On 19.5.2014 13:48, Phil Mayers wrote:
On 19/05/2014 11:52, Matej Žerovnik wrote:
This should update control record for 'dailycounter' and run it if user signs from Ethernet NAS port type. In case he logs in via wifi, system will skip execution of dailycounter and session-timeout will not be sent. Is my thinking correct? Yes, I think so.
Ok, will try it on my test installation...
What if I want to extend session timeout for a certain user? I've had success sending a COA packet with radclient. Is it possible to change it without running radclient? Not really. If you're extending a session timeout, that's in response to an external, non-RADIUS event e.g. administrative configuration, user self-service.
FreeRADIUS responds to RADIUS packets.
Can I create a custom sql table where I insert user name and wanted session length and radius will read that out and send COA to client? No, definitely not. FreeRADIUS is event-driven in response to radius packets.
I guess I could do a little DIY script that reads SQL database, sends CoA package with radclient and just put everything in cron.
Is it possible to somehow get the current set session-timeout for a certain user? You could log the value you returned in post-auth with linelog or sql.
I think that will work...
If not, can I somehow store it in a database on login or update? Login yes, as above. Update no - as mentioned this is a non-RADIUS event.
I guess I could store it on login and then use the script from above to update session-timeout field in my sql table. After update, I would send the CoA package using radclient. Is there a php radius client available, so that I don't need to call external programs? I know all this is not the best solution, but it still seems the best way to extend sessions for one user on all NAS-es. The other option would be to update max-session-time and tell user to reconnect, but I would like for users to be as painless as possible. Matej