You have not instantiated the counters in Post-Auth . Read more about counter and how it works and how you can enable the same.<br><br>Regards<br>Suman<br><br><div class="gmail_quote">On Sat, Oct 29, 2011 at 4:40 PM, senthil kumar <span dir="ltr"><<a href="mailto:senthilkumaar2021@gmail.com">senthilkumaar2021@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">Hello Team<br>
<br>
The user can authenticate and browse at any time. May i know which<br>
entry i have to add to make user 'test' deny authenticate after 1<br>
hour?<br>
<br>
When ever a user authenticates it is logged in radpostauth.<br>
<br>
In /etc/raddb/users file i have a user test "test"<br>
Cleartext-Password := "hello"<br>
<br>
my database details are as follows<br>
<br>
mysql> select * from radcheck;<br>
+----+----------+-----------------+----+-------+<br>
| id | username | attribute | op | value |<br>
+----+----------+-----------------+----+-------+<br>
| 45 | test | Max-All-Session | := | 540 |<br>
+----+----------+-----------------+----+-------+<br>
INSERT into radcheck VALUES ('','test','Max-All-Session',':=','5400');<br>
<br>
mysql> select * from radpostauth;<br>
+----+----------+------+---------------+---------------------+<br>
| id | username | pass | reply | authdate |<br>
+----+----------+------+---------------+---------------------+<br>
| 54 | test | test | Access-Accept | 2011-10-19 13:59:18 |<br>
| 55 | test | test | Access-Accept | 2011-10-19 13:59:34 |<br>
| 56 | test | test | Access-Accept | 2011-10-19 14:22:57 |<br>
| 57 | test | test | Access-Accept | 2011-10-21 22:32:54 |<br>
| 58 | test | test | Access-Accept | 2011-10-25 15:11:34 |<br>
+----+----------+------+---------------+---------------------+<br>
5 rows in set (0.00 sec)<br>
<br>
radtest test hello localhost 0 testing123<br>
Sending Access-Request of id 67 to 127.0.0.1 port 1812<br>
User-Name = "test"<br>
User-Password = "hello"<br>
NAS-IP-Address = 127.0.0.1<br>
NAS-Port = 0<br>
rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=67, length=20<br>
<br>
<br>
Please help me , thanks in advance<br>
<br>
Thanks,<br>
Senthil<br>
<br>
On Tue, Oct 25, 2011 at 3:06 PM, senthil kumar<br>
<<a href="mailto:senthilkumaar2021@gmail.com">senthilkumaar2021@gmail.com</a>> wrote:<br>
> Thanks i will check in and let you know<br>
><br>
> On Sat, Oct 22, 2011 at 12:37 AM, Alan DeKok <<a href="mailto:aland@deployingradius.com">aland@deployingradius.com</a>> wrote:<br>
>> senthil kumar wrote:<br>
>>> I have installed free-radius in linux machine with accounting support<br>
>>> and was able to authenticate using radtest client.and also I was also<br>
>>> successfully authenticate with squid proxy server.<br>
>><br>
>> That's good to hear.<br>
>><br>
>>> I need to assign quota to squid users based on the weekly/hourly<br>
>>> basis. I need users radius server to return packet reject when time is<br>
>>> expired. is it possible in radius?<br>
>><br>
>> Yes. See the "counter" module, or the "sqlcounter" module.<br>
>><br>
>> The main issue is that they require the NAS to send accounting<br>
>> packets. I don't know if squid does that.<br>
>><br>
>>> I am using only linux machine with proxy server. whether NAS is needed?<br>
>><br>
>> In this case, squid is the NAS. (i.e. machine sending Access-Request)<br>
>><br>
>>> If so, can anyone help me in framing the rules for quota . eg 2 hours<br>
>>> a day. I have basic configuration and now when a user authenticates<br>
>>> login time is updated in the radpostauth.<br>
>><br>
>> This is documented in the sqlcounter module. Look there first.<br>
>><br>
>> Alan DeKok.<br>
>><br>
>><br>
>> -<br>
>> List info/subscribe/unsubscribe? See <a href="http://www.freeradius.org/list/users.html" target="_blank">http://www.freeradius.org/list/users.html</a><br>
>><br>
><br>
<br>
-<br>
List info/subscribe/unsubscribe? See <a href="http://www.freeradius.org/list/users.html" target="_blank">http://www.freeradius.org/list/users.html</a><br>
</blockquote></div><br>