On Mon, 9 Dec 2002, oz wrote:
>
> Oliver Zimmermann wrote:
>
> > I have the problem understanding how the counter module works. Lets say I want to
>provide a Maximum Daily Session linit of 3600 seconds for a user on freeradius-0.7.
>Is the following scenario right? (sorry I can't test it for the moment):
> >
> > users file:
> > ----------
> > DEFAULT Max-Daily-Session = 3600
> > Fall-Through = 1
> >
> > John_D Password = "FZ768wRll", NAS-IP-Address = "214.32.39.2", Simultaneous-Use
>= 1
> > Service-Type = Framed-User,
> > Framed-Protocol = PPP,
> > Framed-IP-Address = 255.255.255.254,
> > Framed-MTU = 1500,
> > Idle-Timeout = 3600,
> > Port-Limit = 1
> > ...
>
> Hi, I tested this setup now with a Max-Daily-Session = 3, to provocate a
> reject - but I still get Login OK.
>
> In the logs I saw "rlm_counter: Could not find Check item value pair"
> and "modcall[accounting]: module "counter" returns noop" which I cannot
The counter module will do some work on an accounting-stop not an
accounting-start.
> interprete. Irritating for me is the line "rlm_counter: Counter
> attribute Daily-Session-Time is number 1063" because it has this value
> in every session. Please take a look on the session log, thanks in advance:
That's the number assigned to the Daily-Session-Time attribute, you shouldn't
worry about it.
>
> starting - reading configuration files ...
> reread_config: reading radiusd.conf
> Config: including file: /usr/local/etc/raddb/proxy.conf
> Config: including file: /usr/local/etc/raddb/clients.conf
> Config: including file: /usr/local/etc/raddb/snmp.conf
> Config: including file: /usr/local/etc/raddb/sql.conf
> main: prefix = "/usr/local"
> main: localstatedir = "/usr/local/var"
> main: logdir = "/usr/local/var/log/radius"
> main: libdir = "/usr/local/lib"
> main: radacctdir = "/usr/local/var/log/radius/radacct"
> main: hostname_lookups = no
> read_config_files: reading dictionary
> read_config_files: reading clients
> read_config_files: reading realms
> read_config_files: reading naslist
> main: max_request_time = 30
> main: cleanup_delay = 5
> main: max_requests = 1024
> main: delete_blocked_requests = 0
> main: port = 0
> main: allow_core_dumps = no
> main: log_stripped_names = no
> main: log_auth = yes
> main: log_auth_badpass = yes
> main: log_auth_goodpass = no
> main: pidfile = "/usr/local/var/run/radiusd/radiusd.pid"
> main: user = "root"
> main: group = "root"
> main: usercollide = no
> main: lower_user = "no"
> main: lower_pass = "no"
> main: nospace_user = "no"
> main: nospace_pass = "no"
> main: proxy_requests = no
> proxy: retry_delay = 5
> proxy: retry_count = 3
> proxy: synchronous = no
> proxy: default_fallback = yes
> proxy: dead_time = 120
> security: max_attributes = 200
> security: reject_delay = 1
> main: debug_level = 0
> read_config_files: entering modules setup
> Module: Library search path is /usr/local/lib
> Module: Loaded System
> unix: cache = no
> unix: passwd = "/etc/passwd"
> unix: shadow = "/etc/shadow"
> unix: group = "/etc/group"
> unix: radwtmp = "/usr/local/var/log/radius/radwtmp"
> unix: usegroup = no
> unix: cache_reload = 600
> Module: Instantiated unix (unix)
> Module: Loaded Counter
> counter: filename = "/usr/local/etc/raddb/db.counter"
> counter: key = "User-Name"
