Quota based on time with squid

senthil kumar senthilkumaar2021 at gmail.com
Sat Oct 29 13:10:06 CEST 2011 

Hello Team

The user can authenticate and browse at any time. May i know which
entry i have to add to make user 'test' deny authenticate after 1
hour?

When ever a user authenticates it is logged in radpostauth.

In /etc/raddb/users file i have a user test   "test"
Cleartext-Password := "hello"

my database details are as follows

mysql> select * from radcheck;
+----+----------+-----------------+----+-------+
| id | username | attribute       | op | value |
+----+----------+-----------------+----+-------+
| 45 | test     | Max-All-Session | := | 540   |
+----+----------+-----------------+----+-------+
INSERT into radcheck VALUES ('','test','Max-All-Session',':=','5400');

mysql> select * from radpostauth;
+----+----------+------+---------------+---------------------+
| id | username | pass | reply         | authdate            |
+----+----------+------+---------------+---------------------+
| 54 | test     | test | Access-Accept | 2011-10-19 13:59:18 |
| 55 | test     | test | Access-Accept | 2011-10-19 13:59:34 |
| 56 | test     | test | Access-Accept | 2011-10-19 14:22:57 |
| 57 | test     | test | Access-Accept | 2011-10-21 22:32:54 |
| 58 | test     | test | Access-Accept | 2011-10-25 15:11:34 |
+----+----------+------+---------------+---------------------+
5 rows in set (0.00 sec)

radtest test hello  localhost 0 testing123
Sending Access-Request of id 67 to 127.0.0.1 port 1812
	User-Name = "test"
	User-Password = "hello"
	NAS-IP-Address = 127.0.0.1
	NAS-Port = 0
rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=67, length=20


Please help me , thanks in advance

Thanks,
Senthil

On Tue, Oct 25, 2011 at 3:06 PM, senthil kumar
<senthilkumaar2021 at gmail.com> wrote:
> Thanks i will check in and let you know
>
> On Sat, Oct 22, 2011 at 12:37 AM, Alan DeKok <aland at deployingradius.com> wrote:
>> senthil kumar wrote:
>>> I have installed free-radius in linux machine with accounting support
>>> and was able to authenticate using radtest client.and also I was also
>>> successfully authenticate with squid proxy server.
>>
>>  That's good to hear.
>>
>>> I need to assign quota to squid users based on the weekly/hourly
>>> basis. I need users radius server to return packet reject when time is
>>> expired. is it possible in radius?
>>
>>  Yes.  See the "counter" module, or the "sqlcounter" module.
>>
>>  The main issue is that they require the NAS to send accounting
>> packets.  I don't know if squid does that.
>>
>>> I am using only linux machine with proxy server. whether NAS is needed?
>>
>>  In this case, squid is the NAS.  (i.e. machine sending Access-Request)
>>
>>> If so, can anyone help me in framing the rules for quota . eg 2 hours
>>> a day. I have basic configuration and now when a user authenticates
>>> login time is updated in the radpostauth.
>>
>>  This is documented in the sqlcounter module.  Look there first.
>>
>>  Alan DeKok.
>>
>>
>> -
>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>>
>

More information about the Freeradius-Users mailing list