[OpenSER-Users] How to avoid malicious BYE that update accounting "StopTime"?
Norman Brandinger
norm at goes.com
Fri Feb 8 18:34:31 CET 2008
RADIUS:
sql.conf or whatever you call it:
<snip>
WHERE acctsessionid = '%{Acct-Session-Id}' \
AND acctuniqueid = '%{Acct-Unique-Session-Id}' \
AND username = '%{SQL-User-Name}' \
AND nasipaddress = '%{NAS-IP-Address}'"
</snip>
AND acctstoptime = 0
Norm
Patrick Miccio wrote:
> I guess he means to set acctstoptime = 0 in the DB, and if that value is changed then to not allow a new update.
>
> -> only allow update if acctstoptime = 0
>
> cheers,
>
> Patrick.
>
>
>
>> On Friday 08 February 2008 17:28:40 Norman Brandinger wrote:
>>
>>> Perhaps modifying the RADIUS update query so that acctstoptime = 0
>>> before an update is allowed would help.
>>>
>> Sorry, I don't understand what you mean, could you explain it please? Thanks a
>> lot.
>>
>>
>> --
>> Iñaki Baz Castillo
>> ibc at in.ilimit.es
>>
>> _______________________________________________
>> Users mailing list
>> Users at lists.openser.org
>> http://lists.openser.org/cgi-bin/mailman/listinfo/users
>>
>
>
> This e-mail is confidential and may well also be legally privileged. If you have received it in error, you are on notice of its status. Please notify us immediately by reply e-mail and then delete this message from your system. Please do not copy it or use it for any purposes, or disclose its contents to any other person: to do so could be a breach of confidence. Thank you for your cooperation.
> Information pursuant to paragraph 14 Austrian Companies Code: UPC Austria GmbH; Registered Office: Wolfganggasse 58-60, 1120 Vienna Company Register Number: FN 189858d at the Commercial Court of Vienna
>
> _______________________________________________
> Users mailing list
> Users at lists.openser.org
> http://lists.openser.org/cgi-bin/mailman/listinfo/users
>
More information about the Users
mailing list