> counter: reset = "daily"
> counter: count-attribute = "Acct-Session-Time"
> counter: counter-name = "Daily-Session-Time"
> counter: check-name = "Max-Daily-Session"
> counter: allowed-servicetype = "Framed-User"
> counter: cache-size = 5000
> rlm_counter: Counter attribute Daily-Session-Time is number 1063
> rlm_counter: Current Time: 1039422801, Next reset 1039474800
> Module: Instantiated counter (counter)
> Module: Loaded realm
> realm: format = "suffix"
> realm: delimiter = "@"
> Module: Instantiated realm (suffix)
> Module: Loaded files
> files: usersfile = "/usr/local/etc/raddb/users"
> files: acctusersfile = "/usr/local/etc/raddb/acct_users"
> files: compat = "cistron"
> auth_type_fixup: Auth-Type [1000]
> auth_type_fixup: Password [2]
> auth_type_fixup: NAS-IP-Address [4]
> auth_type_fixup: Simultaneous-Use [1034]
> auth_type_fixup: Auth-Type [1000]
> auth_type_fixup: Password [2]
> auth_type_fixup: Simultaneous-Use [1034]
> auth_type_fixup: Auth-Type [1000]
> auth_type_fixup: Password [2]
> auth_type_fixup: NAS-IP-Address [4]
> auth_type_fixup: Simultaneous-Use [1034]
> [/usr/local/etc/raddb/users]:4 Cistron compatibility checks for entry
> DEFAULT ...
> ?Changing 'Max-Daily-Session =' to 'Max-Daily-Session +='
> [/usr/local/etc/raddb/users]:7 Cistron compatibility checks for entry
> U.Abdinghoff ...
> ?Changing 'Password =' to 'Password =='
> ?Changing 'NAS-IP-Address =' to 'NAS-IP-Address =='
> ?Changing 'Simultaneous-Use =' to 'Simultaneous-Use +='
> [/usr/local/etc/raddb/users]:15 Cistron compatibility checks for entry
> helinet010 ...
> ?Changing 'Password =' to 'Password =='
> ?Changing 'Simultaneous-Use =' to 'Simultaneous-Use +='
> [/usr/local/etc/raddb/users]:23 Cistron compatibility checks for entry
> schmidt.online ...
> ?Changing 'Password =' to 'Password =='
> ?Changing 'NAS-IP-Address =' to 'NAS-IP-Address =='
> ?Changing 'Simultaneous-Use =' to 'Simultaneous-Use +='
> Module: Instantiated files (files)
> Module: Loaded preprocess
> preprocess: huntgroups = "/usr/local/etc/raddb/huntgroups"
> preprocess: hints = "/usr/local/etc/raddb/hints"
> preprocess: with_ascend_hack = no
> preprocess: ascend_channels_per_line = 23
> preprocess: with_ntdomain_hack = no
> preprocess: with_specialix_jetstream_hack = no
> preprocess: with_cisco_vsa_hack = no
> Module: Instantiated preprocess (preprocess)
> Module: Loaded detail
> detail: detailfile =
> "/usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail"
> detail: detailperm = 384
> detail: dirperm = 493
> detail: locking = no
> Module: Instantiated detail (detail)
> Module: Loaded radutmp
> radutmp: filename = "/usr/local/var/log/radius/radutmp"
> radutmp: username = "%{User-Name}"
> radutmp: perm = 384
> radutmp: callerid = yes
> Module: Instantiated radutmp (radutmp)
> main: smux_password = ""
> main: snmp_write_access = no
> SMUX connect try 1
> SMUX open oid: 1.3.6.1.4.1.3317.1.3.1
> SMUX open progname: radiusd
> SMUX open password:
> SMUX register oid: 1.3.6.1.2.1.67.1.1.1.1
> SMUX register priority: -1
> SMUX register operation: 1
> SMUX register oid: 1.3.6.1.2.1.67.2.1.1.1
> SMUX register priority: -1
> SMUX register operation: 1
> SMUX register message send failed: Broken pipe
> Listening on IP address *, ports 1812/udp and 1813/udp.
