Does freeradius support considering a session as ended if enough accounting packets are missed?

Erik Andersen eandersen at eoni.com
Mon Sep 22 22:25:58 CEST 2014 

On 09/22/2014 12:23 PM, Alan DeKok wrote:
> Erik Andersen wrote:
>> (I've upgraded to 3.04 since asking this question, and built a script
>> that finds, using MySQL, stuff that has missed a few interim updates,
>> and then fakes an end of session accounting packet using radclient).
>
>    If it's useful... contribute it back.

Here's what I have (python3):

import mysql.connector
from mysql.connector import errorcode
import tempfile
import subprocess
import os


dbsettings = {
'user' : 'radius',
'password' : 'yourpassword',
'host' : '127.0.0.1',
'database' : 'radius',
'raise_on_warnings' : True
}

try:
   cnx = mysql.connector.connect(**dbsettings)
except mysql.connector.Error as err:
   if err.errno == errorcode.ER_ACCESS_DENIED_ERROR:
     print("Something is wrong with your user name or password")
   elif err.errno == errorcode.ER_BAD_DB_ERROR:
     print("Database does not exists")
   else:
     print(err)

cursor = cnx.cursor()

# Create a temporary file and write the cleanup script to it
tempf = tempfile.NamedTemporaryFile(delete=False, mode="w")

cursor.execute('select username, acctsessionid, nasipaddress, nasportid, 
acctinputoctets, acctoutputoctets, acctsessiontime from radacct where 
(acctupdatetime not between (NOW()-INTERVAL 10 MINUTE) and NOW()) and 
acctstoptime is null;')
for stalesession in cursor:
  tempf.write('''User-Name = "{}"\nAcct-Session-Id = 
"{}"\nAcct-Status-Type = Stop\nNAS-IP-Address = {}\nNAS-Port = 
{}\nAcct-Terminate-Cause = NAS-Error\nAcct-Input-Octets = 
{}\nAcct-Output-Octets = {}\nAcct-Session-Time = 
{}\n\n'''.format(*stalesession))

tempf.close()

subprocess.check_call(['radclient', '-f', tempf.name, '127.0.0.1:1646', 
'acct', 'yourpassword'])
# And then clean up the temporary file
os.unlink(tempf.name)
cnx.close()


>    Any attribute is allowed in SQL queries.  But... the attribute has to
> exist in a RADIUS packet, OR have it's value set via an "update"
> statement, other module, etc.

Some of our PPPoE servers would not send the attribute, some would.

I'm not sure what you mean by setting the value by an update statement. 
Could you give an example of how to do this? Ideally, I would like to 
save it if it exists, and if not, just insert a NULL or empty string.

More information about the Freeradius-Users mailing list