noresetcounter + NULL radacct records (First Connection)
Neville
nev at itsnev.co.uk
Tue Sep 8 13:02:58 CEST 2009
Hi,
On occasions sqlcounter does not seem to work correctly, especially for NEW
User that have no radacct details.
After doing some digging, I've identified the issue only to happen on the
first ever connect of the user in a new account.
As you will see from the sql below, if no integer is returned (NULL), then
Max-All-Sessions and the correct setting of is ignored and Session-Timeout
is skipped.
How can I address the NULL response for newly created accounts?
rlm_sqlcounter: Entering module authorize code
sqlcounter_expand: 'SELECT SUM(AcctSessionTime) FROM radacct WHERE
UserName='%{User-Name}''
[noresetcounter] expand: SELECT SUM(AcctSessionTime) FROM radacct
WHERE UserName='%{User-Name}' -> SELECT SUM(AcctSessionTime) FROM radacct
WHERE UserName='6cmy75HS'
sqlcounter_expand: '%{sql:SELECT SUM(AcctSessionTime) FROM radacct WHERE
UserName='6cmy75HS'}'
[noresetcounter] sql_xlat
[noresetcounter] expand: %{User-Name} -> 6cmy75HS
[noresetcounter] sql_set_user escaped user --> '6cmy75HS'
[noresetcounter] expand: SELECT SUM(AcctSessionTime) FROM radacct
WHERE UserName='6cmy75HS' -> SELECT SUM(AcctSessionTime) FROM radacct WHERE
UserName='6cmy75HS'
rlm_sql (sql): Reserving sql socket id: 3
[noresetcounter] row[0] returned NULL
rlm_sql (sql): Released sql socket id: 3
[noresetcounter] expand: %{sql:SELECT SUM(AcctSessionTime) FROM
radacct WHERE UserName='6cmy75HS'} ->
rlm_sqlcounter: No integer found in string ""
The ABOVE line is the problem, due to the SELECT returning a NULL
++[noresetcounter] returns noop
Sending Access-Accept of id 177 to XX.XX.XX.XX port 54355
Idle-Timeout := 1800
Framed-MTU = 1488
Framed-Protocol = PPP
Service-Type = Framed-User
Acct-Interim-Interval := 300
Session-Timeout = 603484
MS-CHAP2-Success =
0xd2533d31333338414131333436353632453637323542433941374634463245413639444346343943333938
MS-MPPE-Recv-Key = 0xaab9e0a9c6918c64dfa042b3d84e808e
MS-MPPE-Send-Key = 0xd2411e9ea8653fd25e550e5cbdbfa3e3
MS-MPPE-Encryption-Policy = 0x00000001
MS-MPPE-Encryption-Types = 0x00000006
Framed-IP-Address = 192.168.0.27
Framed-IP-Netmask = 255.255.255.0
After connecting and disconnecting in order to create some entrys for this
user in radacct table, success as session-timeout is set correctly.
rlm_sqlcounter: Entering module authorize code
sqlcounter_expand: 'SELECT SUM(AcctSessionTime) FROM radacct WHERE
UserName='%{User-Name}''
[noresetcounter] expand: SELECT SUM(AcctSessionTime) FROM radacct
WHERE UserName='%{User-Name}' -> SELECT SUM(AcctSessionTime) FROM radacct
WHERE UserName='6cmy75HS'
sqlcounter_expand: '%{sql:SELECT SUM(AcctSessionTime) FROM radacct WHERE
UserName='6cmy75HS'}'
[noresetcounter] sql_xlat
[noresetcounter] expand: %{User-Name} -> 6cmy75HS
[noresetcounter] sql_set_user escaped user --> '6cmy75HS'
[noresetcounter] expand: SELECT SUM(AcctSessionTime) FROM radacct
WHERE UserName='6cmy75HS' -> SELECT SUM(AcctSessionTime) FROM radacct WHERE
UserName='6cmy75HS'
rlm_sql (sql): Reserving sql socket id: 2
[noresetcounter] sql_xlat finished
rlm_sql (sql): Released sql socket id: 2
[noresetcounter] expand: %{sql:SELECT SUM(AcctSessionTime) FROM
radacct WHERE UserName='6cmy75HS'} -> 23
rlm_sqlcounter: Check item is greater than query result
rlm_sqlcounter: Authorized user 6cmy75HS, check_item=3600, counter=23
rlm_sqlcounter: Sent Reply-Item for user 6cmy75HS, Type=Session-Timeout,
value=3577
++[noresetcounter] returns ok
Sending Access-Accept of id 180 to XX.XX.XX.XX port 60642
Idle-Timeout := 1800
Framed-MTU = 1488
Framed-Protocol = PPP
Service-Type = Framed-User
Acct-Interim-Interval := 300
Session-Timeout = 3577
MS-CHAP2-Success =
0x21533d37374337313930393839303834464630413633303846464535443634343243314435313930373942
MS-MPPE-Recv-Key = 0xd1fff368e638b09b9960d9dba58f08cc
MS-MPPE-Send-Key = 0x2df743dda88067b995ffc736a5345f71
MS-MPPE-Encryption-Policy = 0x00000001
MS-MPPE-Encryption-Types = 0x00000006
Framed-IP-Address = 192.168.0.137
Framed-IP-Netmask = 255.255.255.0
Finished request 10.
Best Regards
Nev
More information about the Freeradius-Users
mailing list