Dear All
I am running freeradius-0.9.3 at my redhat 9 machine. rlm_sqlcounter module is
also installed. at radius log shows that module is successfully loaded.
Sat Apr 10 13:53:43 2004 : Info: rlm_sql (sql): Driver rlm_sql_mysql (module
rlm_sql_mysql) loaded and linked
but seems to me rlm_sqlcounter is not working properly.
counter is not resetting the user as well as not rejecting though his maximum
sessiontime has been finished. So whats wrong with my configuration. Can anyone
help me out of this problem.
I have put attribte at my mysql database
mysql> select * from radcheck where username='testshuvo';
| id | UserName | Attribute | Value | op |
+------+-----------+-----------------+-------+----+
| 6471 | testshuvo | User-Password | 12345 | := |
| 6476 | testshuvo | Max-All-Session | 11000 | := |
+------+-----------+-----------------+-------+----+
here is my configuration files
#/etc/raddb/sqlcounter.conf
#-----#
sqlcounter noresetcounter {
counter-name = Max-All-Session-Time
check-name = Max-All-Session
sqlmod-inst = sql
key = User-Name
reset = never
query = "Select sum(AcctSessionTime) from radacct where
username='%(%k)'"
}
sqlcounter dailycounter {
driver = "rlm_sqlcounter"
counter-name = Daily-Session-Time
check-name = Max-Daily-Session
sqlmod-inst = sqlcca3
key = User-Name
reset = daily
query = "SELECT SUM(AcctSessionTime - GREATEST((%b -
UNIX_TIMESTAMP(AcctStartTime)), 0)) FROM radacct WHERE UserName='%{%k}' AND
UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime > '%b'"
}
sqlcounter monthlycounter {
counter-name = Monthly-Session-Time
check-name = Max-Monthly-Session
sqlmod-inst = sqlcca3
key = User-Name
reset = monthly
query = "SELECT SUM(AcctSessionTime - GREATEST((%b -
UNIX_TIMESTAMP(AcctStartTime)), 0)) FROM radacct WHERE UserName='%{%k}' AND
UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime > '%b'"
}
#-----#
#/etc/raddb/radiusd.conf
prefix = /usr
exec_prefix = /usr
sysconfdir = /etc
localstatedir = /var
sbindir = /usr/sbin
logdir = ${localstatedir}/log/radius
raddbdir = ${sysconfdir}/raddb
radacctdir = ${logdir}/radacct
confdir = ${raddbdir}
run_dir = ${localstatedir}/run/radiusd
log_file = ${logdir}/radius.log
libdir = /usr/lib
pidfile = ${run_dir}/radiusd.pid
user = radiusd
group = radiusd
max_request_time = 30
delete_blocked_requests = no
cleanup_delay = 5
max_requests = 1024
bind_address = *
port = 0
hostname_lookups = no
allow_core_dumps = no
regular_expressions = yes
extended_expressions = yes
log_stripped_names = no
log_auth = no
log_auth_badpass = no
log_auth_goodpass = no
usercollide = no
lower_user = no
lower_pass = no
nospace_user = no
nospace_pass = no
checkrad = ${sbindir}/checkrad
security {
max_attributes = 200
reject_delay = 1
status_server = no
}
proxy_requests = yes
$INCLUDE ${confdir}/proxy.conf
$INCLUDE ${confdir}/clients.conf
snmp = no
$INCLUDE ${confdir}/snmp.conf
thread pool {
start_servers = 5
max_servers = 32
min_spare_servers = 3
max_spare_servers = 10
max_requests_per_server = 0
}
modules {
$INCLUDE ${confdir}/sqlcounter.conf
pap {
encryption_scheme = crypt
}
chap {
authtype = CHAP
}
pam {
pam_auth = radiusd
}
unix {
cache = no
cache_reload = 600
#passwd = /etc/passwd
shadow = /etc/shadow
#group = /etc/group
radwtmp = ${logdir}/radwtmp
}
eap {
default_eap_type = md5
timer_expire = 60
md5 {
}
leap {
}
}
mschap {
authtype = MS-CHAP
}
realm realmslash {
format = prefix
delimiter = "/"
}
realm suffix {
format = suffix
delimiter = "@"
}
realm realmpercent {
format = suffix
delimiter = "%"
}
preprocess {
huntgroups = ${confdir}/huntgroups
hints = ${confdir}/hints
with_ascend_hack = no
ascend_channels_per_line = 23
with_ntdomain_hack = no
with_specialix_jetstream_hack = no
with_cisco_vsa_hack = no
}
files {
usersfile = ${confdir}/users
acctusersfile = ${confdir}/acct_users
compat = no
}
detail {
detailfile = ${radacctdir}/%{Client-IP-Address}/detail-%Y%m%d
detailperm = 0600
}
acct_unique {
key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-
