Sir, Do you know of a good developer able to combine FreeRadius and FreeSide or another OpenSource Billing module, combined with setting up all the credit card and payment processing interfaces for a VoIP ISP operation? PK -----Original Message----- From: freeradius-devel-bounces@lists.freeradius.org [mailto:freeradius-devel-bounces@lists.freeradius.org] On Behalf Of Alexander M. Pravking Sent: Tuesday, August 02, 2005 9:49 PM To: freeradius-devel@lists.freeradius.org Subject: Some notes on recent changes First of all, I'd like to thank development team for great work done (I didn't keep trace of FreeRADIUS for some time). So I have some bug report (submitted to bugzilla) and some notes, hopefully useful for the project. The minimum-timeout of the rlm_logintime module is more likely to be a global post-authorization configuration option, i.e. if it's set, always check that Session-Timeout in reply of Access-Accept (if exists) is greater than specified, else reject the user. In doc/ChangeLog, virtual modules are mentioned, with a reference to "modules" section of radiusd.conf. However, a note on them is in "instantiate" section. For rlm_exec, it could be useful to set environment variables for script return codes, like char codestr[3]; snprintf(codestr, 3, "%d", RLM_MODULE_OK); setenv("RLM_MODULE_OK", codestr, 1); ... This may be done either after fork, or at module initialization, for the radiusd process itself. One may want to distinct zapped sessions from normally stopped ones. It's not good to extend standard RADIUS attributes, but how about to define a new value Acct-Terminate-Cause = Stale-Session and add it to the fake stop request? As an alternative, it might be a good idea to add an accounting_zap "method" for modules... In postgresql.conf, there are commented out authorize_check_query and authorize_reply_query noted as "for case sensitive usernames". First, that's wrong, they are for case-INsensitive searches. Second, for PostgreSQL it's more efficient to use lower(UserName) = lower('%{SQL-User-Name}') One using these queries might then want to build appropriate indices: CREATE INDEX radcheck_lower_username_idx ON radcheck (lower(UserName)); CREATE INDEX radreply_lower_username_idx ON radreply (lower(UserName)); The same for authorize_group_{check,reply}_query. I'd also recommend to replace most of VARCHAR(N) columns with TEXT in PostgreSQL database schema unless there's a real necessity to restrict their length at database level. Finally, TIMESTAMP WITH TIME ZONE may be written as TIMESTAMPTZ, which is much shorter ;) And there's no need to cast now() to timestamptz in queries - that's what it already is. -- Fduch M. Pravking - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/devel.html