Decisionmaking in FreeRADIUS & Check/Reply Items

Jan Mulders lastchancehotel at gmail.com
Wed Oct 11 03:49:54 CEST 2006 

Hello list,

I am trying to use the 'files' module of Freeradius to do
decisionmaking, based on information pulled in from the sql module,
and the sqlcounter thing.

First off, is this the right way of doing this? I want to assign users
a different Pool-Name for  each assigned speed, and send
Max-Download-Speed and Max-Upload-Speed vendor-specific variables to
the client on each request.

My actual problem relates to the following errors, pulled from radiusd -X:

............
Module: Loaded files
 files: usersfile = "/etc/raddb/users"
 files: acctusersfile = "/etc/raddb/acct_users"
 files: preproxy_usersfile = "/etc/raddb/preproxy_users"
 files: compat = "no"
[/etc/raddb/users]:214 WARNING! Check item "Pool-Name" ?found in reply
item list for user "DEFAULT". ?This attribute MUST go on the first
line with the other check items
[/etc/raddb/users]:214 WARNING! Check item "Max-Download-Rate" ?found
in reply item list for user "DEFAULT". ?This attribute MUST go on the
first line with the other check items
[/etc/raddb/users]:214 WARNING! Check item "Max-Upload-Rate" ?found in
reply item list for user "DEFAULT". ?This attribute MUST go on the
first line with the other check items
[/etc/raddb/users]:220 WARNING! Check item "Pool-Name" ?found in reply
item list for user "DEFAULT". ?This attribute MUST go on the first
line with the other check items
[/etc/raddb/users]:220 WARNING! Check item "Max-Download-Rate" ?found
in reply item list for user "DEFAULT". ?This attribute MUST go on the
first line with the other check items
[/etc/raddb/users]:220 WARNING! Check item "Max-Upload-Rate" ?found in
reply item list for user "DEFAULT". ?This attribute MUST go on the
first line with the other check items
[/etc/raddb/users]:226 WARNING! Check item "Pool-Name" ?found in reply
item list for user "DEFAULT". ?This attribute MUST go on the first
line with the other check items
[/etc/raddb/users]:226 WARNING! Check item "Max-Download-Rate" ?found
in reply item list for user "DEFAULT". ?This attribute MUST go on the
first line with the other check items
[/etc/raddb/users]:226 WARNING! Check item "Max-Upload-Rate" ?found in
reply item list for user "DEFAULT". ?This attribute MUST go on the
first line with the other check items
[/etc/raddb/users]:232 WARNING! Check item "Pool-Name" ?found in reply
item list for user "DEFAULT". ?This attribute MUST go on the first
line with the other check items
[/etc/raddb/users]:232 WARNING! Check item "Max-Download-Rate" ?found
in reply item list for user "DEFAULT". ?This attribute MUST go on the
first line with the other check items
[/etc/raddb/users]:232 WARNING! Check item "Max-Upload-Rate" ?found in
reply item list for user "DEFAULT". ?This attribute MUST go on the
first line with the other check items
Module: Instantiated files (files)
radiusd.conf: "files" modules aren't allowed in 'post-auth' sections
-- they have no such method.
radiusd.conf[327] Failed to parse post-auth section.
root at betabitch [/etc/raddb]#

The offending rules are in users:


DEFAULT User-Bytes-Used < 21474836480 , Group == "512k"
# user gets high speed service if under 20gb
        Pool-Name := "512k_high",
        Max-Download-Rate := 524288,
        Max-Upload-Rate := 262144

DEFAULT User-Bytes-Used > 21474836480 , Group == "512k"
# user gets low speed service if under 20gb
        Pool-Name := "512k_low",
        Max-Download-Rate := 262144,
        Max-Upload-Rate := 131072

DEFAULT User-Bytes-Used < 53687091200 , Group == "10m"
# user gets high speed service if under 50gb
        Pool-Name := "10m_high",
        Max-Download-Rate := 10485760,
        Max-Upload-Rate := 10485760

DEFAULT User-Bytes-Used > 53687091200 , Group == "10m"
# user gets low speed service if over 50gb
        Pool-Name := "10m_low",
        Max-Download-Rate := 1048576,
        Max-Upload-Rate := 1048576

But... but... the bottom 3 attributes *aren't* check attributes! I
want to *set* them! Or am I getting entirely the wrong end of the
stick here?

Can somebody point out how these rules are meant to be arranged, and
perhaps how I could do this in sql? It's all quite confusing.




##### radiusd.conf - important bits ######

sqlcounter monthlybytecounter {
                counter-name = User-Bytes-Used
                check-name = Max-User-Bytes
                sqlmod-inst = sql
                key = User-Name
                reset = monthly

                # this query is awesome in every way.
                # it selects the traffic used by the user since they
last paid for their subscription
                # and adds up the input and output bytes together to
get a composite usage figure.
                query = "SELECT SUM(AcctInputOcte..........................
        }

instantiate {
                monthlybytecounter

}

authorize {
                preprocess
                sql
}

authenticate {
                pap
}

preacct {
                preprocess
#               acct_unique
}

accounting {
                #acct_unique
                #detail
                radutmp # ?
                512k_high
                512k_low
                10m_high
                10m_low
                sql
}


session {
                #radutmp        # ?
                sql

}
post-auth {
                sql
                files
                512k_high
                512k_low
                10m_high
                10m_low

}




Thank you everyone :)

Jan

More information about the Freeradius-Users mailing list