FR with Mikrotik - FUP Quota Bandwidth not changing auto

Anirudh Malhotra 8zero2ops at gmail.com
Fri Mar 25 08:27:48 CET 2016


For that you can insert something in accounting table(perhaps a column coa_sent), whenever you send a coa and check that in subsequent accounting packets

BR,
Anirudh Malhotra
8zero2
Mail: 8zero2.in at gmail.com
Facebook: www.facebook.com/8zero2
Twitter: @8zero2_in
Blog: blog.8zero2.in

On 25 Mar 2016, 11:18 +0530, AACABLE / Mikrotik System<aacable79 at gmail.com>, wrote:
> Finally after reading your example, I managed to make it working with
> another approach, but something a little bit advance. Its working now. COA
> is being sent Ok.
> 
> update control {
> 
> # Used QUOTA / zaib
> Tmp-Integer-0 := "%{sql:SELECT (SUM(acctinputoctets)+SUM(acctoutputoctets))
> AS Total FROM radacct where radacct.username='%{User-Name}'}"
> 
> #Value of FUP Bandwidth limit that is 512k
> Tmp-String-5 := "%{sql: SELECT value FROM fup WHERE
> attribute='Mikrotik-Rate-Limit' AND username='%{User-Name}'}"
> 
> #Value of Actual QUOTA Allowed
> Tmp-String-1 := "%{sql: SELECT value FROM radcheck WHERE
> attribute='Mikrotik-Total-Limit' AND username='%{User-Name}'}"
> 
> # User Session ID
> Tmp-String-3 := "%{sql:select calledstationid from radacct where
> acctsessionid='%{Acct-Session-Id}'}"
> }
> 
> if ("%{control:Tmp-Integer-0}">"%{control:Tmp-String-1}"){
> update coa {
> User-Name = "%{User-Name}"
> Acct-Session-Id = "%{Acct-Session-Id}"
> NAS-IP-Address = "%{NAS-IP-Address}"
> Framed-IP-Address = "%{Framed-IP-Address}"
> Mikrotik-Rate-Limit = "%{control:Tmp-String-5}"
> }
> }
> }
> 
> Just want to clear one thing more, FR keep sending COA request to NAS on
> every accounting update. Is this normal? my understanding was that once FR
> send COA to NAS, it should not send it again, I am seeing COA Update
> requests on every accounting packet update (for test i have set 1 mnt
> interval)
> 
> On Fri, Mar 25, 2016 at 9:25 AM, Anirudh Malhotra<8zero2ops at gmail.com
> wrote:
> 
> > If ("%{sql: SELECT SUM(AcctInputOctets)+SUM(AcctOutputOctets) FROM radacct
> > WHERE UserName='%{User-Name}'">"data limit") {
> > update coa {
> > User-Name = "%{User-Name}"
> > Acct-Session-Id = "%{Acct-Session-Id}"
> > NAS-IP-Address = "%{NAS-IP-Address}"
> > Framed-IP-Address = "%{Framed-IP-Address}"
> > Mikrotik-Rate-Limit = "256K/256K"
> > }
> > }
> > You can put other conditions in sql query
> > 
> > BR,
> > Anirudh Malhotra
> > 8zero2
> > Mail: 8zero2.in at gmail.com
> > Facebook: www.facebook.com/8zero2
> > Twitter: @8zero2_in
> > Blog: blog.8zero2.in
> > 
> > On 25 Mar 2016, 09:33 +0530, AACABLE / Mikrotik System<aacable79 at gmail.com>,
> > wrote:
> > > Ok i have managed to set the COA and its working fine.
> > > Now I am stucked at query section. Example I want to match if daily qouta
> > > have reached, it should send the COA. One example is below I found in
> > > google.
> > > 
> > > accounting {
> > > 
> > > #update coa {
> > > # User-Name = "%{User-Name}"
> > > # Acct-Session-Id = "%{Acct-Session-Id}"
> > > # NAS-IP-Address = "%{NAS-IP-Address}"
> > > # Framed-IP-Address = "%{Framed-IP-Address}"
> > > # Mikrotik-Rate-Limit = "256K/256K"
> > > #}
> > > }
> > > 
> > > But this sends 256k every time to NAS , ignoring other. I understand
> > there
> > > should be some IF statement to match the used counter and if it found
> > > greater then assigned quota, it should send COA to lower down the package
> > > as per defined in the dailyquota authorize section (that is 512k). can
> > > some1 please give me any example ?
> > > 
> > > On Thu, Mar 24, 2016 at 8:38 PM, Anirudh Malhotra<8zero2ops at gmail.com
> > > wrote:
> > > 
> > > > Hi,
> > > > 
> > > > So you have to define the query(unlang) in accounting(for checking
> > whether
> > > > the limit is reached and sending the coa hence) on accounting packets.
> > > > 
> > > > CoA can be sent using update coa {...} check the docs of freeradius and
> > > > search the web more on it. You need session identifier and attributes
> > to
> > > > modified in this section basically, secondly you have to add NAS as coa
> > > > server.
> > > > 
> > > > BR,
> > > > Anirudh Malhotra
> > > > 8zero2
> > > > Mail: 8zero2.in at gmail.com
> > > > Facebook: www.facebook.com/8zero2
> > > > Twitter: @8zero2_in
> > > > Blog: blog.8zero2.in
> > > > 
> > > > On 24 Mar 2016, 20:13 +0530, AACABLE / Mikrotik System<
> > aacable79 at gmail.com>,
> > > > wrote:
> > > > > I have different counters like daily / weekly monthly so If I remove
> > the
> > > > > counter, where I will be putting the query?
