Unlang Condition Wrong Value !
Suman Dash
sumandash at gmail.com
Mon Aug 8 09:11:49 CEST 2011
I am trying to replace sqlcounter with Unland expression in Post Auth
Section. The values are successfully called but while storing in
Tmp-Interger those are stripped. Below are the logs .
As you can see from the logs that Mysql returns a value of 20989570594
But it's stored as 3557549056 for Tmp-Integer-0
The same happens to Tmp-Integer-1 due to which the expression output
becomes FALSE instead of TRUE.
Is this the limitation of Tmp-Integer as it is an 32bit int ?
##Post-Auth Section
sql
update control {
Tmp-Integer-0 := "%{sql:SELECT
IFNULL(SUM(AcctInputOctets)+SUM(AcctOutputOctets),0) \
FROM tbl_acct WHERE
UserName='%{User-Name}' \
AND
MONTH(acctstoptime) = MONTH(NOW()) \
AND YEAR(acctstoptime)
= YEAR(NOW())}"
Tmp-Integer-1 := "%{sql:SELECT
tbl_groupcheck.value from tbl_groupcheck \
JOIN tbl_usergroup on
tbl_groupcheck.groupname = tbl_usergroup.groupname \
where
tbl_usergroup.username = '%{User-Name}'}"
}
if ("%{control:Tmp-Integer-1}" > "%{control:Tmp-Integer-0}") {
update reply {
Mikrotik-Recv-Limit :=
"%{control:Tmp-Integer-1}" - "%{control:Tmp-Integer-0}"
}
}
if ("%{control:Tmp-Integer-1}" <= "%{control:Tmp-Integer-0}") {
update reply {
Reply-Message := "Fair Usage
Policy Enforced, Bandwidth Limited"
Mikrotik-Rate-Limit :=
"128K/256K 128K/256K 128K/256K 180/180 8"
}
}
##MySQL Table
mysql> SELECT IFNULL(SUM(AcctInputOctets)+SUM(AcctOutputOctets),0)
-> FROM tbl_acct WHERE UserName='10021'
-> AND MONTH(acctstoptime) = MONTH(NOW())
-> AND YEAR(acctstoptime) = YEAR(NOW());
+------------------------------------------------------+
| IFNULL(SUM(AcctInputOctets)+SUM(AcctOutputOctets),0) |
+------------------------------------------------------+
| 20989570594 |
+------------------------------------------------------+
1 row in set (0.00 sec)
mysql> SELECT tbl_groupcheck.value from tbl_groupcheck
-> JOIN tbl_usergroup on tbl_groupcheck.groupname = tbl_usergroup.groupname
-> where tbl_usergroup.username = '10021';
+-------------+
| value |
+-------------+
| 20737418240 |
+-------------+
1 row in set (0.00 sec)
##RADIUS DEBUG LOG
Finished request 4.
Cleaning up request 4 ID 176 with timestamp +15
Going to the next request
Ready to process requests.
rad_recv: Access-Request packet from host XXX.XX.XX.86 port 44198,
id=236, length=132
Service-Type = Framed-User
Framed-Protocol = PPP
NAS-Port = 56
NAS-Port-Type = Ethernet
User-Name = "10021"
Calling-Station-Id = "XX:XX:XX:XX:XX:XX"
Called-Station-Id = "Internet"
NAS-Port-Id = "LAN"
User-Password = "10021"
NAS-Identifier = "XXX.XXXXXXX"
NAS-IP-Address = XXX.XX.XX.86
# Executing section authorize from file /etc/freeradius/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "10021", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
[files] users: Matched entry DEFAULT at line 172
++[files] returns ok
[sql] expand: %{User-Name} -> 10021
[sql] sql_set_user escaped user --> '10021'
rlm_sql (sql): Reserving sql socket id: 3
[sql] expand: SELECT id, username, attribute, value, op
FROM tbl_check WHERE username = '%{SQL-User-Name}'
ORDER BY id -> SELECT id, username, attribute, value, op
FROM tbl_check WHERE username = '10021' ORDER BY
id
[sql] User found in radcheck table
[sql] expand: SELECT id, username, attribute, value, op
FROM tbl_reply WHERE username = '%{SQL-User-Name}'
ORDER BY id -> SELECT id, username, attribute, value, op
FROM tbl_reply WHERE username = '10021' ORDER BY
id
[sql] expand: SELECT groupname FROM tbl_usergroup
WHERE username = '%{SQL-User-Name}' ORDER BY priority ->
SELECT groupname FROM tbl_usergroup WHERE username
= '10021' ORDER BY priority
[sql] expand: SELECT id, groupname, attribute, Value, op
FROM tbl_groupcheck WHERE groupname = '%{Sql-Group}'
ORDER BY id -> SELECT id, groupname, attribute,
Value, op FROM tbl_groupcheck WHERE groupname =
