[isf-wifidog] Dynamic Abuse Control

[Benoit Grégoire]

On July 29, 2009, Dave Lamb wrote:
> I would just like to make sure I'm interpreting this correctly, so please
> correct me if I'm wrong:
>
> If I set the Abuse Control window to "1 Day"
> and I set the Network Max Connection Duration to "24:00:00"
>
> After 24 hours the user account should be disconnected, but the user should
> be able to log back in right away, correct?

Well, not really.  The 24 hours is a sliding window, so if you set the maximum 
at the exact same amount as the limit. the user may or may not reach the limit 
depending on the exact compare in the code, and the exact moment the gateway 
reports to the auth server.

Basically that's really not what what dynamic abuse control is for.

> Basically, I see that I haven't had this setup, so any account that got
> logged in, stayed logged in in the "Connected Users" page.  I'd like to
> disconnect those so that accounts time out, and I'd like to force uses to
> sign back in after 24 hours to ensure that a Live user is connected.  But I
> don't want them to have any downtime.  Am I going about this correctly?
>
> Basically, I'd like it to work like at a hotel. Users signs up for 24 hours
> of service, and at the end of 24 hours they're asked to sign in again.

That use case was planned in the token architecture (you'd set the server to 
emit tokens with a 24h validity).  Unfortunately, implement of the token 
architecture hasn't really begun.

-- 
Benoit Grégoire