freeradius 2GB problem

David Roze david at netexpertise.eu
Thu Mar 20 18:21:35 CET 2008 

Hi,

I've got the same issue. The check_item value wraps to -2G.
It gives a negative value with counter = 0 (no traffic from the user).
With a value of 200,000 of traffic, Check item - counter, becomes positive
again: -2147483648 - 200,000 > 0 as the result reaches the negative limit.

Would this be due to a check_item coded on a 32 bit field (eg int) I wonder?

Value in the SQL table is an INT(20) and displays correctly with a value >
2G.

David Roze
----
http://www.netexpertise.eu


-----Original Message-----
From: freeradius-users-bounces+david=netexpertise.eu at lists.freeradius.org
[mailto:freeradius-users-bounces+david=netexpertise.eu at lists.freeradius.org]
On Behalf Of Rahul Nakra
Sent: 19 March 2008 13:21
To: freeradius-users at lists.freeradius.org
Subject: freeradius 2GB problem

I am using freeradius 2.0. With the default schema which comes with that.
Following is the database entry. It shows a new user never logged in before.
If i give value of Max-All-Data 2147483646 it works fine. Anything above it
doesnt work. Attached is the radius log where it displays negative value for
sqlcounter.

mysql> select * from radcheck;
+----+----------+--------------+----+------------+
| id | username | attribute    | op | value      |
+----+----------+--------------+----+------------+
|  1 | rahul    | password     | == | rahul      |
|  2 | rahul    | Max-All-Data | := | 2147483648 |
+----+----------+--------------+----+------------+
2 rows in set (0.00 sec)


sqlcounter
--------------------------
sqlcounter usagelimitDOWN {
        counter-name = Max-All-Session-Data
        check-name = Max-All-Data
        reply-name = Mikrotik-Xmit-Limit
        sqlmod-inst = sql
        key = User-Name
        reset = never
        query="select SUM(acctinputoctets+acctoutputoctets) from radacct
where UserName='%{%k}'"
}


        User-Name = "rahul"
        User-Password = "rahul"
        NAS-IP-Address = 127.0.0.1
        NAS-Port = 1812
+- entering group authorize
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
    rlm_realm: No '@' in User-Name = "rahul", looking up realm NULL
    rlm_realm: No such realm "NULL"
++[suffix] returns noop
  rlm_eap: No EAP-Message, not doing EAP
++[eap] returns noop
++[unix] returns notfound
        expand: %{User-Name} -> rahul
rlm_sql (sql): sql_set_user escaped user --> 'rahul'
rlm_sql (sql): Reserving sql socket id: 4
        expand: SELECT id, username, attribute, value, op           FROM 
radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY 
id -> SELECT id, username, attribute, value, op           FROM radcheck 
WHERE username = 'rahul'           ORDER BY id
WARNING: Found User-Password == "...".
WARNING: Are you sure you don't mean Cleartext-Password?
WARNING: See "man rlm_pap" for more information.
rlm_sql (sql): User found in radcheck table
        expand: SELECT id, username, attribute, value, op           FROM 
radreply           WHERE username = '%{SQL-User-Name}'           ORDER BY 
id -> SELECT id, username, attribute, value, op           FROM radreply 
WHERE username = 'rahul'           ORDER BY id
        expand: SELECT groupname           FROM radusergroup           WHERE

username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT 
groupname           FROM radusergroup           WHERE username = 'rahul' 
ORDER BY priority
rlm_sql (sql): Released sql socket id: 4
++[sql] returns ok
rlm_sqlcounter: Entering module authorize code
sqlcounter_expand:  'select SUM(acctinputoctets+acctoutputoctets) from 
radacct where UserName='%{User-Name}''
        expand: select SUM(acctinputoctets+acctoutputoctets) from radacct 
where UserName='%{User-Name}' -> select 
SUM(acctinputoctets+acctoutputoctets) from radacct where UserName='rahul'
sqlcounter_expand:  '%{sql:select SUM(acctinputoctets+acctoutputoctets) from

radacct where UserName='rahul'}'
rlm_sql (sql): - sql_xlat
        expand: %{User-Name} -> rahul
rlm_sql (sql): sql_set_user escaped user --> 'rahul'
        expand: select SUM(acctinputoctets+acctoutputoctets) from radacct 
where UserName='rahul' -> select SUM(acctinputoctets+acctoutputoctets) from 
radacct where UserName='rahul'
rlm_sql (sql): Reserving sql socket id: 3
rlm_sql (sql): row[0] returned NULL
rlm_sql (sql): Released sql socket id: 3
        expand: %{sql:select SUM(acctinputoctets+acctoutputoctets) from 
radacct where UserName='rahul'} ->
rlm_sqlcounter: (Check item - counter) is less than zero
rlm_sqlcounter: Rejected user rahul, check_item=-2147483648, counter=0
++[usagelimitDOWN] returns reject
Invalid user (rlm_sqlcounter: Maximum never usage time reached): 
[rahul/rahul] (from client localhost port 1812)
  Found Post-Auth-Type Reject
+- entering group REJECT
        expand: %{User-Name} -> rahul
 attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 0 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 0
        Reply-Message = "Your maximum never usage time has been reached"
Waking up in 4.9 seconds.
Cleaning up request 0 ID 106 with timestamp +55
Ready to process requests.



Regards
Rahul Nakra



-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html

More information about the Freeradius-Users mailing list