Re: RADIUS + MySQL + decisionmaking?
On Wed, 2006-09-27 at 02:47 +0100, Jan Mulders wrote:
Hello,
I am trying to set up some decision-making logic into FreeRADIUS, to
assign users a different speed of service depending on how much
bandwidth they've used since their billing started.
I want to issue 512k speed to users in group A, who have used less
than 20GB of bandwidth (monthlybytecounter is working fine at the
moment and totals this up nicely). However, if they've used more than
20GB, I want to issue 256k speed to users.
For group B, I want users to get 10Mbps as long as they've used less
than 50GB of bandwidth, and 1Mbps if they're over.
I want to assign the values for speed to some vendor-specific
variable, let's say Max-User-Speed.
Hi
I am replying because I haven't seen any other replies.
The Attribute you use will depend on the NAS equipment
you are using. Check the documentation and dictionaries
for your radius client.
I am using MySQL for this. Here is a snippet from my database:
radcheck table:
username, attribute, op, value
testuser1, Password, ==, testing
usergroup table:
username, groupname
testuser1, groupa
Here is a snippet from my radiusd.conf file:
instantiate {
monthlybytecounter
}
authorize {
preprocess
sql
}
authenticate {
pap
}
preacct {
preprocess
}
accounting {
#acct_unique
#detail
sql
radutmp # ?
}
session {
radutmp # ?
sql
}
My question is... how do I implement this? Can anyone write down a few
examples of how I'd go about making these rules?
Would I perhaps be better off making a cronjob or something that
changes the user's group to one of the following? groupA_belowcap,
groupA_overcap, groupB_belowcap, groupB_overcap?
I do not usually work with MySQL but you are on the right track
using a counter but you didn't say if it was an sql_counter, which
is what I would use. I would also drop the radutmp bits, and do
everything from SQL. One other note, I usually keep the detail
bits, for archival purposes in case of a dispute.
As for examples, this is as close as I can give you with the bits
you want :
--- snip ---
modules {
detail acct_log {
detailfile = ${radacctdir}/%Y/%m/detail-%Y%m%d
detailperm = 0640
dirperm = 0750
}
sqlcounter dailycounter {
counter-name = Daily-Session-Time
check-name = Max-Daily-Session
sqlmod-inst = sql
key = User-Name
reset = daily
query = SELECT SUM(AcctSessionTime - \
GREATEST((%b - UNIX_TIMESTAMP(AcctStartTime)), 0)) \
FROM radacct WHERE UserName='%{%k}' AND \
UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime '%b'
}
sqlcounter monthlycounter {
counter-name = Monthly-Session-Time
check-name = Max-Monthly-Session
sqlmod-inst = sql
key = User-Name
reset = monthly
query = SELECT SUM(AcctSessionTime - \
GREATEST((%b - UNIX_TIMESTAMP(AcctStartTime)), 0)) \
FROM radacct WHERE UserName='%{%k}' AND \
UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime '%b'
}
}
instantiate {
dailycounter
monthlycounter
}
authorize {
sql
dailycounter
monthlycounter
}
accounting {
acct_log
sql
}
session {
sql
}
--- snip ---
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: RADIUS + MySQL + decisionmaking?
Thanks for your help. I ended up pulling the accounting counter part
out completely and did it via a cronjob that changed the user's group
- and have implemented the detail log as suggested.
Thank you,
Jan
On 27/09/06, Guy Fraser [EMAIL PROTECTED] wrote:
On Wed, 2006-09-27 at 02:47 +0100, Jan Mulders wrote:
Hello,
I am trying to set up some decision-making logic into FreeRADIUS, to
assign users a different speed of service depending on how much
bandwidth they've used since their billing started.
I want to issue 512k speed to users in group A, who have used less
than 20GB of bandwidth (monthlybytecounter is working fine at the
moment and totals this up nicely). However, if they've used more than
20GB, I want to issue 256k speed to users.
For group B, I want users to get 10Mbps as long as they've used less
than 50GB of bandwidth, and 1Mbps if they're over.
