Re: newbie questions using freeradius as wifi access point
Will Carter [EMAIL PROTECTED] wrote: Can you give me another hint as to how I can get the rlm_expiration functionality? What I said was: The server core supplies that functionality. You don't need the module. Here's a question. when I visit: http://www.freeradius.org/cgi-bin/cvsweb.cgi/radiusd/src/modules/ I see a rlm_expiration module Do I somehow get it from there? No. Hmm... and if I visit here... http://www.freeradius.org/cgi-bin/cvsweb.cgi/radiusd/src/modules/rlm_expirat ion/ I see that this was added like six weeks ago. That's nice. It's also irrelevant. The feature is part of 1.0.4, and you don't need another module. If it doesn't work, file a bug. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: newbie questions using freeradius as wifi access point
Can you give me another hint as to how I can get the rlm_expiration functionality? What I said was: The server core supplies that functionality. You don't need the module. Ok, understood. However, the reason I was thinking along the lines of needing the rlm_expiration module is because of information in this post: http://lists.freeradius.org/mailman/htdig/freeradius-users/2005-June/044785. html Tomas 'tt' krag tt at krag.org wrote: Unfortunately as Joachim Bloche pointed out in a mail Session-Timeout not set with pending Expiration on this list, it seems that Freeradius does NOT set the Session-Timeout based on an Expiration date in the future. Same problem I am having. Alan DeKok aland at ox.org wrote: That's not good. I've fixed the CVS head, and will take a look into doing this in 1.0.x Alan DeKok. Does this mean that you fixed this Session-Timeout not set with pending Expiration bug in the core? I do not understand what fixed in the CVS head means. Jaco van Tonder jaco at alwayson.co.za wrote: The rlm_expiration module in the latest CVS DOES include code to set the session-timeout and it actually works. Hmm. That sounded good. Also, this sounded good from the radiusd/doc/rlm_expiration doc: Module to expire user accounts. This module can be used to expire user accounts. Expired users receive an Access-Reject on every authentication attempt. use Expiration := 23 Sep 2004 12:00 The nas will receive a Session-Timeout attribute calculated to kick the user off when the Expiration time occurs. This is exactly what I want. So, at this point, I was thinking that I needed this rlm_expiration module so that my nas will get a session-timeout. Alan DeKok aland at ox.org wrote: The feature is part of 1.0.4, and you don't need another module. If it doesn't work, file a bug. I am hesitant to file a bug. Firstly, because I don't know how to and would probably not do it correctly. Secondly, with what Jaco van Tonder says, it seems to be addressed with this rlm_expiration module, which I realize goes against what you just said. I don't want file a bug that isn't valid and waste more of anyone's time. So now, my next step is to figure out how to file this as a bug. Would you agree? Thanks, will - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: newbie questions using freeradius as wifi access point
Will Carter [EMAIL PROTECTED] wrote: Is it correct to say that after I successfully execute the 2 commands above that I should have a set of code that I need to compile with configure, make, and make install? Yes. This is *exactly* how 1.0.4 was created. It's just a tar file from that process. When I attempt this, I get a set of files but am not successful at compiling them. Are you willng to say what errors you're seeing? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: newbie questions using freeradius as wifi access point
Please take a look here... http://wcarter.webitects.com/freeRadiusDebug.html This url outlines what I did and has links to the terminal output with each command. I executed these commands... $ cvs -d :pserver:[EMAIL PROTECTED]:/source login $ cvs -d :pserver:[EMAIL PROTECTED]:/source co -r release_1_0 radiusd now I have a radiusd folder with what seems like all the files I need to compile. executing this configure... ./configure --localstatedir=/var --sysconfdir=/etc --with-mysql-include-dir=/usr/include/mysql --with-mysql-lib-dir=/usr/lib/mysql --with-mysql-dir=/usr/bin/mysql --with-experimental-modules configure debug make make install -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok Sent: Friday, July 29, 2005 12:12 PM To: FreeRadius users mailing list Subject: Re: newbie questions using freeradius as wifi access point Will Carter [EMAIL PROTECTED] wrote: Is it correct to say that after I successfully execute the 2 commands above that I should have a set of code that I need to compile with configure, make, and make install? Yes. This is *exactly* how 1.0.4 was created. It's just a tar file from that process. When I attempt this, I get a set of files but am not successful at compiling them. Are you willng to say what errors you're seeing? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: newbie questions using freeradius as wifi access point
