subject:"RE\: \[m0n0wall\] RE\: access for 24 hours after first login\?"

RE: [m0n0wall] RE: access for 24 hours after first login?

2005-10-06 Thread Jonathan De Graeve

And here the query in case you don't like seconds ;)

SELECT HOUR(SEC_TO_TIME(UNIX_TIMESTAMP() -
UNIX_TIMESTAMP(AcctStartTime))) FROM radacct WHERE UserName = '%{%k}'
LIMIT 1;

Then All-Secs-Passed/Max-Secs-Passed should be
All-Hours-Passed/Max-Hours-Passed and Max-Hours-Passed specified in
Hours instead of seconds

Also note this is for MySQL. Don't know if it also works on oracle and
Postgres

--
Jonathan De Graeve
Network/System Administrator
Imelda vzw
Informatica Dienst
015/50.52.98
[EMAIL PROTECTED]

-Oorspronkelijk bericht-
Van: Jonathan De Graeve [mailto:[EMAIL PROTECTED] 
Verzonden: donderdag 6 oktober 2005 15:51
Aan: FreeRadius users mailing list
CC: [EMAIL PROTECTED]
Onderwerp: [m0n0wall] RE: access for 24 hours after first login?

This is how I do this

Use SQLcounter module

Put this in sqlcounter.conf (expecting that sqlcounter is already
configged in the radiusd.conf)

sqlcounter validity {
counter-name = All-Secs-Passed
check-name = Max-Secs-Passed
sqlmod-inst = sql
key = User-Name
reset = never
query = "SELECT UNIX_TIMESTAMP() -
UNIX_TIMESTAMP(AcctStartTime) secs_passed_since_start FROM radacct WHERE
UserName = '%{%k}' LIMIT 1"


Create in the config dictionary file an attribute of Max-Secs-Passed

For example:
#ATTRIBUTE  My-Local-String 3000string
#ATTRIBUTE  My-Local-IPAddr 3001ipaddr
#ATTRIBUTE  My-Local-Integer3002integer
ATTRIBUTE   Max-Secs-Passed 3000 integer

In radiusd.conf:

Authorize {} section:

Put this: validity

The Max-Secs-Passed var is defined in seconds. So if you want a user
only to be able to logon in the first 24hours after his first logon,
Max-Secs-Passed should be set to 86400 (60secs * 60minutes * 24)

Hope this helps the question I think many people will have.

You could use other check or counter-names, its just an example

You also could combine this with volume limits, max total session time
etc...

Kind Regards

--
Jonathan De Graeve
Network/System Administrator
Imelda vzw
Informatica Dienst
015/50.52.98
[EMAIL PROTECTED]

-Oorspronkelijk bericht-
Van: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Namens Markus
Krause
Verzonden: donderdag 6 oktober 2005 12:57
Aan: freeradius-users@lists.freeradius.org
Onderwerp: Re: access for 24 hours after first login?

Zitat von Alan DeKok <[EMAIL PROTECTED]>:
> Markus Krause <[EMAIL PROTECTED]> wrote:
> > i set up freeradius succesfully for authentification against pam and
users
> file
> > :-)
>
>   Please don't use "authentification".  It's "authentication".
sorry for my poor english, it's not my mother-tongue ...

> > now i want to enhance the functionality about the following feature:
> > setting up several predefined (guest) accounts with a generated
username
> and
> > password. this account should be valid from the first time it is
used
> (first
> > login)   for 24 hours (or even better until 23:59 that day).
>
>   rlm_counter.  Set it for 24 hours of access, and "reset=never".
i read about this, but does this not mean that the user has an online
time of 24
hours (or whatever i set in Max-All-Session-Time), so he can login until
he has
been active for 24 hours in sum?

thanks in advance for your help!
   markus

>
>   Alan DeKok.
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>


--
Markus Krause   email: [EMAIL PROTECTED]
Computing CenterTel.: 089 - 89 40 85 99
Group Lottspeich / Proteomics   Fax.: 089 - 89 40 85 98

-
 This message was sent using https://webmail.biochem.mpg.de
If you encounter any problems please report to [EMAIL PROTECTED]

- 
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html




-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]





- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

RE: [m0n0wall] RE: access for 24 hours after first login?

