| [ < ] | [ > ] | [ << ] | [ Up ] | [ >> ] | [Top] | [Contents] | [Index] | [ ? ] |
Let's suppose we further modify our filter to also handle accounting requests. To discern between the authentication and accounting requests we'll prefix each authentication request with the word `auth' and each accounting request with the word `acct'. Furthermore, the input line for accounting requests will contain a timestamp.
Now, our filter program will look as follows:
#! /bin/sh
AUTH_DB=/var/db/userlist
ACCT_DB=/var/db/acct.db
while read CODE NAME CLID DATE
do
case CODE
auth)
if grep "$1:$2" $DB; then
echo "0 Service-Type = Login, \
Session-Timeout = 1200"
else
echo "1 Reply-Message = \
\"You are not authorized to log in\""
fi
acct)
echo "$CODE $NAME $CLID $DATE" >> $ACCT_DB
done
|
Its declaration in the `raddb/config' will also change:
filter check_clid {
exec-path "/usr/libexec/myfilter";
error-log "myfilter.log";
auth {
input-format "auth %C{User-Name}
%C{Calling-Station-Id}";
wait-reply yes;
};
acct {
input-format "acct %C{User-Name}
%C{Calling-Station-Id} %D";
wait-reply no;
};
};
|
(The input-format lines are split for readability. Each of them
is actually one line).
Notice wait-reply no in the acct statement. It
tells radiusd that it shouldn't wait for the response on
accounting requests from the filter.