SYNOPSIS
radwho [-c] [-d raddb_directory] [-f] [-F radutmp_file] [-i] [-n] [-N nas_ip_address] [-p] [-P nas_port] [-r] [-R] [-s] [-S] [-u user] [-U user] [-Z]DESCRIPTION
The FreeRADIUS server can be configured to maintain an active session database in a file called radutmp. This utility shows the content of that session database.OPTIONS
- -c
- Shows caller ID (if available) instead of the full name.
- -d raddb_directory
- The directory that contains the RADIUS configuration files. Defaults to /etc/raddb.
- -f
- Behave as the 'fingerd' daemon - waits for one line of input, then prints the output with lines \r\n terminated.
- -F radutmp_file
- The file that contains the radutmp file. If this is specified, -d is not necessary.
- -i
- Shows the session ID instead of the full name.
- -n
- Normally radwho looks up the username in the systems password file, and shows the full username as well. The -n flags prevents this.
- -N nas_ip_address
- Show only those entries which match the given NAS IP address.
- -p
- Adds an extra column for the port type - I for ISDN, A for Analog.
- -P nas_port
- Show only those entries which match the given NAS port.
- -r
- Outputs all data in raw format - no headers, no formatting, fields are comma-separated.
- -R
- Output all data in RADIUS attribute format. All fields are printed.
- -s
- Show full name.
- -S
- Hide shell users. Doesn't show the entries for users that do not have a SLIP or PPP session.
- -u user
- Show only those entries which match the given username (case insensitive).
- -U user
- Show only those entries which match the given username (case sensitive).
- -Z
- When combined with -R, prints out the contents of an Accounting-Request packet which can be passed to radclient, in order to "zap" that users session from radutmp.
For example,
-
$ radwho -ZRN 10.0.0.1 | radclient -f - radius.example.net acct testing123
To "zap" one user, specifiy NAS, username, and NAS port:
-
$ radwho -ZRN 10.0.0.1 -u user -P 10 | radclient -f - radius.example.net acct testing123