And here the query in case you don't like seconds ;) SELECT HOUR(SEC_TO_TIME(UNIX_TIMESTAMP() - UNIX_TIMESTAMP(AcctStartTime))) FROM radacct WHERE UserName = '%{%k}' LIMIT 1;
Then All-Secs-Passed/Max-Secs-Passed should be All-Hours-Passed/Max-Hours-Passed and Max-Hours-Passed specified in Hours instead of seconds Also note this is for MySQL. Don't know if it also works on oracle and Postgres.... -- Jonathan De Graeve Network/System Administrator Imelda vzw Informatica Dienst 015/50.52.98 [EMAIL PROTECTED] -----Oorspronkelijk bericht----- Van: Jonathan De Graeve [mailto:[EMAIL PROTECTED] Verzonden: donderdag 6 oktober 2005 15:51 Aan: FreeRadius users mailing list CC: [EMAIL PROTECTED] Onderwerp: [m0n0wall] RE: access for 24 hours after first login? This is how I do this Use SQLcounter module Put this in sqlcounter.conf (expecting that sqlcounter is already configged in the radiusd.conf) sqlcounter validity { counter-name = All-Secs-Passed check-name = Max-Secs-Passed sqlmod-inst = sql key = User-Name reset = never query = "SELECT UNIX_TIMESTAMP() - UNIX_TIMESTAMP(AcctStartTime) secs_passed_since_start FROM radacct WHERE UserName = '%{%k}' LIMIT 1" Create in the config dictionary file an attribute of Max-Secs-Passed For example: #ATTRIBUTE My-Local-String 3000 string #ATTRIBUTE My-Local-IPAddr 3001 ipaddr #ATTRIBUTE My-Local-Integer 3002 integer ATTRIBUTE Max-Secs-Passed 3000 integer In radiusd.conf: Authorize {} section: Put this: validity The Max-Secs-Passed var is defined in seconds. So if you want a user only to be able to logon in the first 24hours after his first logon, Max-Secs-Passed should be set to 86400 (60secs * 60minutes * 24) Hope this helps the question I think many people will have. You could use other check or counter-names, its just an example.... You also could combine this with volume limits, max total session time etc... Kind Regards -- Jonathan De Graeve Network/System Administrator Imelda vzw Informatica Dienst 015/50.52.98 [EMAIL PROTECTED] -----Oorspronkelijk bericht----- Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Namens Markus Krause Verzonden: donderdag 6 oktober 2005 12:57 Aan: freeradius-users@lists.freeradius.org Onderwerp: Re: access for 24 hours after first login? Zitat von Alan DeKok <[EMAIL PROTECTED]>: > Markus Krause <[EMAIL PROTECTED]> wrote: > > i set up freeradius succesfully for authentification against pam and users > file > > :-) > > Please don't use "authentification". It's "authentication". sorry for my poor english, it's not my mother-tongue ... > > now i want to enhance the functionality about the following feature: > > setting up several predefined (guest) accounts with a generated username > and > > password. this account should be valid from the first time it is used > (first > > login) for 24 hours (or even better until 23:59 that day). > > rlm_counter. Set it for 24 hours of access, and "reset=never". i read about this, but does this not mean that the user has an online time of 24 hours (or whatever i set in Max-All-Session-Time), so he can login until he has been active for 24 hours in sum? thanks in advance for your help! markus > > Alan DeKok. > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > -- Markus Krause email: [EMAIL PROTECTED] Computing Center Tel.: 089 - 89 40 85 99 Group Lottspeich / Proteomics Fax.: 089 - 89 40 85 98 --------------------------------------------------------------------- This message was sent using https://webmail.biochem.mpg.de If you encounter any problems please report to [EMAIL PROTECTED] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html