[isf-wifidog] My own auth server

daniel at port.as daniel at port.as
Dim 25 Juil 01:28:53 EDT 2010


This may seem a bit odd, but you cannot directly disconnect a user (well, not easily at least). What is usually done is to deny authorization to the user you want to disconnect the next time the authentication server is executed. That is, your authentication server code is run by the gateway (via an http request) every AUTH_CHECK_INTERVAL (whatever you configured on the gateway), one for each current user in the gateway and it passes the users token, mac, etc. in the query string (in PHP $_GET) . The gateway will take the output of your authentication server looking for particular messages.  So to disconnect a user, you print the string "Auth: ACCOUNT_STATUS_DENIED" when the auth server is executed for the user you want disconnect. So the user will not be disconnected right away but no longer than AUTH_CHECK_INTERVAL. If that's too long, you can reduce this interval or you will have to write code that will directly change the iptables on the gateway router.


I hope this helps. 

Jul 23, 2010 04:52:52 AM, wifidog at listes.ilesansfil.org wrote:

===========================================

      Hello. I've written my own auth server for a demo, and I have one    thing left to do.
    
    Basically, I need an admin control panel, where the administrator    can see all the logged on users, and click a button to disconnect a    particular one. I have read through the help forums, etc, and I saw    something about a wifidog/disconnect command, but if I run it,    whatever token/mac/ip I use, it disconnects the person running the    command.
    
    I tried this:
    
    http://:2060/wifidog/auth?logout=1&mac=token=    but that didn't seem to want to work...
    
    Is there a way for me to disconnect a user, if I have their mac    address, ip and there token (as I store them in a database atm)
    
    Thanks for any help you could give me.
    
    
    -- 
      
 
      
Chris                Tate-Davies
      
Software                  Development 
                Inflight                Productions Ltd
                Telephone: 01295 269 680
                15 Stukeley Street |                London | WC2B 5LT
              Email:                chris.tatedavies at inflightproductions.com
              Web:                www.inflightproductions.com
      
 
      

      
      					
Registered Office: 15 Stukeley Street, London WC2B 5LT, England. Registered in England number 1421223		
		
This message is for the designated recipient only and may 		contain privileged, proprietary, or otherwise private information. If you have 		received it in error, please notify the sender immediately and delete the 		original. Any other use of the email by you is prohibited. Please note that the 		information provided in this e-mail is in any case not legally binding; all 		committing statements require legally binding signatures.		
		
http://www.inflightproductions.com	

_______________________________________________
WiFiDog mailing list
WiFiDog at listes.ilesansfil.org
http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog


More information about the WiFiDog mailing list