permit access on date/hour intervals and policy.conf problem
Franz Angeli
franz.angeli at gmail.com
Tue May 19 18:49:41 CEST 2015
Hi,
I need to be able to specify an interval of date and time for
accessing through a captive portal connected to freeradius;
for example testuser can use network from 2015-05-01 17:00:00 to
2015-05-01 18:00:00
i create 3 custom attributes:
ATTRIBUTE System-Date 3002 integer
ATTRIBUTE Start_Time 3000 integer
ATTRIBUTE Stop_Time 3001 integer
System-Date to store system data
Start_Time to assign a start auth period for user
Stop_Time to assign the end of auithentication permission.
I use UNIX time for every attribute
for provisioning purpose i use Freeradius + MySQL and in my radcheck
table i have for example:
testuser | Cleartext-Password | := | testuser
testuser | Start_Time | := | 1430499600
testuser | Stop_Time | := | 1430503200
to check account validity i add on policy.conf :
check_validity {
update control {
System-Date := "%l"
}
if (Start_Time > control:System-Date) {
update reply {
Reply-Message := "account not yet active"
}
reject
}
if (Stop_Time < control:System-Date) {
update reply {
Reply-Message := "account no longer active"
}
reject
}
}
freeradius start without error, System-Date take the correct value for
Date but Start_Time and Stop_Time in this way seems to work with a
file not mysql...(yes my default site has check_validity in authorize
section)
I don't know how use a query to assign database stored value for
Start_Time and Stop_TIme, is it possbile? I need some examples...
Thanks in advance
Franz Angeli
More information about the Freeradius-Users
mailing list