How to send disconnect message to the NAS?

Fri Sep 26 16:39:17 CEST 2014

Hi,
I want to send disconnect message to the user who has exceeded the limited
traffic. I have done the following steps:
1.  Create a sqlCounter:
  sqlcounter monthlytrafficcounter {
    counter-name = Monthly-Traffic
    check-name = Max-Monthly-Traffic
    reply-name = Monthly-Traffic-Limit
    sqlmod-inst = sql
    key = User-Name
    reset = monthly
    query = "SELECT SUM(acctinputoctets + acctoutputoctets) FROM radacct
WHERE U serName='%{%k}' AND UNIX_TIMESTAMP(AcctStartTime) > '%b'"
}

2. add the monthlytrafficcounter to "sites-enabled/default" authorize
section.

3. It worked when user login to NAS(NAS reject the user's request), but
failed when the user connection connected. The Accounting request like
following below:
================================================================
rad_recv: Accounting-Request packet from host NAS-IP port 48378, id=188 ,
length=175
        Acct-Status-Type = Interim-Update
        Acct-Session-Id = "1411720910-19"
        NAS-Port-Type = Virtual
        Service-Type = Framed-User
        NAS-Port = 19
        NAS-Port-Id = "radius"
        NAS-IP-Address = NAS-IP
        Called-Station-Id = "NAS-IP[4500]"
        Calling-Station-Id = "User-IP[5476]"
        User-Name = "kirito"
        Framed-IP-Address = 10.0.0.1
        Acct-Output-Octets = 549938
        Acct-Output-Packets = 602
        Acct-Input-Octets = 77110
        Acct-Input-Packets = 785
        Acct-Session-Time = 122
        NAS-Identifier = "strongSwan"
# Executing section preacct from file
/usr/local/etc/raddb/sites-enabled/default
+group preacct {
++[preprocess] = ok
[acct_unique] Hashing 'NAS-Port = 19,NAS-Identifier =
"strongSwan",NAS-IP-Addres s = NAS-IP,Acct-Session-Id =
"1411720910-19",User-Name = "kirito"'
[acct_unique] Acct-Unique-Session-ID = "afe2593237df22fa".
++[acct_unique] = ok
[suffix] No '@' in User-Name = "kirito", looking up realm NULL [suffix] No
such realm "NULL"
++[suffix] = noop
+} # group preacct = ok
# Executing section accounting from file
/usr/local/etc/raddb/sites-enabled/defa
ult
+group accounting {
[detail]        expand: %{Packet-Src-IP-Address} -> NAS-IP
[detail]        expand:
/usr/local/var/log/radius/radacct/%{%{Packet-Src-IP-Addr
ess}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d ->
/usr/local/var/log/radius/rad
acct/NAS-IP/detail-20140926
[detail]
/usr/local/var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-
Src-IPv6-Address}}/detail-%Y%m%d expands to
/usr/local/var/log/radius/radacct/11
6.251.216.197/detail-20140926
[detail]        expand: %t -> Fri Sep 26 21:19:07 2014
++[detail] = ok
[sql]   expand: %{Stripped-User-Name} ->
[sql]   ... expanding second conditional
[sql]   expand: %{User-Name} -> kirito
[sql]   expand: %{%{User-Name}:-DEFAULT} -> kirito
[sql]   expand: %{%{Stripped-User-Name}:-%{%{User-Name}:-DEFAULT}} -> kirito
[sql] sql_set_user escaped user --> 'kirito'
[sql]   expand: %{Acct-Input-Gigawords} ->
[sql]   ... expanding second conditional
[sql]   expand: %{Acct-Input-Octets} -> 77110
[sql]   expand: %{Acct-Output-Gigawords} ->
[sql]   ... expanding second conditional
[sql]   expand: %{Acct-Output-Octets} -> 549938
[sql]   expand:            UPDATE radacct           SET
framedipadd
ress = '%{Framed-IP-Address}',              acctsessiontime     =
'%{Acct-Sessio
n-Time}',              acctinputoctets     = '%{%{Acct-Input-Gigawords}:-0}'
<<
 32 |                                    '%{%{Acct-Input-Octets}:-0}',
    acctoutputoctets    = '%{%{Acct-Output-Gigawords}:-0}' << 32 |
                      '%{%{Acct-Output-Octets}:-0}'           WHERE
acctsessioni
d = '%{Acct-Session-Id}'           AND username        = '%{SQL-User-Name}'
      AND nasipaddress    = '%{NAS-IP-Address}' ->            UPDATE radacct
       SET              framedipaddress = '10.0.0.1',
acctsessionti
me     = '122',              acctinputoctets     = '0'  << 32 |
                   '77110',              acctoutputoctets    = '0' << 32 |
                              '549938'           WHERE acctsessionid =
'14117209
10-19'           AND username        = 'kirito'           AND na
rlm_sql (sql): Reserving sql socket id: 12 rlm_sql (sql): Released sql
socket id: 12
++[sql] = ok
++[exec] = noop
[attr_filter.accounting_response]       expand: %{User-Name} -> kirito
attr_filter: Matched entry DEFAULT at line 12
++[attr_filter.accounting_response] = updated
+} # group accounting = updated
Sending Accounting-Response of id 188 to NAS-IP port 48378 Finished request
6.
Cleaning up request 6 ID 188 with timestamp +157 Going to the next request
Ready to process requests.

=================================================================

I think it may have a way to send the Disconnect Message to NAS when
FreeRadius server get the Accounting-Request message. But I don't know how
do I do. 

Appreciate for your response.