> > > > > How-to send the COA query via FR. Can you please give me any code
> > example
> > > > > for COA ?
> > > > > 
> > > > > Accept my apology for asking dumb question :)
> > > > > 
> > > > > On Thu, Mar 24, 2016 at 7:37 PM, Anirudh Malhotra<
> > 8zero2ops at gmail.com
> > > > > wrote:
> > > > > 
> > > > > > Hi,
> > > > > > 
> > > > > > Yes exactly NAS is doing what freeradius has asked it to do. It is
> > > > > > disconnecting when the limit sent by radius is reached.
> > > > > > 
> > > > > > So in order to achieve what you want, remove the counter and use
> > the
> > > > query
> > > > > > "SELECT SUM(AcctInputOctets)+SUM(AcctOutputOctets) FROM radacct
> > > > > > WHERE UserName='%{%k}'"
> > > > > > 
> > > > > > And if this goes greater than what is given in table for user then
> > > > send an
> > > > > > update coa.
> > > > > > 
> > > > > > Hope this helps
> > > > > > 
> > > > > > BR,
> > > > > > Anirudh Malhotra
> > > > > > 8zero2
> > > > > > Mail: 8zero2.in at gmail.com
> > > > > > Facebook: www.facebook.com/8zero2
> > > > > > Twitter: @8zero2_in
> > > > > > Blog: blog.8zero2.in
> > > > > > 
> > > > > > On 24 Mar 2016, 19:58 +0530, AACABLE / Mikrotik System<
> > > > aacable79 at gmail.com>,
> > > > > > wrote:
> > > > > > > Greetings,
> > > > > > > 
> > > > > > > I have FR 2.x with Mikrotik 6.x. I want that when user quota
> > limit
> > > > end,
> > > > > > his
> > > > > > > bandwidth package should change from 1mb to 512k. I have made
> > > > counter and
> > > > > > > its working as expected. The only issue is that the changes are
> > not
> > > > being
> > > > > > > done on the fly. Changes applies only when user disconnects, and
> > > > > > re-login.
> > > > > > > Same thing happens for users whose monthly quota limit finish but
> > > > they
> > > > > > are
> > > > > > > keep connected and gets denied only on re-login.
> > > > > > > 
> > > > > > > When I issue following command it works fine. (for the bandwidth
> > COA
> > > > and
> > > > > > > POD)
> > > > > > > 
> > > > > > > echo User-Name := "zaib", Mikrotik-Rate-Limit = 512k/512k |
> > > > radclient -x
> > > > > > > 101.11.11.255:1700 coa 12345
> > > > > > > [Mikrotik accepts this command and change the bandwidth on the
> > fly]
> > > > > > > 
> > > > > > > echo user-name=zaib | radclient -x 101.11.11.255:1700 disconnect
> > > > 12345
> > > > > > > [Mikrotik accepts this command and disconnects the user as
> > > > instructed]
> > > > > > > 
> > > > > > > How can I do this on the fly using FR? I know its the job of NAS
> > but
> > > > NAS
> > > > > > > will act only when FR will tell him to do so. Kindly assist.
> > > > > > > 
> > > > > > > 
> > > > > > > *SQL *Counter:
> > > > > > > *=============*
> > > > > > > counter-name = Mikrotik-Total-Limit
> > > > > > > check-name = Mikrotik-Total-Limit
> > > > > > > reply-name = Mikrotik-Total-Limit
> > > > > > > sqlmod-inst = sql
> > > > > > > key = User-Name
> > > > > > > reset = daily
> > > > > > > query = "SELECT SUM(AcctInputOctets)+SUM(AcctOutputOctets) FROM
> > > > radacct
> > > > > > > WHERE UserName='%{%k}'"
> > > > > > > }
> > > > > > > *=============*
> > > > > > > *AUTHORIZE *Section:
> > > > > > > 
> > > > > > > dailyquota {
> > > > > > > reject = 1
> > > > > > > }
> > > > > > > if (reject) {
> > > > > > > ok
> > > > > > > update reply {
> > > > > > > Mikrotik-Rate-Limit := "512k/512k"
> > > > > > > Reply-Message := "You have reached your daily 300MB transfer
> > limit.
> > > > > > > Enforcing 512k FUP Policy - zaib "
> > > > > > > }
> > > > > > > }
> > > > > > > *=============*
> > > > > > > 
> > > > > > > --
> > > > > > > Regard's
> > > > > > > JAY-Z
> > > > > > > -
> > > > > > > List info/subscribe/unsubscribe? See
> > > > > > http://www.freeradius.org/list/users.html
> > > > > > -
> > > > > > List info/subscribe/unsubscribe? See
> > > > > > http://www.freeradius.org/list/users.html
> > > > > 
> > > > > 
> > > > > 
> > > > > 
> > > > > --
> > > > > Regard's
> > > > > -
> > > > > List info/subscribe/unsubscribe? See
> > > > http://www.freeradius.org/list/users.html
> > > > -
> > > > List info/subscribe/unsubscribe? See
> > > > http://www.freeradius.org/list/users.html
> > > > 
> > > 
> > > 
> > > 
> > > --
> > > Regard's
> > > -
> > > List info/subscribe/unsubscribe? See
> > http://www.freeradius.org/list/users.html
> > -
> > List info/subscribe/unsubscribe? See
> > http://www.freeradius.org/list/users.html
> > 
> 
> 
> 
> --
> Regard's
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


More information about the Freeradius-Users mailing list