noresetcounter

Muhammad Nuzaihan Kamal Luddin muhammad at taqisystems.com
Mon Apr 1 15:35:41 CEST 2013


Hi,

My objective to configure freeradius is that the user automatically gets
logged out during the accounting process by noresetcounter statement.

But currently, the user that is logged in keeps being connected even
when the time is up.

Here's my counter.conf:

---

sqlcounter noresetcounter {
                counter-name = Session-Timeout
#                check-name = Max-All-Session 
                check-name = Session-Timeout
                reply-name = Session-Timeout
                sqlmod-inst = sql
                key = User-Name
                reset = never
#        query = "SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='%{%k}'" 
         query = "SELECT SUM(AcctSessionTime) FROM radacct WHERE UserName='%{%k}'"
}

---

And the logs:

rad_recv: Access-Request packet from host 192.168.233.9 port 2052, id=0, length=200
	User-Name = "34"
	User-Password = "EEawKbR3"
	NAS-IP-Address = 0.0.0.0
	Service-Type = Login-User
	Framed-IP-Address = 192.168.182.2
	Calling-Station-Id = "00-26-82-15-4E-3D"
	Called-Station-Id = "00-0F-66-59-DD-33"
	NAS-Identifier = "taqihotspot1"
	Acct-Session-Id = "515a088400000000"
	NAS-Port-Type = Wireless-802.11
	NAS-Port = 0
	Message-Authenticator = 0x48faf6d6c674bceef3469467121e5eae
	WISPr-Logoff-URL = "http://192.168.182.1:3990/logoff"
Mon Apr  1 21:22:51 2013 : Info: # Executing section authorize from file /etc/freeradius/sites-enabled/default
Mon Apr  1 21:22:51 2013 : Info: +- entering group authorize {...}
Mon Apr  1 21:22:51 2013 : Info: ++[preprocess] returns ok
Mon Apr  1 21:22:51 2013 : Info: ++[chap] returns noop
Mon Apr  1 21:22:51 2013 : Info: ++[mschap] returns noop
Mon Apr  1 21:22:51 2013 : Info: ++[digest] returns noop
Mon Apr  1 21:22:51 2013 : Info: [suffix] No '@' in User-Name = "34", looking up realm NULL
Mon Apr  1 21:22:51 2013 : Info: [suffix] No such realm "NULL"
Mon Apr  1 21:22:51 2013 : Info: ++[suffix] returns noop
Mon Apr  1 21:22:51 2013 : Info: [eap] No EAP-Message, not doing EAP
Mon Apr  1 21:22:51 2013 : Info: ++[eap] returns noop
Mon Apr  1 21:22:51 2013 : Info: [sql] 	expand: %{User-Name} -> 34
Mon Apr  1 21:22:51 2013 : Info: [sql] sql_set_user escaped user --> '34'
Mon Apr  1 21:22:51 2013 : Debug: rlm_sql (sql): Reserving sql socket id: 4
Mon Apr  1 21:22:51 2013 : Info: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '34'           ORDER BY id
Mon Apr  1 21:22:51 2013 : Info: [sql] User found in radcheck table
Mon Apr  1 21:22:51 2013 : Info: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radreply           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radreply           WHERE username = '34'           ORDER BY id
Mon Apr  1 21:22:51 2013 : Info: [sql] 	expand: SELECT groupname           FROM radusergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM radusergroup           WHERE username = '34'           ORDER BY priority
Mon Apr  1 21:22:51 2013 : Info: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '3mins'           ORDER BY id
Mon Apr  1 21:22:51 2013 : Debug: rlm_sql (sql): Released sql socket id: 4
Mon Apr  1 21:22:51 2013 : Info: ++[sql] returns ok
Mon Apr  1 21:22:51 2013 : Info: ++[logintime] returns noop
Mon Apr  1 21:22:51 2013 : Info: ++[pap] returns updated