Will Carter [EMAIL PROTECTED] wrote: Please take a look here... http://wcarter.webitects.com/freeRadiusDebug.html This url outlines what I did and has links to the terminal output with each command. Which doesn't show any errors or problems. So... I'm not sure what to tell you. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: newbie questions using freeradius as wifi access point
Hmmm...looked at it again. In my terminal I see errors/warnings that are not appearing in the txt file when I do something like... Make configure.txt How do I get the error/warning messages to appear in the text file? -will -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok Sent: Friday, July 29, 2005 4:02 PM To: FreeRadius users mailing list Subject: Re: newbie questions using freeradius as wifi access point Will Carter [EMAIL PROTECTED] wrote: Please take a look here... http://wcarter.webitects.com/freeRadiusDebug.html This url outlines what I did and has links to the terminal output with each command. Which doesn't show any errors or problems. So... I'm not sure what to tell you. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: newbie questions using freeradius as wifi access point
doesn't start. There are no files in my /etc/raddb at this point. -will -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Julius Igugu Sent: Friday, July 29, 2005 4:27 PM To: FreeRadius users mailing list Subject: RE: newbie questions using freeradius as wifi access point I think you have succesfully compiled and installed FreeRADIUS. Try, radiusd -X --- Will Carter [EMAIL PROTECTED] wrote: Please take a look here... http://wcarter.webitects.com/freeRadiusDebug.html This url outlines what I did and has links to the terminal output with each command. I executed these commands... $ cvs -d :pserver:[EMAIL PROTECTED]:/source login $ cvs -d :pserver:[EMAIL PROTECTED]:/source co -r release_1_0 radiusd now I have a radiusd folder with what seems like all the files I need to compile. executing this configure... ./configure --localstatedir=/var --sysconfdir=/etc --with-mysql-include-dir=/usr/include/mysql --with-mysql-lib-dir=/usr/lib/mysql --with-mysql-dir=/usr/bin/mysql --with-experimental-modules configure debug make make install -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok Sent: Friday, July 29, 2005 12:12 PM To: FreeRadius users mailing list Subject: Re: newbie questions using freeradius as wifi access point Will Carter [EMAIL PROTECTED] wrote: Is it correct to say that after I successfully execute the 2 commands above that I should have a set of code that I need to compile with configure, make, and make install? Yes. This is *exactly* how 1.0.4 was created. It's just a tar file from that process. When I attempt this, I get a set of files but am not successful at compiling them. Are you willng to say what errors you're seeing? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html Julius Igugu SouthWork Co. Ltd. Start your day with Yahoo! - make it your home page http://www.yahoo.com/r/hs - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: newbie questions using freeradius as wifi access point
Will Carter [EMAIL PROTECTED] wrote: doesn't start. There are no files in my /etc/raddb at this point. Then the build and/or make install failed. $ script log.txt $ configure $ make $ make install If you see errors at any point DO NOT go to the next step. You should be able to post a summary of the errors in a message to the list. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: newbie questions using freeradius as wifi access point
I am not sure what I am looking for but it appears something is going wrong after the make command. I did not continue to make install. These happen after .configure... configure: WARNING: FAILURE: rlm_eap_peap requires: OpenSSL. configure: WARNING: FAILURE: rlm_eap_tls requires: OpenSSL. configure: WARNING: FAILURE: rlm_eap_ttls requires: OpenSSL. configure: WARNING: FAILURE: rlm_krb5 requires: krb5. configure: WARNING: FAILURE: rlm_sql_postgresql requires: libpq-fe.h libpq. This is at the very end after the make command gmake[4]: *** [client.o] Error 1 gmake[4]: Leaving directory `/root/radiusd/src/main' gmake[3]: *** [common] Error 2 gmake[3]: Leaving directory `/root/radiusd/src' gmake[2]: *** [all] Error 2 gmake[2]: Leaving directory `/root/radiusd/src' gmake[1]: *** [common] Error 2 gmake[1]: Leaving directory `/root/radiusd' make: *** [all] Error 2 the full log is here: http://wcarter.webitects.com/log.txt from ./configure ... to make I very much appreciate your help! -will -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok Sent: Friday, July 29, 2005 4:49 PM To: FreeRadius users mailing list Subject: Re: newbie questions using freeradius as wifi access point Will Carter [EMAIL PROTECTED] wrote: doesn't start. There are no files in my /etc/raddb at this point. Then the build and/or make install failed. $ script log.txt $ configure $ make $ make install If you see errors at any point DO NOT go to the next step. You should be able to post a summary of the errors in a message to the list. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: newbie questions using freeradius as wifi access point
