On Wed, Apr 06, 2005 at 03:05:41PM +0200, John Eckert wrote:
> Hi List,
> is there a way to log out zombie users. I mean users that
> did a login (auth. + acct.) but no logout because of a
> problem with the NAS. This happens when the NAS gets rebooted
> due to a power fault with logged in users. No volitional
> reboot.
Doesn't the NAS send an Accounting-ON packet or something?
If it does, you can use that the clear the logged-on sessions
from that NAS.
> I have simultaneous sessions = 1 so the user cannot login
> after reboot of the NAS, because the RADIUS server says he
> is still logged in.
> The NAS send every 2 Minutes a "Alive" Message, so perhaps
> there is a way to log out every user for whom there was no
> "Alive" message is the last 5 Minutes??
I use a cron job to scan the logged in users, and spot those
who've not had an ALIVE packet in a little while. It used to
call radzap, but a problem with RadAcctID truncation means I
can't generate correct radzap calls from radwho, so I dropped
radutmp and just do it against the database.
select UserName, NASIPAddress, NASPortId, (UNIX_TIMESTAMP(NOW()) -
UNIX_TIMESTAMP(AcctStartTime + INTERVAL AcctSessionTime SECOND))/60 AS
Minutes, NasPortType, RadAcctId, FramedIPAddress from
radacct where AcctStopTime = 0;
Then for each record, either:
radzap -r radiusserver {NASIPAddress} {NASPortId} {UserName}
or
UPDATE radacct SET AcctStopTime=NOW() WHERE UserName = {UserName}
AND RadAcctId = {RadAcctId} AND AcctStopTime = 0;
That's in a cron job every ten minutes:
*/10 * * * * /usr/local/sbin/loststop.pl
And you're done.
I will be moving soon to being able to query the NAS for
simultaneous-use information instead, since the ALIVE packets
only come every half-hour. >_<
The other disadvantage I hit with the SQL solution was that
Daylight's savings changeover always bites me. In spring, I
get users disconnected too quickly. In autumn, I get them
disconnected too late.
--
Paul "TBBle" Hampson, on an alternate email client.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