> Ready to process requests.
> rad_recv: Access-Request packet from host 192.168.111.29:8001, id=53,
> length=111
> User-Name = "helinet010"
> User-Password = "\372(L\324\261\240\n\212\003\230\325\237\321\265"\302"
> NAS-Port = 5
> NAS-Port-Type = ISDN
> Acc-Request-Type = User-Authentification
> Service-Type = Framed-User
> Framed-Protocol = PPP
> Called-Station-Id = "90124"
> Calling-Station-Id = "2381378998"
> NAS-IP-Address = 192.168.111.29
> modcall: entering group authorize
> rlm_counter: Entering module authorize code
> rlm_counter: Could not find Check item value pair
> modcall[authorize]: module "counter" returns noop
> rlm_realm: Looking up realm NULL for User-Name = "helinet010"
> rlm_realm: No such realm NULL
> modcall[authorize]: module "suffix" returns noop
> users: Matched DEFAULT at 4
> users: Matched helinet010 at 15
> modcall[authorize]: module "files" returns ok
> modcall: group authorize returns ok
> rad_check_password: Found Auth-Type Local
> auth: type Local
> auth: user supplied User-Password matches local User-Password
> modcall: entering group session
> radius_xlat: 'helinet010'
> modcall[session]: module "radutmp" returns ok
> modcall: group session returns ok
> Login OK: [helinet010] (from client dr5 port 5 cli 2381378998)
> Sending Access-Accept of id 53 to 192.168.111.29:8001
> Service-Type = Framed-User
> Framed-Protocol = PPP
> Framed-IP-Address = 255.255.255.254
> Framed-MTU = 1500
> Idle-Timeout = 3600
> Port-Limit = 2
> Finished request 0
> Going to the next request
> SMUX connect try 1
> SMUX open oid: 1.3.6.1.4.1.3317.1.3.1
> SMUX open progname: radiusd
> SMUX open password:
> SMUX register oid: 1.3.6.1.2.1.67.1.1.1.1
> SMUX register priority: -1
> SMUX register operation: 1
> SMUX register oid: 1.3.6.1.2.1.67.2.1.1.1
> SMUX register priority: -1
> SMUX register operation: 1
> --- Walking the entire request list ---
> Waking up in 6 seconds...
> rad_recv: Accounting-Request packet from host 192.168.111.29:8002,
> id=48, length=216
> User-Name = "helinet010"
> NAS-Port = 5
> NAS-Port-Type = ISDN
> Acc-Request-Type = 5
> Service-Type = Framed-User
> Framed-Protocol = PPP
> Called-Station-Id = "90124"
> Calling-Station-Id = "2381378998"
> NAS-IP-Address = 192.168.111.29
> Acct-Status-Type = Start
> Acct-Delay-Time = 0
> Acct-Session-Id = "021209.093426.000054"
> Acc-Dial-Port-Index = 201
> Connect-Info = "64000 "
> Acc-Connect-Tx-Speed = 64000
> Acc-Connect-Rx-Speed = 64000
> Acct-Authentic = RADIUS
> Acc-Service-Profile = "FACTORY"
> Framed-IP-Address = 212.37.47.148
> Idle-Timeout = 3600
> Framed-MTU = 1500
> Port-Limit = 1
> modcall: entering group preacct
> rlm_realm: Looking up realm NULL for User-Name = "helinet010"
> rlm_realm: No such realm NULL
> modcall[preacct]: module "suffix" returns noop
> modcall[preacct]: module "files" returns noop
> modcall[preacct]: module "preprocess" returns noop
> modcall: group preacct returns noop
> modcall: entering group accounting
> radius_xlat: '/usr/local/var/log/radius/radacct/192.168.111.29/detail'
> rlm_detail:
> /usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail expands to
> /usr/local/var/log/radius/radacct/192.168.111.29/detail
> modcall[accounting]: module "detail" returns ok
> modcall[accounting]: module "counter" returns noop
> modcall[accounting]: module "unix" returns ok
> radius_xlat: 'helinet010'
> modcall[accounting]: module "radutmp" returns ok
> modcall: group accounting returns ok
> Sending Accounting-Response of id 48 to 192.168.111.29:8002
> Finished request 1
> Going to the next request
> Cleaning up request 1 ID 48 with timestamp 3df4559a
> rl_next: returning NULL
> Waking up in 6 seconds...