Mon Apr  1 21:22:51 2013 : Debug: rlm_sqlcounter: Entering module authorize code
Mon Apr  1 21:22:51 2013 : Debug: rlm_sqlcounter: Could not find Check item value pair
Mon Apr  1 21:22:51 2013 : Info: ++[noresetcounter] returns noop
Mon Apr  1 21:22:51 2013 : Debug: rlm_sqlcounter: Entering module authorize code
Mon Apr  1 21:22:51 2013 : Debug: rlm_sqlcounter: Could not find Check item value pair
Mon Apr  1 21:22:51 2013 : Info: ++[chillispot_max_bytes] returns noop
Mon Apr  1 21:22:51 2013 : Info: Found Auth-Type = PAP
Mon Apr  1 21:22:51 2013 : Info: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Mon Apr  1 21:22:51 2013 : Info: !!!    Replacing User-Password in config items with Cleartext-Password.     !!!
Mon Apr  1 21:22:51 2013 : Info: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Mon Apr  1 21:22:51 2013 : Info: !!! Please update your configuration so that the "known good"               !!!
Mon Apr  1 21:22:51 2013 : Info: !!! clear text password is in Cleartext-Password, and not in User-Password. !!!
Mon Apr  1 21:22:51 2013 : Info: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Mon Apr  1 21:22:51 2013 : Info: # Executing group from file /etc/freeradius/sites-enabled/default
Mon Apr  1 21:22:51 2013 : Info: +- entering group PAP {...}
Mon Apr  1 21:22:51 2013 : Info: [pap] login attempt with password "EEawKbR3"
Mon Apr  1 21:22:51 2013 : Info: [pap] Using clear text password "EEawKbR3"
Mon Apr  1 21:22:51 2013 : Info: [pap] User authenticated successfully
Mon Apr  1 21:22:51 2013 : Info: ++[pap] returns ok
Mon Apr  1 21:22:51 2013 : Info: # Executing section post-auth from file /etc/freeradius/sites-enabled/default
Mon Apr  1 21:22:51 2013 : Info: +- entering group post-auth {...}
Mon Apr  1 21:22:51 2013 : Info: ++[exec] returns noop
Sending Access-Accept of id 0 to 192.168.233.9 port 2052
Mon Apr  1 21:22:51 2013 : Info: Finished request 5.
Mon Apr  1 21:22:51 2013 : Debug: Going to the next request
Mon Apr  1 21:22:51 2013 : Debug: Waking up in 4.9 seconds.
rad_recv: Accounting-Request packet from host 192.168.233.9 port 2050, id=0, length=134
	Acct-Status-Type = Start
	User-Name = "34"
	Calling-Station-Id = "00-26-82-15-4E-3D"
	Called-Station-Id = "00-0F-66-59-DD-33"
	NAS-Port-Type = Wireless-802.11
	NAS-Port = 0
	NAS-Port-Id = "00000000"
	NAS-IP-Address = 0.0.0.0
	NAS-Identifier = "taqihotspot1"
	Framed-IP-Address = 192.168.182.2
	Acct-Session-Id = "515a088400000000"
Mon Apr  1 21:22:51 2013 : Info: # Executing section preacct from file /etc/freeradius/sites-enabled/default
Mon Apr  1 21:22:51 2013 : Info: +- entering group preacct {...}
Mon Apr  1 21:22:51 2013 : Info: ++[preprocess] returns ok
Mon Apr  1 21:22:51 2013 : Info: [acct_unique] Hashing 'NAS-Port = 0,Client-IP-Address = 192.168.233.9,NAS-IP-Address = 0.0.0.0,Acct-Session-Id = "515a088400000000",User-Name = "34"'
Mon Apr  1 21:22:51 2013 : Info: [acct_unique] Acct-Unique-Session-ID = "589c09967ffad6f7".
Mon Apr  1 21:22:51 2013 : Info: ++[acct_unique] returns ok
Mon Apr  1 21:22:51 2013 : Info: [suffix] No '@' in User-Name = "34", looking up realm NULL
Mon Apr  1 21:22:51 2013 : Info: [suffix] No such realm "NULL"
Mon Apr  1 21:22:51 2013 : Info: ++[suffix] returns noop
Mon Apr  1 21:22:51 2013 : Info: ++[files] returns noop
Mon Apr  1 21:22:51 2013 : Info: # Executing section accounting from file /etc/freeradius/sites-enabled/default