'TEST-10G' ORDER BY id
[sql] User found in group TEST-10G
[sql] expand: SELECT id, groupname, attribute, value, op
FROM tbl_groupreply WHERE groupname = '%{Sql-Group}'
ORDER BY id -> SELECT id, groupname, attribute,
value, op FROM tbl_groupreply WHERE groupname =
'TEST-10G' ORDER BY id
rlm_sql (sql): Released sql socket id: 3
++[sql] returns ok
rlm_checkval: Item Name: Calling-Station-Id, Value: XX:XX:XX:BA:8A:3B
rlm_checkval: Value Name: Calling-Station-Id, Value: XX:XX:XX:BA:8A:3B
++[checkval] returns ok
[expiration] Checking Expiration time: '1 Sep 2011'
++[expiration] returns ok
++[logintime] returns noop
++[pap] returns updated
Found Auth-Type = PAP
# Executing group from file /etc/freeradius/sites-enabled/default
+- entering group PAP {...}
[pap] login attempt with password "XXXXX"
[pap] Using CRYPT password "XXXXXXXXXXXXXX"
[pap] User authenticated successfully
++[pap] returns ok
# Executing section session from file /etc/freeradius/sites-enabled/default
+- entering group session {...}
[radutmp] expand: /var/log/freeradius/radutmp ->
/var/log/freeradius/radutmp
[radutmp] expand: %{User-Name} -> 10021
++[radutmp] returns ok
# Executing section post-auth from file /etc/freeradius/sites-enabled/default
+- entering group post-auth {...}
[sql] expand: %{User-Name} -> 10021
[sql] sql_set_user escaped user --> '10021'
[sql] expand: %{User-Password} -> XXXXX
[sql] expand: INSERT INTO tbl_postauth
(username, pass, reply, authdate) VALUES (
'%{User-Name}',
'%{%{User-Password}:-%{Chap-Password}}',
'%{reply:Packet-Type}', '%S') -> INSERT INTO tbl_postauth
(username, pass, reply, authdate)
VALUES ( '10021',
'10021', 'Access-Accept', '2011-08-08
00:27:25')
rlm_sql (sql) in sql_postauth: query is INSERT INTO tbl_postauth
(username, pass, reply, authdate)
VALUES ( '10021',
'10021', 'Access-Accept',
'2011-08-08 00:27:25')
rlm_sql (sql): Reserving sql socket id: 2
rlm_sql (sql): Released sql socket id: 2
++[sql] returns ok
sql_xlat
expand: %{User-Name} -> 10021
sql_set_user escaped user --> '10021'
expand: SELECT
IFNULL(SUM(AcctInputOctets)+SUM(AcctOutputOctets),0)
FROM tbl_acct WHERE UserName='%{User-Name}'
AND MONTH(acctstoptime) = MONTH(NOW())
AND YEAR(acctstoptime) = YEAR(NOW()) -> SELECT
IFNULL(SUM(AcctInputOctets)+SUM(AcctOutputOctets),0)
FROM tbl_acct WHERE UserName='10021'
AND MONTH(acctstoptime) = MONTH(NOW())
AND YEAR(acctstoptime) = YEAR(NOW())
rlm_sql (sql): Reserving sql socket id: 1
sql_xlat finished
rlm_sql (sql): Released sql socket id: 1
expand: %{sql:SELECT
IFNULL(SUM(AcctInputOctets)+SUM(AcctOutputOctets),0)
FROM tbl_acct WHERE UserName='%{User-Name}'
AND MONTH(acctstoptime) = MONTH(NOW())
AND YEAR(acctstoptime) = YEAR(NOW())} -> 20989570594
sql_xlat
expand: %{User-Name} -> 10021
sql_set_user escaped user --> '10021'
expand: SELECT tbl_groupcheck.value from tbl_groupcheck
JOIN tbl_usergroup on tbl_groupcheck.groupname = tbl_usergroup.groupname
where tbl_usergroup.username = '%{User-Name}' -> SELECT
tbl_groupcheck.value from tbl_groupcheck
JOIN tbl_usergroup on tbl_groupcheck.groupname = tbl_usergroup.groupname
where tbl_usergroup.username = '10021'
rlm_sql (sql): Reserving sql socket id: 0
sql_xlat finished
rlm_sql (sql): Released sql socket id: 0
expand: %{sql:SELECT tbl_groupcheck.value from tbl_groupcheck
JOIN tbl_usergroup on tbl_groupcheck.groupname = tbl_usergroup.groupname
where tbl_usergroup.username = '%{User-Name}'} -> 20737418240
++[control] returns ok
++? if ("%{control:Tmp-Integer-1}" > "%{control:Tmp-Integer-0}")
expand: %{control:Tmp-Integer-1} -> 3557549056
expand: %{control:Tmp-Integer-0} -> 3809701410
? Evaluating ("%{control:Tmp-Integer-1}" > "%{control:Tmp-Integer-0}") -> FALSE
++? if ("%{control:Tmp-Integer-1}" > "%{control:Tmp-Integer-0}") -> FALSE
++? if ("%{control:Tmp-Integer-1}" <= "%{control:Tmp-Integer-0}")
expand: %{control:Tmp-Integer-1} -> 3557549056
