noresetcounter

Bill Schoolfield bill at billmax.com
Thu Jun 6 23:20:04 CEST 2013


Hello all,
  
I'm trying to use rlm_sqlcounter to disable login once time exceeded together with unlang to
set Session-Timeout. I can get either to work but having trouble getting both to work.

Right now the Session-Timeout (computed below in the post auth section) works fine.

update reply {
        Session-Timeout := "%{expr: %{check:Max-All-Session-Time}-%{sql:select sum(acctsessiontime) from radacct where username='%{User-Name}'}}"
}

The radacct table is populated and the session timeout is computed properly across logins.

But the check provide by the below setup fails to prevent login (auth) when the time goes to zero.


sqlcounter noresetcounter {
         counter-name = Max-All-Session-Time
                 check-name = Max-All-Session
                 sqlmod-inst = sql
                 key = User-Name
                 reset = never
         query = "SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='%{%k}'"
}


My test radcheck table looks like:

mysql> select * from radcheck;
+----+----------+----------------------+----+---------+
| id | username | attribute            | op | value   |
+----+----------+----------------------+----+---------+
|  1 | wrs      | Cleartext-Password   | := | test123 |
|  2 | wrs      | Max-All-Session-Time | := | 600     |
+----+----------+----------------------+----+---------+

I can provide the whole radiusd -X log if this is not enough info;


Bill


More information about the Freeradius-Users mailing list