subject:"RE\: \[m0n0wall\] RE\: access for 24 hours after first login\?"

RE: [m0n0wall] RE: access for 24 hours after first login? need help

2005-10-12 Thread maruna

Hi all,

I use postgresql with freeradius 1.0.4 and it's been working well.

Then, The below topic got my attentioe interested and I tried my hand on
this query 

sqlcounter validity {
counter-name = All-Hour-Used
check-name = Max-Hour-Used
sqlmod-inst = sql
key = User-Name
reset = never
query = SELECT current_timestamp - acctstarttime from
radacct WHERE UserName='%{%k}' LIMIT 1
}

but it only worked well. I tested it for 5 days all seems well.

However, my problem is that I want to set this against secs not hours and
this has not been successful.

I will be glad If someone can point me to a link aside postgresql manual to
accomplish that task.

Thank you

goksie

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of maruna
Sent: Thursday, October 06, 2005 7:50 PM
To: 'FreeRadius users mailing list'
Subject: RE: [m0n0wall] RE: access for 24 hours after first login?

It doesn't work on postgresql v7.4.6 that I tried it on.. however, I used 

SELECT now() - AcctStartTime FROM radacct WHERE UserName = '%{%k}'
LIMIT 1;

And its ok

Thank you
goksie
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Jonathan
De Graeve
Sent: Thursday, October 06, 2005 3:09 PM
To: Jonathan De Graeve; FreeRadius users mailing list
Cc: [EMAIL PROTECTED]
Subject: RE: [m0n0wall] RE: access for 24 hours after first login?

And here the query in case you don't like seconds ;)

SELECT HOUR(SEC_TO_TIME(UNIX_TIMESTAMP() -
UNIX_TIMESTAMP(AcctStartTime))) FROM radacct WHERE UserName = '%{%k}'
LIMIT 1;

Then All-Secs-Passed/Max-Secs-Passed should be
All-Hours-Passed/Max-Hours-Passed and Max-Hours-Passed specified in
Hours instead of seconds

Also note this is for MySQL. Don't know if it also works on oracle and
Postgres

--
Jonathan De Graeve
Network/System Administrator
Imelda vzw
Informatica Dienst
015/50.52.98
[EMAIL PROTECTED]

-Oorspronkelijk bericht-
Van: Jonathan De Graeve [mailto:[EMAIL PROTECTED] 
Verzonden: donderdag 6 oktober 2005 15:51
Aan: FreeRadius users mailing list
CC: [EMAIL PROTECTED]
Onderwerp: [m0n0wall] RE: access for 24 hours after first login?

This is how I do this

Use SQLcounter module

Put this in sqlcounter.conf (expecting that sqlcounter is already
configged in the radiusd.conf)

sqlcounter validity {
counter-name = All-Secs-Passed
check-name = Max-Secs-Passed
sqlmod-inst = sql
key = User-Name
reset = never
query = SELECT UNIX_TIMESTAMP() -
UNIX_TIMESTAMP(AcctStartTime) secs_passed_since_start FROM radacct WHERE
UserName = '%{%k}' LIMIT 1


Create in the config dictionary file an attribute of Max-Secs-Passed

For example:
#ATTRIBUTE  My-Local-String 3000string
#ATTRIBUTE  My-Local-IPAddr 3001ipaddr
#ATTRIBUTE  My-Local-Integer3002integer
ATTRIBUTE   Max-Secs-Passed 3000 integer

In radiusd.conf:

Authorize {} section:

Put this: validity

The Max-Secs-Passed var is defined in seconds. So if you want a user
only to be able to logon in the first 24hours after his first logon,
Max-Secs-Passed should be set to 86400 (60secs * 60minutes * 24)

Hope this helps the question I think many people will have.

You could use other check or counter-names, its just an example

You also could combine this with volume limits, max total session time
etc...

