Home > Freeradius, Open Source > Freeradius: Disconnected user when time limit exceed

Freeradius: Disconnected user when time limit exceed

I learned this while integrating phpmyprepaid into my radius server.
The purpose of this configuration is to limit a user by the time he use our network.

Let say as example I want to limit a user only 1 hour per prepaid card.
So what I did is define a counter using sqlcounter module in the radius.conf file;

— snipped —
sqlcounter timelimit {

counter-name = Max-All-Session-Time
check-name = Max-All-Session
sqlmod-inst = sql
key = User-Name
reset = never
query = “SELECT SUM(AcctSessionTime) FROM radacct where UserName=’%{%k}'”

}
— snipped —

In the configuration I set the check-name as Max-All-Session, this will apply to the the radcheck table. You can choose other name, the same name should be use in the radcheck table. in the query part is the sql query we use to get the data for accounting. From the above query radius server will get the sum of session time of the user from radacct table. It will compare with Max-All-Session check item and terminate the session when the time is reached.

but the server does not do accounting yet, to enable accounting we must specify the module we define in authorize section in the radius.conf.

— snipped —
authorize {

preprocess
chap
mschap
suffix
eap
files
sql
pap
timelimit

}
— snipped —

Then we need to restart/reload the server to make the new configuration take effect.

To force the setting to the user we must insert the regarding attribute into the radcheck table:
as example:

+–+———–+—————–+—+———-+
| id | UserName| Attribute | op | Value |
+–+———–+—————–+—+———-+
| 1 | user | User-Password | := | p45sw0rd |
| 2 | user | Max-All-Session | := | 3600 |
+–+———–+—————–+—+———-+

Categories: Freeradius, Open Source
  1. michael
    13/03/2009 at 6:21 pm

    Hi,

    Thanks for the info, it was truly timely.

    • 16/03/2009 at 12:18 pm

      You are welcome🙂. It is been long time i did not touch the radius configuration. Fuh… I am working on different stuff nowadays.

  2. michael
    14/03/2009 at 2:31 am

    hi,
    i tried it but the user is still able to broswe even after the time was exceeded. can u help me out?

  3. Jane Goody
    22/04/2009 at 2:39 pm

    Not that I’m totally impressed, but this is a lot more than I expected for when I stumpled upon a link on SU telling that the info here is quite decent. Thanks.

  4. 14/08/2012 at 4:46 am

    Hi!

    Where is allocated time set for the module? i.e. I want to set the time limit for each user to 1800 so its 30mins. This is then checked against the returned value from SUM(AcctSessionTime).

    I know this is a long shot seen as the last comment was over 3 years ago… Whats wrong with radius? do people still use it for captive portals etc anymore?

  5. chris
    06/12/2012 at 2:56 pm

    Is it possible to use Max-All-Session with groups?

    • 06/12/2012 at 3:05 pm

      I am sorry because I can’t help you. I did not configure any radius server for 5 years. Almost forgot everything about it.

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: