Use the couter module it does exactly what you want without triggers etc.
Regards Jaco van Tonder ________________________________________ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: 17 August 2005 11:28 AM To: freeradius-users@lists.freeradius.org Subject: How to Disable RADIUS user logins if 'Session-Timeout' falls below 0 Hi All, I am using FreeRadius with PostgreSQL and everything is running like a charm besides a small issue. I am using session-timeout attribute in radreply table to control user session time. I have added a trigger on RADACCT table which subtracts amount of time used by user from RADREPLY each time when he logs in. It does work but when time is below 0 or negative I need to stop user from getting into my system and I am failing to do so. Here are my RADREPLY Table entries INSERT INTO radreply (id, username, attribute, op, value) VALUES (2, 'sagar', 'Idle-Timeout', ':=', '300'); INSERT INTO radreply (id, username, attribute, op, value) VALUES (3, 'sagar', 'Reply-Message', ':=', 'You Have Logged in Successfully'); INSERT INTO radreply (id, username, attribute, op, value) VALUES (1, 'sagar', 'Acct-Interim-Interval', ':=', '120'); INSERT INTO radreply (id, username, attribute, op, value) VALUES (4, 'sagar', 'Session-Timeout', ':=', '-904'); The easiest way would be altering Authenticate SQL and adding a condition to check Session-Timeout to see it doesnt fall below 0 I am not very good in POSTGRES so can someone please let me know how to do it. The other way would be using a Function /Procedure to carry out this check but my question is how to use procedures/functions in postgres.conf authenticate_query = "SELECT Value,Attribute FROM ${authcheck_table} \ WHERE UserName = '%{User-Name}' AND ( Attribute = 'User-Password' OR Attribute = 'Crypt-Password' ) \ ORDER BY Attribute DESC" Sagar Patil British Telecommunications plc Registered office: 81 Newgate Street London EC1A 7AJ Registered in England no. 1800000. This electronic message contains information from British Telecommunications plc which may be privileged or confidential. The information is intended to be for the use of the individual(s) or entity named above. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information is prohibited. If you have received this electronic message in error, please notify us by telephone or email (to the numbers or address above) immediately. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html