toughradius

package
v8.0.0-...-0f2c8d7 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 2, 2023 License: GPL-3.0 Imports: 50 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	VendorMikrotik = "14988"
	VendorIkuai    = "10055"
	VendorHuawei   = "2011"
	VendorZte      = "3902"
	VendorH3c      = "25506"
	VendorRadback  = "2352"
	VendorCisco    = "9"

	RadiusRejectDelayTimes = 7
	RadiusAuthRateInterval = 1
)

Variables

View Source 
var HexFormat = func(src []byte) string {
	return fmt.Sprintf("%x", src)
}
View Source 
var Ipv4Format = func(src []byte) string {
	return net.IPv4(src[0], src[1], src[2], src[3]).String()
}
View Source 
var RadiusTypeFmtMap = map[radius.Type]AttrFormatFunc{
	rfc2865.UserName_Type:               StringFormat,
	rfc2865.UserPassword_Type:           HexFormat,
	rfc2865.CHAPPassword_Type:           HexFormat,
	rfc2865.NASIPAddress_Type:           Ipv4Format,
	rfc2865.NASPort_Type:                UInt32Format,
	rfc2865.ServiceType_Type:            UInt32Format,
	rfc2865.FramedProtocol_Type:         UInt32Format,
	rfc2865.FramedIPAddress_Type:        Ipv4Format,
	rfc2865.FramedIPNetmask_Type:        Ipv4Format,
	rfc2865.FramedRouting_Type:          UInt32Format,
	rfc2865.FilterID_Type:               StringFormat,
	rfc2865.FramedMTU_Type:              UInt32Format,
	rfc2865.FramedCompression_Type:      UInt32Format,
	rfc2865.LoginIPHost_Type:            Ipv4Format,
	rfc2865.LoginService_Type:           UInt32Format,
	rfc2865.LoginTCPPort_Type:           UInt32Format,
	rfc2865.ReplyMessage_Type:           StringFormat,
	rfc2865.CallbackNumber_Type:         StringFormat,
	rfc2865.CallbackID_Type:             StringFormat,
	rfc2865.FramedRoute_Type:            StringFormat,
	rfc2865.FramedIPXNetwork_Type:       Ipv4Format,
	rfc2865.State_Type:                  StringFormat,
	rfc2865.Class_Type:                  StringFormat,
	rfc2865.VendorSpecific_Type:         HexFormat,
	rfc2865.SessionTimeout_Type:         UInt32Format,
	rfc2865.IdleTimeout_Type:            UInt32Format,
	rfc2865.TerminationAction_Type:      UInt32Format,
	rfc2865.CalledStationID_Type:        StringFormat,
	rfc2865.CallingStationID_Type:       StringFormat,
	rfc2865.NASIdentifier_Type:          StringFormat,
	rfc2865.ProxyState_Type:             StringFormat,
	rfc2865.LoginLATService_Type:        HexFormat,
	rfc2865.LoginLATNode_Type:           HexFormat,
	rfc2865.LoginLATGroup_Type:          HexFormat,
	rfc2865.FramedAppleTalkLink_Type:    HexFormat,
	rfc2865.FramedAppleTalkNetwork_Type: HexFormat,
	rfc2865.FramedAppleTalkZone_Type:    HexFormat,
	rfc2865.CHAPChallenge_Type:          HexFormat,
	rfc2865.NASPortType_Type:            UInt32Format,
	rfc2865.PortLimit_Type:              HexFormat,
	rfc2865.LoginLATPort_Type:           HexFormat,
	rfc2866.AcctStatusType_Type:         UInt32Format,
	rfc2866.AcctDelayTime_Type:          UInt32Format,
	rfc2866.AcctInputOctets_Type:        UInt32Format,
	rfc2866.AcctOutputOctets_Type:       UInt32Format,
	rfc2866.AcctSessionID_Type:          StringFormat,
	rfc2866.AcctAuthentic_Type:          UInt32Format,
	rfc2866.AcctSessionTime_Type:        UInt32Format,
	rfc2866.AcctInputPackets_Type:       UInt32Format,
	rfc2866.AcctOutputPackets_Type:      UInt32Format,
	rfc2866.AcctTerminateCause_Type:     UInt32Format,
	rfc2866.AcctMultiSessionID_Type:     StringFormat,
	rfc2866.AcctLinkCount_Type:          UInt32Format,
	rfc2869.AcctInputGigawords_Type:     UInt32Format,