Kind Regards

--
Jonathan De Graeve
Network/System Administrator
Imelda vzw
Informatica Dienst
015/50.52.98
[EMAIL PROTECTED]

-Oorspronkelijk bericht-
Van: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Namens Markus
Krause
Verzonden: donderdag 6 oktober 2005 12:57
Aan: freeradius-users@lists.freeradius.org
Onderwerp: Re: access for 24 hours after first login?

Zitat von Alan DeKok [EMAIL PROTECTED]:
 Markus Krause [EMAIL PROTECTED] wrote:
  i set up freeradius succesfully for authentification against pam and
users
 file
  :-)

   Please don't use authentification.  It's authentication.
sorry for my poor english, it's not my mother-tongue ...

  now i want to enhance the functionality about the following feature:
  setting up several predefined (guest) accounts with a generated
username
 and
  password. this account should be valid from the first time it is
used
 (first
  login)   for 24 hours (or even better until 23:59 that day).

   rlm_counter.  Set it for 24 hours of access, and reset=never.
i read about this, but does this not mean that the user has an online
time of 24
hours (or whatever i set in Max-All-Session-Time), so he can login until
he has
been active for 24 hours in sum?

thanks in advance for your help!
   markus


   Alan DeKok.
 -
 List info/subscribe/unsubscribe? See
 http://www.freeradius.org/list/users.html



--
Markus Krause   email: [EMAIL PROTECTED]
Computing Center

RE: [m0n0wall] RE: access for 24 hours after first login?

2005-10-06 Thread Jonathan De Graeve

And here the query in case you don't like seconds ;)

SELECT HOUR(SEC_TO_TIME(UNIX_TIMESTAMP() -
UNIX_TIMESTAMP(AcctStartTime))) FROM radacct WHERE UserName = '%{%k}'
LIMIT 1;

Then All-Secs-Passed/Max-Secs-Passed should be
All-Hours-Passed/Max-Hours-Passed and Max-Hours-Passed specified in
Hours instead of seconds

Also note this is for MySQL. Don't know if it also works on oracle and
Postgres

--
Jonathan De Graeve
Network/System Administrator
Imelda vzw
Informatica Dienst
015/50.52.98
[EMAIL PROTECTED]

-Oorspronkelijk bericht-
Van: Jonathan De Graeve [mailto:[EMAIL PROTECTED] 
Verzonden: donderdag 6 oktober 2005 15:51
Aan: FreeRadius users mailing list
CC: [EMAIL PROTECTED]
Onderwerp: [m0n0wall] RE: access for 24 hours after first login?

This is how I do this

Use SQLcounter module

Put this in sqlcounter.conf (expecting that sqlcounter is already
configged in the radiusd.conf)

sqlcounter validity {
counter-name = All-Secs-Passed
check-name = Max-Secs-Passed
sqlmod-inst = sql
key = User-Name
reset = never
query = SELECT UNIX_TIMESTAMP() -
UNIX_TIMESTAMP(AcctStartTime) secs_passed_since_start FROM radacct WHERE
UserName = '%{%k}' LIMIT 1


Create in the config dictionary file an attribute of Max-Secs-Passed

For example:
#ATTRIBUTE  My-Local-String 3000string
#ATTRIBUTE  My-Local-IPAddr 3001ipaddr
#ATTRIBUTE  My-Local-Integer3002integer
ATTRIBUTE   Max-Secs-Passed 3000 integer

In radiusd.conf:

Authorize {} section:

Put this: validity

The Max-Secs-Passed var is defined in seconds. So if you want a user
only to be able to logon in the first 24hours after his first logon,
Max-Secs-Passed should be set to 86400 (60secs * 60minutes * 24)

Hope this helps the question I think many people will have.

You could use other check or counter-names, its just an example

You also could combine this with volume limits, max total session time
etc...

Kind Regards

--
Jonathan De Graeve
Network/System Administrator
Imelda vzw
Informatica Dienst
015/50.52.98
[EMAIL PROTECTED]

-Oorspronkelijk bericht-
Van: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Namens Markus
Krause
Verzonden: donderdag 6 oktober 2005 12:57
Aan: freeradius-users@lists.freeradius.org
Onderwerp: Re: access for 24 hours after first login?

