CHECKRAD(5) File Formats Manual CHECKRAD(5)NAME
checkrad -- See if a user is (still) logged in on a certain port.
SYNOPSIS
checkrad [-d] nas-type nas-ip nas-port login session-id
DESCRIPTION
Checkrad is used by the radius server to check if its idea of a user logged in on a certain port/NAS is correct if a double login is
detected.
Returns: 0 = no duplicate, 1 = duplicate, >1 = error.
OPTIONS -d Enable printing of debugging informations.
nas-type
Type of port/NAS. Can be one of:
o ascend
o bay
o cisco
o cisco_l2tp
o computone
o cvx
o digitro
o dot1x
o livingston
o max40xx
o mikrotik
o mikrotik_snmp
o multitech
o netserver
o other
o pathras
o patton
o portslave
o pr3000
o pr4000
o redback
o tc
o usrhiper
o versanet
The "other" type cause checkrad to skip any check and always returns 1.
nas-ip IP address of the NAS to check.
nas-port
The NAS port to check (may be ignored by some nas-type).
login The login name to check.
session-id
Session to check. (actually ignored by all nas-type)
SEE ALSO radiusd(8)AUTHOR
Written by Miquel van Smoorenburg, miquels@cistron.nl.
This manual page was written by Marco Nenciarini <mnencia@debian.org> for the Debian project (but may be used by others).
13 January 2006 CHECKRAD(5)
Check Out this Related Man Page
RADWHO(1) FreeRADIUS Daemon RADWHO(1)NAME
radwho - show online users
SYNOPSIS
radwho [-c] [-d raddb_directory] [-F radutmp_file] [-i] [-n] [-N nas_ip_address] [-p] [-P nas_port] [-r] [-R] [-s] [-S] [-u user] [-U user]
[-Z]
DESCRIPTION
The FreeRADIUS server can be configured to maintain an active session database in a file called radutmp. This utility shows the content of
that session database.
OPTIONS -c Shows caller ID (if available) instead of the full name.
-d raddb_directory
The directory that contains the RADIUS configuration files. Defaults to /etc/raddb.
-F radutmp_file
The file that contains the radutmp file. If this is specified, -d is not necessary.
-i Shows the session ID instead of the full name.
-n Normally radwho looks up the username in the systems password file, and shows the full username as well. The -n flags prevents this.
-N nas_ip_address
Show only those entries which match the given NAS IP address.
-p Adds an extra column for the port type - I for ISDN, A for Analog.
-P nas_port
Show only those entries which match the given NAS port.
-r Outputs all data in raw format - no headers, no formatting, fields are comma-separated.
-R Output all data in RADIUS attribute format. All fields are printed.
-s Show full name.
-S Hide shell users. Doesn't show the entries for users that do not have a SLIP or PPP session.
-u user
Show only those entries which match the given username (case insensitive).
-U user
Show only those entries which match the given username (case sensitive).
-Z When combined with -R, prints out the contents of an Accounting-Request packet which can be passed to radclient, in order to "zap"
that users session from radutmp.
For example,
$ radwho -ZRN 10.0.0.1 | radclient -f - radius.example.net acct testing123
will result in all an Accounting-Request packet being sent to the RADIUS server, which tells the server that the NAS rebooted. i.e. It
"zaps" all of the users on that NAS.
To "zap" one user, specifiy NAS, username, and NAS port:
$ radwho -ZRN 10.0.0.1 -u user -P 10 | radclient -f - radius.example.net acct testing123
Other combinations are also possible.
SEE ALSO radiusd(8), radclient(1), radiusd.conf(5).
AUTHOR
Miquel van Smoorenburg, miquels@cistron.nl.
17 Feb 2013 RADWHO(1)