> SMUX read start
> SMUX read len: 3
> SMUX message received type: 65 rest len: 1
> SMUX_CLOSE
> SMUX_CLOSE with reason: 5
> SMUX connect try 1
> SMUX open oid: 1.3.6.1.4.1.3317.1.3.1
> SMUX open progname: radiusd
> SMUX open password:
> SMUX register oid: 1.3.6.1.2.1.67.1.1.1.1
> SMUX register priority: -1
> SMUX register operation: 1
> SMUX register oid: 1.3.6.1.2.1.67.2.1.1.1
> SMUX register priority: -1
> SMUX register operation: 1
> rl_next: returning NULL
> Waking up in 6 seconds...
> SMUX read start
> SMUX read len: 3
> SMUX message received type: 65 rest len: 1
> SMUX_CLOSE
> SMUX_CLOSE with reason: 5
> SMUX connect try 1
> SMUX open oid: 1.3.6.1.4.1.3317.1.3.1
> SMUX open progname: radiusd
> SMUX open password:
> SMUX register oid: 1.3.6.1.2.1.67.1.1.1.1
> SMUX register priority: -1
> SMUX register operation: 1
> SMUX register oid: 1.3.6.1.2.1.67.2.1.1.1
> SMUX register priority: -1
> SMUX register operation: 1
> rl_next: returning NULL
> Waking up in 6 seconds...
> SMUX read start
> SMUX read len: 3
> SMUX message received type: 65 rest len: 1
> SMUX_CLOSE
> SMUX_CLOSE with reason: 5
> SMUX connect try 1
> SMUX open oid: 1.3.6.1.4.1.3317.1.3.1
> SMUX open progname: radiusd
> SMUX open password:
> SMUX register oid: 1.3.6.1.2.1.67.1.1.1.1
> SMUX register priority: -1
> SMUX register operation: 1
> SMUX register oid: 1.3.6.1.2.1.67.2.1.1.1
> SMUX register priority: -1
> SMUX register operation: 1
> rl_next: returning NULL
> Waking up in 6 seconds...
> SMUX read start
> SMUX read len: 3
> SMUX message received type: 65 rest len: 1
> SMUX_CLOSE
> SMUX_CLOSE with reason: 5
> SMUX connect try 1
> SMUX open oid: 1.3.6.1.4.1.3317.1.3.1
> SMUX open progname: radiusd
> SMUX open password:
> SMUX register oid: 1.3.6.1.2.1.67.1.1.1.1
> SMUX register priority: -1
> SMUX register operation: 1
> SMUX register oid: 1.3.6.1.2.1.67.2.1.1.1
> SMUX register priority: -1
> SMUX register operation: 1
> rl_next: returning NULL
> Waking up in 6 seconds...
> SMUX read start
> SMUX read len: 3
> SMUX message received type: 65 rest len: 1
> SMUX_CLOSE
> SMUX_CLOSE with reason: 5
> SMUX connect try 1
> SMUX open oid: 1.3.6.1.4.1.3317.1.3.1
> SMUX open progname: radiusd
> SMUX open password:
> SMUX register oid: 1.3.6.1.2.1.67.1.1.1.1
> SMUX register priority: -1
> SMUX register operation: 1
> SMUX register oid: 1.3.6.1.2.1.67.2.1.1.1
> SMUX register priority: -1
> SMUX register operation: 1
> rl_next: returning NULL
> Waking up in 6 seconds...
