it's not disconnect users after Max-Daily-Session ends.

ali Eblice alieblice at gmail.com
Thu Jun 14 11:44:38 CEST 2012


> Disconnecting a user after the session timeout period is up to the
> NAS. If you're sending the right attributes back in the
> Access-Accept that the NAS needs, and the user isn't being
> disconnected at the right time, then work out why the NAS isn't
> kicking the user off.
>
>> and noting wrote in output of freeradius -X command
>
> You won't necessarily see anything in the output of freeradius,
> unless the NAS also sends an Accounting Stop at the same time.

thanks for replying . i checked my squid configuration there was
problem with it ((it was checking users credentials every 45 minutes
)) and i solved it .
now squid check user credentials every 1 minutes but freeradius give "
Access-Accept" even after several minutes pass from 100 second.

it is an out put of freeradius -X  command when squid check the
credentials every 1 minutes :


--------------------------------------------------------------------------------------------
rad_recv: Access-Request packet from host 127.0.0.1 port 51373, id=21, length=63
	User-Name = "alice"
	User-Password = "passme"
	NAS-Port = 111
	NAS-Port-Type = Async
	NAS-IP-Address = 127.0.0.1
# Executing section authorize from file /etc/freeradius/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "alice", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
[files] users: Matched entry alice at line 1
[files] 	expand: Hello, %{User-Name} -> Hello, alice
++[files] returns ok
rlm_counter: Entering module authorize code
rlm_counter: Searching the database for key 'alice'
rlm_counter: Could not find the requested key in the database.
rlm_counter: Check item = 100, Count = 0
rlm_counter: res is greater than zero
rlm_counter: (Check item - counter) is greater than zero
rlm_counter: Authorized user alice, check_item=100, counter=0
rlm_counter: Sent Reply-Item for user alice, Type=Session-Timeout, value=100
++[daily] returns ok
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns updated
Found Auth-Type = PAP
# Executing group from file /etc/freeradius/sites-enabled/default
+- entering group PAP {...}
[pap] login attempt with password "passme"
[pap] Using clear text password "passme"
[pap] User authenticated successfully
++[pap] returns ok
# Executing section post-auth from file /etc/freeradius/sites-enabled/default
+- entering group post-auth {...}
++[exec] returns noop
Sending Access-Accept of id 21 to 127.0.0.1 port 51373
	Reply-Message = "Hello, alice"
	Session-Timeout = 100
Finished request 20.
Going to the next request
Waking up in 4.9 seconds.
Cleaning up request 20 ID 21 with timestamp +2133
Ready to process requests.

-------------------------------------------------------------------------------------------


More information about the Freeradius-Users mailing list