On Wed, 29 May 2002 09:07:43 -0500, Chris Parker wrote:
>>I would like to use freeradius to offer a prepaid service where users
>>can buy a certain number of days and will have unlimited use untill that
>>period is up.
>Use the 'rlm_counter' or 'rlm_sqlcounter' module. This is exactly what
>they were created for.
I wish to. But have this weird thing that doesn't allow me to do, and had no answer
from the list.
Let me post the question again.
On Wed, 22 May 2002 07:55:06 -0400, Randy Moore wrote:
>>Hi, I just upgraded Freeradius 0.5 to freeradius-snapshot-20020521.
>>I altered the old radiusd.conf file to reflect some changes, and have
>>included SQLcounter module. I wish to limit access to users on a
>>three-month basis, but only some users, and this 3-month time is
>>individual.
>>
>>What I did:
>>Raidusd.conf
>> sqlcounter monthlycounter {
>> counter-name = Monthly-Session-Time
>> check-name = Max-Monthly-Session
>> sqlmod-inst = sql
>> key = User-Name
>> reset = 3m
>>}
>>authorize {
>> preprocess
>> suffix
>> monthlycounter
>> sql
>> monthlycounter
>>}
>Since you are defining your Check Item in your SQL database, you should not
>need to include 'monthlycounter' twice. The copy *after* sql is the only
>one you should need.
Ok, I've removed it. But still the same.
>>accounting {
>> acct_unique
>> sql
>> radutmp
>>}
>>The user can log ok if there's nothing on table radcheck about Monthly
>>Sessions. But if I
>>insert a row like
>>username=surak
>>attribute=Max-Monthly-Session
>>value= 200 (Any)
>>op= ":=" without quotes, obviosly
>This looks fine.
Anyway, looks like there is something missing somewhere.
>>The radius rejects the user with the following message on debug:
>>modcall: entering group authorize
()
>>rlm_sqlcounter: Entering module authorize code
>>rlm_sqlcounter: Could not find Check item value pair
>> modcall[authorize]: module "monthlycounter" returns noop
>Since you called 'monthlycounter' twice, it should appear twice in the
>debug output. The first time should appear just as it does above because
>the check item has not yet been read from your SQL database. But you don't
>include the logs for the second call. Did they appear? If so what do they
>indicate?
No, this is the only information that appears. Now, with only the second
monthlycounter defined
on authorize section, the result is the same.
Just to remember: If I drop this row ( surak Max-Monthly-Session 20 := )
from radcheck table, it authorizes the user normally.
Follows the output from radiusd -X. The first is the one which has the row with
Max-Montly-Session. The second
output is executed right after it, just dropping the Max-Monthly-Session from radcheck
table.
-First output--
modcall: entering group authorize
modcall[authorize]: module "preprocess" returns ok
rlm_realm: Looking up realm NULL for User-Name = "surak"
rlm_realm: No such realm NULL
modcall[authorize]: module "suffix" returns noop
radius_xlat: 'surak'
sql_escape in: 'surak'
sql_escape out: 'surak'
sql_set_user: escaped user --> 'surak'
radius_xlat: 'SELECT id,UserName,Attribute,Value FROM radcheck WHERE Username =
'surak' ORDER BY id'
rlm_sql: Reserving sql socket id: 4
radius_xlat: 'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value
FROM radgroupcheck,usergroup
WHERE usergroup.Username = 'surak' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
radius_xlat: 'SELECT id,UserName,Attribute,Value FROM radreply WHERE Username =
'surak' ORDER BY id'
radius_xlat: 'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value
FROM radgroupreply,usergroup WHERE
usergroup.Username = 'surak' AND usergroup.GroupName =
radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql: Pairs do not match [surak]
rlm_sql: Released sql socket id: 4
modcall[authorize]: module "sql" returns notfound
rlm_sqlcounter: Entering module authorize code
rlm_sqlcounter: Could not find Check item value pair
modcall[authorize]: module "monthlycounter" returns noop
modcall: group authorize returns ok
auth: No Auth-Type configuration for the request, rejecting the user
auth: Failed to validate the user.
Delaying request 9 for 1 seconds
Second output--
modcall: entering group authorize
modcall[authorize]: module "preprocess" returns ok
rlm_realm: Looking up realm NULL for User-Name = "surak"
rlm_realm: No such realm NULL
modcall[authorize]: module "suffix" returns noop
radius_xlat: 'surak'
sql_escape in: 'surak'
sql_escape out: 'surak'
sql_set_user: escaped user --> 'surak'
radius_xlat: 'SELECT id,UserName,Attribute,Value FROM radcheck WHERE Username =
'surak' ORDER BY id'
rlm_sql: R