Hello, I installed freeradius with SQL module but when I try to connect it always says : (Check item - counter) is less than zero Rejected user test, check_item=0, counter=1139 I have define the check-name in my counter (Max-All-Session) and I have a line for each user in the database with Max-All-Session attribute and other line for other parameter like password... I don't understand why it always return 0. I tried with another query for my counter which return a negative number but after it's transformed into unsigned integer and the soustraction doesn't work. Thanks for yout help. -- View this message in context: http://freeradius.1045715.n5.nabble.com/Problem-with-max-all-session-check-t... Sent from the FreeRadius - User mailing list archive at Nabble.com.
Sorry for the log. I forgot to post it : Ready to process requests. rad_recv: Access-Request packet from host 192.168.182.1 port 34135, id=0, length=218 User-Name = "bcmybc" CHAP-Challenge = 0x882ad5b896682e7ed4239986eeb84ddd CHAP-Password = 0x00e246d4ee106a0cc62dbc36f76c8c373a NAS-IP-Address = 192.168.182.1 Service-Type = Login-User Framed-IP-Address = 192.168.182.4 Calling-Station-Id = "00-D0-C9-B4-C5-F4" Called-Station-Id = "00-90-05-02-FA-46" NAS-Identifier = "hotspot" Acct-Session-Id = "4e2e656a00000000" NAS-Port-Type = Wireless-802.11 NAS-Port = 0 Message-Authenticator = 0x0c9d727f78723a21ae18be33d2937769 WISPr-Logoff-URL = "http://192.168.182.1:3990/logoff" # Executing section authorize from file /etc/freeradius/sites-enabled/default +- entering group authorize {...} ++[preprocess] returns ok [chap] Setting 'Auth-Type := CHAP' ++[chap] returns ok [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this. ++[pap] returns noop [suffix] No '@' in User-Name = "bcmybc", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [sql] expand: %{User-Name} -> bcmybc [sql] sql_set_user escaped user --> 'bcmybc' rlm_sql (sql): Reserving sql socket id: 3 [sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'bcmybc' ORDER BY id rlm_sql_mysql: query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'bcmybc' ORDER BY id [sql] User found in radcheck table [sql] expand: SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radreply WHERE username = 'bcmybc' ORDER BY id rlm_sql_mysql: query: SELECT id, username, attribute, value, op FROM radreply WHERE username = 'bcmybc' ORDER BY id [sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'bcmybc' ORDER BY priority rlm_sql_mysql: query: SELECT groupname FROM radusergroup WHERE username = 'bcmybc' ORDER BY priority rlm_sql (sql): Released sql socket id: 3 ++[sql] returns ok rlm_sqlcounter: Entering module authorize code sqlcounter_expand: 'SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='%{User-Name}'' [noresetcounter] expand: SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='%{User-Name}' -> SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='bcmybc' sqlcounter_expand: '%{sql:SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='bcmybc'}' [noresetcounter] sql_xlat [noresetcounter] expand: %{User-Name} -> bcmybc [noresetcounter] sql_set_user escaped user --> 'bcmybc' [noresetcounter] expand: SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='bcmybc' -> SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='bcmybc' [noresetcounter] expand: /var/log/freeradius/sqltrace.sql -> /var/log/freeradius/sqltrace.sql rlm_sql (sql): Reserving sql socket id: 2 rlm_sql_mysql: query: SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='bcmybc' [noresetcounter] sql_xlat finished rlm_sql (sql): Released sql socket id: 2 [noresetcounter] expand: %{sql:SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='bcmybc'} -> 220 *rlm_sqlcounter: (Check item - counter) is less than zero rlm_sqlcounter: Rejected user bcmybc, check_item=0, counter=220* ++[noresetcounter] returns reject Using Post-Auth-Type Reject # Executing group from file /etc/freeradius/sites-enabled/default +- entering group REJECT {...} [attr_filter.access_reject] expand: %{User-Name} -> bcmybc attr_filter: Matched entry DEFAULT at line 11 ++[attr_filter.access_reject] returns updated Delaying reject of request 0 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 0 Sending Access-Reject of id 0 to 192.168.182.1 port 34135 Reply-Message = "Your maximum never usage time has been reached" Waking up in 4.9 seconds. Cleaning up request 0 ID 0 with timestamp +28 Ready to process requests. As you can see check_item is zero and it never take the Max-All-Session attribute. This is my counter : sqlcounter noresetcounter { counter-name = Max-All-Session-Time check-name = Max-All-Session sqlmod-inst = sql key = User-Name reset = never query = "SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='%{%k}'" } Thanks. -- View this message in context: http://freeradius.1045715.n5.nabble.com/Problem-with-max-all-session-check-t... Sent from the FreeRadius - User mailing list archive at Nabble.com.
Ok ! My problem came from dictionary.freeradius.internal : Ihad a Max-All-Session attribute but with a String type instead of an Integer type. May be one day someone will have the same problem. -- View this message in context: http://freeradius.1045715.n5.nabble.com/Problem-with-max-all-session-check-t... Sent from the FreeRadius - User mailing list archive at Nabble.com.
participants (1)
-
ShR3K