	rfc2869.AcctOutputGigawords_Type:    UInt32Format,
	rfc2869.EventTimestamp_Type:         UInt32Format,
	rfc2869.ARAPPassword_Type:           HexFormat,
	rfc2869.ARAPFeatures_Type:           HexFormat,
	rfc2869.ARAPZoneAccess_Type:         HexFormat,
	rfc2869.ARAPSecurity_Type:           HexFormat,
	rfc2869.ARAPSecurityData_Type:       HexFormat,
	rfc2869.PasswordRetry_Type:          HexFormat,
	rfc2869.Prompt_Type:                 HexFormat,
	rfc2869.ConnectInfo_Type:            StringFormat,
	rfc2869.ConfigurationToken_Type:     StringFormat,
	rfc2869.EAPMessage_Type:             StringFormat,
	rfc2869.MessageAuthenticator_Type:   StringFormat,
	rfc2869.ARAPChallengeResponse_Type:  HexFormat,
	rfc2869.AcctInterimInterval_Type:    UInt32Format,
	rfc2869.NASPortID_Type:              StringFormat,
	rfc2869.FramedPool_Type:             StringFormat,
	rfc3162.NASIPv6Address_Type:         HexFormat,
	rfc3162.FramedInterfaceID_Type:      HexFormat,
	rfc3162.FramedIPv6Prefix_Type:       HexFormat,
	rfc3162.LoginIPv6Host_Type:          HexFormat,
	rfc3162.FramedIPv6Route_Type:        HexFormat,
	rfc3162.FramedIPv6Pool_Type:         HexFormat,
	rfc3576.ErrorCause_Type:             UInt32Format,
	rfc4849.NASFilterRule_Type:          StringFormat,
	rfc2868.TunnelType_Type:             UInt32Format,
	rfc2868.TunnelMediumType_Type:       UInt32Format,
	rfc2868.TunnelClientEndpoint_Type:   StringFormat,
	rfc2868.TunnelServerEndpoint_Type:   StringFormat,
	rfc2868.TunnelPassword_Type:         StringFormat,
	rfc2868.TunnelPrivateGroupID_Type:   StringFormat,
	rfc2868.TunnelAssignmentID_Type:     HexFormat,
	rfc2868.TunnelPreference_Type:       HexFormat,
	rfc2868.TunnelClientAuthID_Type:     HexFormat,
	rfc2868.TunnelServerAuthID_Type:     HexFormat,
}
View Source 
var RadiusTypeMap = map[radius.Type]string{
	rfc2865.UserName_Type:               "UserName",
	rfc2865.UserPassword_Type:           "UserPassword",
	rfc2865.CHAPPassword_Type:           "CHAPPassword",
	rfc2865.NASIPAddress_Type:           "NASIPAddress",
	rfc2865.NASPort_Type:                "NASPort",
	rfc2865.ServiceType_Type:            "ServiceType",
	rfc2865.FramedProtocol_Type:         "FramedProtocol",
	rfc2865.FramedIPAddress_Type:        "FramedIPAddress",
	rfc2865.FramedIPNetmask_Type:        "FramedIPNetmask",
	rfc2865.FramedRouting_Type:          "FramedRouting",
	rfc2865.FilterID_Type:               "FilterID",
	rfc2865.FramedMTU_Type:              "FramedMTU",
	rfc2865.FramedCompression_Type:      "FramedCompression",
	rfc2865.LoginIPHost_Type:            "LoginIPHost",
	rfc2865.LoginService_Type:           "LoginService",
	rfc2865.LoginTCPPort_Type:           "LoginTCPPort",
	rfc2865.ReplyMessage_Type:           "ReplyMessage",
	rfc2865.CallbackNumber_Type:         "CallbackNumber",
	rfc2865.CallbackID_Type:             "CallbackID",
	rfc2865.FramedRoute_Type:            "FramedRoute",
	rfc2865.FramedIPXNetwork_Type:       "FramedIPXNetwork",
	rfc2865.State_Type:                  "State",
	rfc2865.Class_Type:                  "Class",
	rfc2865.VendorSpecific_Type:         "VendorSpecific",
	rfc2865.SessionTimeout_Type:         "SessionTimeout",
	rfc2865.IdleTimeout_Type:            "IdleTimeout",
	rfc2865.TerminationAction_Type:      "TerminationAction",
	rfc2865.CalledStationID_Type:        "CalledStationID",
	rfc2865.CallingStationID_Type:       "CallingStationID",
	rfc2865.NASIdentifier_Type:          "NASIdentifier",
	rfc2865.ProxyState_Type:             "ProxyState",