Will Carter [EMAIL PROTECTED] wrote: This is at the very end after the make command gmake[4]: *** [client.o] Error 1 gmake[4]: Leaving directory `/root/radiusd/src/main' gmake[3]: *** [common] Error 2 The real errors are above that. the full log is here: http://wcarter.webitects.com/log.txt You appear to NOT have followed the instructions. You have a copy of the latest CVS version, not the release_1_0 branch. I've fixed a minor problem in the CVS head, but that doesn't solve the problem that you haven't follow directions. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: newbie questions using freeradius as wifi access point
You are absolutely right, I was careless to overlook the the cvs command...stupid. Anyways, I was successful at compiling the release_1_0 branch and I can run that version of the freeradius server now. BUT, my problem still remains, as is discussed here: http://lists.freeradius.org/mailman/htdig/freeradius-users/2005-June/044785. html It seems that there is no rlm_expiration module in the version that I just got: cvs release_1_0 branch. I looked in /radiusd/src/modules and don't see it. Does this sound correct? If so, how can I get a build that will compile and has the rlm_expiration module? Thanks again. -will -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok Sent: Friday, July 29, 2005 5:56 PM To: FreeRadius users mailing list Subject: Re: newbie questions using freeradius as wifi access point Will Carter [EMAIL PROTECTED] wrote: This is at the very end after the make command gmake[4]: *** [client.o] Error 1 gmake[4]: Leaving directory `/root/radiusd/src/main' gmake[3]: *** [common] Error 2 The real errors are above that. the full log is here: http://wcarter.webitects.com/log.txt You appear to NOT have followed the instructions. You have a copy of the latest CVS version, not the release_1_0 branch. I've fixed a minor problem in the CVS head, but that doesn't solve the problem that you haven't follow directions. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: newbie questions using freeradius as wifi access point
Will Carter [EMAIL PROTECTED] wrote: It seems that there is no rlm_expiration module in the version that I just got: cvs release_1_0 branch. That's because it doesn't exist in that branch. The server core supplies that functionality. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: newbie questions using freeradius as wifi access point
Hmm...I am trying hard to understand, but am not doing so well. Can you give me another hint as to how I can get the rlm_expiration functionality? Here's a question. when I visit: http://www.freeradius.org/cgi-bin/cvsweb.cgi/radiusd/src/modules/ I see a rlm_expiration module Do I somehow get it from there? Hmm... and if I visit here... http://www.freeradius.org/cgi-bin/cvsweb.cgi/radiusd/src/modules/rlm_expirat ion/ I see that this was added like six weeks ago. -will -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok Sent: Friday, July 29, 2005 7:39 PM To: FreeRadius users mailing list Subject: Re: newbie questions using freeradius as wifi access point Will Carter [EMAIL PROTECTED] wrote: It seems that there is no rlm_expiration module in the version that I just got: cvs release_1_0 branch. That's because it doesn't exist in that branch. The server core supplies that functionality. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: newbie questions using freeradius as wifi access point
I tried this (adding the with-static-modules=expiration) when configuring. Am I barking up the wrong tree? ./configure --localstatedir=/var --sysconfdir=/etc --with-mysql-include-dir=/usr/include/mysql --with-mysql-lib-dir=/usr/lib/mysql --with-mysql-dir=/usr/bin/mysql --with-experimental-modules --with-static-modules=expiration I dont seem to have this 'rlm_expiration' folder or files underneath Why could this be? /freeradius-1.0.2/modules/rlm_expiration/.libs/rlm_expiration.a am -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok Sent: Wednesday, July 27, 2005 7:17 PM To: FreeRadius users mailing list Subject: Re: newbie questions using freeradius as wifi access point Will Carter [EMAIL PROTECTED] wrote: The Max-All-Session attribute is working great if I want to allow a user to buy a block of time and they can use it in increments. But say I want a user to be able to buy a block of time that will expire at a certain time regardless of how long they spend online during that time. Can you give me an idea of the direction I should go to accomplish this? Login-Time, or Expiration. See the README's. Alan DeKok - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: newbie questions using freeradius as wifi access point
