sql counter is not working
Randeep
randeep123 at gmail.com
Thu Jun 25 07:35:22 CEST 2015
Hi Alan,
In Authorize section,
I have added this.
testcounter {
reject = 1
}
if (reject) {
update reply {
Reply-Message := "You have reached your transfer
limit. Limited bandwitch"
}
update control {
Auth-Type := "Accept"
Mikrotik-Rate-Limit = "512k/512k"
}
}
But it is still rejecting the request.
Please see the logs below:
rad_recv: Access-Request packet from host 192.168.1.1 port 49909, id=16,
length=194
NAS-Port-Type = Ethernet
Calling-Station-Id = "38:63:BB:AA:23:C8"
Called-Station-Id = "server1"
NAS-Port-Id = "LAN"
User-Name = "randeep"
NAS-Port = 2151677957
Acct-Session-Id = "80400005"
Framed-IP-Address = 192.168.1.178
Mikrotik-Host-IP = 192.168.1.178
CHAP-Challenge = 0x4baef28ea406d49bb458d208906128d8
CHAP-Password = 0xcfee47d6e2bef349d10af8145eeb71d303
Service-Type = Login-User
WISPr-Logoff-URL = "http://192.168.1.1/logout"
NAS-Identifier = "MikroTik"
NAS-IP-Address = 192.168.1.1
Thu Jun 25 10:47:11 2015 : Info: # Executing section authorize from file
/etc/raddb/sites-enabled/default
Thu Jun 25 10:47:11 2015 : Info: +- entering group authorize {...}
Thu Jun 25 10:47:11 2015 : Info: ++[preprocess] returns ok
Thu Jun 25 10:47:11 2015 : Info: [auth_log] expand:
/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d ->
/var/log/radius/radacct/192.168.1.1/auth-detail-20150625
Thu Jun 25 10:47:11 2015 : Info: [auth_log] /var/log/radius/radacct/%{
Client-IP-Address}/auth-detail-%Y%m%d expands to /var/log/radius/radacct/
192.168.1.1/auth-detail-20150625
Thu Jun 25 10:47:11 2015 : Info: [auth_log] expand: %t -> Thu Jun 25
10:47:11 2015
Thu Jun 25 10:47:11 2015 : Info: ++[auth_log] returns ok
Thu Jun 25 10:47:11 2015 : Info: [chap] Setting 'Auth-Type := CHAP'
Thu Jun 25 10:47:11 2015 : Info: ++[chap] returns ok
Thu Jun 25 10:47:11 2015 : Info: ++[mschap] returns noop
Thu Jun 25 10:47:11 2015 : Info: [suffix] No '@' in User-Name = "randeep",
looking up realm NULL
Thu Jun 25 10:47:11 2015 : Info: [suffix] No such realm "NULL"
Thu Jun 25 10:47:11 2015 : Info: ++[suffix] returns noop
Thu Jun 25 10:47:11 2015 : Info: [eap] No EAP-Message, not doing EAP
Thu Jun 25 10:47:11 2015 : Info: ++[eap] returns noop
Thu Jun 25 10:47:11 2015 : Info: ++[files] returns noop
Thu Jun 25 10:47:11 2015 : Info: [sql] expand: %{User-Name} -> randeep
Thu Jun 25 10:47:11 2015 : Info: [sql] sql_set_user escaped user -->
'randeep'
Thu Jun 25 10:47:11 2015 : Debug: rlm_sql (sql): Reserving sql socket id: 3
Thu Jun 25 10:47:11 2015 : Info: [sql] expand: SELECT id, username,
attribute, value, op FROM radcheck WHERE username =
'%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute,
value, op FROM radcheck WHERE username =
'randeep' ORDER BY id
Thu Jun 25 10:47:11 2015 : Debug: WARNING: Found User-Password == "...".
Thu Jun 25 10:47:11 2015 : Debug: WARNING: Are you sure you don't mean
Cleartext-Password?
Thu Jun 25 10:47:11 2015 : Debug: WARNING: See "man rlm_pap" for more
information.