	rfc2865.LoginLATService_Type:        "LoginLATService",
	rfc2865.LoginLATNode_Type:           "LoginLATNode",
	rfc2865.LoginLATGroup_Type:          "LoginLATGroup",
	rfc2865.FramedAppleTalkLink_Type:    "FramedAppleTalkLink",
	rfc2865.FramedAppleTalkNetwork_Type: "FramedAppleTalkNetwork",
	rfc2865.FramedAppleTalkZone_Type:    "FramedAppleTalkZone",
	rfc2865.CHAPChallenge_Type:          "CHAPChallenge",
	rfc2865.NASPortType_Type:            "NASPortType",
	rfc2865.PortLimit_Type:              "PortLimit",
	rfc2865.LoginLATPort_Type:           "LoginLATPort",
	rfc2866.AcctStatusType_Type:         "AcctStatusType",
	rfc2866.AcctDelayTime_Type:          "AcctDelayTime",
	rfc2866.AcctInputOctets_Type:        "AcctInputOctets",
	rfc2866.AcctOutputOctets_Type:       "AcctOutputOctets",
	rfc2866.AcctSessionID_Type:          "AcctSessionID",
	rfc2866.AcctAuthentic_Type:          "AcctAuthentic",
	rfc2866.AcctSessionTime_Type:        "AcctSessionTime",
	rfc2866.AcctInputPackets_Type:       "AcctInputPackets",
	rfc2866.AcctOutputPackets_Type:      "AcctOutputPackets",
	rfc2866.AcctTerminateCause_Type:     "AcctTerminateCause",
	rfc2866.AcctMultiSessionID_Type:     "AcctMultiSessionID",
	rfc2866.AcctLinkCount_Type:          "AcctLinkCount",
	rfc2869.AcctInputGigawords_Type:     "AcctInputGigawords",
	rfc2869.AcctOutputGigawords_Type:    "AcctOutputGigawords",
	rfc2869.EventTimestamp_Type:         "EventTimestamp",
	rfc2869.ARAPPassword_Type:           "ARAPPassword",
	rfc2869.ARAPFeatures_Type:           "ARAPFeatures",
	rfc2869.ARAPZoneAccess_Type:         "ARAPZoneAccess",
	rfc2869.ARAPSecurity_Type:           "ARAPSecurity",
	rfc2869.ARAPSecurityData_Type:       "ARAPSecurityData",
	rfc2869.PasswordRetry_Type:          "PasswordRetry",
	rfc2869.Prompt_Type:                 "Prompt",
	rfc2869.ConnectInfo_Type:            "ConnectInfo",
	rfc2869.ConfigurationToken_Type:     "ConfigurationToken",
	rfc2869.EAPMessage_Type:             "EAPMessage",
	rfc2869.MessageAuthenticator_Type:   "MessageAuthenticator",
	rfc2869.ARAPChallengeResponse_Type:  "ARAPChallengeResponse",
	rfc2869.AcctInterimInterval_Type:    "AcctInterimInterval",
	rfc2869.NASPortID_Type:              "NASPortID",
	rfc2869.FramedPool_Type:             "FramedPool",
	rfc3162.NASIPv6Address_Type:         "NASIPv6Address",
	rfc3162.FramedInterfaceID_Type:      "FramedInterfaceID",
	rfc3162.FramedIPv6Prefix_Type:       "FramedIPv6Prefix",
	rfc3162.LoginIPv6Host_Type:          "LoginIPv6Host",
	rfc3162.FramedIPv6Route_Type:        "FramedIPv6Route",
	rfc3162.FramedIPv6Pool_Type:         "FramedIPv6Pool",
	rfc3576.ErrorCause_Type:             "ErrorCause",
	rfc4849.NASFilterRule_Type:          "NASFilterRule",
	rfc2868.TunnelType_Type:             "TunnelType",
	rfc2868.TunnelMediumType_Type:       "TunnelMediumType",
	rfc2868.TunnelClientEndpoint_Type:   "TunnelClientEndpoint",
	rfc2868.TunnelServerEndpoint_Type:   "TunnelServerEndpoint",
	rfc2868.TunnelPassword_Type:         "TunnelPassword",
	rfc2868.TunnelPrivateGroupID_Type:   "TunnelPrivateGroupID",
	rfc2868.TunnelAssignmentID_Type:     "TunnelAssignmentID",
	rfc2868.TunnelPreference_Type:       "TunnelPreference",
	rfc2868.TunnelClientAuthID_Type:     "TunnelClientAuthID",
	rfc2868.TunnelServerAuthID_Type:     "TunnelServerAuthID",
}
View Source 
var StringFormat = func(src []byte) string {
	return string(src)
}
View Source 
var UInt32Format = func(src []byte) string {
	return strconv.Itoa(int(binary.BigEndian.Uint32(src)))
}

