Here we go again
1. add datetime column at the end of radacct table (name it for example
last_update_column)
2. edit queries in dialup.conf (for 2.x FR) or sql.conf (for 1.x FR) so
every update will update this column to (for example update radacct set
........, last_update_column = NOW() ).
Now you will have the correct time when was the last update for specific
session.
3. write php, perl, shell or any other script which you can start with
cron and check if there is any active sessions (acctstoptime = null or
acctstoptime = 0) which last update was X minutes ago.
For example, X can be 11 minutes and you can set up your NAS to send
updates every 5 minutes. This means that you can have at least 2 updates
before you close session with cron script.
This is not the only way to solve this problem but it works with all FR
version, and it doesn't depend on your NAS(es). Also, this isn't ideal
solution because if your NAS goes off and on again before you received
stop packets, all users will need to wait X minutes before they can
connect again. (there are no updates so last_update_column will be
unchanged and the cron script will close all sessions after X minutes)
Spacelee wrote:
sorry, does the radcheck.pl <http://radcheck.pl> included in
freeradius now? does you mean /usr/sbin/checkrad ?
and i search the keywords "Simultaneous mysql radius down" , but found
no results i need.
2010/6/1 Anton <w...@stack.ru <mailto:w...@stack.ru>>
It should be done by NAS. For example PPPoE and PPTP have lcp
packets, If no response for some time from
client to NAS then NAS decides that session is down and sends
acct-stop packet to radius server. Radius
server sets the corresponding record to SQL session table.
Or there is another method: depending on NAS type radiusd can
connect to NAS and check activity of user
session directly on NAS - this is more reliable source of
information. See radcheck.pl <http://radcheck.pl>.
On Tue, 1 Jun 2010 16:24:54 +0700
Spacelee <fjct...@gmail.com <mailto:fjct...@gmail.com>> wrote:
>
> i want to limit user's behavior, such as a username can login
only once at the same time...
>
> 1、modifiy default and inner-tunnel in
>
> # Session database, used for checking Simultaneous-Use. Either
the radutmp
> # or rlm_sql module can handle this.
> # The rlm_sql module is *much* faster
> session {
> #radutmp
>
> # See "Simultaneous Use Checking Querie" in sql.conf
> sql
>
> }
> 2、modify dialup.conf in etc/raddb/sql/mysql
>
> # Uncomment simul_count_query to enable simultaneous use checking
>
> simul_count_query = "SELECT COUNT(*) \
> FROM ${acct_table1} \
> WHERE username = '%{SQL-User-Name}' \
> AND acctstoptime IS NULL"
>
> 3、add a entry to the table radgorucheck
> INSERT INTO `radgroupcheck` ( `id` , `GroupName` , `Attribute` ,
`op` , `Value` )
> VALUES (
> NULL , ’user’, ’Simultaneous-Use’, ’:=’, ’1’
> );
>
> 4. update the user "test" to the group "user"
>
>
> i finally tried successfully, but if , i say if the radius
server was down suddenly or the user logout
> improperly(such as he poweroff the computer directly). then the
record will still be record in the table as
> he was still online ...so we need to modify the record, but how
to ? can freeradius judge it by itself, or
> how to judge the user if offline ?
>
> --
> Spacelee
>
>
>
> --
> Spacelee
--
Anton [WARM-RIPE]
Stack ltd division head
tel. 8 (3822) 555-797
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
--
Spacelee
------------------------------------------------------------------------
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