Will Carter [EMAIL PROTECTED] wrote: When I configured the freeradius install I used --with-experimental-modules. So, I checked out what rlm*.so modules are in /usr/local/lib/ rlm_expiration is not there Which version of the server are you running? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: newbie questions using freeradius as wifi access point
freeradius-1.0.2 I noticed that the docs I was looking at that mentioned rlm_expiration was a different version. So that explains why I wouldn't have that module. I still should be able to make an insert into radcheck such as the following and expect my nas to get a session-timeout, correct? insert into radcheck (username, attribute, op, value) values ('testUser','Expiration',':=','25 May 2006 15:31') seems that I am having the same sort of problem as this post. http://lists.freeradius.org/mailman/htdig/freeradius-users/2005-March/042308 .html any ideas? -will -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok Sent: Thursday, July 28, 2005 1:04 PM To: FreeRadius users mailing list Subject: Re: newbie questions using freeradius as wifi access point Will Carter [EMAIL PROTECTED] wrote: When I configured the freeradius install I used --with-experimental-modules. So, I checked out what rlm*.so modules are in /usr/local/lib/ rlm_expiration is not there Which version of the server are you running? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: newbie questions using freeradius as wifi access point
I installed version 1.0.4 reconfigured and tried again. Still getting the same issue. Any ideas? Thanks, will -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok Sent: Thursday, July 28, 2005 1:04 PM To: FreeRadius users mailing list Subject: Re: newbie questions using freeradius as wifi access point Will Carter [EMAIL PROTECTED] wrote: When I configured the freeradius install I used --with-experimental-modules. So, I checked out what rlm*.so modules are in /usr/local/lib/ rlm_expiration is not there Which version of the server are you running? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: newbie questions using freeradius as wifi access point
I apologize for posting again. Am I correct in thinking that this issue has been addressed after the 1.0.4 release? This post is making me think this. http://lists.freeradius.org/mailman/htdig/freeradius-users/2005-June/044769. html Am I correct to think that if I install one of the nightly builds that is after the 1.0.4, then this issue should be addressed. I actually tried to install the 07282005 snapshot but it wouldn't compile. Thanks and please excuse my ignorance. Any info you can provide would be greatly appreciated. will -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Will Carter Sent: Thursday, July 28, 2005 1:35 PM To: 'FreeRadius users mailing list' Subject: RE: newbie questions using freeradius as wifi access point freeradius-1.0.2 I noticed that the docs I was looking at that mentioned rlm_expiration was a different version. So that explains why I wouldn't have that module. I still should be able to make an insert into radcheck such as the following and expect my nas to get a session-timeout, correct? insert into radcheck (username, attribute, op, value) values ('testUser','Expiration',':=','25 May 2006 15:31') seems that I am having the same sort of problem as this post. http://lists.freeradius.org/mailman/htdig/freeradius-users/2005-March/042308 .html any ideas? -will -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok Sent: Thursday, July 28, 2005 1:04 PM To: FreeRadius users mailing list Subject: Re: newbie questions using freeradius as wifi access point Will Carter [EMAIL PROTECTED] wrote: When I configured the freeradius install I used --with-experimental-modules. So, I checked out what rlm*.so modules are in /usr/local/lib/ rlm_expiration is not there Which version of the server are you running? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: newbie questions using freeradius as wifi access point
Will Carter [EMAIL PROTECTED] wrote: Am I correct to think that if I install one of the nightly builds that is after the 1.0.4, then this issue should be addressed. I actually tried to install the 07282005 snapshot but it wouldn't compile. Hmm... that's not good. Anyways, the latest snapshots change a *lot* more than you need. I suggest doing a cvs checkout yourself: $ cvs -d :pserver:[EMAIL PROTECTED]:/source login blah $ cvs -d :pserver:[EMAIL PROTECTED]:/source co -r release_1_0 radiusd Should get you 1.0.4 with a few fixes. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: newbie questions using freeradius as wifi access point