Zitat von Alan DeKok [EMAIL PROTECTED]:
 Markus Krause [EMAIL PROTECTED] wrote:
  i set up freeradius succesfully for authentification against pam and
users
 file
  :-)

   Please don't use authentification.  It's authentication.
sorry for my poor english, it's not my mother-tongue ...

  now i want to enhance the functionality about the following feature:
  setting up several predefined (guest) accounts with a generated
username
 and
  password. this account should be valid from the first time it is
used
 (first
  login)   for 24 hours (or even better until 23:59 that day).

   rlm_counter.  Set it for 24 hours of access, and reset=never.
i read about this, but does this not mean that the user has an online
time of 24
hours (or whatever i set in Max-All-Session-Time), so he can login until
he has
been active for 24 hours in sum?

thanks in advance for your help!
   markus


   Alan DeKok.
 -
 List info/subscribe/unsubscribe? See
 http://www.freeradius.org/list/users.html



--
Markus Krause   email: [EMAIL PROTECTED]
Computing CenterTel.: 089 - 89 40 85 99
Group Lottspeich / Proteomics   Fax.: 089 - 89 40 85 98

-
 This message was sent using https://webmail.biochem.mpg.de
If you encounter any problems please report to [EMAIL PROTECTED]

- 
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html




-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]





- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

RE: [m0n0wall] RE: access for 24 hours after first login?

2005-10-06 Thread maruna

It doesn't work on postgresql v7.4.6 that I tried it on.. howver, I used 

SELECT now() - AcctStartTime FROM radacct WHERE UserName = '%{%k}'
LIMIT 1;

And its ok

Thank you
goksie
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Jonathan
De Graeve
Sent: Thursday, October 06, 2005 3:09 PM
To: Jonathan De Graeve; FreeRadius users mailing list
Cc: [EMAIL PROTECTED]
Subject: RE: [m0n0wall] RE: access for 24 hours after first login?

And here the query in case you don't like seconds ;)

SELECT HOUR(SEC_TO_TIME(UNIX_TIMESTAMP() -
UNIX_TIMESTAMP(AcctStartTime))) FROM radacct WHERE UserName = '%{%k}'
LIMIT 1;

Then All-Secs-Passed/Max-Secs-Passed should be
All-Hours-Passed/Max-Hours-Passed and Max-Hours-Passed specified in
Hours instead of seconds

Also note this is for MySQL. Don't know if it also works on oracle and
Postgres

--
Jonathan De Graeve
Network/System Administrator
Imelda vzw
Informatica Dienst
015/50.52.98
[EMAIL PROTECTED]

-Oorspronkelijk bericht-
Van: Jonathan De Graeve [mailto:[EMAIL PROTECTED] 
Verzonden: donderdag 6 oktober 2005 15:51
Aan: FreeRadius users mailing list
CC: [EMAIL PROTECTED]
Onderwerp: [m0n0wall] RE: access for 24 hours after first login?

This is how I do this

Use SQLcounter module

Put this in sqlcounter.conf (expecting that sqlcounter is already
configged in the radiusd.conf)

sqlcounter validity {
counter-name = All-Secs-Passed
check-name = Max-Secs-Passed
sqlmod-inst = sql
key = User-Name
reset = never
query = SELECT UNIX_TIMESTAMP() -
UNIX_TIMESTAMP(AcctStartTime) secs_passed_since_start FROM radacct WHERE
UserName = '%{%k}' LIMIT 1


Create in the config dictionary file an attribute of Max-Secs-Passed

For example:
#ATTRIBUTE  My-Local-String 3000string
#ATTRIBUTE  My-Local-IPAddr 3001ipaddr
#ATTRIBUTE  My-Local-Integer3002integer
ATTRIBUTE   Max-Secs-Passed 3000 integer

In radiusd.conf:

Authorize {} section:

Put this: validity

The Max-Secs-Passed var is defined in seconds. So if you want a user
only to be able to logon in the first 24hours after his first logon,
Max-Secs-Passed should be set to 86400 (60secs * 60minutes * 24)

Hope this helps the question I think many people will have.

