Today, I wrote a small python script to discover Ubiquiti Nanostation devices on the network using pacpy and dpkt. Since it is listening CDP packets, I guess it can also discover other kinds of devices, though not tested.
Jul 12, 2013
Jul 11, 2013
Limiting the active users/sessions in freeRADIUS
Here is how to limit the number of concurrent users/sessions in freeRADIUS. Let's say, you want to reject auth requests if there are already more than 50 active accounting sessions.
- Add the following policy in your policy.conf
- Add check_active_users policy in your sites-enabled/default auth section.
- Test it using radclient.
maximum_active_users = 50
check_active_users {
if ("%{sql: SELECT COUNT (*) FROM radacct WHERE acctstoptime IS NULL}" >= "%{config:policy.maximum_active_users}") {
update reply {
Reply-Message := "Too many users logged into the system. Please try again later."
}
reject
}
}
root @ ~ $ echo "User-Name=t1,User-Password=1234" | radclient -x -d /etc/freeradius/ 192.168.100.108 auth testing123
Sending Access-Request of id 124 to 192.168.100.108 port 1812
User-Name = "t1"
User-Password = "1234"
rad_recv: Access-Reject packet from host 192.168.100.108 port 1812, id=124, length=84
Reply-Message = "Too many users logged into the system. Please try again later."
Subscribe to:
Comments (Atom)