limiter le temps de connexion avec freeradius

[yabo84]

bonjour,
j'ai un portail captif tournant sous coova-chilli et freeradius (je n'utilise pas les outils genre phpmyprepaid ou daloradius....). Je voudrais donc deconnecter authomatiquement mes utilisateur apres X heures.
voici mon fichier /etc/freeradius/sql/mysql/conunter.conf

Code :

Sélectionner tout - Visualiser dans une fenêtre à part

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
sqlcounter dailycounter {
	counter-name = Daily-Session-Time
	check-name = Max-Daily-Session
	reply-name = Session-Timeout
	sqlmod-inst = sql
	key = User-Name
	reset = daily
 
	# This query properly handles calls that span from the
	# previous reset period into the current period but
	# involves more work for the SQL server than those
	# below
	query = "SELECT SUM(acctsessiontime - \
                 GREATEST((%b - UNIX_TIMESTAMP(acctstarttime)), 0)) \
                 FROM radacct WHERE username = '%{%k}' AND \
                 UNIX_TIMESTAMP(acctstarttime) + acctsessiontime > '%b'"
 
	# This query ignores calls that started in a previous
	# reset period and continue into into this one. But it
	# is a little easier on the SQL server
#	query = "SELECT SUM(acctsessiontime) FROM radacct WHERE \
#                username = '%{%k}' AND acctstarttime > FROM_UNIXTIME('%b')"
 
	# This query is the same as above, but demonstrates an
	# additional counter parameter '%e' which is the
	# timestamp for the end of the period
#	query = "SELECT SUM(acctsessiontime) FROM radacct \
#                WHERE username = '%{%k}' AND acctstarttime BETWEEN \
#                FROM_UNIXTIME('%b') AND FROM_UNIXTIME('%e')"
}
 
sqlcounter monthlycounter {
	counter-name = Monthly-Session-Time
		check-name = Max-Monthly-Session
		reply-name = Session-Timeout
		sqlmod-inst = sql
		key = User-Name
		reset = monthly
 
	# This query properly handles calls that span from the
	# previous reset period into the current period but
	# involves more work for the SQL server than those
	# below
	query = "SELECT SUM(acctsessiontime - \
                 GREATEST((%b - UNIX_TIMESTAMP(acctstarttime)), 0)) \
                 FROM radacct WHERE username='%{%k}' AND \
                 UNIX_TIMESTAMP(acctstarttime) + acctsessiontime > '%b'"
 
	# This query ignores calls that started in a previous
	# reset period and continue into into this one. But it
	# is a little easier on the SQL server
#	query = "SELECT SUM(acctsessiontime) FROM radacct WHERE \
#                username='%{%k}' AND acctstarttime > FROM_UNIXTIME('%b')"
 
	# This query is the same as above, but demonstrates an
	# additional counter parameter '%e' which is the
	# timestamp for the end of the period
#	query = "SELECT SUM(acctsessiontime) FROM radacct \
#                WHERE username='%{%k}' AND acctstarttime BETWEEN \
#                FROM_UNIXTIME('%b') AND FROM_UNIXTIME('%e')"
}
 
sqlcounter noresetcounter {
        counter-name = Max-All-Session-Time 
                check-name = Max-All-Session 
                sqlmod-inst = sql 
                key = User-Name 
                reset = never 
        query = "SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='%{%k}'" 
}

voici celui de /etc/freeradius/modules/counter

Code :

Sélectionner tout - Visualiser dans une fenêtre à part

1
2
3
4
5
6
7
8
9
10
11
counter daily {
	filename = ${db_dir}/db.daily
	key = User-Name
	count-attribute = Acct-Session-Time
	reset = daily
	counter-name = Daily-Session-Time
	check-name = Max-Daily-Session
	reply-name = Session-Timeout
	allowed-servicetype = Framed-User
	cache-size = 5000
}

Le problème c'est que les utilisateurs ne sont jamais deconnectés. Quelqu"un comprend comment faire?

[dahtah]

Salut,

Il faut que tu retournes un attribut Radius "Session-Timeout" lors de l'authentification avec la valeur en seconde de la duree de la session. Pour information, voila les attributs que ce portail supporte (en gros le dictionnaire IETF standard).