Thu Jun 25 10:47:11 2015 : Info: [sql] User found in radcheck table
Thu Jun 25 10:47:11 2015 : Info: [sql] expand: SELECT id, username,
attribute, value, op FROM radreply WHERE username =
'%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute,
value, op FROM radreply WHERE username =
'randeep' ORDER BY id
Thu Jun 25 10:47:11 2015 : Info: [sql] expand: SELECT groupname
FROM radusergroup WHERE username = '%{SQL-User-Name}'
ORDER BY priority -> SELECT groupname FROM radusergroup
WHERE username = 'randeep' ORDER BY priority
Thu Jun 25 10:47:11 2015 : Info: [sql] expand: SELECT id, groupname,
attribute, Value, op FROM radgroupcheck WHERE
groupname = '%{Sql-Group}' ORDER BY id -> SELECT id, groupname,
attribute, Value, op FROM radgroupcheck WHERE
groupname = 'admins' ORDER BY id
Thu Jun 25 10:47:11 2015 : Info: [sql] User found in group admins
Thu Jun 25 10:47:11 2015 : Info: [sql] expand: SELECT id, groupname,
attribute, value, op FROM radgroupreply WHERE
groupname = '%{Sql-Group}' ORDER BY id -> SELECT id, groupname,
attribute, value, op FROM radgroupreply WHERE
groupname = 'admins' ORDER BY id
Thu Jun 25 10:47:11 2015 : Debug: rlm_sql (sql): Released sql socket id: 3
Thu Jun 25 10:47:11 2015 : Info: ++[sql] returns ok
Thu Jun 25 10:47:11 2015 : Debug: rlm_sqlcounter: Entering module authorize
code
Thu Jun 25 10:47:11 2015 : Debug: sqlcounter_expand: 'SELECT
SUM(acctinputoctets) + SUM(acctoutputoctets) FROM radacct WHERE
username='%{User-Name}''
Thu Jun 25 10:47:11 2015 : Info: [testcounter] expand: SELECT
SUM(acctinputoctets) + SUM(acctoutputoctets) FROM radacct WHERE
username='%{User-Name}' -> SELECT SUM(acctinputoctets) +
SUM(acctoutputoctets) FROM radacct WHERE username='randeep'
Thu Jun 25 10:47:11 2015 : Debug: WARNING: Please replace '%S' with
'${sqlmod-inst}'
Thu Jun 25 10:47:11 2015 : Debug: sqlcounter_expand: '%{sql:SELECT
SUM(acctinputoctets) + SUM(acctoutputoctets) FROM radacct WHERE
username='randeep'}'
Thu Jun 25 10:47:11 2015 : Info: [testcounter] sql_xlat
Thu Jun 25 10:47:11 2015 : Info: [testcounter] expand: %{User-Name} ->
randeep
Thu Jun 25 10:47:11 2015 : Info: [testcounter] sql_set_user escaped user
--> 'randeep'
Thu Jun 25 10:47:11 2015 : Info: [testcounter] expand: SELECT
SUM(acctinputoctets) + SUM(acctoutputoctets) FROM radacct WHERE
username='randeep' -> SELECT SUM(acctinputoctets) + SUM(acctoutputoctets)
FROM radacct WHERE username='randeep'
Thu Jun 25 10:47:11 2015 : Debug: rlm_sql (sql): Reserving sql socket id: 2
Thu Jun 25 10:47:11 2015 : Info: [testcounter] sql_xlat finished
Thu Jun 25 10:47:11 2015 : Debug: rlm_sql (sql): Released sql socket id: 2
Thu Jun 25 10:47:11 2015 : Info: [testcounter] expand: %{sql:SELECT
SUM(acctinputoctets) + SUM(acctoutputoctets) FROM radacct WHERE
username='randeep'} -> 42164020
Thu Jun 25 10:47:11 2015 : Debug: rlm_sqlcounter: (Check item - counter) is
less than zero
Thu Jun 25 10:47:11 2015 : Debug: rlm_sqlcounter: Rejected user randeep,
check_item=10240000, counter=42164020
Thu Jun 25 10:47:11 2015 : Info: ++[testcounter] returns reject
Thu Jun 25 10:47:11 2015 : Info: ++? if (reject)
Thu Jun 25 10:47:11 2015 : Info: ? Evaluating (reject) -> TRUE