Mon Apr  1 21:22:51 2013 : Info: +- entering group accounting {...}
Mon Apr  1 21:22:51 2013 : Info: [detail] 	expand: %{Packet-Src-IP-Address} -> 192.168.233.9
Mon Apr  1 21:22:51 2013 : Info: [detail] 	expand: /var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d -> /var/log/freeradius/radacct/192.168.233.9/detail-20130401
Mon Apr  1 21:22:51 2013 : Info: [detail] /var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d expands to /var/log/freeradius/radacct/192.168.233.9/detail-20130401
Mon Apr  1 21:22:51 2013 : Info: [detail] 	expand: %t -> Mon Apr  1 21:22:51 2013
Mon Apr  1 21:22:51 2013 : Info: ++[detail] returns ok
Mon Apr  1 21:22:51 2013 : Info: ++[unix] returns ok
Mon Apr  1 21:22:51 2013 : Info: [radutmp] 	expand: /var/log/freeradius/radutmp -> /var/log/freeradius/radutmp
Mon Apr  1 21:22:51 2013 : Info: [radutmp] 	expand: %{User-Name} -> 34
Mon Apr  1 21:22:51 2013 : Info: ++[radutmp] returns ok
Mon Apr  1 21:22:51 2013 : Info: [sql] 	expand: %{User-Name} -> 34
Mon Apr  1 21:22:51 2013 : Info: [sql] sql_set_user escaped user --> '34'
Mon Apr  1 21:22:51 2013 : Info: [sql] 	expand: %{Acct-Delay-Time} -> 
Mon Apr  1 21:22:51 2013 : Info: [sql] 	... expanding second conditional
Mon Apr  1 21:22:51 2013 : Info: [sql] 	expand:            INSERT INTO radacct             (acctsessionid,    acctuniqueid,     username,              realm,            nasipaddress,     nasportid,              nasporttype,      acctstarttime,    acctstoptime,              acctsessiontime,  acctauthentic,    connectinfo_start,              connectinfo_stop, acctinputoctets,  acctoutputoctets,              calledstationid,  callingstationid, acctterminatecause,              servicetype,      framedprotocol,   framedipaddress,              acctstartdelay,   acctstopdelay,    xascendsessionsvrkey)           VALUES             ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}',              '%{SQL-User-Name}',              '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}',              '%{NAS-Port-Type}', '%S', NULL,              '0', '%{Acct-Authentic}', '%{Connect-Info}',              '', '0', '0',              '%{Called-Station-Id}', '%{Calling-Station-Id}', '',              '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}',      
Mon Apr  1 21:22:51 2013 : Debug: rlm_sql (sql): Reserving sql socket id: 3
Mon Apr  1 21:22:51 2013 : Debug: rlm_sql (sql): Released sql socket id: 3
Mon Apr  1 21:22:51 2013 : Info: ++[sql] returns ok
Mon Apr  1 21:22:51 2013 : Info: ++[exec] returns noop
Mon Apr  1 21:22:51 2013 : Info: [attr_filter.accounting_response] 	expand: %{User-Name} -> 34
Mon Apr  1 21:22:51 2013 : Debug: attr_filter: Matched entry DEFAULT at line 12
Mon Apr  1 21:22:51 2013 : Info: ++[attr_filter.accounting_response] returns updated
Sending Accounting-Response of id 0 to 192.168.233.9 port 2050
Mon Apr  1 21:22:51 2013 : Info: Finished request 6.
Mon Apr  1 21:22:51 2013 : Info: Cleaning up request 6 ID 0 with timestamp +1106
Mon Apr  1 21:22:51 2013 : Debug: Going to the next request
Mon Apr  1 21:22:51 2013 : Debug: Waking up in 4.9 seconds.
Mon Apr  1 21:22:56 2013 : Info: Cleaning up request 5 ID 0 with timestamp +1106
Mon Apr  1 21:22:56 2013 : Info: Ready to process requests.
----

Regards,
Muhammad Nuzaihan Bin Kamal Luddin



More information about the Freeradius-Users mailing list