How to send disconnect message to the NAS?

Russell Mike radius.sir at gmail.com
Fri Sep 26 16:55:25 CEST 2014 

1.) You make sure accounting is working
2.) Your SQL counters are working
3.) You have set proper radius attributes

if you are using chilli NAS then "ChilliSpot-Max-Total-Octets" AS CHECK
ITEM & REPLY ITEM AS WELL would be the attribute to control.

Thanks
RM --



On Fri, Sep 26, 2014 at 2:39 PM, Xin <knightluffy at live.com> wrote:

> Hi,
> I want to send disconnect message to the user who has exceeded the limited
> traffic. I have done the following steps:
> 1.  Create a sqlCounter:
>   sqlcounter monthlytrafficcounter {
>     counter-name = Monthly-Traffic
>     check-name = Max-Monthly-Traffic
>     reply-name = Monthly-Traffic-Limit
>     sqlmod-inst = sql
>     key = User-Name
>     reset = monthly
>     query = "SELECT SUM(acctinputoctets + acctoutputoctets) FROM radacct
> WHERE U serName='%{%k}' AND UNIX_TIMESTAMP(AcctStartTime) > '%b'"
> }
>
> 2. add the monthlytrafficcounter to "sites-enabled/default" authorize
> section.
>
> 3. It worked when user login to NAS(NAS reject the user's request), but
> failed when the user connection connected. The Accounting request like
> following below:
> ================================================================
> rad_recv: Accounting-Request packet from host NAS-IP port 48378, id=188 ,
> length=175
>         Acct-Status-Type = Interim-Update
>         Acct-Session-Id = "1411720910-19"
>         NAS-Port-Type = Virtual
>         Service-Type = Framed-User
>         NAS-Port = 19
>         NAS-Port-Id = "radius"
>         NAS-IP-Address = NAS-IP
>         Called-Station-Id = "NAS-IP[4500]"
>         Calling-Station-Id = "User-IP[5476]"
>         User-Name = "kirito"
>         Framed-IP-Address = 10.0.0.1
>         Acct-Output-Octets = 549938
>         Acct-Output-Packets = 602
>         Acct-Input-Octets = 77110
>         Acct-Input-Packets = 785
>         Acct-Session-Time = 122
>         NAS-Identifier = "strongSwan"
> # Executing section preacct from file
> /usr/local/etc/raddb/sites-enabled/default
> +group preacct {
> ++[preprocess] = ok
> [acct_unique] Hashing 'NAS-Port = 19,NAS-Identifier =
> "strongSwan",NAS-IP-Addres s = NAS-IP,Acct-Session-Id =
> "1411720910-19",User-Name = "kirito"'
> [acct_unique] Acct-Unique-Session-ID = "afe2593237df22fa".
> ++[acct_unique] = ok
> [suffix] No '@' in User-Name = "kirito", looking up realm NULL [suffix] No
> such realm "NULL"
> ++[suffix] = noop
> +} # group preacct = ok
> # Executing section accounting from file
> /usr/local/etc/raddb/sites-enabled/defa
> ult
> +group accounting {
> [detail]        expand: %{Packet-Src-IP-Address} -> NAS-IP
> [detail]        expand:
> /usr/local/var/log/radius/radacct/%{%{Packet-Src-IP-Addr
> ess}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d ->
> /usr/local/var/log/radius/rad
> acct/NAS-IP/detail-20140926
> [detail]
> /usr/local/var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-
> Src-IPv6-Address}}/detail-%Y%m%d expands to
> /usr/local/var/log/radius/radacct/11
> 6.251.216.197/detail-20140926
> [detail]        expand: %t -> Fri Sep 26 21:19:07 2014
> ++[detail] = ok
> [sql]   expand: %{Stripped-User-Name} ->
> [sql]   ... expanding second conditional
> [sql]   expand: %{User-Name} -> kirito
> [sql]   expand: %{%{User-Name}:-DEFAULT} -> kirito
> [sql]   expand: %{%{Stripped-User-Name}:-%{%{User-Name}:-DEFAULT}} ->
> kirito
> [sql] sql_set_user escaped user --> 'kirito'
> [sql]   expand: %{Acct-Input-Gigawords} ->
> [sql]   ... expanding second conditional
> [sql]   expand: %{Acct-Input-Octets} -> 77110
> [sql]   expand: %{Acct-Output-Gigawords} ->
> [sql]   ... expanding second conditional
> [sql]   expand: %{Acct-Output-Octets} -> 549938
> [sql]   expand:            UPDATE radacct           SET
> framedipadd
> ress = '%{Framed-IP-Address}',              acctsessiontime     =
> '%{Acct-Sessio
> n-Time}',              acctinputoctets     =
> '%{%{Acct-Input-Gigawords}:-0}'
> <<
>  32 |                                    '%{%{Acct-Input-Octets}:-0}',
>     acctoutputoctets    = '%{%{Acct-Output-Gigawords}:-0}' << 32 |
>                       '%{%{Acct-Output-Octets}:-0}'           WHERE
> acctsessioni
> d = '%{Acct-Session-Id}'           AND username        = '%{SQL-User-Name}'
>       AND nasipaddress    = '%{NAS-IP-Address}' ->            UPDATE
> radacct
>        SET              framedipaddress = '10.0.0.1',
> acctsessionti
> me     = '122',              acctinputoctets     = '0'  << 32 |
>                    '77110',              acctoutputoctets    = '0' << 32 |
>                               '549938'           WHERE acctsessionid =
> '14117209
> 10-19'           AND username        = 'kirito'           AND na
> rlm_sql (sql): Reserving sql socket id: 12 rlm_sql (sql): Released sql
> socket id: 12
> ++[sql] = ok
> ++[exec] = noop
> [attr_filter.accounting_response]       expand: %{User-Name} -> kirito
> attr_filter: Matched entry DEFAULT at line 12
> ++[attr_filter.accounting_response] = updated
> +} # group accounting = updated
> Sending Accounting-Response of id 188 to NAS-IP port 48378 Finished request
> 6.
> Cleaning up request 6 ID 188 with timestamp +157 Going to the next request
> Ready to process requests.
>
> =================================================================
>
> I think it may have a way to send the Disconnect Message to NAS when
> FreeRadius server get the Accounting-Request message. But I don't know how
> do I do.
>
> Appreciate for your response.
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140926/b26a1a4d/attachment-0001.html>

More information about the Freeradius-Users mailing list