You could use other check or counter-names, its just an example

You also could combine this with volume limits, max total session time
etc...

Kind Regards

--
Jonathan De Graeve
Network/System Administrator
Imelda vzw
Informatica Dienst
015/50.52.98
[EMAIL PROTECTED]

-Oorspronkelijk bericht-
Van: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Namens Markus
Krause
Verzonden: donderdag 6 oktober 2005 12:57
Aan: freeradius-users@lists.freeradius.org
Onderwerp: Re: access for 24 hours after first login?

Zitat von Alan DeKok [EMAIL PROTECTED]:
 Markus Krause [EMAIL PROTECTED] wrote:
  i set up freeradius succesfully for authentification against pam and
users
 file
  :-)

   Please don't use authentification.  It's authentication.
sorry for my poor english, it's not my mother-tongue ...

  now i want to enhance the functionality about the following feature:
  setting up several predefined (guest) accounts with a generated
username
 and
  password. this account should be valid from the first time it is
used
 (first
  login)   for 24 hours (or even better until 23:59 that day).

   rlm_counter.  Set it for 24 hours of access, and reset=never.
i read about this, but does this not mean that the user has an online
time of 24
hours (or whatever i set in Max-All-Session-Time), so he can login until
he has
been active for 24 hours in sum?

thanks in advance for your help!
   markus


   Alan DeKok.
 -
 List info/subscribe/unsubscribe? See
 http://www.freeradius.org/list/users.html



--
Markus Krause   email: [EMAIL PROTECTED]
Computing CenterTel.: 089 - 89 40 85 99
Group Lottspeich / Proteomics   Fax.: 089 - 89 40 85 98

-
 This message was sent using https://webmail.biochem.mpg.de
If you encounter any problems please report to [EMAIL PROTECTED]

- 
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html




-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]





- 
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

RE: [m0n0wall] RE: access for 24 hours after first login?

2005-10-06 Thread Markus Krause

hi jonathan,

thanks a lot, this seems to be (almost) what i wanted! great! :-)

i am just wondering about how this (the module sqlcounter) actually works, e.g.
how is the actual comparision of the calculated value in query done, does it
mean, that the value returned by query has to be smaller than the one
referred to by check-name (in your example Max-Secs-Passed)?
what does the line sqlmod-inst = sql mean (in
/usr/share/doc/freeradius/rlm_sqlcounter there is also the value sqlcc3, what
does this do?)

what about the following:

SELECT TO_DAYS(NOW()) - TO_DAYS(AcctStartTime) from radacct WHERE UserName =
'%(%k)' LIMIT 1;

would this mean that a user can login until 23:59 after logged in the first time
that day?

thank you very much for your help (and of course the help of everybody else on
this greate mailing list!)

regards,
   markus

Zitat von Jonathan De Graeve [EMAIL PROTECTED]:
 And here the query in case you don't like seconds ;)

 SELECT HOUR(SEC_TO_TIME(UNIX_TIMESTAMP() -
 UNIX_TIMESTAMP(AcctStartTime))) FROM radacct WHERE UserName = '%{%k}'
 LIMIT 1;

 Then All-Secs-Passed/Max-Secs-Passed should be
 All-Hours-Passed/Max-Hours-Passed and Max-Hours-Passed specified in
 Hours instead of seconds

 Also note this is for MySQL. Don't know if it also works on oracle and
 Postgres

 --
 Jonathan De Graeve
 Network/System Administrator
 Imelda vzw
 Informatica Dienst
 015/50.52.98
 [EMAIL PROTECTED]

 -Oorspronkelijk bericht-
 Van: Jonathan De Graeve [mailto:[EMAIL PROTECTED]
 Verzonden: donderdag 6 oktober 2005 15:51
 Aan: FreeRadius users mailing list
 CC: [EMAIL PROTECTED]
 Onderwerp: [m0n0wall] RE: access for 24 hours after first login?

