Problem with max-all-session check

ShR3K alexandre_rubert at hotmail.com
Tue Jul 26 09:03:08 CEST 2011


Sorry for the log. I forgot to post it : 

Ready to process requests.
rad_recv: Access-Request packet from host 192.168.182.1 port 34135, id=0,
length=218
	User-Name = "bcmybc"
	CHAP-Challenge = 0x882ad5b896682e7ed4239986eeb84ddd
	CHAP-Password = 0x00e246d4ee106a0cc62dbc36f76c8c373a
	NAS-IP-Address = 192.168.182.1
	Service-Type = Login-User
	Framed-IP-Address = 192.168.182.4
	Calling-Station-Id = "00-D0-C9-B4-C5-F4"
	Called-Station-Id = "00-90-05-02-FA-46"
	NAS-Identifier = "hotspot"
	Acct-Session-Id = "4e2e656a00000000"
	NAS-Port-Type = Wireless-802.11
	NAS-Port = 0
	Message-Authenticator = 0x0c9d727f78723a21ae18be33d2937769
	WISPr-Logoff-URL = "http://192.168.182.1:3990/logoff"
# Executing section authorize from file
/etc/freeradius/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
[chap] Setting 'Auth-Type := CHAP'
++[chap] returns ok
[pap] WARNING! No "known good" password found for the user.  Authentication
may fail because of this.
++[pap] returns noop
[suffix] No '@' in User-Name = "bcmybc", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[sql] 	expand: %{User-Name} -> bcmybc
[sql] sql_set_user escaped user --> 'bcmybc'
rlm_sql (sql): Reserving sql socket id: 3
[sql] 	expand: SELECT id, username, attribute, value, op           FROM
radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id
-> SELECT id, username, attribute, value, op           FROM radcheck          
WHERE username = 'bcmybc'           ORDER BY id
rlm_sql_mysql: query:  SELECT id, username, attribute, value, op          
FROM radcheck           WHERE username = 'bcmybc'           ORDER BY id
[sql] User found in radcheck table
[sql] 	expand: SELECT id, username, attribute, value, op           FROM
radreply           WHERE username = '%{SQL-User-Name}'           ORDER BY id
-> SELECT id, username, attribute, value, op           FROM radreply          
WHERE username = 'bcmybc'           ORDER BY id
rlm_sql_mysql: query:  SELECT id, username, attribute, value, op          
FROM radreply           WHERE username = 'bcmybc'           ORDER BY id
[sql] 	expand: SELECT groupname           FROM radusergroup           WHERE
username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT
groupname           FROM radusergroup           WHERE username = 'bcmybc'          
ORDER BY priority
rlm_sql_mysql: query:  SELECT groupname           FROM radusergroup          
WHERE username = 'bcmybc'           ORDER BY priority
rlm_sql (sql): Released sql socket id: 3
++[sql] returns ok
rlm_sqlcounter: Entering module authorize code
sqlcounter_expand:  'SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct
WHERE UserName='%{User-Name}''
[noresetcounter] 	expand: SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct
WHERE UserName='%{User-Name}' -> SELECT IFNULL(SUM(AcctSessionTime),0) FROM
radacct WHERE UserName='bcmybc'
sqlcounter_expand:  '%{sql:SELECT IFNULL(SUM(AcctSessionTime),0) FROM
radacct WHERE UserName='bcmybc'}'
[noresetcounter] sql_xlat
[noresetcounter] 	expand: %{User-Name} -> bcmybc
[noresetcounter] sql_set_user escaped user --> 'bcmybc'
[noresetcounter] 	expand: SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct
WHERE UserName='bcmybc' -> SELECT IFNULL(SUM(AcctSessionTime),0) FROM
radacct WHERE UserName='bcmybc'
[noresetcounter] 	expand: /var/log/freeradius/sqltrace.sql ->
/var/log/freeradius/sqltrace.sql
rlm_sql (sql): Reserving sql socket id: 2
rlm_sql_mysql: query:  SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct
WHERE UserName='bcmybc'
[noresetcounter] sql_xlat finished
rlm_sql (sql): Released sql socket id: 2
[noresetcounter] 	expand: %{sql:SELECT IFNULL(SUM(AcctSessionTime),0) FROM
radacct WHERE UserName='bcmybc'} -> 220
*rlm_sqlcounter: (Check item - counter) is less than zero
rlm_sqlcounter: Rejected user bcmybc, check_item=0, counter=220*
++[noresetcounter] returns reject
Using Post-Auth-Type Reject
# Executing group from file /etc/freeradius/sites-enabled/default
+- entering group REJECT {...}
[attr_filter.access_reject] 	expand: %{User-Name} -> bcmybc
 attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 0 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 0
Sending Access-Reject of id 0 to 192.168.182.1 port 34135
	Reply-Message = "Your maximum never usage time has been reached"
Waking up in 4.9 seconds.
Cleaning up request 0 ID 0 with timestamp +28
Ready to process requests.


As you can see check_item is zero and it never take the Max-All-Session
attribute.
This is my counter : 

sqlcounter noresetcounter {
        counter-name = Max-All-Session-Time 
                check-name = Max-All-Session
                sqlmod-inst = sql 
                key = User-Name 
                reset = never 
        query = "SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE
UserName='%{%k}'" 
 	
}

Thanks.

--
View this message in context: http://freeradius.1045715.n5.nabble.com/Problem-with-max-all-session-check-tp4630670p4633826.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.



More information about the Freeradius-Users mailing list