On Wed, 22 May 2002 07:55:06 -0400, Randy Moore wrote:
>>Hi, I just upgraded Freeradius 0.5 to freeradius-snapshot-20020521.
>>I altered the old radiusd.conf file to reflect some changes, and have
>>included SQLcounter module. I wish to limit access to users on a
>>three-month basis, but only some users, and this 3-month time is
>>individual.
>>
>>What I did:
>>Raidusd.conf
>> sqlcounter monthlycounter {
>> counter-name = Monthly-Session-Time
>> check-name = Max-Monthly-Session
>> sqlmod-inst = sql
>> key = User-Name
>> reset = 3m
>>}
>>authorize {
>> preprocess
>> suffix
>> monthlycounter
>> sql
>> monthlycounter
>>}
>Since you are defining your Check Item in your SQL database, you should not
>need to include 'monthlycounter' twice. The copy *after* sql is the only
>one you should need.
Ok, I've removed it.
>>accounting {
>> acct_unique
>> sql
>> radutmp
>>}
>>The user can log ok if there's nothing on table radcheck about Monthly
>>Sessions. But if I
>>insert a row like
>>username=surak
>>attribute=Max-Monthly-Session
>>value= 2000000 (Any)
>>op= ":=" without quotes, obviosly
>This looks fine.
Anyway, looks like there is something missing somewhere.
>>The radius rejects the user with the following message on debug:
>>modcall: entering group authorize
(....)
>>rlm_sqlcounter: Entering module authorize code
>>rlm_sqlcounter: Could not find Check item value pair
>> modcall[authorize]: module "monthlycounter" returns noop
>Since you called 'monthlycounter' twice, it should appear twice in the
>debug output. The first time should appear just as it does above because
>the check item has not yet been read from your SQL database. But you don't
>include the logs for the second call. Did they appear? If so what do they
>indicate?
No, this is the only information that appears. Now, with only the second
monthlycounter defined
on authorize section, the result is the same.
Just to remember: If I drop this row ( surak Max-Monthly-Session 200000 := )
from radcheck table, it authorizes the user normally.
Follows the output from radiusd -X. The first is the one which has the row with
Max-Montly-Session. The second
output is executed right after it, just dropping the Max-Monthly-Session from radcheck
table.
---------------------First output----------------------
modcall: entering group authorize
modcall[authorize]: module "preprocess" returns ok
rlm_realm: Looking up realm NULL for User-Name = "surak"
rlm_realm: No such realm NULL
modcall[authorize]: module "suffix" returns noop
radius_xlat: 'surak'
sql_escape in: 'surak'
sql_escape out: 'surak'
sql_set_user: escaped user --> 'surak'
radius_xlat: 'SELECT id,UserName,Attribute,Value FROM radcheck WHERE Username =
'surak' ORDER BY id'
rlm_sql: Reserving sql socket id: 4
radius_xlat: 'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'surak' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
radius_xlat: 'SELECT id,UserName,Attribute,Value FROM radreply WHERE Username =
'surak' ORDER BY id'
radius_xlat: 'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value
FROM radgroupreply,usergroup WHERE usergroup.Username = 'surak' AND
usergroup.GroupName =
radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql: Pairs do not match [surak]
rlm_sql: Released sql socket id: 4
modcall[authorize]: module "sql" returns notfound
rlm_sqlcounter: Entering module authorize code
rlm_sqlcounter: Could not find Check item value pair
modcall[authorize]: module "monthlycounter" returns noop
modcall: group authorize returns ok
auth: No Auth-Type configuration for the request, rejecting the user
auth: Failed to validate the user.
Delaying request 9 for 1 seconds
----------------------------Second output------------------
modcall: entering group authorize
modcall[authorize]: module "preprocess" returns ok
rlm_realm: Looking up realm NULL for User-Name = "surak"
rlm_realm: No such realm NULL
modcall[authorize]: module "suffix" returns noop
radius_xlat: 'surak'
sql_escape in: 'surak'
sql_escape out: 'surak'
sql_set_user: escaped user --> 'surak'
radius_xlat: 'SELECT id,UserName,Attribute,Value FROM radcheck WHERE Username =
'surak' ORDER BY id'
rlm_sql: Reserving sql socket id: 4
radius_xlat: 'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'surak' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
radius_xlat: 'SELECT id,UserName,Attribute,Value FROM radreply WHERE Username =
'surak' ORDER BY id'
radius_xlat: 'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value
FROM radgroupreply,usergroup WHERE usergroup.Username = 'surak' AND
usergroup.GroupName =
radgroupreply.GroupName ORDER BY radgroupreply.id'
radius_xlat: 'SELECT Value,Attribute FROM radcheck WHERE UserName = 'surak' AND (
Attribute = 'Password' OR Attribute = 'Crypt-Password' ) ORDER BY Attribute DESC'
rlm_sql: Released sql socket id: 4
modcall[authorize]: module "sql" returns ok
rlm_sqlcounter: Entering module authorize code
rlm_sqlcounter: Could not find Check item value pair
modcall[authorize]: module "monthlycounter" returns noop
modcall: group authorize returns ok
auth: type Local
auth: user supplied User-Password matches local User-Password
Sending Access-Accept of id 6 to 200.214.148.137:2301
Framed-Compression = Van-Jacobson-TCP-IP
Framed-Protocol = PPP
Service-Type = Framed-User
Framed-MTU = 1500
Finished request 22
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
As opini�es formuladas neste e-mail s�o de car�ter
exclusivamente pessoal. Minha opini�o n�o necessariamente
representa a opini�o do meu Moto Grupo nem da empresa onde
trabalho.
Mene Sakkhet ur-seveh
Alexandre Ganso - Diretor Steel Goose Moto Group
6, 7 e 8 de setembro - Aniversario 10 anos Steel Goose - Ouro Branco - MG
500 Four Vermelha
[EMAIL PROTECTED]
ICQ# 3778773
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