2005-10-06 Thread maruna

It doesn't work on postgresql v7.4.6 that I tried it on.. howver, I used 

"SELECT now() - AcctStartTime FROM radacct WHERE UserName = '%{%k}'
LIMIT 1;"

And its ok

Thank you
goksie
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Jonathan
De Graeve
Sent: Thursday, October 06, 2005 3:09 PM
To: Jonathan De Graeve; FreeRadius users mailing list
Cc: [EMAIL PROTECTED]
Subject: RE: [m0n0wall] RE: access for 24 hours after first login?

And here the query in case you don't like seconds ;)

SELECT HOUR(SEC_TO_TIME(UNIX_TIMESTAMP() -
UNIX_TIMESTAMP(AcctStartTime))) FROM radacct WHERE UserName = '%{%k}'
LIMIT 1;

Then All-Secs-Passed/Max-Secs-Passed should be
All-Hours-Passed/Max-Hours-Passed and Max-Hours-Passed specified in
Hours instead of seconds

Also note this is for MySQL. Don't know if it also works on oracle and
Postgres

--
Jonathan De Graeve
Network/System Administrator
Imelda vzw
Informatica Dienst
015/50.52.98
[EMAIL PROTECTED]

-Oorspronkelijk bericht-
Van: Jonathan De Graeve [mailto:[EMAIL PROTECTED] 
Verzonden: donderdag 6 oktober 2005 15:51
Aan: FreeRadius users mailing list
CC: [EMAIL PROTECTED]
Onderwerp: [m0n0wall] RE: access for 24 hours after first login?

This is how I do this

Use SQLcounter module

Put this in sqlcounter.conf (expecting that sqlcounter is already
configged in the radiusd.conf)

sqlcounter validity {
counter-name = All-Secs-Passed
check-name = Max-Secs-Passed
sqlmod-inst = sql
key = User-Name
reset = never
query = "SELECT UNIX_TIMESTAMP() -
UNIX_TIMESTAMP(AcctStartTime) secs_passed_since_start FROM radacct WHERE
UserName = '%{%k}' LIMIT 1"


Create in the config dictionary file an attribute of Max-Secs-Passed

For example:
#ATTRIBUTE  My-Local-String 3000string
#ATTRIBUTE  My-Local-IPAddr 3001ipaddr
#ATTRIBUTE  My-Local-Integer3002integer
ATTRIBUTE   Max-Secs-Passed 3000 integer

In radiusd.conf:

Authorize {} section:

Put this: validity

The Max-Secs-Passed var is defined in seconds. So if you want a user
only to be able to logon in the first 24hours after his first logon,
Max-Secs-Passed should be set to 86400 (60secs * 60minutes * 24)

Hope this helps the question I think many people will have.

You could use other check or counter-names, its just an example

You also could combine this with volume limits, max total session time
etc...

Kind Regards

--
Jonathan De Graeve
Network/System Administrator
Imelda vzw
Informatica Dienst
015/50.52.98
[EMAIL PROTECTED]

-Oorspronkelijk bericht-
Van: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Namens Markus
Krause
Verzonden: donderdag 6 oktober 2005 12:57
Aan: freeradius-users@lists.freeradius.org
Onderwerp: Re: access for 24 hours after first login?

Zitat von Alan DeKok <[EMAIL PROTECTED]>:
> Markus Krause <[EMAIL PROTECTED]> wrote:
> > i set up freeradius succesfully for authentification against pam and
users
> file
> > :-)
>
>   Please don't use "authentification".  It's "authentication".
sorry for my poor english, it's not my mother-tongue ...

