forked from spinesystemspublic/documentation
Add gaming option
This commit is contained in:
Denys Fedoryshchenko
@@ -0,0 +1,36 @@
|
||||
## Gaming service
|
||||
|
||||
### Configure pppoes
|
||||
/etc/api.conf
|
||||
```
|
||||
apikey=SecretTokenRandom
|
||||
allowip=10.168.100.
|
||||
```
|
||||
allowip must be set to ip of your nat
|
||||
|
||||
### Configure radius
|
||||
Configure for gaming service radius attribute "Login-LAT-Service" with value "gaming"
|
||||
|
||||
### Configure nat
|
||||
* Run several instances of pppoe gaming pollers that will retrieve list of gaming users
|
||||
```
|
||||
gamingclient -u http://pppoeip:apiport/ -k SecretTokenRandom
|
||||
```
|
||||
apiport by default 9000, might be different in some cases
|
||||
|
||||
* Configure ipset for gaming users
|
||||
```
|
||||
ipset create gamingclients hash:net timeout 120
|
||||
```
|
||||
Also add relevant rules to nat users to different pool, for example:
|
||||
```
|
||||
iptables -t nat -A POSTROUTING -m set --match-set gamingclients src -j SNAT --to-source $GAMING --persistent
|
||||
```
|
||||
where $GAMING is ip of your gaming pool (1.2.3.1-1.2.3.10 for example)
|
||||
|
||||
### How it works?
|
||||
* User login and get gaming service attribute from radius
|
||||
* API daemon will detect such user and put in special list available over API HTTP GET request
|
||||
* Gaming poller will retrieve list of users and put them in ipset each X seconds
|
||||
* NAT will detect users in ipset and will put them in gaming pool
|
||||
* If user will be disconnected, gaming poller will not readd user, and it will be removed from ipset after 120 seconds by ipset timeout
|
||||
Reference in New Issue
Block a user