Sinefa probes can be configured to receive IP -> username mappings from RADIUS servers or devices authenticating using RADIUS servers.
You will need to be able to run a script on this device whenever a user authenticates and send those details to the Sinefa probe.
Sinefa probes can be configured to listen for update to IP -> username mappings over HTTP. This feature is NOT enabled by default, please contact us here to have it enabled on your account.
Once enabled, your script should send IP -> username mappings as follows:
HTTP GET http://<ip of probe>:7395/<username>@@<ip>
An example using curl would look something like this:
curl http://192.168.0.10:7395/tony@@192.168.0.123
This example sends the mapping for user "tony" with IP "192.168.0.123" to the Sinefa probe running on 192.168.0.10.
---
Example Bash script for RADIUS:
#!/bin/bash
probe_ip="1.2.3.4"
username=`echo ${USER_NAME} | tr -d '"'`
ip=`echo ${FRAMED_IP_ADDRESS}`
curl "http://${probe_ip}:7395/${username}@@${ip}"
exit 0
Example script to add towards the end of the 'accounting' section in FreeRADIUS config:
accounting {
...
if (Acct-Status-Type == Start) {
update reply {
Tmp-String-0 = "%{exec:FULL_PATH_TO_SCRIPT}"
}
}
}
Comments
0 comments
Please sign in to leave a comment.