"[sql] stop packet with zero session length" problem

Selahattin Cilek selahattin_cilek at hotmail.com
Tue Apr 4 07:25:11 CEST 2017


I have been trying to get the Unifi AP line of products to work with FreeRADIUS (v 2.2.9) seamlessly for quite some time now; but with little success, I am afraid to say. It turned out that the portion of the firmware that deals with RADIUS accounting is a complete mess. I have sent them many e-mails with detailed information for the many bugs I have discovered. They say they will fix them all and I am still waiting.

Since I cannot tell the site owners to dump all their Ubiquiti hardware and buy new equipment, my only option is to make the most of FreeRADIUS configuration and MySQL programming to compensate for the firmware bugs in the UAP. However, there is one bug for which I have not been able to find a workaround.

Sometimes, and for some reason that is unknown to me, when a user connects to a UAP NAS, he is immediately kicked out. We can see that in the accounting details log of the NAS:

Tue Apr  4 08:02:36 2017
    Acct-Session-Id = "58D911BB-00001F5D"
    Acct-Status-Type = Start
    Acct-Authentic = RADIUS
    User-Name = "99481225842"
    NAS-Identifier = "44d9e77a2de5"
    NAS-Port = 0
    Called-Station-Id = "46-D9-E7-7B-2D-E5:YEMEKHANE"
    Calling-Station-Id = "28-ED-6A-30-55-5A"
    NAS-Port-Type = Wireless-802.11
    Connect-Info = "CONNECT 0Mbps 802.11b"
    Class = 0x3939343831323235383432
    NAS-IP-Address = 192.168.0.31
    FreeRADIUS-Acct-Session-Start-Time = "Apr  4 2017 08:02:36 MSK"
    Timestamp = 1491282156

Tue Apr  4 08:02:36 2017
    Acct-Session-Id = "58D911BB-00001F5D"
    Acct-Status-Type = Stop
    Acct-Authentic = RADIUS
    User-Name = "99481225842"
    NAS-Identifier = "44d9e77a2de5"
    NAS-Port = 0
    Called-Station-Id = "46-D9-E7-7B-2D-E5:YEMEKHANE"
    Calling-Station-Id = "28-ED-6A-30-55-5A"
    NAS-Port-Type = Wireless-802.11
    Connect-Info = "CONNECT 0Mbps 802.11b"
    Class = 0x3939343831323235383432
    Acct-Session-Time = 0
    Acct-Input-Packets = 11
    Acct-Output-Packets = 12
    Acct-Input-Octets = 1289
    Acct-Output-Octets = 3415
    Event-Timestamp = "Apr  4 2017 08:02:35 MSK"
    Acct-Terminate-Cause = User-Request
    NAS-IP-Address = 192.168.0.31
    FreeRADIUS-Acct-Session-Start-Time = "Apr  4 2017 08:02:36 MSK"
    Timestamp = 1491282156


I believe this is ridiculous. How on earth could someone be connected to a WLAN for 0 seconds, right? We can observe this bug in FreeRADIUS log messages too:

Apr 4 08:02:36     radiusd     96187     [sql] stop packet with zero session length. [user '99481225842', nas '192.168.0.31']

So what is the problem? Well, the problem is that when FreeRADIUS receives the first packet, it runs a custom MySQL stored procedure I have written myself, which enters a record into the radacct table. But because it refuses to accept the second packet, I end up with a suspended session. And because users allowed to connect one device only to the network (Simultaneous-Use := 1), they will have to wait for 10 minutes for the suspended session to drop, thanks to a custom bash script.

My question is:
How can I make the sql module to accept accounting packets with zero session length?

PS: Upgrading to FreeRADIUS 3.x is not an option.


Thanks in advance.

Selahattin CILEK










[https://ipmcdn.avast.com/images/icons/icon-envelope-tick-round-orange-animated-no-repeat-v1.gif]<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient>      Virus-free. www.avast.com<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient>


More information about the Freeradius-Users mailing list