diff options
| author | Scott Ullrich <sullrich@pfsense.org> | 2005-03-14 01:57:46 +0000 |
|---|---|---|
| committer | Scott Ullrich <sullrich@pfsense.org> | 2005-03-14 01:57:46 +0000 |
| commit | 33f0abb1245ac409fbe9e94884fdd531eb1c42cf (patch) | |
| tree | 5711af84a800a704b60b12c0cc02239cc31dbdc9 /usr/local/captiveportal/radius_accounting.inc | |
| parent | 12ee8fe4a25d6fcda720a171c102f48d9bcceb5c (diff) | |
| download | pfsense-33f0abb1245ac409fbe9e94884fdd531eb1c42cf.zip pfsense-33f0abb1245ac409fbe9e94884fdd531eb1c42cf.tar.gz | |
Restore 1.2b5's captive portal. 1.2b7 + radius == boom.
Diffstat (limited to 'usr/local/captiveportal/radius_accounting.inc')
| -rw-r--r-- | usr/local/captiveportal/radius_accounting.inc | 59 |
1 files changed, 12 insertions, 47 deletions
diff --git a/usr/local/captiveportal/radius_accounting.inc b/usr/local/captiveportal/radius_accounting.inc index 1aac92d..7004971 100644 --- a/usr/local/captiveportal/radius_accounting.inc +++ b/usr/local/captiveportal/radius_accounting.inc @@ -26,16 +26,10 @@ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - - // This version of radius_accounting.inc has been modified by - // Rob Parker <rob.parker@keycom.co.uk>. Changes made include: - // * now sends Framed-IP-Address (client IP) - // * now sends Called-Station-ID (NAS IP) - // * now sends Calling-Station-ID (client IP) */ -function RADIUS_ACCOUNTING_START($username,$sessionid,$radiusip,$radiusport,$radiuskey,$clientip) { +function RADIUS_ACCOUNTING_START($username,$sessionid,$radiusip,$radiusport,$radiuskey) { $sharedsecret=$radiuskey ; # $debug = 1 ; @@ -50,14 +44,6 @@ function RADIUS_ACCOUNTING_START($username,$sessionid,$radiusip,$radiusport,$rad /* set 5 second timeout on socket i/o */ stream_set_timeout($fd, 5) ; - $nas_ip_address=get_current_wan_address(); - - if(!isset($clientip)) { - //if there's no client ip, we'll need to use the NAS ip - $clientip=get_current_wan_address(); - } - $ip_exp=explode(".",$clientip); - if ($debug) echo "<br>radius-port: $radiusport<br>radius-host: $radiusip<br>username: $username<hr>\n"; @@ -72,12 +58,11 @@ function RADIUS_ACCOUNTING_START($username,$sessionid,$radiusip,$radiusport,$rad 6+ // nasPortType 6+ // Acct Status Type 6+ // Acct RADIUS Authenticated - 2+strlen($sessionid)+ // Acct SessionID - 6; // Framed-IP-Address + 2+strlen($sessionid); // Acct SessionID // v v v v v v v v v 1 v // Line # 1 2 3 4 5 6 7 8 9 0 E - $data=pack("CCCCNNNNCCCCCCCCa*CCa*CCCCCCCCCCCCCCCCCCCCCCCCCCa*CCCCCC", + $data=pack("CCCCNNNNCCCCCCCCa*CCa*CCCCCCCCCCCCCCCCCCCCCCCCCCa*", 4,$thisidentifier,$length/256,$length%256, // header 0,0,0,0, // authcode 6,6,0,0,0,1, // service type @@ -87,8 +72,7 @@ function RADIUS_ACCOUNTING_START($username,$sessionid,$radiusip,$radiusport,$rad 61,6,0,0,0,15, // nasPortType = Ethernet 40,6,0,0,0,1, // Acct Status Type = Start 45,6,0,0,0,1, // Acct RADIUS Authenticated - 44,2+strlen($sessionid),$sessionid, // Acct Session ID - 8,6,$ip_exp[0],$ip_exp[1],$ip_exp[2],$ip_exp[3] //Framed-IP-Address + 44,2+strlen($sessionid),$sessionid // Acct Session ID ); /* Generate Accounting Request Authenticator */ @@ -96,7 +80,7 @@ function RADIUS_ACCOUNTING_START($username,$sessionid,$radiusip,$radiusport,$rad // v v v v v v v v v 1 v // Line # 1 2 3 4 5 6 7 8 9 0 E - $data=pack("CCCCH*CCCCCCCCa*CCa*CCCCCCCCCCCCCCCCCCCCCCCCCCa*CCCCCC", + $data=pack("CCCCH*CCCCCCCCa*CCa*CCCCCCCCCCCCCCCCCCCCCCCCCCa*", 4,$thisidentifier,$length/256,$length%256, // header $RA, // authcode 6,6,0,0,0,1, // service type @@ -106,8 +90,7 @@ function RADIUS_ACCOUNTING_START($username,$sessionid,$radiusip,$radiusport,$rad 61,6,0,0,0,15, // nasPortType = Ethernet 