How to solve alive user who actually has loged off

Mark Elkins mje at posix.co.za
Mon Jun 20 16:18:10 CEST 2005 

On Mon, 2005-06-20 at 18:54 +0800, ??? wrote:
> Hello everybody,
> 
> I am using freeradius-1.0.4.
> 
> In my situation, user "testuser" from domain "domain" logged from NAS 192.168.1.68, 
> 
> After a while,user "testuser" logged out,but the NAS did not send Accout-Stop packet(for some reason) and freeradius still 
> 
> thought that user "testuser" is alive,but  Actually user "testuser" has logged off.
> 
> I have set the Simulate-Use to 1 and now "testuser" can not log in any more from anywhere.
> 
> I use radwho and it output as follows:

Rather than just telling you to read the Documentation...I had a problem
with this and feel the documentation could do with some refinement.

First: Look at:- /usr/src/freeradius-1.0.4/doc/Simultaneous-Use

With flat files:

logged-in users are in the 'radutmp' file (something
like /usr/local/var/log/radius/radutmp). 'radwho' prints the file.
If 'checkrad' is set up to run, it should 'snmp' (or however its been
told to run) the NAS where the user was last seen - and if the NAS says
the user is no longer there, clear the radutmp entry and allow login.

With MySQL (which I use):

logged-in users are determined by SQL asking the accounting table for
the user where the 'stoptime' is Zero (ie - no stop record received).
The SQL looks like:
"SELECT COUNT(*) FROM ${acct_table1} WHERE UserName='%{SQL-User-Name}'
AND AcctStopTime = 0"
If 'checkrad' is programmed to run, It runs the SQL:
"SELECT RadAcctId, AcctSessionId, UserName, NASIPAddress, NASPortId,
FramedIPAddress, CallingStationId, FramedPr
otocol FROM ${acct_table1} WHERE UserName='%{SQL-User-Name}' AND
AcctStopTime = 0"
...
which gives it the NAS to go and ask.

Whether you use radutmp or SQL for checking Simultaneous-Use is also
determined by the setting for 'session' in 'radiusd.conf'. Mine looks
like:
session {
        # radutmp    <-- commented out.
        sql
}


-- 
  .  .     ___. .__      Posix Systems - Sth Africa.  e.164 VOIP ready
 /| /|       / /__       mje at posix.co.za  -  Mark J Elkins, Cisco CCIE
/ |/ |ARK \_/ /__ LKINS  Tel: +27 12 807 0590  Cell: +27 82 601 0496

More information about the Freeradius-Users mailing list