Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

radzap(1) [debian man page]

RADZAP(1)							 FreeRadius Daemon							 RADZAP(1)

NAME

       radzap - remove rogue entries from the active sessions database

SYNOPSIS

       radzap [-d raddb_directory] [-h] [-N nas_ip_address] [-P nas_port] [-u user] [-U user] [-x] server[:port] secret

DESCRIPTION

       The  FreeRadius	server can be configured to maintain an active session database in a file called radutmp. Commands like radwho(1) use this
       database. Sometimes that database can get out of sync, and then it might contain rogue entries. radzap can clean up this database.

       As of FreeRADIUS 1.1.0, radzap is a simple shell-script wrapper around radwho(1) and radclient(1).

       The sessions are "zapped" by sending an Accounting-Request packet which contains the information necessary for the  server  to  delete  the
       session	record.   radzap  sends a packet to the server, rather than writing to radutmp directly, because session records may also be main-
       tained in SQL.

OPTIONS

       -d raddb_directory
	      The directory that contains the RADIUS configuration files.  radzap reads radiusd.conf to determine  the	location  of  the  radutmp
	      file.

       -h     Print usage help information.

       -N nas_ip_address
	      Zap the entries which match the given NAS IP address.

       -P nas_port
	      Zap the entries which match the given NAS port.

       -u user
	      Zap the entries which match the given username (case insensitive).

       -U user
	      Zap the entries which match the given username (case sensitive).

       -x     Enable debugging output.

       server[:port]
	      The  hostname  or IP address of the remote server. Optionally a UDP port can be specified. If no UDP port is specified, it is looked
	      up in /etc/services. The service name looked for is radacct for accounting packets, and radius for all other requests. If a  service
	      is not found in /etc/services, 1813 and 1812 are used respectively.

       secret The  shared  secret  for	this client.  It needs to be defined on the radius server side too, for the IP address you are sending the
	      radius packets from.

SEE ALSO

       radwho(1), radclient(1), radiusd(8), radiusd.conf(5).

AUTHOR

       Alan DeKok <aland@ox.org>

								   8 April 2005 							 RADZAP(1)

Check Out this Related Man Page

RADWHO(1)							 FreeRADIUS Daemon							 RADWHO(1)

NAME

       radwho - show online users

SYNOPSIS

       radwho [-c] [-d raddb_directory] [-F radutmp_file] [-i] [-n] [-N nas_ip_address] [-p] [-P nas_port] [-r] [-R] [-s] [-S] [-u user] [-U user]
       [-Z]

DESCRIPTION

       The FreeRADIUS server can be configured to maintain an active session database in a file called radutmp. This utility shows the content	of
       that session database.

OPTIONS

       -c     Shows caller ID (if available) instead of the full name.

       -d raddb_directory
	      The directory that contains the RADIUS configuration files. Defaults to /etc/raddb.

       -F radutmp_file
	      The file that contains the radutmp file.	If this is specified, -d is not necessary.

       -i     Shows the session ID instead of the full name.

       -n     Normally radwho looks up the username in the systems password file, and shows the full username as well. The -n flags prevents this.

       -N nas_ip_address
	      Show only those entries which match the given NAS IP address.

       -p     Adds an extra column for the port type - I for ISDN, A for Analog.

       -P nas_port
	      Show only those entries which match the given NAS port.

       -r     Outputs all data in raw format - no headers, no formatting, fields are comma-separated.

       -R     Output all data in RADIUS attribute format.  All fields are printed.

       -s     Show full name.

       -S     Hide shell users. Doesn't show the entries for users that do not have a SLIP or PPP session.

       -u user
	      Show only those entries which match the given username (case insensitive).

       -U user
	      Show only those entries which match the given username (case sensitive).

       -Z     When  combined  with -R, prints out the contents of an Accounting-Request packet which can be passed to radclient, in order to "zap"
	      that users session from radutmp.

       For example,

	      $ radwho -ZRN 10.0.0.1 | radclient -f - radius.example.net acct testing123

       will result in all an Accounting-Request packet being sent to the RADIUS server, which tells the server that the  NAS  rebooted.   i.e.	It
       "zaps" all of the users on that NAS.

       To "zap" one user, specifiy NAS, username, and NAS port:

	      $ radwho -ZRN 10.0.0.1 -u user -P 10 | radclient -f - radius.example.net acct testing123

       Other combinations are also possible.

SEE ALSO

       radiusd(8), radclient(1), radiusd.conf(5).

AUTHOR

       Miquel van Smoorenburg, miquels@cistron.nl.

								    17 Feb 2013 							 RADWHO(1)
Man Page