Functions

func FmtPacket 

func FmtPacket(p *radius.Packet) string

func FmtRequest 

func FmtRequest(p *radius.Request) string

func FmtResponse 

func FmtResponse(p *radius.Packet, RemoteAddr net.Addr) string

func FormatType 

func FormatType(t radius.Type, src radius.Attribute) string

func GetNetRadiusOnlineFromRequest 

func GetNetRadiusOnlineFromRequest(r *radius.Request, vr *VendorRequest, vpe *models.NetVpe, nasrip string) models.RadiusOnline

func Length 

func Length(p *radius.Packet) int

func ListenRadiusAcctServer 

func ListenRadiusAcctServer(service *AcctService) error

func ListenRadiusAuthServer 

func ListenRadiusAuthServer(service *AuthService) error

func ListenRadsecServer 

func ListenRadsecServer(service *RadsecService) error

func ParseVlanIds 

func ParseVlanIds(nasportid string) (int64, int64)

ParseVlanIds 解析标准 VLANID 值

func StringType 

func StringType(t radius.Type) string

Types

type AcctService 

type AcctService struct {
	*RadiusService
}

记账服务

func NewAcctService 

func NewAcctService(radiusService *RadiusService) *AcctService

func (*AcctService) DoAcctDisconnect 

func (s *AcctService) DoAcctDisconnect(r *radius.Request, vpe *models.NetVpe, username, nasrip string)

func (*AcctService) DoAcctNasOff 

func (s *AcctService) DoAcctNasOff(r *radius.Request)

func (*AcctService) DoAcctNasOn 

func (s *AcctService) DoAcctNasOn(r *radius.Request)

func (*AcctService) DoAcctStart 

func (s *AcctService) DoAcctStart(r *radius.Request, vr *VendorRequest, username string, vpe *models.NetVpe, nasrip string)

