2011-08-31 - Re: [GRASE-Hotspot] #28: Ability to disconnect active users

Header Data

From: GRASE Trac <tr***c@grasehotspot.org>
Message Hash: e65e44d8059695ce09a71bc13c4f45a3781e0717dbd0af5658ff16147796b751
Message ID: <054.01cb08f82d3bd2ff92474ed741016504@grasehotspot.org>
Reply To: <039.5e18fd7a4afd41d2f802d1253796c0a9@grasehotspot.org>
UTC Datetime: 2011-08-31 15:41:13 UTC
Raw Date: Wed, 31 Aug 2011 22:41:13 -0000

Raw message 

#28: Ability to disconnect active users
------------------------------+---------------------------------------------
  Reporter:  tim              |       Owner:  tim                                 
      Type:  enhancement      |      Status:  new                                 
  Priority:  major            |   Milestone:  4.0                                 
 Component:  Admin Interface  |     Version:  3.4                                 
Resolution:                   |    Keywords:  coaport, disconnect, active, session
------------------------------+---------------------------------------------
Description changed by tim:

Old description:

> Coova Chilli provides the ability to disconnect a session via the
> coaport. We need to make this usable from the web interface.
>
> The following is from the mailing list, maybe we can make it more secure
> than this?
>
> >1. first edit /etc/init.d/chilli to add listen port for disconnect
> packet by adding the line
> >DAEMON_ARGS="--coaport 3779"
> >
> >so the first line would be like this:
> >#! /bin/sh
> >PATH=/sbin:/bin:/usr/sbin:/usr/bin
> >DAEMON=/usr/sbin/chilli
> >NAME=chilli
> >DESC=chilli
> >DAEMON_ARGS="--coaport 3779"
> >
> >2. add coaport on /etc/chilli/hs.conf or in
> >
> ># TAG COA Port
> >coaport 3779
> >
> >3. restart chilli
> >
> >4. Don't forget to add sudo line to allow www-data permission on
> /etc/sudoers
> >www-data ALL=NOPASSWD:/bin/echo
> >www-data ALL=NOPASSWD:/usr/bin/radclient
> >
> >
> >5. test it first, try execute this in shellcommand
> >echo "User-Name=username" | radclient -x 127.0.0.1:3779 disconnect
> yourradiussecret
> >
> >username is the username who want you kick out from grase.
> >yourradiussecret is radius secret, if u did not change it, the deflaut
> from grase is >hotspotradius
> >
> >6. or u can use php sript. (example)
> >$shell_command='sudo /bin/echo "User-Name='.kevin.'" |
> /usr/bin/radclient -x 127.0.0.1:3779 >disconnect hotspotradius ';
> >$output = shell_exec($shell_command);
> >
> >

New description:

 Coova Chilli provides the ability to disconnect a session via the coaport.
 We need to make this usable from the web interface.

 The following is from the mailing list, maybe we can make it more secure
 than this? Sudo shouldn't be needed for radclient.

 >1. first edit /etc/init.d/chilli to add listen port for disconnect packet
 by adding the line
 >DAEMON_ARGS="--coaport 3779"
 >
 >so the first line would be like this:
 >#! /bin/sh
 >PATH=/sbin:/bin:/usr/sbin:/usr/bin
 >DAEMON=/usr/sbin/chilli
 >NAME=chilli
 >DESC=chilli
 >DAEMON_ARGS="--coaport 3779"
 >
 >2. add coaport on /etc/chilli/hs.conf or in
 >
 ># TAG COA Port
 >coaport 3779
 >
 >3. restart chilli
 >
 >4. Don't forget to add sudo line to allow www-data permission on
 /etc/sudoers
 >www-data ALL=NOPASSWD:/bin/echo
 >www-data ALL=NOPASSWD:/usr/bin/radclient
 >
 >
 >5. test it first, try execute this in shellcommand
 >echo "User-Name=username" | radclient -x 127.0.0.1:3779 disconnect
 yourradiussecret
 >
 >username is the username who want you kick out from grase.
 >yourradiussecret is radius secret, if u did not change it, the deflaut
 from grase is >hotspotradius
 >
 >6. or u can use php sript. (example)
 >$shell_command='sudo /bin/echo "User-Name='.kevin.'" | /usr/bin/radclient
 -x 127.0.0.1:3779 >disconnect hotspotradius ';
 >$output = shell_exec($shell_command);
 >
 >

--

-- 
Ticket URL: <http://trac.grasehotspot.org/ticket/28#comment:1>
GRASE Hotspot <http://grasehotspot.org/>
GRASE Hotspot bug tracker

Thread