Using rlm_rest for authorization and sqlcounters for session and bandwidth limits

Rohith Asrk rohith.asrk at
Fri Jun 22 17:11:51 CEST 2018

Hi everyone,

I'm working on a feature for being able to enforce session and bandwidth
limits on users using a web interface of django-freeradius.

I wish to authenticate the users using the rlm_rest module and use custom
defined sqlcounters for putting limits on users. For ex.,

sqlcounter dailybandwidthcounter {
        counter_name = Max-Daily-Session-Traffic
        check_name = Max-Daily-Session-Traffic
        sql_module_instance = sql
        key = 'User-Name'
        reset = daily
        Reply-Message = "Your daily bandwidth limit has reached"
        query = "SELECT sum(AcctOutputOctets) + sum(AcctInputOctets) FROM
radacct WHERE \
                 UserName = '%{${key}}' AND \
                 acctstarttime BETWEEN FROM_UNIXTIME('%%b') AND

I'm not sure about configuring the FreeRADIUS configuration for
accomplishing this. My authorize section looks like

authorize {
    # ...
    # ...

I wish to use the concept of radius groups to implement this feature, i.e.,
add instances of radgroupcheck with attributes like
Max-Daily-Session-Traffic so that the dailybandwidth counter checks it and
puts the limits.

I tried testing it with radclient and radtest but haven't been able to see
any results. Am I going the right way? Can anyone help me with the concept
of enforcing limits and also configuration?

Rohith ASRK

More information about the Freeradius-Users mailing list