Setting and extending Session-timeout

Matej Žerovnik matej at zunaj.si
Mon May 19 12:52:59 CEST 2014 

Agrh! Pressed ctrl-enter too soon:) Here is the whole mail:

Hello!

I'm a RADIUS newbie, so bear with me in case I ask stupid questions....

So here is a short description of what my project would needs to do:
- every user can login via WIFI or LAN(public computer)
- user can use wifi 24h/day
- user can use public pc only 1h/day if he's authorized and he can
extend the use if needed

Logging is now working and users can log in, so one thing done:)

How to set session-timeout for public computers but not for wifi. All
users have only 1 login name. I guess my best bet is with some unlang
scripting?

authorize {
    if (NAS-Port-Type == 'Ethernet') {
        update {
            control:Max-Daily-Session := 3600
        }
    dailycounter
    }
}

This should update control record for 'dailycounter' and run it if user
signs from Ethernet NAS port type. In case he logs in via wifi, system
will skip execution of dailycounter and session-timeout will not be
sent. Is my thinking correct?

What if I want to extend session timeout for a certain user?
I've had success sending a COA packet with radclient. Is it possible to
change it without running radclient?
Can I create a custom sql table where I insert user name and wanted
session length and radius will read that out and send COA to client?

Is it possible to somehow get the current set session-timeout for a
certain user?
If not, can I somehow store it in a database on login or update?
That way I can always check current session-timeout for a certain user
and set a new one accordingly.

Thanks, Matej

On 19.5.2014 12:28, Matej Žerovnik wrote:
> Hello!
>
> I'm a RADIUS newbie, so bear with me in case I ask stupid questions....
>
> So here is a short description of what my project would needs to do:
> - every user can login via WIFI or LAN(public computer)
> - he can use wifi 24h/day
> - he can use public pc only 1h/day if he's authorized by default and he
> can extend the use if needed
>
> Logging is now working and users can log in, so one thing done:)
>
> Current problems:
> - how to not limit session-timeout for wifi and limit for public
> computers. All users have only 1 login name. I guess my best bet is some
> scripting with unlang?
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

More information about the Freeradius-Users mailing list