Address, NAS-Port-Id"
}
$INCLUDE ${confdir}/sql.conf
radutmp {
filename = ${logdir}/radutmp
username = %{User-Name}
case_sensitive = yes
check_with_nas = yes
perm = 0600
callerid = "yes"
}
radutmp sradutmp {
filename = ${logdir}/sradutmp
perm = 0644
callerid = "no"
}
attr_filter {
attrsfile = ${confdir}/attrs
}
counter daily {
filename = ${raddbdir}/db.daily
key = User-Name
count-attribute = Acct-Session-Time
reset = daily
counter-name = Daily-Session-Time
check-name = Max-Daily-Session
allowed-servicetype = Framed-User
cache-size = 5000
}
always fail {
rcode = fail
}
always reject {
rcode = reject
}
always ok {
rcode = ok
simulcount = 0
mpp = no
}
expr {
}
digest {
}
exec {
wait = yes
input_pairs = request
}
exec echo {
wait = yes
program = "/bin/echo %{User-Name}"
input_pairs = request
output_pairs = reply
}
ippool main_pool {
range-start = 192.168.1.1
range-stop = 192.168.3.254
netmask = 255.255.255.0
cache-size = 800
session-db = ${raddbdir}/db.ippool
ip-index = ${raddbdir}/db.ipindex
override = no
}
}
instantiate {
expr
# daily
}
authorize {
preprocess
# eap
suffix
# files
sql
chap
mschap
noresetcounter
dailycounter
monthlycounter
}
authenticate {
Auth-Type PAP {
pap
}
Auth-Type CHAP {
chap
}
Auth-Type MS-CHAP {
mschap
}
#
unix
eap
#
pam
}
preacct {
preprocess
suffix
#files
}
accounting {
acct_unique
detail
sql
# radutmp
}
session {
sql
}
post-auth {
}
pre-proxy {
}
post-proxy {
eap
}
here is the debugging log for your understanding
modcall: group preacct returns noop for request 2
modcall: entering group accounting for request 2
rlm_acct_unique: WARNING: Attribute NAS-Port-Id was not found in request,
unique ID MAY be inconsistent
rlm_acct_unique: Hashing ',Client-IP-Address = 202.22.200.41,NAS-IP-Address =
202.22.201.4,Acct-Session-Id = "820001CC",User-Name = "testshuvo"'
rlm_acct_unique: Acct-Unique-Session-ID = "43eb944ab525f0bf".
modcall[accounting]: module "acct_unique" returns ok for request 2
radius_xlat: '/var/log/radius/radacct/202.22.200.41/detail-20040410'
rlm_detail: /var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d expands
to /var/log/radius/radacct/202.22.200.41/detail-20040410
modcall[accounting]: module "detail" returns ok for request 2
radius_xlat: 'testshuvo'
rlm_sql (sql): sql_set_user escaped user --> 'testshuvo'
radius_xlat: 'INSERT into radacct (RadAcctId, AcctSessionId, AcctUniqueId,
UserName, Realm, NASIPAddress, NASPortId, NASPortType, AcctStartTime,
AcctStopTime, AcctSessionTime, AcctAuthentic, ConnectInfo_start,
ConnectInfo_stop, AcctInputOctets, AcctOutputOctets, CalledStationId,
CallingStationId, AcctTerminateCause, ServiceType, FramedProtocol,
FramedIPAddress, AcctStartDelay, AcctStopDelay) values
('', '820001CC', '43eb944ab525f0bf', 'testshuvo', 'NULL', '202.22.201.4', '18',
'Async', '2004-04-10
14:16:19', '0', '0', 'RADIUS', '', '', '0', '0', '', '', '', 'Framed-
User', 'PPP', '202.22.204.61', '0', '0')'
radius_xlat: '/var/log/radius/sqltrace.sql'
rlm_sql (sql): Reserving sql socket id: 1
rlm_sql_mysql: query: INSERT into radacct (RadAcctId, AcctSessionId,
AcctUniqueId, UserName, Realm, NASIPAddress, NASPortId, NASPortType,
AcctStartTime, AcctStopTime, AcctSessionTime, AcctAuthentic, ConnectInfo_start,
ConnectInfo_stop, AcctInputOctets, AcctOutputOctets, CalledStationId,
CallingStationId, AcctTerminateCause, ServiceType, FramedProtocol,
FramedIPAddress, AcctStartDelay, AcctStopDelay) values
('', '820001CC', '43eb944ab525f0bf', 'testshuvo', 'NULL', '202.22.201.4', '18',
'Async', '2004-04-10
14:16:19', '0', '0', 'RADIUS', '', '', '0', '0', '', '', '', 'Framed-
User', 'PPP', '202.22.204.61', '0', '0')
rlm_sql (sql): Released sql socket id: 1
modcall[accounting]: module "sql" returns ok for request 2
modcall: group accounting returns ok for request 2
Sending Accounting-Response of id 25 to 202.22.200.41:1646
Proxy-State = 0x33303139
Finished request 2
Going to the next request
--- Walking the entire request list ---
Waking up in 4 seconds...
