Access-Reject based on internet usage?

Bacsó Márton Károly bacsom at hotmail.com
Tue May 5 08:32:12 CEST 2015 

Dear FreeRadius users!
 
I work in a secondary school in Hungary. We are trying to achieve complete WiFi coverage in the building with several TP-LINK WA901ND APs (running OpenWRT 14.07). I have successfully installed Freeradius 2.1.12 and Daloradius 0.9-9 on a Raspberry Pi B+. The system works great with many freeradius check attributes, but I have failed to implement any kind of usage limit based on downloads or uploads.
 
The AP sends the neccessary information to the server, because I can see daily/weekly/monthly/total internet usage statistics , but even if a user is over their quota the system gives them Access-Accept message. I know that without any captive portals, I won't be able to work with most of the reply attributes, but that is not I want to achieve. All I want is an Access-Reject message to the AP. (and to make my wish even more simple the 4Gb limit is enough for me)
 
I am really newbie with Linux, so forgive me if I write anything stupid. What I already tried is to follow the way I did with time based logins and add the following lines to these files.
 
******************************************
***
modules/Counter
***
counter maxmonthlydownload {
 filename = ${db_dir}/db.maxmonthlydownload
 key = User-Name
 count-attribute = Acct-Output-Octets
 reset = monthly
 counter-name = Monthly-Output-Octets
 check-name = CS-Output-Octets-Monthly
 cache-size = 5000
}
counter maxmonthlyupload {
 filename = ${db_dir}/db.maxmonthlyupload
 key = User-Name
 count-attribute = Acct-Input-Octets
 reset = monthly
 counter-name = Monthly-Input-Octets
 check-name = CS-Input-Octets-Monthly
 cache-size = 5000
}
***
sql/mysql/counter.conf
***
sqlcounter maxmonthlydownloadcounter {
       counter-name = Monthly-Output-Octets 
                check-name = CS-Output-Octets-Monthly 
                sqlmod-inst = sql
                key = User-Name
                reset = monthly
        query = "SELECT IFNULL(SUM(AcctOutputOctets),0) FROM radacct  WHERE UserName='%{%k}' AND UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime > '%b'"
}
sqlcounter maxmonthlyuploadcounter {
       counter-name = Monthly-Input-Octets 
                check-name = CS-Input-Octets-Monthly
                sqlmod-inst = sql
                key = User-Name
                reset = monthly
        query = "SELECT IFNULL(SUM(AcctInputOctets),0) FROM radacct  WHERE UserName='%{%k}' AND UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime > '%b'"
} 

***
sites-available/default
***

maxmonthlydownload
maxmonthlyupload
 
******************************************
 
Unfortunately it doesn't work. When I test the user name in the terminal window it gives Access-Accept, no matter what. What is interesting is that when I add any session time attributes I can see that in the terminal under Access-Accept message, but with Octets there is nothing.
 
Any help would be appreciated!
 
Márton Bacsó




Bacsó Márton Károly

bacsom at hotmail.com

M.: +36 20 3315753

http://digilecke.com

http://www.bacsomarton.com 
 		 	   		  
-------------- next part --------------
A non-text attachment was scrubbed...
Name: counter
Type: application/octet-stream
Size: 3769 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20150505/a0e68388/attachment-0002.obj>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: counter.conf
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20150505/a0e68388/attachment-0001.ksh>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: default
Type: application/octet-stream
Size: 18585 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20150505/a0e68388/attachment-0003.obj>

More information about the Freeradius-Users mailing list