Hello Team The user can authenticate and browse at any time. May i know which entry i have to add to make user 'test' deny authenticate after 1 hour?
When ever a user authenticates it is logged in radpostauth. In /etc/raddb/users file i have a user test "test" Cleartext-Password := "hello" my database details are as follows mysql> select * from radcheck; +----+----------+-----------------+----+-------+ | id | username | attribute | op | value | +----+----------+-----------------+----+-------+ | 45 | test | Max-All-Session | := | 540 | +----+----------+-----------------+----+-------+ INSERT into radcheck VALUES ('','test','Max-All-Session',':=','5400'); mysql> select * from radpostauth; +----+----------+------+---------------+---------------------+ | id | username | pass | reply | authdate | +----+----------+------+---------------+---------------------+ | 54 | test | test | Access-Accept | 2011-10-19 13:59:18 | | 55 | test | test | Access-Accept | 2011-10-19 13:59:34 | | 56 | test | test | Access-Accept | 2011-10-19 14:22:57 | | 57 | test | test | Access-Accept | 2011-10-21 22:32:54 | | 58 | test | test | Access-Accept | 2011-10-25 15:11:34 | +----+----------+------+---------------+---------------------+ 5 rows in set (0.00 sec) radtest test hello localhost 0 testing123 Sending Access-Request of id 67 to 127.0.0.1 port 1812 User-Name = "test" User-Password = "hello" NAS-IP-Address = 127.0.0.1 NAS-Port = 0 rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=67, length=20 Please help me , thanks in advance Thanks, Senthil On Tue, Oct 25, 2011 at 3:06 PM, senthil kumar <senthilkumaar2...@gmail.com> wrote: > Thanks i will check in and let you know > > On Sat, Oct 22, 2011 at 12:37 AM, Alan DeKok <al...@deployingradius.com> > wrote: >> senthil kumar wrote: >>> I have installed free-radius in linux machine with accounting support >>> and was able to authenticate using radtest client.and also I was also >>> successfully authenticate with squid proxy server. >> >> That's good to hear. >> >>> I need to assign quota to squid users based on the weekly/hourly >>> basis. I need users radius server to return packet reject when time is >>> expired. is it possible in radius? >> >> Yes. See the "counter" module, or the "sqlcounter" module. >> >> The main issue is that they require the NAS to send accounting >> packets. I don't know if squid does that. >> >>> I am using only linux machine with proxy server. whether NAS is needed? >> >> In this case, squid is the NAS. (i.e. machine sending Access-Request) >> >>> If so, can anyone help me in framing the rules for quota . eg 2 hours >>> a day. I have basic configuration and now when a user authenticates >>> login time is updated in the radpostauth. >> >> This is documented in the sqlcounter module. Look there first. >> >> Alan DeKok. >> >> >> - >> List info/subscribe/unsubscribe? See >> http://www.freeradius.org/list/users.html >> > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html