> It now appears that it is possible to receive a "start" record and then
> never receive a corresponding "stop" record. Instead, we receive a new
> "start" record when the port is reused.
I've done a lot of hacking on radiusd, and I can attest to the
existance of this problem. This complicates implementation of
duplicate login prevention with radiusd -- since you cannot reliably
know when a user has logged off, it's not a good idea to deny them a
login because you think they're still logged on. My approach to
handling a duplicate login is to disconnect the existing session (even
though it might not be there), remove the user from the list of logged
in users (even if we don't get a stop record for him) and let the new
login proceed.
A related problem is getting a stop record before a start record for a
given session, but this is more easily dealt with.
-- John W. Temples, III || Providing the only public access Internet Gulfnet Kuwait || site in the Arabian Gulf region