Ok, now I am completely into new territory. Never did a cvs checkout before. Learn something new every day. Just to be clear before I keep going down this track... My underlying problem is that I am setting an Expiration value in radcheck, but Session-Timeout is not getting being returned in the authorization request that is in line with the Expiration value I inserted. Based on this post: http://lists.freeradius.org/mailman/htdig/freeradius-users/2005-June/044769. html I believe that a fix was made to this problem that is not in the 1.0.4 release and somehow I have to get my hands on a version of freeradius has the fix (rlm_expiration module is in there). Am I correct? Thanks, -will -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok Sent: Thursday, July 28, 2005 5:23 PM To: FreeRadius users mailing list Subject: Re: newbie questions using freeradius as wifi access point Will Carter [EMAIL PROTECTED] wrote: Am I correct to think that if I install one of the nightly builds that is after the 1.0.4, then this issue should be addressed. I actually tried to install the 07282005 snapshot but it wouldn't compile. Hmm... that's not good. Anyways, the latest snapshots change a *lot* more than you need. I suggest doing a cvs checkout yourself: $ cvs -d :pserver:[EMAIL PROTECTED]:/source login blah $ cvs -d :pserver:[EMAIL PROTECTED]:/source co -r release_1_0 radiusd Should get you 1.0.4 with a few fixes. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: newbie questions using freeradius as wifi access point
Ok, I am not getting this to work after numerous tries and am feeling frustrated and ignorant. $ cvs -d :pserver:[EMAIL PROTECTED]:/source login $ cvs -d :pserver:[EMAIL PROTECTED]:/source co -r release_1_0 radiusd Is it correct to say that after I successfully execute the 2 commands above that I should have a set of code that I need to compile with configure, make, and make install? When I attempt this, I get a set of files but am not successful at compiling them. Thanks and I appreciate your patience or advice you can give. -will -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok Sent: Thursday, July 28, 2005 5:23 PM To: FreeRadius users mailing list Subject: Re: newbie questions using freeradius as wifi access point Will Carter [EMAIL PROTECTED] wrote: Am I correct to think that if I install one of the nightly builds that is after the 1.0.4, then this issue should be addressed. I actually tried to install the 07282005 snapshot but it wouldn't compile. Hmm... that's not good. Anyways, the latest snapshots change a *lot* more than you need. I suggest doing a cvs checkout yourself: $ cvs -d :pserver:[EMAIL PROTECTED]:/source login blah $ cvs -d :pserver:[EMAIL PROTECTED]:/source co -r release_1_0 radiusd Should get you 1.0.4 with a few fixes. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: newbie questions using freeradius as wifi access point
Thanks for pointing in the right direction with rlm_sqlcounter. I think I have it working correctly, but I am not seeing how the following situation can be accounted for. The Max-All-Session attribute is working great if I want to allow a user to buy a block of time and they can use it in increments. But say I want a user to be able to buy a block of time that will expire at a certain time regardless of how long they spend online during that time. Can you give me an idea of the direction I should go to accomplish this? Thanks again for the help and please excuse my ignorance as I am just muddling through this. Thanks, will -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok Sent: Monday, July 18, 2005 4:35 PM To: FreeRadius users mailing list Subject: Re: newbie questions using freeradius as wifi access point Will Carter [EMAIL PROTECTED] wrote: 1. I have a separate database from radius that authenticates the user's login/password. I delete all rows from from radcheck for this user. I delete all rows from radreply for this user. I add back a radcheck record and radreply session-timeout record that corresponds to how much time left that they have paid for. Now I log them in (using an xml command to my nas). Wow... why not just use the sqlcounter module, which keeps track of all of this for you? The underlying problem with this set up is that ... it's unnecessarily complicated. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: newbie questions using freeradius as wifi access point
