
>>>>        Filename        /dev/null
>>>> #       StripFromReply          Reply-Message
>>>>        AddToReply              Reply-Message="Informacio no disponible"
>>>>    </AuthBy>
>>>>    AddToReply Port-Limit="9999"
>>>>    AuthLog LogSenseTunel
>>>> </Handler>
>>>>
>>>> When this trial works, I'm going to strip the "Reply-Message" from the
>>>> answer. But for now, I just want to add some information to the answer
>>>> like the Port-Limit or another Reply-Message field.
>>>>
>>>> Any ideas why my "Status-Server" request don't match to any realm and
>>>> all Status-Server requests are answered with the status information?
>>>>
>>>> Thanks
>>>>
>>> _______________________________________________
>>> radiator mailing list
>>> radiator at open.com.au
>>> http://www.open.com.au/mailman/listinfo/radiator
>> _______________________________________________
>> radiator mailing list
>> radiator at open.com.au
>> http://www.open.com.au/mailman/listinfo/radiator
> 
> 
> 
> NB: 
> 
> Have you read the reference manual ("doc/ref.html")?
> Have you searched the mailing list archive (www.open.com.au/archives/radiator)?
> Have you had a quick look on Google (www.google.com)?
> Have you included a copy of your configuration file (no secrets), 
> together with a trace 4 debug showing what is happening?
> 


More information about the radiator mailing list