> > now i want to enhance the functionality about the following feature:
> > setting up several predefined (guest) accounts with a generated
username
> and
> > password. this account should be valid from the first time it is
used
> (first
> > login)   for 24 hours (or even better until 23:59 that day).
>
>   rlm_counter.  Set it for 24 hours of access, and "reset=never".
i read about this, but does this not mean that the user has an online
time of 24
hours (or whatever i set in Max-All-Session-Time), so he can login until
he has
been active for 24 hours in sum?

thanks in advance for your help!
   markus

>
>   Alan DeKok.
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>


--
Markus Krause   email: [EMAIL PROTECTED]
Computing CenterTel.: 089 - 89 40 85 99
Group Lottspeich / Proteomics   Fax.: 089 - 89 40 85 98

-
 This message was sent using https://webmail.biochem.mpg.de
If you encounter any problems please report to [EMAIL PROTECTED]

- 
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html




-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]





- 
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

RE: [m0n0wall] RE: access for 24 hours after first login?

2005-10-06 Thread Markus Krause

hi jonathan,

thanks a lot, this seems to be (almost) what i wanted! great! :-)

i am just wondering about how this (the module sqlcounter) actually works, e.g.
how is the actual comparision of the calculated value in "query" done, does it
mean, that the value returned by "query" has to be smaller than the one
referred to by "check-name" (in your example Max-Secs-Passed)?
what does the line "sqlmod-inst = sql" mean (in
/usr/share/doc/freeradius/rlm_sqlcounter there is also the value "sqlcc3", what
does this do?)

what about the following:

SELECT TO_DAYS(NOW()) - TO_DAYS(AcctStartTime) from radacct WHERE UserName =
'%(%k)' LIMIT 1;

would this mean that a user can login until 23:59 after logged in the first time
that day?

thank you very much for your help (and of course the help of everybody else on
this greate mailing list!)