I want to assign the values for speed to some vendor-specific
variable, let's say Max-User-Speed.
Hi
I am replying because I haven't seen any other replies.
The Attribute you use will depend on the NAS equipment
you are using. Check the documentation and dictionaries
for your radius client.
I am using MySQL for this. Here is a snippet from my database:
radcheck table:
username, attribute, op, value
testuser1, Password, ==, testing
usergroup table:
username, groupname
testuser1, groupa
Here is a snippet from my radiusd.conf file:
instantiate {
monthlybytecounter
}
authorize {
preprocess
sql
}
authenticate {
pap
}
preacct {
preprocess
}
accounting {
#acct_unique
#detail
sql
radutmp # ?
}
session {
radutmp # ?
sql
}
My question is... how do I implement this? Can anyone write down a few
examples of how I'd go about making these rules?
Would I perhaps be better off making a cronjob or something that
changes the user's group to one of the following? groupA_belowcap,
groupA_overcap, groupB_belowcap, groupB_overcap?
I do not usually work with MySQL but you are on the right track
using a counter but you didn't say if it was an sql_counter, which
is what I would use. I would also drop the radutmp bits, and do
everything from SQL. One other note, I usually keep the detail
bits, for archival purposes in case of a dispute.
As for examples, this is as close as I can give you with the bits
you want :
--- snip ---
modules {
detail acct_log {
detailfile = ${radacctdir}/%Y/%m/detail-%Y%m%d
detailperm = 0640
dirperm = 0750
}
sqlcounter dailycounter {
counter-name = Daily-Session-Time
check-name = Max-Daily-Session
sqlmod-inst = sql
key = User-Name
reset = daily
query = SELECT SUM(AcctSessionTime - \
GREATEST((%b - UNIX_TIMESTAMP(AcctStartTime)), 0)) \
FROM radacct WHERE UserName='%{%k}' AND \
UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime '%b'
}
sqlcounter monthlycounter {
counter-name = Monthly-Session-Time
check-name = Max-Monthly-Session
sqlmod-inst = sql
key = User-Name
reset = monthly
query = SELECT SUM(AcctSessionTime - \
GREATEST((%b - UNIX_TIMESTAMP(AcctStartTime)), 0)) \
FROM radacct WHERE UserName='%{%k}' AND \
UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime '%b'
}
}
instantiate {
dailycounter
monthlycounter
}
authorize {
sql
dailycounter
monthlycounter
}
accounting {
acct_log
sql
}
session {
sql
}
--- snip ---
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RADIUS + MySQL + decisionmaking?
Hello,
I am trying to set up some decision-making logic into FreeRADIUS, to
assign users a different speed of service depending on how much
bandwidth they've used since their billing started.
I want to issue 512k speed to users in group A, who have used less
than 20GB of bandwidth (monthlybytecounter is working fine at the
moment and totals this up nicely). However, if they've used more than
20GB, I want to issue 256k speed to users.
For group B, I want users to get 10Mbps as long as they've used less
than 50GB of bandwidth, and 1Mbps if they're over.
I want to assign the values for speed to some vendor-specific
variable, let's say Max-User-Speed.
I am using MySQL for this. Here is a snippet from my database:
radcheck table:
username, attribute, op, value
testuser1, Password, ==, testing
usergroup table:
username, groupname
testuser1, groupa
Here is a snippet from my radiusd.conf file:
instantiate {
monthlybytecounter
}
authorize {
preprocess
sql
}
authenticate {
pap
}
preacct {
preprocess
}
accounting {
#acct_unique
#detail
sql
radutmp # ?
}
session {
radutmp # ?
sql
}
My question is... how do I implement this? Can anyone write down a few
examples of how I'd go about making these rules?
Would I perhaps be better off making a cronjob or something that
changes the user's group to one of the following? groupA_belowcap,
groupA_overcap, groupB_belowcap, groupB_overcap?
Regards,
Jan Mulders
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
