我使用freeradius与mysql和choovachilli实现俘虏门户。我目前正在尝试使用rlm_sqlcounter实现每日帐户,但没有成功。以下是我在全局配置中包含的配置文件:
sqlcounter dailycounter {
counter-name = 'Daily-Session-Time'
check-name = 'Max-Daily-Session'
sql_module_instance = 'sql'
key = 'User-Name'
reset = daily
query = "SELECT SUM(acctsessiontime - GREATEST((%b - UNIX_TIMESTAMP(acctstarttime)), 0)) FROM radacct WHERE username='%{${key}}' AND UNIX_TIMESTAMP(acctstarttime) + acctsessiontime > '%b'"
}
authorize {
sql
dailycounter
}
accounting {
sql
}
在自由半径日志中,只有这个与计数器相关的输出:
Tue Oct 6 13:02:22 2015 : Debug: Module: Linked to module rlm_expr
Tue Oct 6 13:02:22 2015 : Debug: Module: Instantiating module "expr" from file /etc/freeradius/modules/expr
Tue Oct 6 13:02:22 2015 : Debug: (Loaded rlm_counter, checking if it's valid)
Tue Oct 6 13:02:22 2015 : Debug: Module: Linked to module rlm_counter
Tue Oct 6 13:02:22 2015 : Debug: Module: Instantiating module "daily" from file /etc/freeradius/modules/counter
Tue Oct 6 13:02:22 2015 : Debug: counter daily {
Tue Oct 6 13:02:22 2015 : Debug: filename = "/etc/freeradius/db.daily"
Tue Oct 6 13:02:22 2015 : Debug: key = "User-Name"
Tue Oct 6 13:02:22 2015 : Debug: reset = "daily"
Tue Oct 6 13:02:22 2015 : Debug: count-attribute = "Acct-Session-Time"
Tue Oct 6 13:02:22 2015 : Debug: counter-name = "Daily-Session-Time"
Tue Oct 6 13:02:22 2015 : Debug: check-name = "Max-Daily-Session"
Tue Oct 6 13:02:22 2015 : Debug: reply-name = "Session-Timeout"
Tue Oct 6 13:02:22 2015 : Debug: allowed-servicetype = "Framed-User"
Tue Oct 6 13:02:22 2015 : Debug: cache-size = 5000
Tue Oct 6 13:02:22 2015 : Debug: }
Tue Oct 6 13:02:22 2015 : Debug: rlm_counter: Counter attribute Daily-Session-Time is number 3000
Tue Oct 6 13:02:22 2015 : Debug: rlm_counter: Current Time: 1444129342 [2015-10-06 13:02:22], Next reset 1444168800 [2015-10-07 00:00:00]
Daily-Session-Time的解释
- 用户每天可以登录和在线3000次 与Max-Daily-Session
- 。你把值加到3000。
- Radius将会话超时属性回复到nas 3000秒。这意味着nas必须在3000秒内断开用户连接
- 如果用户登录并在线1000秒,则退出。当他再次登录时,radius将会回复会话超时时间为nas 2000。
- 用户用完3000后无法登录。他需要等到明天。