regards,
   markus

Zitat von Jonathan De Graeve <[EMAIL PROTECTED]>:
> And here the query in case you don't like seconds ;)
>
> SELECT HOUR(SEC_TO_TIME(UNIX_TIMESTAMP() -
> UNIX_TIMESTAMP(AcctStartTime))) FROM radacct WHERE UserName = '%{%k}'
> LIMIT 1;
>
> Then All-Secs-Passed/Max-Secs-Passed should be
> All-Hours-Passed/Max-Hours-Passed and Max-Hours-Passed specified in
> Hours instead of seconds
>
> Also note this is for MySQL. Don't know if it also works on oracle and
> Postgres
>
> --
> Jonathan De Graeve
> Network/System Administrator
> Imelda vzw
> Informatica Dienst
> 015/50.52.98
> [EMAIL PROTECTED]
>
> -Oorspronkelijk bericht-
> Van: Jonathan De Graeve [mailto:[EMAIL PROTECTED]
> Verzonden: donderdag 6 oktober 2005 15:51
> Aan: FreeRadius users mailing list
> CC: [EMAIL PROTECTED]
> Onderwerp: [m0n0wall] RE: access for 24 hours after first login?
>
> This is how I do this
>
> Use SQLcounter module
>
> Put this in sqlcounter.conf (expecting that sqlcounter is already
> configged in the radiusd.conf)
>
> sqlcounter validity {
> counter-name = All-Secs-Passed
> check-name = Max-Secs-Passed
> sqlmod-inst = sql
> key = User-Name
> reset = never
> query = "SELECT UNIX_TIMESTAMP() -
> UNIX_TIMESTAMP(AcctStartTime) secs_passed_since_start FROM radacct WHERE
> UserName = '%{%k}' LIMIT 1"
>
>
> Create in the config dictionary file an attribute of Max-Secs-Passed
>
> For example:
> #ATTRIBUTE  My-Local-String 3000string
> #ATTRIBUTE  My-Local-IPAddr 3001ipaddr
> #ATTRIBUTE  My-Local-Integer3002integer
> ATTRIBUTE Max-Secs-Passed 3000 integer
>
> In radiusd.conf:
>
> Authorize {} section:
>
> Put this: validity
>
> The Max-Secs-Passed var is defined in seconds. So if you want a user
> only to be able to logon in the first 24hours after his first logon,
> Max-Secs-Passed should be set to 86400 (60secs * 60minutes * 24)
>
> Hope this helps the question I think many people will have.
>
> You could use other check or counter-names, its just an example
>
> You also could combine this with volume limits, max total session time
> etc...
>
> Kind Regards
>
> --
> Jonathan De Graeve
> Network/System Administrator
> Imelda vzw
> Informatica Dienst
> 015/50.52.98
> [EMAIL PROTECTED]
>
> -Oorspronkelijk bericht-
> Van: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Namens Markus
> Krause
> Verzonden: donderdag 6 oktober 2005 12:57
> Aan: freeradius-users@lists.freeradius.org
> Onderwerp: Re: access for 24 hours after first login?
>
> Zitat von Alan DeKok <[EMAIL PROTECTED]>:
> > Markus Krause <[EMAIL PROTECTED]> wrote:
> > > i set up freeradius succesfully for authentification against pam and
> users
> > file
> > > :-)
> >
> >   Please don't use "authentification".  It's "authentication".
> sorry for my poor english, it's not my mother-tongue ...
>
> > > now i want to enhance the functionality about the following feature:
> > > setting up several predefined (guest) accounts with a generated
> username
> > and
> > > password. this account should be valid from the first time it is
> used
> > (first
> > > login)   for 24 hours (or even better until 23:59 that day).
> >
> >   rlm_counter.  Set it for 24 hours of access, and "reset=never".
> i read about this, but does this not mean that the user has an online
> time of 24
> hours (or whatever i set in Max-All-Session-Time), so he can login until
> he has
> been active for 24 hours in sum?
>
> thanks in advance for your help!
>markus
>
> >
> >   Alan DeKok.
> > -
> > List info/subscribe/unsubscribe? See
> > http://www.freeradius.org/list/users.html
> >
>
>
> --
> Markus Krause   email: [EMAIL PROTECTED]
> Computing CenterTel.: 089 - 89 40 85 99
> Group Lottspeich / Proteomics   Fax.: 089 - 89 40 85 98
>
> -
>  This message was sent using https://webmail.biochem.mpg.de
> If you encounter any problems please report to [EMAIL PROTECTED]
>
> -
> List info/s

RE: [m0n0wall] RE: access for 24 hours after first login? need help

2005-10-12 Thread maruna

Hi all,

I use postgresql with freeradius 1.0.4 and it's been working well.

Then, The below topic got my attentioe interested and I tried my hand on
this query 

sqlcounter validity {
counter-name = All-Hour-Used
check-name = Max-Hour-Used
sqlmod-inst = sql
key = User-Name
reset = never
query = "SELECT current_timestamp - acctstarttime from
radacct WHERE UserName='%{%k}' LIMIT 1"
}

but it only worked well. I tested it for 5 days all seems well.

However, my problem is that I want to set this against secs not hours and
this has not been successful.

I will be glad If someone can point me to a link aside postgresql manual to
accomplish that task.

Thank you

goksie

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of maruna
Sent: Thursday, October 06, 2005 7:50 PM
To: 'FreeRadius users mailing list'
Subject: RE: [m0n0wall] RE: access for 24 hours after first login?

It doesn't work on postgresql v7.4.6 that I tried it on.. however, I used 

"SELECT now() - AcctStartTime FROM radacct WHERE UserName = '%{%k}'
LIMIT 1;"

And its ok

Thank you
goksie
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Jonathan
De Graeve
Sent: Thursday, October 06, 2005 3:09 PM
To: Jonathan De Graeve; FreeRadius users mailing list
Cc: [EMAIL PROTECTED]
Subject: RE: [m0n0wall] RE: access for 24 hours after first login?