40,6,0,0,0,1, // Acct Status Type = Start 45,6,0,0,0,1, // Acct RADIUS Authenticated - 44,2+strlen($sessionid),$sessionid, // Acct Session ID - 8,6,$ip_exp[0],$ip_exp[1],$ip_exp[2],$ip_exp[3] //Framed-IP-Address + 44,2+strlen($sessionid),$sessionid // Acct Session ID ); if($debug) { @@ -131,14 +114,12 @@ function RADIUS_ACCOUNTING_START($username,$sessionid,$radiusip,$radiusport,$rad else $retvalue = ord($readdata) ; - syslog(LOG_INFO,"Sent Accounting-Request Start packet to RADIUS for $username"); - return $retvalue ; // 5 -> Accounting-Response // See RFC2866 for this. } -function RADIUS_ACCOUNTING_STOP($ruleno,$username,$sessionid,$start_time,$radiusip,$radiusport,$radiuskey,$clientip) { +function RADIUS_ACCOUNTING_STOP($ruleno,$username,$sessionid,$start_time,$radiusip,$radiusport,$radiuskey) { $sharedsecret=$radiuskey ; # $debug = 1 ; @@ -165,14 +146,6 @@ function RADIUS_ACCOUNTING_STOP($ruleno,$username,$sessionid,$start_time,$radius /* set 5 second timeout on socket i/o */ stream_set_timeout($fd, 5) ; - $nas_ip_address=get_current_wan_address(); - - if(!isset($clientip)) { - //if there's no client ip, we'll need to use the NAS ip - $clientip=get_current_wan_address(); - } - $ip_exp=explode(".",$clientip); - if ($debug) echo "<br>radius-port: $radiusport<br>radius-host: $radiusip<br>username: $username<hr>\n"; @@ -193,13 +166,11 @@ function RADIUS_ACCOUNTING_STOP($ruleno,$username,$sessionid,$start_time,$radius 6+ // input bytes 6+ // input packets 6+ // output bytes - 6+ // output packets - 2+strlen($nas_ip_address)+ //Called-Station-ID - 2+strlen($clientip); //Calling-Station-ID + 6; // output packets // v v v v v v v v v 1 1 1 1 1 1 1 v // Line # 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 E - $data=pack("CCCCNNNNCCCCCCCCa*CCa*CCCCCCCCCCCCCCCCCCCCCCCCCCa*CCNCCNCCNCCNCCNCCNCCa*CCa*", + $data=pack("CCCCNNNNCCCCCCCCa*CCa*CCCCCCCCCCCCCCCCCCCCCCCCCCa*CCNCCNCCNCCNCCNCCN", 4,$thisidentifier,$length/256,$length%256, // header 0,0,0,0, // authcode 6,6,0,0,0,1, // service type @@ -215,9 +186,7 @@ function RADIUS_ACCOUNTING_STOP($ruleno,$username,$sessionid,$start_time,$radius 42,6,$input_bytes, // Input Octets 47,6,$input_pkts, // Input Packets 43,6,$output_bytes, // Output Octets - 48,6,$output_pkts, // Output Packets - 30,2+strlen($nas_ip_address),$nas_ip_address, //Called-Station-ID - 31,2+strlen($clientip),$clientip //Calling-Station-ID + 48,6,$output_pkts // Output Packets ); /* Generate Accounting Request Authenticator */ @@ -225,7 +194,7 @@ function RADIUS_ACCOUNTING_STOP($ruleno,$username,$sessionid,$start_time,$radius // v v v v v v v v v 1 1 1 1 1 1 1 v // Line # 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 E - $data=pack("CCCCH*CCCCCCCCa*CCa*CCCCCCCCCCCCCCCCCCCCCCCCCCa*CCNCCNCCNCCNCCNCCNCCa*CCa*", + $data=pack("CCCCH*CCCCCCCCa*CCa*CCCCCCCCCCCCCCCCCCCCCCCCCCa*CCNCCNCCNCCNCCNCCN", 4,$thisidentifier,$length/256,$length%256, // header $RA, // authcode 6,6,0,0,0,1, // service type @@ -241,9 +210,7 @@ function RADIUS_ACCOUNTING_STOP($ruleno,$username,$sessionid,$start_time,$radius 42,6,$input_bytes, // Input Octets 47,6,$input_pkts, // Input Packets 43,6,$output_bytes, // Output Octets - 48,6,$output_pkts, // Output Packets - 30,2+strlen($nas_ip_address),$nas_ip_address, //Called-Station-ID - 31,2+strlen($clientip),$clientip //Calling-Station-ID + 48,6,$output_pkts // Output Packets ); if($debug) { @@ -267,8 +234,6 @@ function RADIUS_ACCOUNTING_STOP($ruleno,$username,$sessionid,$start_time,$radius else $retvalue = ord($readdata) ; - syslog(LOG_INFO,"Sent Accounting-Request Stop packet to RADIUS for $username"); - return $retvalue ; // 5 -> Accounting-Response // See RFC2866 for this. |
