Re: pre-proxy programme
Mark Supersonik [EMAIL PROTECTED] wrote: Please, look at the fact that we speak about DOMAINS quota, but not users quota. That doesn't really matter. You made it clear you're trying to cancel the proxy decision AFTER you made it. That's what's causing the problem. My comments were trying to get you to NOT make the proxy decision in the first place. The roaming users are authenticated by the authserv oh his domain (WISP). So, apart from the users quota (which doesn't affect us because the remote authserv does this work for us), there is a WISP quota, WISPs prepay to proxy a volume of resources, and we, the setlement part (proxy), must detemrine if before all want to permite this authorization That changes nothing of what I said. My solution still applies. My solution was based on general design principles, not on knowing the detail of who has what quota. As a result, my solution works in many situations, whereas other solutions may not. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: pre-proxy programme
Sorry, I can't understand it If we want to look first if a WISP has enough prepaid, is not the more consistent way to look into our local MySQL and reject or forward the petition in the pre-proxy stage? It's innecessary forward the petition (in order to accept or reject from the reply) if we then concern about the roamed WISP hasn't qouta! We want to save network resources... We are trying to put rlm_exec in pre-proxy, executing a script which looks if the domain has quota, and if so, returns 0; if not, returns 1 to cause the reject by the proxy. Is it a good solution, isn't? Thank for your interest in this so much, really Alan... From: Alan DeKok [EMAIL PROTECTED] Reply-To: FreeRadius users mailing list freeradius-users@lists.freeradius.org To: FreeRadius users mailing list freeradius-users@lists.freeradius.org Subject: Re: pre-proxy programme Date: Fri, 07 Apr 2006 01:48:42 -0400 Mark Supersonik [EMAIL PROTECTED] wrote: Please, look at the fact that we speak about DOMAINS quota, but not users quota. That doesn't really matter. You made it clear you're trying to cancel the proxy decision AFTER you made it. That's what's causing the problem. My comments were trying to get you to NOT make the proxy decision in the first place. The roaming users are authenticated by the authserv oh his domain (WISP). So, apart from the users quota (which doesn't affect us because the remote authserv does this work for us), there is a WISP quota, WISPs prepay to proxy a volume of resources, and we, the setlement part (proxy), must detemrine if before all want to permite this authorization That changes nothing of what I said. My solution still applies. My solution was based on general design principles, not on knowing the detail of who has what quota. As a result, my solution works in many situations, whereas other solutions may not. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html _ Descubre la descarga digital con MSN Music. Más de un millón de canciones. http://music.msn.es/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: pre-proxy programme
Mark Supersonik [EMAIL PROTECTED] wrote: If we want to look first if a WISP has enough prepaid, is not the more consistent way to look into our local MySQL and reject or forward the petition in the pre-proxy stage? sigh Did you read and understand my previous two messages? We are trying to put rlm_exec in pre-proxy, executing a script which looks if the domain has quota, and if so, returns 0; if not, returns 1 to cause the reject by the proxy. Is it a good solution, isn't? Did you miss the part in my previous two messages where I said this wasn't a good solution? Or do you not believe the answers I gave? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
pre-proxy programme
I know, I know, I'm very tedious How can we programme the pre-proxy stage of a freeRADIUS proxy PC in order to reject the request if the domain of the user doesn't have quota (in a proxy's MySQL database table) ? I've been looking for two days the answer: a) rlm_exec module in a pre-proxy stage returning exit 1 if a local MySQL query doen't return positive quota. -- PROBLEM: No way of return a REPLY-Message with the termination cause b) our own module rlm_X from rlm_example -- PROBLEM: return to my C acknowledgements and back to compiling, buff ... c) Trying to do in some way a mapping between a realm and 2 authservs (1 is local mysql) and get the authentication from a AND function of both answers. Isn't there a better solution Please help us, we can't find much clear information about freeradius, neither in the Wiki! _ Un amor, una aventura, compañía para un viaje. Regístrate gratis en MSN Amor Amistad. http://match.msn.es/match/mt.cfm?pg=channeltcid=162349 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: pre-proxy programme
Mark Supersonik [EMAIL PROTECTED] wrote: How can we programme the pre-proxy stage of a freeRADIUS proxy PC in order to reject the request if the domain of the user doesn't have quota (in a proxy's MySQL database table) ? Why are you doing this in the preproxy stage? Why not make the server avoid proxying completely if the user is over quota? Look at he place in your configuration where it tells the server to proxy the request, and then add AND the quota is OK. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: pre-proxy programme
Please, look at the fact that we speak about DOMAINS quota, but not users quota. The roaming users are authenticated by the authserv oh his domain (WISP). So, apart from the users quota (which doesn't affect us because the remote authserv does this work for us), there is a WISP quota, WISPs prepay to proxy a volume of resources, and we, the setlement part (proxy), must detemrine if before all want to permite this authorization [access WISP]--[PROXY]--[Home WISP] | (user from Home WISP) From: Alan DeKok [EMAIL PROTECTED] Reply-To: FreeRadius users mailing list freeradius-users@lists.freeradius.org To: FreeRadius users mailing list freeradius-users@lists.freeradius.org Subject: Re: pre-proxy programme Date: Thu, 06 Apr 2006 12:02:36 -0400 Mark Supersonik [EMAIL PROTECTED] wrote: How can we programme the pre-proxy stage of a freeRADIUS proxy PC in order to reject the request if the domain of the user doesn't have quota (in a proxy's MySQL database table) ? Why are you doing this in the preproxy stage? Why not make the server avoid proxying completely if the user is over quota? Look at he place in your configuration where it tells the server to proxy the request, and then add AND the quota is OK. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html _ ¿Estás pensando en cambiar de coche? Todas los modelos de serie y extras en MSN Motor. http://motor.msn.es/researchcentre/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html