func (*AcctService) DoAcctStop 

func (s *AcctService) DoAcctStop(r *radius.Request, vr *VendorRequest, username string, vpe *models.NetVpe, nasrip string)

func (*AcctService) DoAcctUpdate 

func (s *AcctService) DoAcctUpdate(r *radius.Request, vr *VendorRequest, username string, vpe *models.NetVpe, nasrip string)

func (*AcctService) DoAcctUpdateBefore 

func (s *AcctService) DoAcctUpdateBefore(r *radius.Request, vr *VendorRequest, user *models.RadiusUser, vpe *models.NetVpe, nasrip string)

func (*AcctService) LdapUserAcct 

func (s *AcctService) LdapUserAcct(r *radius.Request, vr *VendorRequest, username string, vpe *models.NetVpe, nasrip string)

func (*AcctService) SendResponse 

func (s *AcctService) SendResponse(w radius.ResponseWriter, r *radius.Request)

func (*AcctService) ServeRADIUS 

func (s *AcctService) ServeRADIUS(w radius.ResponseWriter, r *radius.Request)

type AttrFormatFunc 

type AttrFormatFunc = func(s []byte) string

type AuthError 

type AuthError struct {
	Type string
	Err  error
}

func NewAuthError 

func NewAuthError(errType string, err string) *AuthError

func (*AuthError) Error 

func (e *AuthError) Error() string

type AuthRateUser 

type AuthRateUser struct {
	Username  string
	Starttime time.Time
}

type AuthService 

type AuthService struct {
	*RadiusService
}

func NewAuthService 

func NewAuthService(radiusService *RadiusService) *AuthService

func (*AuthService) AcceptAcceptConfig 

func (s *AuthService) AcceptAcceptConfig(user *models.RadiusUser, vendorCode string, radAccept *radius.Packet)

AcceptAcceptConfig 用户属性策略下发配置

func (*AuthService) CheckMacBind 

func (s *AuthService) CheckMacBind(user *models.RadiusUser, vendorReq *VendorRequest) error

CheckMacBind mac binding detection Detected only if both user mac and request mac are valid. If user mac is empty, update user mac directly.

func (*AuthService) CheckMsChapPassword 

func (s *AuthService) CheckMsChapPassword(username, password string, challenge, response []byte, radAccept *radius.Packet) error

func (*AuthService) CheckOnlineCount 

func (s *AuthService) CheckOnlineCount(username string, activeNUm int) error

func (*AuthService) CheckPassword 

func (s *AuthService) CheckPassword(r *radius.Request, username, localpassword string, radAccept *radius.Packet, isMacAuth bool) error

CheckPassword passward 不为空为 PAP 认证 chapPassword 不为空为 Chap 认证

func (*AuthService) CheckVlanBind 

func (s *AuthService) CheckVlanBind(user *models.RadiusUser, vendorReq *VendorRequest) error

CheckVlanBind vlanid binding detection Only if both user vlanid and request vlanid are valid. If user vlanid is empty, update user vlanid directly.

func (*AuthService) GetLocalPassword 

func (s *AuthService) GetLocalPassword(user *models.RadiusUser, isMacAuth bool) (string, error)

func (*AuthService) LdapAcceptAcceptConfig 

func (s *AuthService) LdapAcceptAcceptConfig(user *LdapRadisProfile, vendorCode string, radAccept *radius.Packet)

func (*AuthService) LdapUserAuth 

func (s *AuthService) LdapUserAuth(rw radius.ResponseWriter, r *radius.Request,
	username string, ldapNode *models.NetLdapServer, radAccept *radius.Packet, vreq *VendorRequest) (*LdapRadisProfile, error)

func (*AuthService) SendAccept 

func (s *AuthService) SendAccept(w radius.ResponseWriter, r *radius.Request, resp *radius.Packet)

func (*AuthService) SendReject 

func (s *AuthService) SendReject(w radius.ResponseWriter, r *radius.Request, err error)

func (*AuthService) ServeRADIUS 

func (s *AuthService) ServeRADIUS(w radius.ResponseWriter, r *radius.Request)

func (*AuthService) UpdateBind 

func (s *AuthService) UpdateBind(user *models.RadiusUser, vendorReq *VendorRequest)