 This is how I do this

 Use SQLcounter module

 Put this in sqlcounter.conf (expecting that sqlcounter is already
 configged in the radiusd.conf)

 sqlcounter validity {
 counter-name = All-Secs-Passed
 check-name = Max-Secs-Passed
 sqlmod-inst = sql
 key = User-Name
 reset = never
 query = SELECT UNIX_TIMESTAMP() -
 UNIX_TIMESTAMP(AcctStartTime) secs_passed_since_start FROM radacct WHERE
 UserName = '%{%k}' LIMIT 1


 Create in the config dictionary file an attribute of Max-Secs-Passed

 For example:
 #ATTRIBUTE  My-Local-String 3000string
 #ATTRIBUTE  My-Local-IPAddr 3001ipaddr
 #ATTRIBUTE  My-Local-Integer3002integer
 ATTRIBUTE Max-Secs-Passed 3000 integer

 In radiusd.conf:

 Authorize {} section:

 Put this: validity

 The Max-Secs-Passed var is defined in seconds. So if you want a user
 only to be able to logon in the first 24hours after his first logon,
 Max-Secs-Passed should be set to 86400 (60secs * 60minutes * 24)

 Hope this helps the question I think many people will have.

 You could use other check or counter-names, its just an example

 You also could combine this with volume limits, max total session time
 etc...

 Kind Regards

 --
 Jonathan De Graeve
 Network/System Administrator
 Imelda vzw
 Informatica Dienst
 015/50.52.98
 [EMAIL PROTECTED]

 -Oorspronkelijk bericht-
 Van: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] Namens Markus
 Krause
 Verzonden: donderdag 6 oktober 2005 12:57
 Aan: freeradius-users@lists.freeradius.org
 Onderwerp: Re: access for 24 hours after first login?

 Zitat von Alan DeKok [EMAIL PROTECTED]:
  Markus Krause [EMAIL PROTECTED] wrote:
   i set up freeradius succesfully for authentification against pam and
 users
  file
   :-)
 
Please don't use authentification.  It's authentication.
 sorry for my poor english, it's not my mother-tongue ...

   now i want to enhance the functionality about the following feature:
   setting up several predefined (guest) accounts with a generated
 username
  and
   password. this account should be valid from the first time it is
 used
  (first
   login)   for 24 hours (or even better until 23:59 that day).
 
rlm_counter.  Set it for 24 hours of access, and reset=never.
 i read about this, but does this not mean that the user has an online
 time of 24
 hours (or whatever i set in Max-All-Session-Time), so he can login until
 he has
 been active for 24 hours in sum?

 thanks in advance for your help!
markus

 
Alan DeKok.
  -
  List info/subscribe/unsubscribe? See
  http://www.freeradius.org/list/users.html
 


 --
 Markus Krause   email: [EMAIL PROTECTED]
 Computing CenterTel.: 089 - 89 40 85 99
 Group Lottspeich / Proteomics   Fax.: 089 - 89 40 85 98

 -
  This message was sent using https://webmail.biochem.mpg.de
 If you encounter any problems please report to [EMAIL PROTECTED]

 -
 List info/subscribe/unsubscribe? See
 http://www.freeradius.org/list/users.html




 -
 To unsubscribe, e-mail: [EMAIL PROTECTED

RE: [m0n0wall] RE: access for 24 hours after first login? need help

RE: [m0n0wall] RE: access for 24 hours after first login?

RE: [m0n0wall] RE: access for 24 hours after first login?

RE: [m0n0wall] RE: access for 24 hours after first login?

4 matches

Site Navigation

Mail list logo

Footer information