FW: freeradius2.1.4--Simultaneous

蒋曙 jiangshu at seec.com.cn
Tue May 26 17:57:27 CEST 2009


 

 

 HI:

 

I use freebsd7.0+mysql+freeradius2.1.4

 

     Can use the raidus data base to be hit by a consumer at the same time,
by verifying with a consumer. But, I am put into use coming to control a
consumer "Simultaneous" in raidus. When condition now is that second
consumers log on,before acctstoptime in billing form renew with classics.
But, nas does not initiate consumer time line information kit. (The consumer
continues using a network). Feel that the radius does not send out
acc-reject or acc-stop Bao Lai stops using a family. 

 

Thank you!

 

System

localhost# whereis perl

perl: /usr/bin/perl /usr/local/man/man1/perl.1

localhost# whereis snmpget

snmpget: /usr/local/bin/snmpget /usr/local/man/man1/snmpget.1

 

 

 

 

Cisco config 

aaa authentication enable default none

aaa authentication dot1x default group radius

aaa authorization network default group radius

aaa accounting send stop-record authentication failure

aaa accounting suppress null-username

aaa accounting session-duration ntp-adjusted

aaa accounting update newinfo periodic 5

aaa accounting dot1x default start-stop group radius

aaa accounting network default start-stop group radius

aaa accounting connection default start-stop group radius

aaa accounting resource default start-stop-failure group radius

interface FastEthernet0/1

 switchport mode access

 dot1x pae authenticator

 dot1x port-control auto

 dot1x violation-mode protect

 dot1x timeout quiet-period 2

 dot1x guest-vlan 3

 dot1x auth-fail vlan 4

 dot1x auth-fail max-attempts 2

 spanning-tree portfast

 

redius.conf

# Uncomment simul_count_query to enable simultaneous use checking

        simul_count_query = "SELECT COUNT(*) \

                             FROM ${acct_table1} \

                             WHERE username = '%{SQL-User-Name}' \

                             AND acctstoptime IS NULL"

 

 

INSERT INTO `radius`.`radgroupcheck` (`groupname` ,`attribute` ,`op`
,`value` )VALUES ( 'user', 'Simultaneous-Use', ':=', '1');

 

使用同一账号登录的时候,在mysql的radacct表中发现如下情况!不知道是否正常?
(我觉得这个不正常)。

 

mysql> select username,acctstarttime,acctstoptime from radacct where
username="jsh";

+----------+---------------------+---------------------+

| username | acctstarttime       | acctstoptime        |

+----------+---------------------+---------------------+

| jsh      | 2009-05-19 07:34:57 | 2009-05-19 07:35:49 | 

| jsh      | 2009-05-19 07:35:49 | NULL                           | 

+----------+---------------------+---------------------+

2 rows in set (0.00 sec)

 

mysql> 

 

sites-available/default 

 

accounting {

 

                    radutmp

                    ...

                    sql

                    ....

   }

session {

    #radutmp

      sql

}

…

…..

 

Mysql query is radacct,radpostauth

radacct


username 

acctstarttime 

acctstoptime 

count(*) 


jsh

2009-05-26 07:45:09

NULL

1

 

radpostauth

 


 

 
<http://192.168.0.1/phpadmin/tbl_change.php?db=radius&table=radpostauth&toke
n=9954b30f278d52fb0a59651606dd9117&primary_key=+%60radpostauth%60.%60id%60+%
3D+14&sql_query=SELECT+%2A+FROM+%60radpostauth%60&goto=sql.php> Edit

 
<http://192.168.0.1/phpadmin/sql.php?db=radius&table=radpostauth&token=9954b
30f278d52fb0a59651606dd9117&sql_query=DELETE+FROM+%60radpostauth%60+WHERE+%6
0radpostauth%60.%60id%60+%3D+14+LIMIT+1&zero_rows=The+row+has+been+deleted&g
oto=sql.php%3Fdb%3Dradius%26table%3Dradpostauth%26token%3D9954b30f278d52fb0a
59651606dd9117%26sql_query%3DSELECT%2B%252A%2BFROM%2B%2560radpostauth%2560%2
6zero_rows%3DThe%2Brow%2Bhas%2Bbeen%2Bdeleted%26goto%3Dtbl_structure.php>
Delete

14

jsh

 

Access-Accept

2009-05-26 07:30:04

 


 

 
<http://192.168.0.1/phpadmin/tbl_change.php?db=radius&table=radpostauth&toke
n=9954b30f278d52fb0a59651606dd9117&primary_key=+%60radpostauth%60.%60id%60+%
3D+15&sql_query=SELECT+%2A+FROM+%60radpostauth%60&goto=sql.php> Edit