UpdateBind update mac or vlan

type LdapRadisProfile 

type LdapRadisProfile struct {
	Status          string
	MfaSecret       string
	MfaStatus       string
	Domain          string
	AddrPool        string
	MacAddr         string
	IpAddr          string
	ActiveNum       int
	LimitPolicy     string
	UpLimitPolicy   string
	DownLimitPolicy string
	UpRate          int
	DownRate        int
	ExpireTime      time.Time
}

type RadiusService 

type RadiusService struct {
	App           *app.Application
	RejectCache   *RejectCache
	AuthRateCache map[string]AuthRateUser
	TaskPool      *ants.Pool
	// contains filtered or unexported fields
}

func NewRadiusService 

func NewRadiusService() *RadiusService

func (*RadiusService) AddRadiusAccounting 

func (s *RadiusService) AddRadiusAccounting(ol models.RadiusOnline, start bool) error

func (*RadiusService) AddRadiusOnline 

func (s *RadiusService) AddRadiusOnline(ol models.RadiusOnline) error

func (*RadiusService) BatchClearRadiusOnline 

func (s *RadiusService) BatchClearRadiusOnline(ids string) error

func (*RadiusService) BatchClearRadiusOnlineByNas 

func (s *RadiusService) BatchClearRadiusOnlineByNas(nasip, nasid string)

func (*RadiusService) CheckAuthRateLimit 

func (s *RadiusService) CheckAuthRateLimit(username string) error

CheckAuthRateLimit Authentication frequency detection, each user can only authenticate once every few seconds

func (*RadiusService) CheckRadAuthError 

func (s *RadiusService) CheckRadAuthError(username, nasip string, err error)

func (*RadiusService) CheckRequestSecret 

func (s *RadiusService) CheckRequestSecret(r *radius.Packet, secret []byte)

func (*RadiusService) EndRadiusAccounting 

func (s *RadiusService) EndRadiusAccounting(online models.RadiusOnline) error

func (*RadiusService) ExistRadiusOnline 

func (s *RadiusService) ExistRadiusOnline(sessionId string) bool

func (*RadiusService) GetIntConfig 

func (s *RadiusService) GetIntConfig(name string, defval int64) int64

func (*RadiusService) GetLdapServer 

func (s *RadiusService) GetLdapServer(id interface{}) (item *models.NetLdapServer, err error)

GetLdapServer 获取Ldap 服务节点新

func (*RadiusService) GetNas 

func (s *RadiusService) GetNas(ip, identifier string) (vpe *models.NetVpe, err error)

GetNas 查询 NAS 设备, 优先查询IP, 然后ID

func (*RadiusService) GetRadiusOnlineCount 

func (s *RadiusService) GetRadiusOnlineCount(username string) int

func (*RadiusService) GetStringConfig 

func (s *RadiusService) GetStringConfig(name string, defval string) string

func (*RadiusService) GetUserForAcct 

func (s *RadiusService) GetUserForAcct(username string) (user *models.RadiusUser, err error)

GetUserForAcct 获取用户, 不判断用户过期等状态

func (*RadiusService) GetValidUser 

func (s *RadiusService) GetValidUser(usernameOrMac string, macauth bool) (user *models.RadiusUser, err error)

GetValidUser 获取有效用户, 初步判断用户有效性

func (*RadiusService) ParseVendor 

func (s *RadiusService) ParseVendor(r *radius.Request, vendorCode string) *VendorRequest

