--- On Wed, 4/7/10, Alan DeKok <[email protected]> wrote:
>
> See "man unlang"
>
Thanks for your hint, Alan.
> In the "authorize" section, do:
>
> if ("%{sql: SELECT ...quota ...}" <=
> "%{sql:SELECT ... usage ...}") {
> reject
> }
>
I am using the following in the authorize section:
if ("%{sql: SELECT Value from radcheck WHERE UserName='%{User-Name}' AND
Attribute='Max-Octets';}" <= "%{sql: SELECT (SUM(Ac
ctInputOctets + AcctOutputOctets)) FROM radacct WHERE
UserName='%{User-Name}';}") {
reject
}
Unfortunatly I get:
rlm_sql: Failed to create the pair: Invalid octet string "200000000" for
attribute name "Max-Octets"
Any idea how to fix that?
Cheers,
Alexander
rad_recv: Access-Request packet from host 10.1.50.254 port 1645, id=38,
length=140
Framed-Protocol = PPP
User-Name = "test"
User-Password = "password"
Calling-Station-Id = "test"
Called-Station-Id = "corporate.local"
Connect-Info = "8640000"
NAS-Port-Type = Virtual
NAS-Port = 38
NAS-Port-Id = "Uniq-Sess-ID38"
Service-Type = Framed-User
NAS-IP-Address = 10.1.50.254
+- entering group authorize {...}
++[preprocess] returns ok
++? if ("%{sql: SELECT Value from radcheck WHERE UserName='%{User-Name}' AND
Attribute='Max-Octets';}" <= "%{sql: SELECT (SUM(AcctInputOctets +
AcctOutputOctets)) FROM radacct WHERE UserName='%{User-Name}';}")
sql_xlat
expand: %{User-Name} -> test
sql_set_user escaped user --> 'test'
expand: SELECT Value from radcheck WHERE UserName='%{User-Name}' AND
Attribute='Max-Octets'; -> SELECT Value from radcheck WHERE UserName='test'
AND Attribute='Max-Octets';
rlm_sql (sql): Reserving sql socket id: 4
sql_xlat finished
rlm_sql (sql): Released sql socket id: 4
expand: %{sql: SELECT Value from radcheck WHERE UserName='%{User-Name}'
AND Attribute='Max-Octets';} -> 200000000
sql_xlat
expand: %{User-Name} -> test
sql_set_user escaped user --> 'test'
expand: SELECT (SUM(AcctInputOctets + AcctOutputOctets)) FROM radacct
WHERE UserName='%{User-Name}'; -> SELECT (SUM(AcctInputOctets +
AcctOutputOctets)) FROM radacct WHERE UserName='test';
rlm_sql (sql): Reserving sql socket id: 3
sql_xlat finished
rlm_sql (sql): Released sql socket id: 3
expand: %{sql: SELECT (SUM(AcctInputOctets + AcctOutputOctets)) FROM
radacct WHERE UserName='%{User-Name}';} -> 18719870
? Evaluating ("%{sql: SELECT Value from radcheck WHERE UserName='%{User-Name}'
AND Attribute='Max-Octets';}" <= "%{sql: SELECT (SUM(AcctInputOctets +
AcctOutputOctets)) FROM radacct WHERE UserName='%{User-Name}';}") -> FALSE
++? if ("%{sql: SELECT Value from radcheck WHERE UserName='%{User-Name}' AND
Attribute='Max-Octets';}" <= "%{sql: SELECT (SUM(AcctInputOctets +
AcctOutputOctets)) FROM radacct WHERE UserName='%{User-Name}';}") -> FALSE
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "test", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
++[unix] returns notfound
[files] users: Matched entry DEFAULT at line 172
++[files] returns ok
[sql] expand: %{User-Name} -> test
[sql] sql_set_user escaped user --> 'test'
rlm_sql (sql): Reserving sql socket id: 2
[sql] expand: SELECT id, username, attribute, value, op FROM
radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id ->
SELECT id, username, attribute, value, op FROM radcheck
WHERE username = 'test' ORDER BY id
rlm_sql: Failed to create the pair: Invalid octet string "200000000" for
attribute name "Max-Octets"
rlm_sql (sql): Error getting data from database
[sql] SQL query error; rejecting user
rlm_sql (sql): Released sql socket id: 2
++[sql] returns fail
Using Post-Auth-Type Reject
+- entering group REJECT {...}
[attr_filter.access_reject] expand: %{User-Name} -> test
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 0 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 0
Sending Access-Reject of id 38 to 10.1.50.254 port 1645
Waking up in 4.9 seconds.
Cleaning up request 0 ID 38 with timestamp +12
Ready to process requests.-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