Thu Jun 25 10:47:11 2015 : Info: ++? if (reject) -> TRUE
Thu Jun 25 10:47:11 2015 : Info: ++- entering if (reject) {...}
Thu Jun 25 10:47:11 2015 : Info: +++[reply] returns reject
Thu Jun 25 10:47:11 2015 : Info: +++[control] returns reject
Thu Jun 25 10:47:11 2015 : Info: ++- if (reject) returns reject
Thu Jun 25 10:47:11 2015 : Auth: Invalid user (rlm_sqlcounter: Maximum
monthly usage time reached): [randeep] (from client mikrotik port
2151677957 cli 38:63:BB:AA:23:C8)
Thu Jun 25 10:47:11 2015 : Info: Using Post-Auth-Type Reject
Thu Jun 25 10:47:11 2015 : Info: # Executing group from file
/etc/raddb/sites-enabled/default
Thu Jun 25 10:47:11 2015 : Info: +- entering group REJECT {...}
Thu Jun 25 10:47:11 2015 : Info: [attr_filter.access_reject] expand:
%{User-Name} -> randeep
Thu Jun 25 10:47:11 2015 : Debug: attr_filter: Matched entry DEFAULT at
line 11
Thu Jun 25 10:47:11 2015 : Info: ++[attr_filter.access_reject] returns
updated
Thu Jun 25 10:47:11 2015 : Info: Delaying reject of request 0 for 1 seconds
Thu Jun 25 10:47:11 2015 : Debug: Going to the next request
Thu Jun 25 10:47:11 2015 : Debug: Waking up in 0.9 seconds.
rad_recv: Access-Request packet from host 192.168.1.1 port 49909, id=16,
length=194
Thu Jun 25 10:47:11 2015 : Info: Waiting to send Access-Reject to client
mikrotik port 49909 - ID: 16
Thu Jun 25 10:47:11 2015 : Debug: Waking up in 0.6 seconds.
rad_recv: Access-Request packet from host 192.168.1.1 port 49909, id=16,
length=194
Thu Jun 25 10:47:11 2015 : Info: Waiting to send Access-Reject to client
mikrotik port 49909 - ID: 16
Thu Jun 25 10:47:11 2015 : Debug: Waking up in 0.3 seconds.
Thu Jun 25 10:47:12 2015 : Info: Sending delayed reject for request 0
Sending Access-Reject of id 16 to 192.168.1.1 port 49909
Reply-Message = "You have reached your transfer limit. Limited
bandwitch"
Thu Jun 25 10:47:12 2015 : Debug: Waking up in 4.9 seconds.
Am I doing something wrong?
Regards,
Randeep
On Wed, Jun 24, 2015 at 6:25 PM, Alan DeKok <aland at deployingradius.com>
wrote:
> On Jun 24, 2015, at 8:21 AM, Randeep <randeep123 at gmail.com> wrote:
> > We are having a unlimit plan with after 30GB there will be FUP applied.
> > Initlially the speed will be 4 mbps and after 30G the speed will be
> 2mbps.
>
> That's possible.
>
> > But the counter is not working:
>
> No, it's working as documented. If you want it to do something else,
> configure it to do something else.
>
> > It is just not letting the user log in. If the limit is reached it is
> > sending access-reject instead of letting the user login with less
> internet
> > speed. Please see then logs below.
>
> You should edit the "authorize" section, and do:
>
> authorize {
> ...
>
> sqlcounter {
> reject = 1
> }
>
> if (reject) {
> # set 2mbps
>
> }
> else {
> # set 4mbps
> }
>
> Alan DeKok.
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
--
Randeep
Mob: +919447831699[kerala]
Mob: +919880050349[B'lore]
http://twitter.com/Randeeppr
http://in.linkedin.com/in/randeeppr
[image: --]
Randeep Raman
[image: http://]about.me/Randeeppr
<http://about.me/Randeeppr>
More information about the Freeradius-Users
mailing list