[RADIATOR] CoA-Request vs Change-Filter-Request in radpwtst

Vangelis Kyriakakis vkyriak at forthnet.gr
Thu Nov 13 02:10:13 CST 2014 

Hello all,

         I agree with Hugh. That would be a nice idea.
         By the way is there a way to send CoA requests directly from
radiator perl scripts (mainly from Nas perl scripts) without calling the
radpwtst program?

                 Thanks
                          Vangelis

On 13/11/2014 3:15 πμ, Hugh Irvine wrote:
> Hello Heikki -
>
> These could be added as synonyms as is done for some RADIUS attribute definitions.
>
>
> # Radius.pm
> # Implements Radius message packet object
> #
> # Contains the following additional attributes
> #  SendTo
> #  StatsTrail, array or refs to statistics hashes
> #
> # Handles multiple instances of the same attribute
> # Handles accounting packets, and authentication of same
> # Handles EAP
> #
> # Author: Mike McCauley (mikem at open.com.au),
> # Copyright (C) Open System Consultants
> # $Id: Radius.pm,v 1.175 2014/04/02 20:44:24 hvn Exp $
>
> package Radius::Radius;
> @ISA = qw(Radius::AttrVal);
> use Radius::AttrVal;
> use Radius::BigInt;
> use Socket;
> use Digest::MD5;
> use Radius::Util;
> use strict;
>
> # RCS version number of this module
> $Radius::Radius::VERSION = '$Revision: 1.175 $';
>
> # These map request names into request types. 
> # Some are from RFC 2882. Add synonyms from RFC 5176.
> my %codes  = ( 
>         'Access-Request'                     => 1,
>         'Access-Accept'                      => 2,
>         'Access-Reject'                      => 3,
>         'Accounting-Request'                 => 4,
>         'Accounting-Response'                => 5,
>         'Accounting-Status'                  => 6,
>         'Access-Password-Request'            => 7,
>         'Access-Password-Ack'                => 8,
>         'Access-Password-Reject'             => 9,
>         'Accounting-Message'                 => 10,
>         'Access-Challenge'                   => 11,
>         'Status-Server'                      => 12,
>         'Status-Client'                      => 13,
>         'Resource-Free-Request'              => 21,
>         'Resource-Free-Response'             => 22,
>         'Resource-Query-Request'             => 23,
>         'Resource-Query-Response'            => 24,
>         'Alternate-Resource-Reclaim-Request' => 25,
>         'NAS-Reboot-Request'                 => 26,
>         'NAS-Reboot-Response'                => 27,
>         'Ascend-Access-Next-Code'            => 29,
>         'Ascend-Access-New-Pin'              => 30,
>         'Ascend-Terminate-Session'           => 31,
>         'Ascend-Password-Expired'            => 32,
>         'Ascend-Access-Event-Request'        => 33,
>         'Ascend-Access-Event-Response'       => 34,
>         'Disconnect-Request'                 => 40,
>         'Disconnect-Request-ACKed'           => 41,
>         'Disconnect-Request-NAKed'           => 42,
>         'Change-Filter-Request'              => 43,
>         'CoA-Request'                             => 43,
>         'Change-Filter-Request-ACKed'        => 44,
>         ‘CoA-ACKed’                                     => 44,
>         'Change-Filter-Request-NAKed'        => 45,
>         'CoA-NAKed’                                      => 45,
>         'IP-Address-Allocate'                => 50,
>         'IP-Address-Release'                 => 51,
> );
>
>
> The decode can use the new definitions.
>
> Thoughts?
>
> regards
>
> Hugh
>
>
>> On 13 Nov 2014, at 08:08, Heikki Vatiainen <hvn at open.com.au> wrote:
>>
>> On 11/11/2014 02:14 PM, Vangelis Kyriakakis wrote:
>>
>>>      Radpwtst client uses code Change-Filter-Request for message 43
>>> which is based on old rfc2882. Message 43 has been renamed to
>>> CoA-Requestin later rfc5176. The same stands for messages 44,45. It
>>> would be nice to change the names to the new ones since the old names
>>> cause some misunderstandings especially when talking to vendor support
>>> teams in order to solve CoA problems.
>> Good point. We have discussed updating the names too because of the
>> confusion the old names create. The drawback is that doing this requires
>> changes to existing scripts that use radpwtst and any existing Radiator
>> modules or hooks that do not come with Radiator (own custom code).
>>
>> The change could be applied to just radpwtst, but likely it would be
>> less confusing to change them both.
>>
>> I'll see when to get this in the patches.
>>
>> Thanks,
>> Heikki
>>
>> -- 
>> Heikki Vatiainen <hvn at open.com.au>
>>
>> Radiator: the most portable, flexible and configurable RADIUS server
>> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
>> Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
>> TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
>> DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
>> NetWare etc.
>> _______________________________________________
>> radiator mailing list
>> radiator at open.com.au
>> http://www.open.com.au/mailman/listinfo/radiator
>
> --
>
> Hugh Irvine
> hugh at open.com.au
>
> Radiator: the most portable, flexible and configurable RADIUS server 
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
> Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
> TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
> DIAMETER, SIM, etc. 
> Full source on Unix, Linux, Windows, MacOSX, Solaris, VMS, NetWare etc.
>
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator

More information about the radiator mailing list