On Sat, Aug 1, 2009 at 10:06 PM, Ivan Kalik<[email protected]> wrote: >> I am a newbie trying to create a prepaid hotspot and I am using following. >> >> CentOS 5.3 >> freeradius2-2.1.6 >> mysql 5.0.45 >> daloradius-0.9-8 >> chillispot 1.0 (in dd-wrt) >> >> >> Now I wanted to try that if I will give a user 1 hour time (1 hour >> prepaid card is sold and assumed that user can consume that within >> infinite period of time without expiration), i want to limit that time >> strictly. For this I have implemented the "Max-All-Session" Attribute >> and so far it is working during login time (not during user session). >> So following is the problem: >> >> 1) User have 1 hour and if he is continuously logged in more than 1 >> hour, there is no way he will be automatically logged out. > > You have not implemented the counter correctly or your NAS doesn't support > Session-Timeout. > >> 2) For solution to this, I have implemented the "Session-Timeout" of 1 >> hour (3600) together with "Max-All-Session". > > Which is poitless. > >> This solution works given >> that user is not interrupted (or logged in continuously for 1 hour or >> more). This strategy fails when user logs out before 1 hour and logs >> in again. Supposing he still have 20 mins total time left, when he >> logs back in , his session timeout is again 1 hour so if continues to >> use until session timeout, he will end up using more than his time. >> This is worse if user logs in multiple time within credited time >> period. > > OK, so Session-Timeout works. Then you haven't implemented the counter > properly. Post the debug. > >> In this situation, what I wanted to do is - No matter what, when user >> reaches his time limit, he will be logged out from his session (if >> logged in) or not accept login request anymore ("Max-All-Session" >> already does this). > > Yes, but it looks like you are overriding Session-Timeout set by the > couter with the fixed value. > >> 3) Now to implement the former condition I did some research and found >> out that freeradius is not designed to kick the user however we need >> to send the "Packet of Disconnect" to NAS (AP) by some means of >> script. It is also assumed (I guess) that we will monitor their >> account table and hand pick the user by ourselves and disconnect them >> manually. Instead I want to automate this thing. > > Just forget that. > >> 4) After some research for this automation, I found out about the >> "radkill" untility (which is not exactly I wanted) but got some idea >> that we can do following step to logout user automatically >> >> (a) Find out about that user session and from which NAS he is logged >> in (radwho can be used for this purpose) >> (b) Send the packet of disconnect to that NAS for that particular user. > > You don't need any of that. Just set up counter properly. > >> Now before reinventing the wheel, I have been asking a question to >> myself for sometime >> >> (a) In the prepaid users scenario, there may be hundreds of users >> connected. Isn't that keeping track of each user's time in real time >> through some kind of daemon will be CPU intensive task? and overkill >> for the server? > > Not at all, since the server doesn't do that. NAS generates accounting. > >> (b) Instead of keeping track in eating CPU cycles and memory, I though >> it would be nice to use and implement this logic when accounting >> packet arrives from chilli to radius (something like database >> triggerers). so when accounting packet arrives for any particular >> user, radius will check his "Max-All-Session" against used sum of used >> sessions and if necessary, send the packet of disconnect to the NAS. >> Well the problem is I don't know how to implement this since I am very >> new to freeradius and this whole hotspot thing. > > No need. By passing Session-Timeout at login time NAS will disconnect the > user when the time comes. > >> (c) Lastly, I am just wondering that somebody must have faced this >> problem before and made a solution considering many hotspot solutions >> available today. or am I seriously missing something (since new in >> this area), or there are more sleek approach to this problem than what >> I am thinking, which is readily available out of the box. > > You have messed up counter implementation. Post the debug and lets see > what is going on with it. > > Ivan Kalik > Kalik Informatika ISP > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html >
Right after posing this message, I was just browsing the chillispot forum (http://www.chillispot.info/chilliforum/viewtopic.php?id=329) and found that there is bug in the SQL statement in noreset counter and followed the link to previous discussion of this matter (http://www.mail-archive.com/[email protected]/msg50930.html) and corrected the statement which was previously: ==================== "SELECT SUM(AcctSessionTime) FROM radacct WHERE UserName='%{%k}'" ==================== to now this: ==================== "SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='%{%k}'" ==================== and it is solved now. I tried to search for previous discussion from nabble but didn't show up this particular dicussion. I have been desperately looking for the answer for about 2 days. Now only after posting a long nonsense post, I found the answer right away (few minutes after post). I don't know if the bug is in the this particular rpm or it is still there in the source. I hope this is corrected already. Anyway thanks for your valuable time to listen to me. :-) Regards and good day! -- ============================== Registered Linux User #460714 Currently Using Fedora 10, CentOS 5.3 ============================== - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