--- Walking the entire request list ---
Cleaning up request 1 ID 85 with timestamp 4077ad51
Waking up in 2 seconds...
--- Walking the entire request list ---
Cleaning up request 2 ID 25 with timestamp 4077ad53
Nothing to do. Sleeping until we see a request.
rad_recv: Accounting-Request packet from host 202.22.200.41:1646, id=26,
length=160
Acct-Session-Id = "820001CC"
User-Name = "testshuvo"
NAS-IP-Address = 202.22.201.4
NAS-Port = 18
NAS-Port-Type = Async
Acct-Status-Type = Stop
Acct-Session-Time = 11
Acct-Authentic = RADIUS
Acct-Input-Octets = 2044
Acct-Output-Octets = 1199
Acct-Terminate-Cause = User-Request
LE-Terminate-Detail = "User Request - PPP Term Req"
Service-Type = Framed-User
Framed-Protocol = PPP
Framed-IP-Address = 202.22.204.61
Acct-Delay-Time = 0
Proxy-State = 0x33303161
modcall: entering group preacct for request 3
modcall[preacct]: module "preprocess" returns noop for request 3
rlm_realm: No '@' in User-Name = "testshuvo", looking up realm NULL
rlm_realm: Found realm "NULL"
rlm_realm: Adding Stripped-User-Name = "testshuvo"
rlm_realm: Proxying request from user testshuvo to realm NULL
rlm_realm: Adding Realm = "NULL"
rlm_realm: Accounting realm is LOCAL.
modcall[preacct]: module "suffix" returns noop for request 3
modcall: group preacct returns noop for request 3
modcall: entering group accounting for request 3
rlm_acct_unique: WARNING: Attribute NAS-Port-Id was not found in request,
unique ID MAY be inconsistent
rlm_acct_unique: Hashing ',Client-IP-Address = 202.22.200.41,NAS-IP-Address =
202.22.201.4,Acct-Session-Id = "820001CC",User-Name = "testshuvo"'
rlm_acct_unique: Acct-Unique-Session-ID = "43eb944ab525f0bf".
modcall[accounting]: module "acct_unique" returns ok for request 3
radius_xlat: '/var/log/radius/radacct/202.22.200.41/detail-20040410'
rlm_detail: /var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d expands
to /var/log/radius/radacct/202.22.200.41/detail-20040410
modcall[accounting]: module "detail" returns ok for request 3
radius_xlat: 'testshuvo'
rlm_sql (sql): sql_set_user escaped user --> 'testshuvo'
radius_xlat: 'UPDATE radacct SET AcctStopTime = '2004-04-10 14:16:29',
AcctSessionTime = '11', AcctInputOctets = '2044', AcctOutputOctets = '1199',
AcctTerminateCause = 'User-Request', AcctStopDelay = '0', ConnectInfo_stop = ''
WHERE AcctSessionId = '820001CC' AND UserName = 'testshuvo' AND NASIPAddress
= '202.22.201.4' AND AcctStopTime = 0'
radius_xlat: '/var/log/radius/sqltrace.sql'
rlm_sql (sql): Reserving sql socket id: 0
rlm_sql_mysql: query: UPDATE radacct SET AcctStopTime = '2004-04-10 14:16:29',
AcctSessionTime = '11', AcctInputOctets = '2044', AcctOutputOctets = '1199',
AcctTerminateCause = 'User-Request', AcctStopDelay = '0', ConnectInfo_stop = ''
WHERE AcctSessionId = '820001CC' AND UserName = 'testshuvo' AND NASIPAddress
= '202.22.201.4' AND AcctStopTime = 0
rlm_sql (sql): Released sql socket id: 0
modcall[accounting]: module "sql" returns ok for request 3
modcall: group accounting returns ok for request 3
Sending Accounting-Response of id 26 to 202.22.200.41:1646
Proxy-State = 0x33303161
Finished request 3
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
--- Walking the entire request list ---
Cleaning up request 3 ID 26 with timestamp 4077ad5d
Nothing to do. Sleeping until we see a request.
waiting for your quick response regarding this matter.
thanks and regards
-------------------------------------------------
This mail sent through IMP: http://mail.accesstel.net/
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
