RADIUS + MySQL + decisionmaking?

Jan Mulders lastchancehotel at gmail.com
Wed Sep 27 21:26:56 CEST 2006


Thanks for your help. I ended up pulling the accounting counter part
out completely and did it via a cronjob that changed the user's group
- and have implemented the detail log as suggested.

Thank you,

Jan

On 27/09/06, Guy Fraser <guy at incentre.net> wrote:
> On Wed, 2006-09-27 at 02:47 +0100, Jan Mulders wrote:
> > Hello,
> >
> > I am trying to set up some decision-making logic into FreeRADIUS, to
> > assign users a different speed of service depending on how much
> > bandwidth they've used since their billing started.
> >
> > I want to issue 512k speed to users in group A, who have used less
> > than 20GB of bandwidth (monthlybytecounter is working fine at the
> > moment and totals this up nicely). However, if they've used more than
> > 20GB, I want to issue 256k speed to users.
> >
> > For group B, I want users to get 10Mbps as long as they've used less
> > than 50GB of bandwidth, and 1Mbps if they're over.
> >
> > I want to assign the values for speed to some vendor-specific
> > variable, let's say Max-User-Speed.
> >
>
> Hi
>
> I am replying because I haven't seen any other replies.
>
> The Attribute you use will depend on the "NAS" equipment
> you are using. Check the documentation and dictionaries
> for your radius client.
>
> > I am using MySQL for this. Here is a snippet from my database:
> >
> > radcheck table:
> >
> > username, attribute, op, value
> > testuser1, Password, ==, testing
> >
> > usergroup table:
> >
> > username, groupname
> > testuser1, groupa
> >
> >
> > Here is a snippet from my radiusd.conf file:
> >
> > instantiate {
> >                 monthlybytecounter
> > }
> >
> > authorize {
> >                 preprocess
> >                 sql
> > }
> >
> > authenticate {
> >                 pap
> > }
> >
> > preacct {
> >                 preprocess
> > }
> >
> > accounting {
> >                 #acct_unique
> >                 #detail
> >                 sql
> >                 radutmp # ?
> > }
> >
> >
> > session {
> >                 radutmp # ?
> >                 sql
> >
> > }
> >
> > My question is... how do I implement this? Can anyone write down a few
> > examples of how I'd go about making these rules?
> >
> > Would I perhaps be better off making a cronjob or something that
> > changes the user's group to one of the following? groupA_belowcap,
> > groupA_overcap, groupB_belowcap, groupB_overcap?
> >
> I do not usually work with MySQL but you are on the right track
> using a counter but you didn't say if it was an sql_counter, which
> is what I would use. I would also drop the "radutmp" bits, and do
> everything from SQL. One other note, I usually keep the "detail"
> bits, for archival purposes in case of a dispute.
>
> As for examples, this is as close as I can give you with the bits
> you want :
> --- snip ---
> modules {
>         detail acct_log {
>                 detailfile = ${radacctdir}/%Y/%m/detail-%Y%m%d
>                 detailperm = 0640
>                 dirperm = 0750
>         }
>         sqlcounter dailycounter {
>                 counter-name = Daily-Session-Time
>                 check-name = Max-Daily-Session
>                 sqlmod-inst = sql
>                 key = User-Name
>                 reset = daily
>                 query = "SELECT SUM(AcctSessionTime - \
>                  GREATEST((%b - UNIX_TIMESTAMP(AcctStartTime)), 0)) \
>                  FROM radacct WHERE UserName='%{%k}' AND \
>                  UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime > '%b'"
>         }
>         sqlcounter monthlycounter {
>                 counter-name = Monthly-Session-Time
>                 check-name = Max-Monthly-Session
>                 sqlmod-inst = sql
>                 key = User-Name
>                 reset = monthly
>                 query = "SELECT SUM(AcctSessionTime - \
>                  GREATEST((%b - UNIX_TIMESTAMP(AcctStartTime)), 0)) \
>                  FROM radacct WHERE UserName='%{%k}' AND \
>                  UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime > '%b'"
>         }
> }
> instantiate {
>         dailycounter
>         monthlycounter
> }
> authorize {
>         sql
>         dailycounter
>         monthlycounter
> }
> accounting {
>         acct_log
>         sql
> }
> session {
>         sql
> }
> --- snip ---
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>



More information about the Freeradius-Users mailing list