ParseVendor 解析厂商私有属性

func (*RadiusService) RADIUSSecret 

func (s *RadiusService) RADIUSSecret(ctx context.Context, remoteAddr net.Addr) ([]byte, error)

func (*RadiusService) Release 

func (s *RadiusService) Release()

func (*RadiusService) ReleaseAuthRateLimit 

func (s *RadiusService) ReleaseAuthRateLimit(username string)

func (*RadiusService) RemoveRadiusOnline 

func (s *RadiusService) RemoveRadiusOnline(sessionId string) error

func (*RadiusService) UpdateRadiusOnlineData 

func (s *RadiusService) UpdateRadiusOnlineData(data models.RadiusOnline) error

func (*RadiusService) UpdateUserMac 

func (s *RadiusService) UpdateUserMac(username string, macaddr string)

func (*RadiusService) UpdateUserVlanid1 

func (s *RadiusService) UpdateUserVlanid1(username string, vlanid1 int)

func (*RadiusService) UpdateUserVlanid2 

func (s *RadiusService) UpdateUserVlanid2(username string, vlanid2 int)

type RadsecHandler 

type RadsecHandler interface {
	ServeRADIUS(w radius.ResponseWriter, r *radius.Request)
}

type RadsecPacketServer 

type RadsecPacketServer struct {
	// The address on which the server listens. Defaults to :1812.
	Addr string

	// The network on which the server listens. Defaults to udp.
	Network string

	// The source from which the secret is obtained for parsing and validating
	// the request.
	SecretSource radius.SecretSource

	// Handler which is called to process the request.
	Handler RadsecHandler

	// Skip incoming packet authenticity validation.
	// This should only be set to true for debugging purposes.
	InsecureSkipVerify bool
	// contains filtered or unexported fields
}

RadsecPacketServer listens for RADIUS requests on a packet-based protocols (e.g. UDP).

func (*RadsecPacketServer) ListenAndServe 

func (s *RadsecPacketServer) ListenAndServe(capath, crtfile, keyfile string) error

ListenAndServe starts a RADIUS server on the address given in s.

func (*RadsecPacketServer) Serve 

func (s *RadsecPacketServer) Serve(conn net.Conn) error

Serve accepts incoming connections on conn.

func (*RadsecPacketServer) Shutdown 

func (s *RadsecPacketServer) Shutdown(ctx context.Context) error

Shutdown gracefully stops the server. It first closes all listeners and then waits for any running handlers to complete.

Shutdown returns after nil all handlers have completed. ctx.Err() is returned if ctx is canceled.

Any Serve methods return ErrShutdown after Shutdown is called.

type RadsecService 

type RadsecService struct {
	AuthService *AuthService
	AcctService *AcctService
}

func NewRadsecService 

func NewRadsecService(authService *AuthService, acctService *AcctService) *RadsecService

func (*RadsecService) RADIUSSecret 

func (s *RadsecService) RADIUSSecret(ctx context.Context, remoteAddr net.Addr) ([]byte, error)

func (*RadsecService) ServeRADIUS 

func (s *RadsecService) ServeRADIUS(w radius.ResponseWriter, r *radius.Request)

type RejectCache 

type RejectCache struct {
	Items map[string]*RejectItem
	Lock  sync.Mutex
}

func (*RejectCache) GetItem 

func (rc *RejectCache) GetItem(username string) *RejectItem

func (*RejectCache) SetItem 

func (rc *RejectCache) SetItem(username string)

type RejectItem 

type RejectItem struct {
	Rejects    int64
	LastReject time.Time
	Lock       sync.RWMutex
}

func (*RejectItem) Incr 

func (ri *RejectItem) Incr()

func (*RejectItem) IsOver 

func (ri *RejectItem) IsOver(max int64) bool

type VendorRequest 

type VendorRequest struct {
	MacAddr string
	Vlanid1 int64
	Vlanid2 int64
}

Source Files

View all Source files

Directories

Path Synopsis
vendors
alcatel
aruba
cisco
f5
h3c
hillstone
huawei
ikuai
juniper
microsoft
mikrotik
pfSense
radback
unix
zte

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.