> -----Original Message----- > From: Berk D. Demir [mailto:[EMAIL PROTECTED] > Sent: Wednesday, October 01, 2003 12:13 > To: [EMAIL PROTECTED] > Cc: [EMAIL PROTECTED] > Subject: new feature patch for rlm_ippool: reject-on-drain > > > Hi, > > rlm_ippool return NOOP when there are no available addresses in the > pool. > We considered using server side ip pool mgmt to simulate Group based > Simultaneous-Use enforcement. > > This patch adds the ability to send Access-Reject in the post-auth > section to rlm_ippool with a boolean parameter > "reject-on-drain" in case > there are no available addresses in the pool. > > Possible use case: > > In a scenario where a backbone provider gives virtual ISP service. The > agreement is generally on simultaneous use of port capacity basis. For > example maximum 1024 simultaneous connections nation-wide. > > This scenario holds at least for one ISP on the planet, the one that I > work for :) > > Patches are below. > The first one is relative to 0.9.1 release and the latter is > relative to > the current CVS tree. > > They're also reachable from the URLs below > http://mindcast.org/~bdd/freeradius/freeradius-0.9.1-rlm_ippoo > l-reject_on_drain.patch > http://mindcast.org/~bdd/freeradius/freeradius-CVS_current-rlm _ippool-reject_on_drain.patch > > -------------------[ relative to 0.9.1 > ]------------------------------- > > diff -urN freeradius-0.9.1.orig/raddb/radiusd.conf.in > freeradius-0.9.1/raddb/radiusd.conf.in > --- freeradius-0.9.1.orig/raddb/radiusd.conf.in > 2003-08-26 15:25:40.000000000 +0300 > +++ freeradius-0.9.1/raddb/radiusd.conf.in 2003-10-01 > 10:18:43.748129000 +0300 > @@ -1330,6 +1330,10 @@ > > # override: Will this ippool override a > Framed-IP-Address already set > override = no > + > + # reject-on-drain: Will we return an > Access-Reject packet in case > + # there are no available addresses in the pool > + reject-on-drain = no > } > > # ANSI X9.9 token support. Not included by default. > diff -urN > freeradius-0.9.1.orig/src/modules/rlm_ippool/rlm_ippool.c > freeradius-0.9.1/src/modules/rlm_ippool/rlm_ippool.c > --- freeradius-0.9.1.orig/src/modules/rlm_ippool/rlm_ippool.c > 2003-07-14 20:29:30.000000000 +0300 > +++ freeradius-0.9.1/src/modules/rlm_ippool/rlm_ippool.c > 2003-10-01 10:17:34.770721000 +0300 > @@ -85,6 +85,7 @@ > uint32_t netmask; > int cache_size; > int override; > + int reject_on_drain; > GDBM_FILE gdbm; > GDBM_FILE ip; > pthread_mutex_t session_mutex; > @@ -119,6 +120,7 @@ > { "netmask", PW_TYPE_IPADDR, > offsetof(rlm_ippool_t,netmask), NULL, "0" }, > { "cache-size", PW_TYPE_INTEGER, > offsetof(rlm_ippool_t,cache_size), NULL, "1000" }, > { "override", PW_TYPE_BOOLEAN, > offsetof(rlm_ippool_t,override), NULL, "no" }, > + { "reject-on-drain", PW_TYPE_BOOLEAN, > offsetof(rlm_ippool_t,reject_on_drain), NULL, "no" }, > { NULL, -1, 0, NULL, NULL } > }; > > @@ -667,7 +669,10 @@ > } > else{ > DEBUG("rlm_ippool: No available ip addresses in pool."); > - return RLM_MODULE_NOOP; > + if(data->reject_on_drain) > + return RLM_MODULE_REJECT; > + else > + return RLM_MODULE_NOOP; > } > > return RLM_MODULE_OK; > > -------------------[ relative to 0.9.1 > ]------------------------------- > > -------------------[ relative to current > ]----------------------------- > > Index: raddb/radiusd.conf.in > =================================================================== > RCS file: /source/radiusd/raddb/radiusd.conf.in,v > retrieving revision 1.157 > diff -u -r1.157 radiusd.conf.in > --- raddb/radiusd.conf.in 30 Sep 2003 16:36:34 -0000 1.157 > +++ raddb/radiusd.conf.in 1 Oct 2003 07:43:06 -0000 > @@ -1436,6 +1436,10 @@ > > # override: Will this ippool override a > Framed-IP-Address already set > override = no > + > + # reject-on-drain: Will we return an > Access-Reject packet in case > + # there are no available addresses in the pool > + reject-on-drain = no > } > > # ANSI X9.9 token support. Not included by default. > Index: src/modules/rlm_ippool/rlm_ippool.c > =================================================================== > RCS file: /source/radiusd/src/modules/rlm_ippool/rlm_ippool.c,v > retrieving revision 1.24 > diff -u -r1.24 rlm_ippool.c > --- src/modules/rlm_ippool/rlm_ippool.c 23 Sep 2003 > 13:59:59 -0000 1.24 > +++ src/modules/rlm_ippool/rlm_ippool.c 1 Oct 2003 > 07:43:06 -0000 > @@ -95,6 +95,7 @@ > uint32_t netmask; > int cache_size; > int override; > + int reject_on_drain; > GDBM_FILE gdbm; > GDBM_FILE ip; > pthread_mutex_t op_mutex; > @@ -129,6 +130,7 @@ > { "netmask", PW_TYPE_IPADDR, > offsetof(rlm_ippool_t,netmask), NULL, "0" }, > { "cache-size", PW_TYPE_INTEGER, > offsetof(rlm_ippool_t,cache_size), NULL, "1000" }, > { "override", PW_TYPE_BOOLEAN, > offsetof(rlm_ippool_t,override), NULL, "no" }, > + { "reject-on-drain", PW_TYPE_BOOLEAN, > offsetof(rlm_ippool_t,reject_on_drain), NULL, "no" }, > { NULL, -1, 0, NULL, NULL } > }; > > @@ -789,7 +791,10 @@ > else{ > pthread_mutex_unlock(&data->op_mutex); > DEBUG("rlm_ippool: No available ip addresses in pool."); > - return RLM_MODULE_NOOP; > + if(data->reject_on_drain) > + return RLM_MODULE_REJECT; > + else > + return RLM_MODULE_NOOP; > } > > return RLM_MODULE_OK; > > -------------------[ relative to current > ]----------------------------- > >
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html