issue with dialup.conf

Brian Candler B.Candler at pobox.com
Mon Feb 7 10:13:42 CET 2011 

On Mon, Feb 07, 2011 at 08:48:27AM +0200, Tyller D wrote:
>    if ( $device =~ /^nomadix/i ) {
>    if ($DATABANK != '') {
>                    if ( $DATABANK le 0 ) {
>                                               $RAD_REPLY{'Reply-Message'}
>    = "You have no more Data Left";
>                                            return RLM_MODULE_REJECT;
>                    }else {
>                                            return RLM_MODULE_REJECT;
> 
>    $RAD_REPLY{'Nomadix-MaxBytesDown'} = "$DATABANK";
>                    }

That logic returns RLM_MODULE_REJECT in both branches of the if statement,
so I imagine you haven't copy-pasted it correctly. But I think I see what
you're getting at.

>    exctract from radcheck:
>    +------+----------+--------------------+----+----------+
>    | id   | username | attribute          | op | value    |
>    +------+----------+--------------------+----+----------+
>    | 3069 | Joe  | databank           | := | 52428800 |
>    | 3068 | Joe  | Cleartext-Password | := | Joe123   |
>    | 3070 | Joe  | Auth-Type          | := | Perl     |
>    +------+----------+--------------------+----+----------+

OK, so you're using radcheck as a convenient place to store the user's
remaining quota. I guess that should work.

>    but it not always exectuting stop request correctly because
>    mysql> select sum(acctinputoctets + acctoutputoctets) from radacct
>    where username='scotty';
>    +-----------------------------------------+
>    | sum(acctinputoctets + acctoutputoctets) |
>    +-----------------------------------------+
>    |                              1840263628 |
>    +-----------------------------------------+
>    mysql> select value from radcheck where username='scotty' and
>    attribute='databank';
>    +------------+
>    | value      |
>    +------------+
>    | -302340151 |
>    +------------+

Well, those are two different things. The databank value will be whatever
original value you put in databank (which you haven't told us), minus the
bytes in and bytes out. So that would be correct if the initial value was
1537923477

I have to say this looks like a pretty fragile way of doing accounting,
because you are relying 100% on Stop packets. This means:

(1) A lost stop packet will not update databank

(2) If a user stays online solidly for months, they won't get their quota
updated in the database

Doing accounting based on interim-update packets is more robust. However,
they are cumulative (each interim-update packet shows the *total* used so
far for that session, just as if it were a Stop packet), so you can't just
subtract them from an accumulator.  You need to add together the last values
seen for each session.

More information about the Freeradius-Users mailing list