> SMUX read start
> SMUX read len: 3
> SMUX message received type: 65 rest len: 1
> SMUX_CLOSE
> SMUX_CLOSE with reason: 5
> SMUX connect try 1
> SMUX open oid: 1.3.6.1.4.1.3317.1.3.1
> SMUX open progname: radiusd
> SMUX open password:
> SMUX register oid: 1.3.6.1.2.1.67.1.1.1.1
> SMUX register priority: -1
> SMUX register operation: 1
> SMUX register oid: 1.3.6.1.2.1.67.2.1.1.1
> SMUX register priority: -1
> SMUX register operation: 1
> rl_next: returning NULL
> Waking up in 6 seconds...
> SMUX read start
> SMUX read len: 3
> SMUX message received type: 65 rest len: 1
> SMUX_CLOSE
> SMUX_CLOSE with reason: 5
> SMUX connect try 1
> SMUX open oid: 1.3.6.1.4.1.3317.1.3.1
> SMUX open progname: radiusd
> SMUX open password:
> SMUX register oid: 1.3.6.1.2.1.67.1.1.1.1
> SMUX register priority: -1
> SMUX register operation: 1
> SMUX register oid: 1.3.6.1.2.1.67.2.1.1.1
> SMUX register priority: -1
> SMUX register operation: 1
> rl_next: returning NULL
> Waking up in 6 seconds...
> SMUX read start
> SMUX read len: 3
> SMUX message received type: 65 rest len: 1
> SMUX_CLOSE
> SMUX_CLOSE with reason: 5
> SMUX connect try 1
> SMUX open oid: 1.3.6.1.4.1.3317.1.3.1
> SMUX open progname: radiusd
> SMUX open password:
> SMUX register oid: 1.3.6.1.2.1.67.1.1.1.1
> SMUX register priority: -1
> SMUX register operation: 1
> SMUX register oid: 1.3.6.1.2.1.67.2.1.1.1
> SMUX register priority: -1
> SMUX register operation: 1
> rl_next: returning NULL
> Waking up in 6 seconds...
> SMUX read start
> SMUX read len: 3
> SMUX message received type: 65 rest len: 1
> SMUX_CLOSE
> SMUX_CLOSE with reason: 5
> SMUX connect try 1
> SMUX open oid: 1.3.6.1.4.1.3317.1.3.1
> SMUX open progname: radiusd
> SMUX open password:
> SMUX register oid: 1.3.6.1.2.1.67.1.1.1.1
> SMUX register priority: -1
> SMUX register operation: 1
> SMUX register oid: 1.3.6.1.2.1.67.2.1.1.1
> SMUX register priority: -1
> SMUX register operation: 1
> rl_next: returning NULL
> Waking up in 6 seconds...
> SMUX read start
> SMUX read len: 3
> SMUX message received type: 65 rest len: 1
> SMUX_CLOSE
> SMUX_CLOSE with reason: 5
> SMUX connect try 1
> SMUX open oid: 1.3.6.1.4.1.3317.1.3.1
> SMUX open progname: radiusd
> SMUX open password:
> SMUX register oid: 1.3.6.1.2.1.67.1.1.1.1
> SMUX register priority: -1
> SMUX register operation: 1
> SMUX register oid: 1.3.6.1.2.1.67.2.1.1.1
> SMUX register priority: -1
> SMUX register operation: 1
> rl_next: returning NULL
> Waking up in 6 seconds...
> SMUX read start
> SMUX read len: 3
> SMUX message received type: 65 rest len: 1
> SMUX_CLOSE
> SMUX_CLOSE with reason: 5
> SMUX connect try 1
> SMUX open oid: 1.3.6.1.4.1.3317.1.3.1
> SMUX open progname: radiusd
> SMUX open password:
> SMUX register oid: 1.3.6.1.2.1.67.1.1.1.1
> SMUX register priority: -1
> SMUX register operation: 1
> SMUX register oid: 1.3.6.1.2.1.67.2.1.1.1
> SMUX register priority: -1
> SMUX register operation: 1
> rl_next: returning NULL
> Waking up in 6 seconds...