 
<http://192.168.0.1/phpadmin/sql.php?db=radius&table=radpostauth&token=9954b
30f278d52fb0a59651606dd9117&sql_query=DELETE+FROM+%60radpostauth%60+WHERE+%6
0radpostauth%60.%60id%60+%3D+15+LIMIT+1&zero_rows=The+row+has+been+deleted&g
oto=sql.php%3Fdb%3Dradius%26table%3Dradpostauth%26token%3D9954b30f278d52fb0a
59651606dd9117%26sql_query%3DSELECT%2B%252A%2BFROM%2B%2560radpostauth%2560%2
6zero_rows%3DThe%2Brow%2Bhas%2Bbeen%2Bdeleted%26goto%3Dtbl_structure.php>
Delete

15

jsh

 

Access-Accept

2009-05-26 07:45:08

 


 

 
<http://192.168.0.1/phpadmin/tbl_change.php?db=radius&table=radpostauth&toke
n=9954b30f278d52fb0a59651606dd9117&primary_key=+%60radpostauth%60.%60id%60+%
3D+16&sql_query=SELECT+%2A+FROM+%60radpostauth%60&goto=sql.php> Edit

 
<http://192.168.0.1/phpadmin/sql.php?db=radius&table=radpostauth&token=9954b
30f278d52fb0a59651606dd9117&sql_query=DELETE+FROM+%60radpostauth%60+WHERE+%6
0radpostauth%60.%60id%60+%3D+16+LIMIT+1&zero_rows=The+row+has+been+deleted&g
oto=sql.php%3Fdb%3Dradius%26table%3Dradpostauth%26token%3D9954b30f278d52fb0a
59651606dd9117%26sql_query%3DSELECT%2B%252A%2BFROM%2B%2560radpostauth%2560%2
6zero_rows%3DThe%2Brow%2Bhas%2Bbeen%2Bdeleted%26goto%3Dtbl_structure.php>
Delete

16

jsh

 

Access-Accept

2009-05-26 07:45:08

 

 

 Radgroupcheck


 
<http://192.168.0.1/phpadmin/sql.php?db=radius&table=radgroupcheck&sql_query
=SELECT+%2A+FROM+%60radgroupcheck%60&goto=tbl_structure.php&dontlimitchars=1
&token=9954b30f278d52fb0a59651606dd9117> Full Texts

id 

groupname 

attribute 

op 

value 

 


 

 
<http://192.168.0.1/phpadmin/tbl_change.php?db=radius&table=radgroupcheck&to
ken=9954b30f278d52fb0a59651606dd9117&primary_key=+%60radgroupcheck%60.%60id%
60+%3D+1&sql_query=SELECT+%2A+FROM+%60radgroupcheck%60&goto=sql.php> Edit

 
<http://192.168.0.1/phpadmin/sql.php?db=radius&table=radgroupcheck&token=995
4b30f278d52fb0a59651606dd9117&sql_query=DELETE+FROM+%60radgroupcheck%60+WHER
E+%60radgroupcheck%60.%60id%60+%3D+1+LIMIT+1&zero_rows=The+row+has+been+dele
ted&goto=sql.php%3Fdb%3Dradius%26table%3Dradgroupcheck%26token%3D9954b30f278
d52fb0a59651606dd9117%26sql_query%3DSELECT%2B%252A%2BFROM%2B%2560radgroupche
ck%2560%26zero_rows%3DThe%2Brow%2Bhas%2Bbeen%2Bdeleted%26goto%3Dtbl_structur
e.php> Delete

1

user

Simultaneous-Use

:=

1


 

 

 

 

 

 

 

 

 

Nas


nasname 

shortname 

type 

ports 

secret 

community 

description 

 


 

192.168.0.100

cisco3560

cisco

1812

cisco

cisco3560

RADIUS Client


 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 


蒋  曙


财 讯 传 媒 集 团__信息技术部 

地址:北京市朝阳门外大街22号泛利大厦10层  100020 
Tel:010-85650282   Mobi:13810174932 
Fax:010-65880126 
MSN:mousejsh at hotmail.com

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20090526/9e40acf8/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.gif
Type: image/gif
Size: 401 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20090526/9e40acf8/attachment.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.gif
Type: image/gif
Size: 201 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20090526/9e40acf8/attachment-0001.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.gif
Type: image/gif
Size: 235 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20090526/9e40acf8/attachment-0002.gif>


More information about the Freeradius-Users mailing list