From dd11a3d783e1ca18ac1e4296930541897a6b4160 Mon Sep 17 00:00:00 2001 From: Martin Fuchs Date: Fri, 21 Dec 2007 12:08:44 +0000 Subject: freeradius-patches from forum-user 'cybrsrfr' comitted --- packages/freeradius.inc | 84 ++++++++++++++++++++++++++++++++++++++++++++++--- packages/freeradius.xml | 77 +++++++++++++++++++++++++++++++++++++++++++-- 2 files changed, 153 insertions(+), 8 deletions(-) diff --git a/packages/freeradius.inc b/packages/freeradius.inc index 29736eca..3b173edf 100644 --- a/packages/freeradius.inc +++ b/packages/freeradius.inc @@ -251,6 +251,36 @@ modules { allowed-servicetype = Framed-User cache-size = 5000 } + + counter weekly { + filename = \${raddbdir}/db.weekly + key = User-Name + count-attribute = Acct-Session-Time + reset = weekly + counter-name = Weekly-Session-Time + check-name = Max-Weekly-Session + cache-size = 5000 + } + + counter monthly { + filename = \${raddbdir}/db.monthly + key = User-Name + count-attribute = Acct-Session-Time + reset = monthly + counter-name = Monthly-Session-Time + check-name = Max-Monthly-Session + cache-size = 5000 + } + + counter forever { + filename = \${raddbdir}/db.forever + key = User-Name + count-attribute = Acct-Session-Time + reset = never + counter-name = Forever-Session-Time + check-name = Max-Forever-Session + cache-size = 5000 + } always fail { rcode = fail @@ -298,7 +328,10 @@ modules { instantiate { exec expr - #daily + daily + weekly + monthly + forever } authorize { @@ -316,7 +349,10 @@ authorize { #sql #etc_smbpasswd #ldap - #daily + daily + weekly + monthly + forever #checkval } @@ -350,7 +386,10 @@ preacct { accounting { detail - #daily + daily + weekly + monthly + forever unix radutmp #sradutmp @@ -398,8 +437,43 @@ function freeradius_users_resync() { $conf = ''; $users = $config['installedpackages']['freeradius']['config']; if (is_array($users)) { - foreach ($users as $user) - $conf .= "{$user['username']}\tUser-Password == \"{$user['password']}\"\n"; + foreach ($users as $user) { + $username = $user['username']; + $password = $user['password']; + $multiconnet = $user['multiconnet']; + $ip = $user['ip']; + $x=$user['expiration']; + $sessiontime=$user['sessiontime']; + $onlinetime=$user['onlinetime']; + $atrib=''; + $head="$username User-Password == ".'"'.$password.'" '; + if ($multiconnect <> '') + { + $head .=", Simultaneous-Use += $multiconnet"; + } + if ($x <> '') + { + $head .=", Expiration := ".'"'.$x.'"'; + } + if ($ip <> '') + { + $atrib .="\r\n\tFramed-IP-Address = $ip,"; + } + if ($sessiontime <> '') + { + $atrib .="\r\n\tSession-Timeout := $sessiontime,"; + } + if ($onlinetime <> '') + { + $head .=", Login-Time := ". '"' . $onlinetime .'"'; + } + + $conf .= <<username - Description - description + IP address + ip + + + Multiple Connection + multiconnet + + + Expiration + expiration + + + Session time + sessiontime + + + Online time + onlinetime @@ -119,8 +135,63 @@ - Description + ip + Ip address + If you want this user to be assigned a specific IP address from radius, enter the IP +address here. Continuous IP address is available with "+" suffix(example:192.168.1.5+. It may help for assigning the +different IP address to multiple simultaneous connections). IMPORTANT, you MUST ener an IP address here if you checked +"RADIUS issued IP's" on vpn pptp or vpn pppoe configuration. + input + + + multiconnet + Number of Multiple connection + The available number of multiple simultaneous connections with this username. + + input + + + expiration + Expiration + You may enter the date that this account will stop working here.use Mmm dd yyyy example: 01 Jan 2007 will be Jan 01 2007 + input + + + sessiontime + Session time + Time this user has until relogin in seconds + input + + + onlinetime + Online time + A time string may be a list of simple time strings separated with vertical bars `|' or commas `,'. + +Each simple time string must begin either with a day-of-week abbreviation (one of `Su', `Mo', `Tu', `We', `Th', `Fr', `Sa'), or `Wk' for any day from Monday to Friday inclusive, or `Any' or `Al' for any day. + +Following the day may be a range of hours separated with a hyphen, using 24-hour time. The range of hours may cross 0; for example `2300-0700' means any time except 7 AM to 11 PM. If no time is given, calls may be made at any time on the specified day(s). + +The time string may also be the single word `Never', which does not match any time. + +Here are a few sample time strings with an explanation of what they mean. + +`Wk2305-0855,Sa,Su2305-1655' + + This means weekdays before 8:55 AM or after 11:05 PM, any time Saturday, or Sunday before 4:55 PM or after 11:05 PM. These are approximately the times during which night rates apply to phone calls in the U.S.A. Note that this time string uses, for example, `2305' rather than `2300'; this will ensure a cheap rate even if the computer clock is running up to five minutes ahead of the real time. + +`Wk0905-2255,Su1705-2255' + + This means weekdays from 9:05 AM to 10:55 PM, or Sunday from 5:05 PM to 10:55 PM. This is approximately the opposite of the previous example. + +`Any' + + This means any day. Since no time is specified, it means any time on any day. + + input + + description + Description You may enter a description here for your reference (not parsed). input -- cgit v1.2.3