On Monday 04 August 2003 1:26 pm, Roger Sherwood wrote: > I'm looking for some guidance on how to limit a user's session time (i.e. > to 1 hour) within a 24 hour period and not reset the counter afterwards.
Let me rephrase this and see if I understand what you're looking for:
Are you trying to create a counter such that once a user logs in, he has up to
24 hours to use just one actual hour of connect time
-OR-
once a user is entered into the database, he can use one hour anytime between
now and 24 hours from now
in either case, once the 24 hours is up, the user cannot login again [ever],
and if the initial hour wasn't fully used, oh well, it's lost?
> My sqlcounter.conf looks like this (the "daily" counter provided in the
> example with the reset set to never instead of daily):
There is a "known bug" with 0.8.1 and reset=never -- if the radius server
itself is reset, all the "reset=never" counters get reset anyway -- if you're
testing (very likely) you are also probably restarting the server as you make
changes to the config file and test. [though I think this "bug" is related
more for the "normal" DB counter, not the sql-counter, but it may apply here
as well...]
> sqlcounter hourcounter {
> counter-name = Max-Hour-Session-Time
> check-name = Max-Hour-Session
> sqlmod-inst = sql
> key = User-Name
> reset = never
> query = "SELECT SUM(AcctSessionTime - GREATEST((%b -
> UNIX_TIMESTAMP(AcctStartTime)), 0)) FROM radacct WHERE UserName='%{%k}' AND
> UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime > '%b'"
> }
Actually, now that I think of it, "reset=" doesn't necessarilly apply to
sql-counter style counters, since the "select" statement itself can be
constructed to imply a reset time [i.e., something like "...where
day(acctstarttime) = day(now())" or similar for something that is reset
"daily"]
> I set Max-Hour-Session to 3600 in radgroupcheck and the login does expire
> after an hour's usage but not within a 24 hour period, I can use it over
> several days until the limit is reached.
Hmmm... this kind of implies you want something different altogether [and I'm
not sure my guesses above match] let me take another shot: do you want to
limit a user to one WALLTIME hour, i.e., even if the user logs out and back
in, he only has one hour from the initial login? And further, this "hour of
access" should reset after a day?
> I've searched the archive and tried out a few variations but no joy. Is
> this possible?
>
> Thanks for any enlightenment,
>
> Rog.
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
--
Yet another Blog: http://osnut.homelinux.net
pgp00000.pgp
Description: signature
