update disconnect

Alan DeKok aland at deployingradius.com
Thu May 14 17:03:55 CEST 2009


Ming-Ching Tiew wrote:
> 
> I am trying to get the 'update disconnect' to work putting this into
> the preacct section :-
> 
> ---------------------------------------------------------
> if ( "%{sql:SELECT value from radcheck WHERE UserName = '%{User-Name}' and attribute = 'Acct-Logout-Now'}" ) {
>     update disconnect {
>        Reply-Message = "You have been disconnected by the administrator!"
>     }
>     #%{exec:/usr/local/dialup_admin/bin/disconnect.sh %{User-Name} %{Acct-Session-Id} %{NAS-IP-Address} %{Packet-Src-Port} }
>     "%{sql:DELETE FROM radcheck WHERE UserName = '%{User-Name}' and attribute = 'Acct-Logout-Now'}"
> }
> --------------------------cut----------------------------
> 
> The update disconnect did not work but the (commented) exec using a script
> based on radclient works, What's wrong ?

  See the FAQ for "it doesn't work".

> Though the exec method works but I have to open up the port, which means
> the firewall thinks that's a separate connection, which is lousy.

  Well... it *is* a separate connection.  The Disconnect-Request packet
is sent from a *new* source port to the disconnect port of the client.

> Secondly, the sql DELETE, seems to be executed twice, here is the log :-

  No, it's not executed twice.

> If I understand the log correctly, the second sql access is displayed
> first,

  And why do you think that something happening *second* is logged
before something happening *first*?

> that's why there is a failure, whereas the first sql access 
> is displayed later, but it's a noop.

  That's not what the log shows.

  Alan DeKok.



More information about the Freeradius-Users mailing list