Mac Authentication - what happens after session timeout
Gunther Mayer
gunther.mayer at googlemail.com
Fri May 9 12:24:15 UTC 2008
lc wrote:
> Hi,
>
> Why does coova-chilli (SVN 167) not retry a mac-authentication after a
> mac-authenticated session has timed out (or was manually closed)?
> Only when the client removes his DHCP connection (during an active
> session) and reestablishes it later chilli tries again to
> mac-authenticate him.
>
> Is this a bug? If it isn't, what are the thoughts behind this behavior?
As far as I can tell from the code the mac authentication (be it through
radius or locally) only happens during establishment of the dhcp
connection. Once the connection has been initiated no re-authentication
occurs so what you observe seems consistent.
To answer your question, I do think that's a bug, I just don't know how
that could be solved as mac-authenticated clients don't explicitly
trigger any sorts of events, i.e. no user interaction happens for
authentication, other than the initial dhcp request. Triggering a radius
auth for every packet that gets routed to the Internet perhaps? But that
might be way too inefficient...
Gunther
More information about the Chilli
mailing list