> SMUX read start
> SMUX read len: 3
> SMUX message received type: 65 rest len: 1
> SMUX_CLOSE
> SMUX_CLOSE with reason: 5
> SMUX connect try 1
> SMUX open oid: 1.3.6.1.4.1.3317.1.3.1
> SMUX open progname: radiusd
> SMUX open password:
> SMUX register oid: 1.3.6.1.2.1.67.1.1.1.1
> SMUX register priority: -1
> SMUX register operation: 1
> SMUX register oid: 1.3.6.1.2.1.67.2.1.1.1
> SMUX register priority: -1
> SMUX register operation: 1
> rl_next: returning NULL
> Waking up in 6 seconds...
> SMUX read start
> SMUX read len: 3
> SMUX message received type: 65 rest len: 1
> SMUX_CLOSE
> SMUX_CLOSE with reason: 5
> SMUX connect try 1
> SMUX open oid: 1.3.6.1.4.1.3317.1.3.1
> SMUX open progname: radiusd
> SMUX open password:
> SMUX register oid: 1.3.6.1.2.1.67.1.1.1.1
> SMUX register priority: -1
> SMUX register operation: 1
> SMUX register oid: 1.3.6.1.2.1.67.2.1.1.1
> SMUX register priority: -1
> SMUX register operation: 1
> rl_next: returning NULL
> Waking up in 6 seconds...
> SMUX read start
> SMUX read len: 3
> SMUX message received type: 65 rest len: 1
> SMUX_CLOSE
> SMUX_CLOSE with reason: 5
> SMUX connect try 1
> SMUX open oid: 1.3.6.1.4.1.3317.1.3.1
> SMUX open progname: radiusd
> SMUX open password:
> SMUX register oid: 1.3.6.1.2.1.67.1.1.1.1
> SMUX register priority: -1
> SMUX register operation: 1
> SMUX register oid: 1.3.6.1.2.1.67.2.1.1.1
> SMUX register priority: -1
> SMUX register operation: 1
> rl_next: returning NULL
> Waking up in 6 seconds...
> SMUX read start
> SMUX read len: 3
> SMUX message received type: 65 rest len: 1
> SMUX_CLOSE
> SMUX_CLOSE with reason: 5
> SMUX connect try 1
> SMUX open oid: 1.3.6.1.4.1.3317.1.3.1
> SMUX open progname: radiusd
> SMUX open password:
> SMUX register oid: 1.3.6.1.2.1.67.1.1.1.1
> SMUX register priority: -1
> SMUX register operation: 1
> SMUX register oid: 1.3.6.1.2.1.67.2.1.1.1
> SMUX register priority: -1
> SMUX register operation: 1
> SMUX register message send failed: Broken pipe
> rl_next: returning NULL
> Waking up in 6 seconds...
> SMUX connect try 1
> SMUX open oid: 1.3.6.1.4.1.3317.1.3.1
> SMUX open progname: radiusd
> SMUX open password:
> SMUX register oid: 1.3.6.1.2.1.67.1.1.1.1
> SMUX register priority: -1
> SMUX register operation: 1
> SMUX register oid: 1.3.6.1.2.1.67.2.1.1.1
> SMUX register priority: -1
> SMUX register operation: 1
> SMUX register message send failed: Broken pipe
> --- Walking the entire request list ---
> Cleaning up request 0 ID 53 with timestamp 3df4559a
> Nothing to do. Sleeping until we see a request.
>
>
>
>
>
>
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
--
Kostas Kalevras Network Operations Center
[EMAIL PROTECTED] National Technical University of Athens, Greece
Work Phone: +30 210 7721861
'Go back to the shadow' Gandalf
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
