diff options
author | Michael Newton <miken32@gmail.com> | 2013-02-14 15:19:06 -0800 |
---|---|---|
committer | Michael Newton <miken32@gmail.com> | 2013-02-14 15:19:06 -0800 |
commit | 62f20eab8855915bc87c23dd13025e922dc1606d (patch) | |
tree | de112ec9e6441c111f20ff7c522089df74a8d06a /etc/inc/captiveportal.inc | |
parent | 2ccc41c1c537994e10c9deb4ac061ce55edb6537 (diff) | |
download | pfsense-62f20eab8855915bc87c23dd13025e922dc1606d.zip pfsense-62f20eab8855915bc87c23dd13025e922dc1606d.tar.gz |
add support for RADIUS NAS accounting, fixes redmine feature request 2143
Diffstat (limited to 'etc/inc/captiveportal.inc')
-rw-r--r-- | etc/inc/captiveportal.inc | 52 |
1 files changed, 52 insertions, 0 deletions
diff --git a/etc/inc/captiveportal.inc b/etc/inc/captiveportal.inc index 4c1145c..3f91627 100644 --- a/etc/inc/captiveportal.inc +++ b/etc/inc/captiveportal.inc @@ -338,6 +338,9 @@ EOD; unlink_if_exists("{$g['vardb_path']}/captiveportal_radius_{$cpzone}.db"); captiveportal_init_radius_servers(); + /* send Accounting-On to server */ + captiveportal_send_server_accounting(); + if ($g['booting']) echo "done\n"; @@ -351,6 +354,11 @@ EOD; captiveportal_radius_stop_all(); + /* send Accounting-Off to server */ + if (!$g['booting']) { + captiveportal_send_server_accounting(true); + } + /* remove old information */ unlink_if_exists("{$g['vardb_path']}/captiveportal{$cpzone}.db"); unlink_if_exists("{$g['vardb_path']}/captiveportal_radius_{$cpzone}.db"); @@ -2027,4 +2035,48 @@ function captiveportal_write_usedmacs_db($usedmacs) { unlock($cpumaclck); } +function captiveportal_send_server_accounting($off = false) { + global $cpzone, $config; + + if (!isset($config['captiveportal'][$cpzone]['radacct_enable'])) { + return; + } + if ($off) { + $racct = new Auth_RADIUS_Acct_Off; + } else { + $racct = new Auth_RADIUS_Acct_On; + } + $radiusservers = captiveportal_get_radius_servers(); + if (empty($radiusservers)) { + return; + } + foreach ($radiusservers['first'] as $radsrv) { + // Add a new server to our instance + $racct->addServer($radsrv['ipaddr'], $radsrv['acctport'], $radsrv['key']); + } + if (PEAR::isError($racct->start())) { + $retvalue['acct_val'] = 1; + $retvalue['error'] = $racct->getMessage(); + + // If we encounter an error immediately stop this function and go back + $racct->close(); + return $retvalue; + } + // Send request + $result = $racct->send(); + // Evaluation of the response + // 5 -> Accounting-Response + // See RFC2866 for this. + if (PEAR::isError($result)) { + $retvalue['acct_val'] = 1; + $retvalue['error'] = $result->getMessage(); + } else if ($result === true) { + $retvalue['acct_val'] = 5 ; + } else { + $retvalue['acct_val'] = 1 ; + } + + $racct->close(); + return $retvalue; +} ?> |