A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:


Man page of RADZAP


Section: FreeRadius Daemon (1)
Updated: 8 April 2005
Index of this MAN page

Back To MAN Pages From BackTrack 5 R1 Master List  


radzap - remove rogue entries from the active sessions database  


radzap [-d raddb_directory] [-N nas_ip_address] [-P nas_port] [-u user] [-U user] server[:port] secret  


The FreeRadius server can be configured to maintain an active session database in a file called radutmp. Commands like radwho(1) use this database. Sometimes that database can get out of sync, and then it might contain rogue entries. radzap can clean up this database.

As of FreeRADIUS 1.1.0, radzap is a simple shell-script wrapper around radwho(1) and radclient(1).

The sessions are "zapped" by sending an Accounting-Request packet which contains the information necessary for the server to delete the session record. radzap sends a packet to the server, rather than writing to radutmp directly, because session records may also be maintained in SQL.  


-d raddb_directory
The directory that contains the RADIUS configuration files. radzap reads radiusd.conf to determine the location of the radutmp file.
-N nas_ip_address
Zap the entries which match the given NAS IP address.
-P nas_port
Zap the entries which match the given NAS port.
-u user
Zap the entries which match the given username (case insensitive).
-U user
Zap the entries which match the given username (case sensitive).
The hostname or IP address of the remote server. Optionally a UDP port can be specified. If no UDP port is specified, it is looked up in /etc/services. The service name looked for is radacct for accounting packets, and radius for all other requests. If a service is not found in /etc/services, 1813 and 1812 are used respectively.
The shared secret for this client. It needs to be defined on the radius server side too, for the IP address you are sending the radius packets from.


radwho(1), radclient(1), radiusd(8), radiusd.conf(5).  


Alan DeKok <aland@ox.org>




This document was created by man2html, using the manual pages.
Time: 07:34:21 GMT, September 13, 2011

Printable version of this article

15 most recent posts on Irongeek.com:

If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2019, IronGeek
Louisville / Kentuckiana Information Security Enthusiast