This is an old revision of the document!

Manual authorization status handling

Manual setting/resetting of subscriber authorization status is sometimes required. It can be done using the fdpi_ctrl utility:

   # To set the "authorized" authorization state (the Access-Accept analogue):
fdpi_ctrl load --auth=1 --ip=192.168.10.1
   # an analogue for IPv6
fdpi_ctrl load --auth=1 --ip=2001:dead::/64

   # To set the "unauthorized" authorization state (the Access-Reject analogue):
fdpi_ctrl load --auth=0 --ip=192.168.10.1
   # an analogue for IPv6
fdpi_ctrl load --auth=0 --ip=2001:dead::/64

   # To view the current state of subscriber's authorization:
fdpi_ctrl list --auth --ip=192.168.10.1
fdpi_ctrl list --auth --ip=2001:dead::/64

To reset the current authorization state use the following command:

   # To reset the current subscriber's authorization state
fdpi_ctrl del --auth --ip=192.168.10.1
fdpi_ctrl del --auth --ip=2001:dead::/64

After resetting the state the first packet received from the subscriber will result in sending an authorization request to the Radius server.

When you set the authorization status you are allowed to specify the time (in seconds) within which this status will be valid:

   # To set the "authorized" authorization state for 10 minutes:
fdpi_ctrl load --auth=1 --ip=192.168.10.1 --timeout=600

By default, the lifetime of authorization is set by the auth_expired_timeout option.

««« BRAS

Show pagesource Old revisions Backlinks

Profile

Settings

Manual authorization status handling