rdo, sexta-feira, 7 de maio de 2004 às 15:06 você escreveu: rsp> I´m using freeradius and the autentication methos by userfile, now i have to rsp> create 2 usergroups, one for 1hour to surf in the internet othre for 6hours.
rsp> Can anyone help me about creating these 2 usergroups and setting ups each user rsp> for desired usergroup. Olá Rui, eu escrevi uma mensagem para outra pessoa há poucos minutos, tratando de uma situação parecida. Veja se isso não lhe ajuda... Você precisa usar SQL para este método, ele não funciona com arquivos. --------------------------------------------------------------------- Hi, this is my attempt to explain how to make the SQL counters work. It is not too hard to make it work, once you have a stable installation. I wasn't able to make it work, for several reasons... Have a look at the file rlm_sqlcounter in the doc folder. It will tell you that you have to compile the server with support for rlm_sqlcounter installed. The configure script refused to build a valid Makefile on my FreeBSD 4.5 box, but worked fine on 5.2. Once you have the server compiled with that option, follow the text file and create a sqlcounter.conf file. I am using just this for now: sqlcounter noresetcounter { counter-name = Max-All-Session-Time check-name = Max-All-Session sqlmod-inst = sql # key = User-Name key = Stripped-User-Name reset = never query = "SELECT SUM(AcctSessionTime) FROM radacct WHERE UserName='%{%k}'" } I don't know how you are storing the usernames in your tables. I am stripping the domain, so I had to modify the original example to get a result from MySQL instead of an empty response. Then, still following the doc/rlm_sqlcounter file, I included the noresetcounter in the authorize section of radiusd.conf. Now all you should have to do is create a group which checks the Max-All-Session value. My tables are set up like this: radcheck is used only for the password check: 'username' == 'somepassword' radgroupcheck checks for the maximum allowed time for the subscription plan the user belongs to: 'groupname' Max-All-Session := 600 <- I used just 5 minutes of allowed time 'groupname' Auth-Type := Local radgroupreply contains everything I have to send back, but note that the Session-Timeout is generated by the counter and added automatically: 'groupname' Framed-Protocol == PPP 'groupname' Service-Type == Framed-User 'groupname' Idle-Timeout := 600 'groupname' Acct-Interim-Interval := 300 Naturally you will need at least one account record to test the setup. If you run the server in debug mode, you should get something like this: rlm_sqlcounter: (Check item - counter) is greater than zero rlm_sqlcounter: Authorized user joao.silva, check_item=600, counter=586 rlm_sqlcounter: Sent Reply-Item for user joao.silva, Type=Session-Timeout, value=14 As the user stayed on-line for 586 seconds already, he has only 14 seconds left. The package sent back to the user is something like this: Framed-Protocol == PPP Service-Type == Framed-User Idle-Timeout := 600 Acct-Interim-Interval := 300 Session-Timeout = 14 Well, I hope this helps you somehow. Ulrich - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html