And here the query in case you don't like seconds ;)

SELECT HOUR(SEC_TO_TIME(UNIX_TIMESTAMP() -
UNIX_TIMESTAMP(AcctStartTime))) FROM radacct WHERE UserName = '%{%k}'
LIMIT 1;

Then All-Secs-Passed/Max-Secs-Passed should be
All-Hours-Passed/Max-Hours-Passed and Max-Hours-Passed specified in
Hours instead of seconds

Also note this is for MySQL. Don't know if it also works on oracle and
Postgres

--
Jonathan De Graeve
Network/System Administrator
Imelda vzw
Informatica Dienst
015/50.52.98
[EMAIL PROTECTED]

-Oorspronkelijk bericht-
Van: Jonathan De Graeve [mailto:[EMAIL PROTECTED] 
Verzonden: donderdag 6 oktober 2005 15:51
Aan: FreeRadius users mailing list
CC: [EMAIL PROTECTED]
Onderwerp: [m0n0wall] RE: access for 24 hours after first login?

This is how I do this

Use SQLcounter module

Put this in sqlcounter.conf (expecting that sqlcounter is already
configged in the radiusd.conf)

sqlcounter validity {
counter-name = All-Secs-Passed
check-name = Max-Secs-Passed
sqlmod-inst = sql
key = User-Name
reset = never
query = "SELECT UNIX_TIMESTAMP() -
UNIX_TIMESTAMP(AcctStartTime) secs_passed_since_start FROM radacct WHERE
UserName = '%{%k}' LIMIT 1"


Create in the config dictionary file an attribute of Max-Secs-Passed

For example:
#ATTRIBUTE  My-Local-String 3000string
#ATTRIBUTE  My-Local-IPAddr 3001ipaddr
#ATTRIBUTE  My-Local-Integer3002integer
ATTRIBUTE   Max-Secs-Passed 3000 integer

In radiusd.conf:

Authorize {} section:

Put this: validity

The Max-Secs-Passed var is defined in seconds. So if you want a user
only to be able to logon in the first 24hours after his first logon,
Max-Secs-Passed should be set to 86400 (60secs * 60minutes * 24)

Hope this helps the question I think many people will have.

You could use other check or counter-names, its just an example

You also could combine this with volume limits, max total session time
etc...

Kind Regards

--
Jonathan De Graeve
Network/System Administrator
Imelda vzw
Informatica Dienst
015/50.52.98
[EMAIL PROTECTED]

-Oorspronkelijk bericht-
Van: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Namens Markus
Krause
Verzonden: donderdag 6 oktober 2005 12:57
Aan: freeradius-users@lists.freeradius.org
Onderwerp: Re: access for 24 hours after first login?

Zitat von Alan DeKok <[EMAIL PROTECTED]>:
> Markus Krause <[EMAIL PROTECTED]> wrote:
> > i set up freeradius succesfully for authentification against pam and
users
> file
> > :-)
>
>   Please don't use "authentification".  It's "authentication".
sorry for my poor english, it's not my mother-tongue ...

> > now i want to enhance the functionality about the following feature:
> > setting up several predefined (guest) accounts with a generated
username
> and
> > password. this account should be valid from the first time it is
used
> (first
> > login)   for 24 hours (or even better until 23:59 that day).
>
>   rlm_counter.  Set it for 24 hours of access, and "reset=never".
i read about this, but does this not mean that the user has an online
time of 24
hours (or whatever i set in Max-All-Session-Time), so he can login until
he has
been active for 24 hours i

RE: [m0n0wall] RE: access for 24 hours after first login?

RE: [m0n0wall] RE: access for 24 hours after first login?

RE: [m0n0wall] RE: access for 24 hours after first login?

RE: [m0n0wall] RE: access for 24 hours after first login? need help

4 matches

Site Navigation

Mail list logo

Footer information