NAME¶
radzap - remove rogue entries from the active sessions database
SYNOPSIS¶
radzap [
-d raddb_directory] [
-h] [
-N
nas_ip_address] [
-P nas_port] [
-u user]
[
-U user] [
-x]
server[:port] secret
DESCRIPTION¶
The FreeRadius server can be configured to maintain an active session database
in a file called
radutmp. Commands like
radwho(1) use this
database. Sometimes that database can get out of sync, and then it might
contain rogue entries.
radzap can clean up this database.
As of FreeRADIUS 1.1.0,
radzap is a simple shell-script wrapper around
radwho(1) and
radclient(1).
The sessions are "zapped" by sending an Accounting-Request packet
which contains the information necessary for the server to delete the session
record.
radzap sends a packet to the server, rather than writing to
radutmp directly, because session records may also be maintained in
SQL.
OPTIONS¶
- -d raddb_directory
- The directory that contains the RADIUS configuration files.
radzap reads radiusd.conf to determine the location of the
radutmp file.
- -h
- Print usage help information.
- -N nas_ip_address
- Zap the entries which match the given NAS IP address.
- -P nas_port
- Zap the entries which match the given NAS port.
- -u user
- Zap the entries which match the given username (case
insensitive).
- -U user
- Zap the entries which match the given username (case
sensitive).
- -x
- Enable debugging output.
- server[:port]
- The hostname or IP address of the remote server. Optionally
a UDP port can be specified. If no UDP port is specified, it is looked up
in /etc/services. The service name looked for is radacct for
accounting packets, and radius for all other requests. If a service
is not found in /etc/services, 1813 and 1812 are used
respectively.
- secret
- The shared secret for this client. It needs to be defined
on the radius server side too, for the IP address you are sending the
radius packets from.
SEE ALSO¶
radwho(1),
radclient(1), radiusd(8),
radiusd.conf(5).
AUTHOR¶
Alan DeKok <aland@ox.org>