expand: %{control:Tmp-Integer-0} -> 3809701410
? Evaluating ("%{control:Tmp-Integer-1}" <= "%{control:Tmp-Integer-0}") -> TRUE
++? if ("%{control:Tmp-Integer-1}" <= "%{control:Tmp-Integer-0}") -> TRUE
++- entering if ("%{control:Tmp-Integer-1}" <= "%{control:Tmp-Integer-0}") {...}
+++[reply] returns ok
++- if ("%{control:Tmp-Integer-1}" <= "%{control:Tmp-Integer-0}") returns ok
++[exec] returns noop
Sending Access-Accept of id 236 to XXX.XX.XX.86 port 44198
Framed-Protocol = PPP
Framed-Compression = Van-Jacobson-TCP-IP
Framed-MTU = 1472
Idle-Timeout = 300
Reply-Message = "Fair Usage Policy Enforced, Bandwidth Limited"
Mikrotik-Rate-Limit = "128K/256K 128K/256K 128K/256K 180/180 8"
Framed-Netmask = 255.255.255.0
Session-Timeout = 2071955
Finished request 5.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Accounting-Request packet from host XXX.XX.XX.86 port 45096,
id=237, length=154
Service-Type = Framed-User
Framed-Protocol = PPP
NAS-Port = 56
NAS-Port-Type = Ethernet
User-Name = "10021"
Calling-Station-Id = "XX:XX:XX:BA:8A:3B"
Called-Station-Id = " Internet"
NAS-Port-Id = "LAN"
Acct-Session-Id = "81800034"
Framed-IP-Address = XXX.XX.XX.250
Acct-Authentic = RADIUS
Event-Timestamp = "Aug 8 2011 00:27:23 IST"
Acct-Status-Type = Start
NAS-Identifier = "XXX.XXXXXXX"
NAS-IP-Address = XXX:XX:XX.86
Acct-Delay-Time = 0
# Executing section preacct from file /etc/freeradius/sites-enabled/default
+- entering group preacct {...}
++[preprocess] returns ok
[acct_unique] Hashing 'NAS-Port = 56,Client-IP-Address =
XXX.XX.XX.86,NAS-IP-Address = XXX.XX.XX.86,Acct-Session-Id =
"81800034",User-Name = "10021"'
[acct_unique] Acct-Unique-Session-ID = "e99f1594c7c50876".
++[acct_unique] returns ok
[suffix] No '@' in User-Name = "10021", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
++[files] returns noop
# Executing section accounting from file /etc/freeradius/sites-enabled/default
+- entering group accounting {...}
[detail] expand:
/var/log/freeradius/radacct/%{Client-IP-Address}/detail-%Y%m%d ->
/var/log/freeradius/radacct/125.20.80.86/detail-20110808
[detail] /var/log/freeradius/radacct/%{Client-IP-Address}/detail-%Y%m%d
expands to /var/log/freeradius/radacct/125.20.80.86/detail-20110808
[detail] expand: %t -> Mon Aug 8 00:27:25 2011
++[detail] returns ok
++[unix] returns ok
[radutmp] expand: /var/log/freeradius/radutmp ->
/var/log/freeradius/radutmp
[radutmp] expand: %{User-Name} -> 10021
++[radutmp] returns ok
[sql] expand: %{User-Name} -> 10021
[sql] sql_set_user escaped user --> '10021'
[sql] expand: %{Acct-Delay-Time} -> 0
[sql] expand: INSERT INTO tbl_acct
(acctsessionid, acctuniqueid, username, realm,
nasipaddress, nasportid, nasporttype,
acctstarttime, acctstoptime, acctsessiontime,
acctauthentic, connectinfo_start, connectinfo_stop,
acctinputoctets, acctoutputoctets, calledstationid,
callingstationid, acctterminatecause, servicetype,
framedprotocol, framedipaddress, acctstartdelay,
acctstopdelay, xascendsessionsvrkey) VALUES
('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}',
'%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}',
'%{NAS-Port}', '%{NAS-Port-Type}', '%S', NULL,
'0', '%{Acct-Authentic}', '%{Connect-Info}', '', '0',
'0', '%{Called-Station-Id}', '%{Calling-Station-Id}', '',
'%{Service-Type}', '%{Framed-Protocol}',
'%{Framed-IP-Address}',
rlm_sql (sql): Reserving sql socket id: 4
rlm_sql (sql): Released sql socket id: 4
++[sql] returns ok
++[exec] returns noop
[attr_filter.accounting_response] expand: %{User-Name} -> 10021
attr_filter: Matched entry DEFAULT at line 12
++[attr_filter.accounting_response] returns updated
Sending Accounting-Response of id 237 to XXX.XX.XX.86 port 45096
Finished request 6.
Cleaning up request 6 ID 237 with timestamp +18
Going to the next request
Waking up in 4.8 seconds.
More information about the Freeradius-Users
mailing list