Interesting. Basically, you included the AuthBy SQL logic right
into the hook.
Did you decide on this solution because the AuthBy SQL clause in
radius.cfg didn't work as expected?
Thanks for your help,
William
-----Original Message-----
From: ganbold [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 25, 2001 9:25 PM
To: William Hernandez
Cc: [EMAIL PROTECTED]
Subject: Re: (RADIATOR) Important - How to do Block Time users
Hi,
I solved it in following way. Below is PostAuthHook script.
# CheckBlockTimeLeft
#
# PostAuthHook to check time left for a block user
# by verifying the Session-Timeout attribute
#
sub
{
my $p = ${$_[0]};
my $rp = ${$_[1]};
my $result = ${$_[2]};
my $name = $p->get_attr('User-Name');
my $timeoutxx = 0;
use DBI;
my ($dsn)="DBI:mysql:radius:localhost";
my ($namex)="xxx";
#my ($password11)="xxx";
my ($dbh,$sth);
my (@ary);
$dbh=DBI->connect($dsn,$namex,"xxx",{RaiseError=>1});
my ($sth)=$dbh->prepare (qq{
SELECT USERNAME,TIMELEFT FROM SUBSCRIBERS
WHERE USERNAME='$name'
});
$sth->execute();
while(my $hash_ref=$sth->fetchrow_hashref())
{
print join ("\t",$hash_ref->{USERNAME},$hash_ref->{TIMELEFT}).
"\n";
$timeoutxx = $hash_ref->{TIMELEFT};
}
$sth->finish();
$dbh->disconnect();
if (($result == $main::ACCEPT) && ($timeoutxx <= 0))
{
&main::log($main::LOG_DEBUG, "User $name has no time
left");
if($timeoutxx<0){
$dbh=DBI->connect($dsn,$namex,"xxx",{RaiseError=>1});
my ($sth)=$dbh->prepare (qq{
UPDATE SUBSCRIBERS SET TIMELEFT=0 WHERE USERNAME='$name'
});
$sth->execute();
$sth->finish();
$dbh->disconnect();
}
# ${$_[2]} = $main::REJECT;
if($p->code eq 'Access-Request'){
$rp->delete_attr('Filter-Id');
$rp->delete_attr('Session-Timeout');
$rp->delete_attr('Framed-Protocol');
$rp->delete_attr('Service-Type');
$rp->delete_attr('Framed-MTU');
$rp->delete_attr('Framed-Compression');
$rp->set_code('Access-Reject');
$rp->change_attr('Reply-Message','Prepaid time limit
reached!');
$p->{Client}->replyTo($rp,$p);
}
if($p->code eq 'Accounting-Request'){
$rp->set_code('Accounting-Response');
$p->{Client}->replyTo($rp,$p);
}
}
return;
}
#####################################################
HTH,
Ganbold Ts.
----- Original Message -----
From: "William Hernandez" <[EMAIL PROTECTED]>
To: "Radiator" <[EMAIL PROTECTED]>
Sent: Wednesday, April 25, 2001 11:25 PM
Subject: RE: (RADIATOR) Important - How to do Block Time users
> Hello everyone,
>
> I'm trying to follow Hugh's tips, but I'm doing something
wrong.
>
> In my radius.cfg I have:
>
> <AuthBy SQL>
> Identifier TimeBlock-SQL
> DBSource *
> DBUsername *
> DBAuth *
> AuthSelect select TIMEBLOCK from XSTOP where
> USERNAME='%n'
> AuthColumnDef 0, Time, check
> </AuthBy>
> <Realm DEFAULT>
> AuthBy Check-FILE
> AuthBy System
> # This AuthBy will check the Time check-item
> AuthBy TimeBlock-SQL
> # This hook calculates the session-timeout
> PostAuthHook file:"/etc/raddb/setSessionTimeout"
> AcctLogFileName /var/log/radacct/detail
> PasswordLogFileName /var/log/radius.log
> ExcludeFromPasswordLog root
> </Realm>
>
> In my PostAuthHook I have:
> my $timeblock=$p->get_attr('Time');
>
> The problem is $timeblock is coming back an empty string. I
can't
> get the value to the PostAuthHook.
> The "ERR: Invalid timeblock for user whr" in the radius.log
comes
> from the PostAuthHook.
>
> A Trace 4 radius.log shows:
> Wed Apr 25 11:05:31 2001: DEBUG: Packet dump:
> *** Received from 208.249.78.6 port 4319 ....
> Code: Access-Request
> Identifier: 196
> Authentic: 1234567890123456
> Attributes:
> User-Name = "whr"
> Service-Type = Framed-User
> NAS-IP-Address = 203.63.154.1
> NAS-Port = 1234
> NAS-Port-Type = Async
> User-Password =
> "<146><208><238><158><247><22><144><5><164><133><228><17
> 4><1>H<30>x"
>
> Wed Apr 25 11:05:31 2001: DEBUG: Handling request with Handler
> 'Realm=DEFAULT'
> Wed Apr 25 11:05:31 2001: DEBUG: Deleting session for whr,
> 203.63.154.1, 1234
> Wed Apr 25 11:05:31 2001: DEBUG: do query is: delete from
> RADONLINE where NASIDE
> NTIFIER='203.63.154.1' and NASPORT=01234
>
> Wed Apr 25 11:05:31 2001: DEBUG: Handling with Radius::AuthFILE
> Wed Apr 25 11:05:31 2001: DEBUG: Radius::AuthFILE looks for
match
> with whr
> Wed Apr 25 11:05:31 2001: DEBUG: Radius::AuthFILE looks for
match
> with DEFAULT
> Wed Apr 25 11:05:31 2001: DEBUG: Handling with Radius::AuthUNIX
> Wed Apr 25 11:05:31 2001: DEBUG: Radius::AuthUNIX looks for
match
> with whr
> Wed Apr 25 11:05:31 2001: DEBUG: Query is: select
NASIDENTIFIER,
> NASPORT, ACCTSE
> SSIONID from RADONLINE where USERNAME='whr'
>
> Wed Apr 25 11:05:31 2001: Login OK: [whr] (home)
> Wed Apr 25 11:05:31 2001: DEBUG: Radius::AuthUNIX ACCEPT:
> Wed Apr 25 11:05:31 2001: DEBUG: Radius::AuthFILE ACCEPT:
> Wed Apr 25 11:05:31 2001: ERR: Invalid timeblock for user whr
> Wed Apr 25 11:05:31 2001: DEBUG: Access accepted for whr
> Wed Apr 25 11:05:31 2001: DEBUG: Packet dump:
> *** Sending to 208.249.78.6 port 4319 ....
> Code: Access-Accept
> Identifier: 196
> Authentic: 1234567890123456
> Attributes:
> Service-Type = Framed-User
> Framed-Protocol = PPP
> Framed-IP-Netmask = 255.255.255.255
> Framed-Compression = Van-Jacobson-TCP-IP
> Ascend-Idle-Limit = 900
>
>
> Any help would be appreciated.
> Thanks in advance,
> William
>
>
> ===
> Archive at http://www.starport.net/~radiator/
> Announcements on [EMAIL PROTECTED]
> To unsubscribe, email '[EMAIL PROTECTED]' with
> 'unsubscribe radiator' in the body of the message.
>
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
