Simultaneos-Use in login for same mac-address

Ivan Kalik tnt at kalik.net
Fri Jun 6 16:58:49 CEST 2008 

No. There is no simultaneous login here:

session1:

start: 11:08:45
stop: 11:08:46

session2:

start: 11:08:49

Ivan Kalik
Kalik Informatika ISP


Dana 6/6/2008, "Jean Carlos Oliveira Guandalini"
<jeanguandalini at visaonet.com.br> piše:

>Hello,
>
>we have a problem of mac-address clone, and we use the Simultaneous-Use: 
>= 1 option to not allow double login, but when this is a case of the 
>clone mac-address the freeradius allows the connection.
>
>Log of sql.trace:
>INSERT into radpostauth (id, user, pass, reply, date) values ('', 
>'userlogin', '290476', 'Access-Accept', NOW());
>INSERT into radacct (AcctSessionId, AcctUniqueId, UserName, Realm, 
>NASIPAddress, NASPortId, NASPortType, AcctStartTime, AcctStopTime, 
>AcctSessionTime, AcctAuthentic, ConnectInfo_start, ConnectInfo_stop, 
>AcctInputOctets, AcctOutputOctets, CalledStationId, CallingStationId, 
>AcctTerminateCause, ServiceType, FramedProtocol, FramedIPAddress, 
>AcctStartDelay, AcctStopDelay) values('81b00935', 'bcc93b20ea389f59', 
>'userlogin', '', '10.0.6.10', '2447', 'Ethernet', '2008-06-06 11:08:45', 
>'0', '0', 'RADIUS', '', '', '0', '0', 'INTERNET', '00:4F:62:0A:1F:BF', 
>'', 'Framed-User', 'PPP', '111.111.111.111', '0', '0');
>UPDATE radacct SET AcctStopTime = '2008-06-06 11:08:46', AcctSessionTime 
>= '0', AcctInputOctets = '0', AcctOutputOctets = '0', AcctTerminateCause 
>= '', AcctStopDelay = '0', ConnectInfo_stop = '' WHERE AcctSessionId = 
>'81b00935' AND UserName = 'userlogin' AND NASIPAddress = '10.0.6.10';
>INSERT into radpostauth (id, user, pass, reply, date) values ('', 
>'userlogin', '290476', 'Access-Accept', NOW());
>INSERT into radacct (AcctSessionId, AcctUniqueId, UserName, Realm, 
>NASIPAddress, NASPortId, NASPortType, AcctStartTime, AcctStopTime, 
>AcctSessionTime, AcctAuthentic, ConnectInfo_start, ConnectInfo_stop, 
>AcctInputOctets, AcctOutputOctets, CalledStationId, CallingStationId, 
>AcctTerminateCause, ServiceType, FramedProtocol, FramedIPAddress, 
>AcctStartDelay, AcctStopDelay) values('81b00936', '3f7c1d06dbd205d4', 
>'userlogin', '', '10.0.6.10', '2448', 'Ethernet', '2008-06-06 11:08:49', 
>'0', '0', 'RADIUS', '', '', '0', '0', 'INTERNET', '00:4F:62:0A:1F:BF', 
>'', 'Framed-User', 'PPP', '111.111.111.111', '0', '0');
>
>
>Queries in sql.conf:
>simul_count_query = "SELECT COUNT(*) FROM ${acct_table1} WHERE 
>UserName='%{SQL-User-Name}' AND AcctStopTime = 0"
>simul_verify_query = "SELECT RadAcctId, AcctSessionId, UserName, 
>NASIPAddress, NASPortId, FramedIPAddress, CallingStationId, 
>FramedProtocol FROM ${acct_table1} WHERE UserName='%{SQL-User-Name}' AND 
>AcctStopTime = 0"
>
>
>despite the mac-address to match are two different users, and the second 
>to connect without first disconnecting was before.
>Is there any possibliidade to block it?
>
>
>Thanks
>
>Sorry for my english (By Google Tradutor)
>
>-- 
>Jean Carlos Oliveira Guandalini
>Dep. de Redes e Infra-estrutura
>VisăoNet Tecnologia e Telecomunicaçőes
>0800-643-5025
>
>-
>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>

More information about the Freeradius-Users mailing list