Will Carter [EMAIL PROTECTED] wrote: The Max-All-Session attribute is working great if I want to allow a user to buy a block of time and they can use it in increments. But say I want a user to be able to buy a block of time that will expire at a certain time regardless of how long they spend online during that time. Can you give me an idea of the direction I should go to accomplish this? Login-Time, or Expiration. See the README's. Alan DeKok - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
newbie questions using freeradius as wifi access point
Hi, First, sorry for the long post... I am new to radius in general and freeradius and am attempting to set up a credit card based wifi access point where you can buy time to surf the internet for certain alotments of time. The configuration should kick them off when their alloted paid for time expires and redirect them to a web page so that they can buy more time. I have some questions the progress we have made and would very much appreciate any information anyone could provide. I apologize for any ignorance or assumptions about how the set up would work, as I am just fumbling through. I have set up freeradius on a linux server and I have it successfully talking to a mySQL database that has radcheck, radreply, radacct tables, etc. I am able to use the natradping utility to get accept/reject messages from it based on entries in radcheck. I have a NAS device (nomadix ag-2000w) that I can get it to correctly recognize a wireless laptop and authenticate against entries in the radius database. I am sending a session-timeout attribute in my reply message and my nas is correctly coming up with an expiration time based on that. Basically my process is like this. Login: 1. I have a separate database from radius that authenticates the user's login/password. I delete all rows from from radcheck for this user. I delete all rows from radreply for this user. I add back a radcheck record and radreply session-timeout record that corresponds to how much time left that they have paid for. Now I log them in (using an xml command to my nas). My nas correctly reports the expire time based on the session-timeout that I inserted. After the user is logged in, I add another row to radcheck that is an auth-type reject. This is so that when the nas time expires and it tries to reauthenticate with radius, it will get a reject message and not allow surfing to continue. I believe this is the wrong way to be doing things and I think radacct is the table for this but I do not understand how that table fits in or if the nas device is supposed to be inserting into radacct or what. My question here is that should I be using radacct in some way to influence the reject/accept response when the session times out for the user. By the way, if the user tries to login again, they wont be hit with the auth-type reject in their response because I am clearing out radcheck and radreply first. User is trying to add time: I update my non-radius database with how much time they have purchased. I log the user out of my nas device (using an xml command). I delete everything from radcheck and radreply for this user. I add back a radcheck record for this user. I add a session-timout record to radreply for this user that corresponds to how much additional time they just purchased. I log the user back in, resyncing the nas with the session-timeout in radius. After they are logged in again I add back a auth-type reject to radcheck so that when their time runs out again they will be kicked off. The underlying problem with this set up is that the order of the logout/login/insert reject into radcheck bits seem not to happen in order. I am issuing xml commands to my nas to do the login/logout. So sometimes it seems that the logout happens after the login xml command or the login happens after the reject row is inserted, effectively blocking the user incorrectly. Basically, I would like some advice as to where I am going wrong in the process and what is the correct way that radacct comes into play. I have my nas set up to have accounting enabled and I see radacct getting written to but I don't understand how AcctStartTime, AcctStopTime comes into play although that looks interesting. Any guidance here would be great. Thanks for any info or direction you can provide. -will - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: newbie questions using freeradius as wifi access point
Will Carter [EMAIL PROTECTED] wrote: 1. I have a separate database from radius that authenticates the user's login/password. I delete all rows from from radcheck for this user. I delete all rows from radreply for this user. I add back a radcheck record and radreply session-timeout record that corresponds to how much time left that they have paid for. Now I log them in (using an xml command to my nas). Wow... why not just use the sqlcounter module, which keeps track of all of this for you? The underlying problem with this set up is that ... it's unnecessarily complicated. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html