Anonymuser Limitation
myxmail1919 at yahoo.com
myxmail1919 at yahoo.com
Thu May 16 14:59:46 CEST 2019
@Alan DeKok
so first i used sql daily counters, but it didnt work ! bcs as i know its works only for predefined users,
then i made an sql query in authorization section to check data usage for last 24 hours
if("%{sql:SELECT SUM(acctoutputoctets) FROM radacct WHERE username = '%{User-Name}' AND acctstarttime BETWEEN NOW()-INTERVAL 1 DAY AND NOW() having SUM(acctoutputoctets) < 314572800 }" > 1 ) {
ok
update control {
Auth-Type := Accept
}
} else {
reject
}
its didnt work in some networks , because only authentication and accounting packets are sent and not authorization , every networks has more than 2.000 auth req per minute and where authorization packets are sent it gonna be huge load on mysql and sessions takes long time to be stablished and often session time out ...!
thanks
On Thursday, May 16, 2019, 2:44:30 PM GMT+2, Alan DeKok <aland at deployingradius.com> wrote:
On May 16, 2019, at 7:52 AM, myxmail1919--- via Freeradius-Users <freeradius-users at lists.freeradius.org> wrote:
> its a log time i tm trying to limit anonymusers in freeradius, i have tried many things but somehow not working or not stable !have an idea ! is it possible to put anonym user in the group and make some group policies ?im trying to limit time and data usage for anonymusers who login with mac address ! im really get mad about this ! i got this task 2 month ago and i cant finish it !
> would you please help me ? Thanks
If you want to limit time / data usage, then you can key off of Calling-Station-Id, instead of User-Name.
Perhaps you could give a *clear description* of what you did. See the docs at http://wiki.freeradius.org/list-help
Right now, it's just "I tried stuff and it didn't work". There's no way we can give any useful advice here.
Alan DeKok.
More information about the Freeradius-Users
mailing list