"[sql] stop packet with zero session length" problem
Selahattin Cilek
selahattin_cilek at hotmail.com
Tue Apr 4 07:25:11 CEST 2017
I have been trying to get the Unifi AP line of products to work with FreeRADIUS (v 2.2.9) seamlessly for quite some time now; but with little success, I am afraid to say. It turned out that the portion of the firmware that deals with RADIUS accounting is a complete mess. I have sent them many e-mails with detailed information for the many bugs I have discovered. They say they will fix them all and I am still waiting.
Since I cannot tell the site owners to dump all their Ubiquiti hardware and buy new equipment, my only option is to make the most of FreeRADIUS configuration and MySQL programming to compensate for the firmware bugs in the UAP. However, there is one bug for which I have not been able to find a workaround.
Sometimes, and for some reason that is unknown to me, when a user connects to a UAP NAS, he is immediately kicked out. We can see that in the accounting details log of the NAS:
Tue Apr 4 08:02:36 2017
Acct-Session-Id = "58D911BB-00001F5D"
Acct-Status-Type = Start
Acct-Authentic = RADIUS
User-Name = "99481225842"
NAS-Identifier = "44d9e77a2de5"
NAS-Port = 0
Called-Station-Id = "46-D9-E7-7B-2D-E5:YEMEKHANE"
Calling-Station-Id = "28-ED-6A-30-55-5A"
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 0Mbps 802.11b"
Class = 0x3939343831323235383432
NAS-IP-Address = 192.168.0.31
FreeRADIUS-Acct-Session-Start-Time = "Apr 4 2017 08:02:36 MSK"
Timestamp = 1491282156
Tue Apr 4 08:02:36 2017
Acct-Session-Id = "58D911BB-00001F5D"
Acct-Status-Type = Stop
Acct-Authentic = RADIUS
User-Name = "99481225842"
NAS-Identifier = "44d9e77a2de5"
NAS-Port = 0
Called-Station-Id = "46-D9-E7-7B-2D-E5:YEMEKHANE"
Calling-Station-Id = "28-ED-6A-30-55-5A"
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 0Mbps 802.11b"
Class = 0x3939343831323235383432
Acct-Session-Time = 0
Acct-Input-Packets = 11
Acct-Output-Packets = 12
Acct-Input-Octets = 1289
Acct-Output-Octets = 3415
Event-Timestamp = "Apr 4 2017 08:02:35 MSK"
Acct-Terminate-Cause = User-Request
NAS-IP-Address = 192.168.0.31
FreeRADIUS-Acct-Session-Start-Time = "Apr 4 2017 08:02:36 MSK"
Timestamp = 1491282156
I believe this is ridiculous. How on earth could someone be connected to a WLAN for 0 seconds, right? We can observe this bug in FreeRADIUS log messages too:
Apr 4 08:02:36 radiusd 96187 [sql] stop packet with zero session length. [user '99481225842', nas '192.168.0.31']
So what is the problem? Well, the problem is that when FreeRADIUS receives the first packet, it runs a custom MySQL stored procedure I have written myself, which enters a record into the radacct table. But because it refuses to accept the second packet, I end up with a suspended session. And because users allowed to connect one device only to the network (Simultaneous-Use := 1), they will have to wait for 10 minutes for the suspended session to drop, thanks to a custom bash script.
My question is:
How can I make the sql module to accept accounting packets with zero session length?
PS: Upgrading to FreeRADIUS 3.x is not an option.
Thanks in advance.
Selahattin CILEK
[https://ipmcdn.avast.com/images/icons/icon-envelope-tick-round-orange-animated-no-repeat-v1.gif]<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient> Virus-free. www.avast.com<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient>
More information about the Freeradius-Users
mailing list