Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

rlm_acct_unique(5) [debian man page]

rlm_acct_unique(5)						 FreeRADIUS Module						rlm_acct_unique(5)

NAME

       rlm_acct_unique - FreeRADIUS Module

DESCRIPTION

       The rlm_acct_unique module creates a unique accounting session Id.

       Many  NAS  vendors have their equipment supply an Acct-Session-Id attribute which is not unique over reboots.  This makes accounting diffi-
       cult, as there will be many independent sessions with the same Acct-Session-Id attribute.  This module uses the Acct-Session-Id	attribute,
       along with other attributes in the request, to create a more unique session ID, called Acct-Unique-Session-Id.

       The main configuration items to be aware of are:

       key    A list of the attributes used in calculating an MD5 hash which is used as the value for the unique session id.

CONFIGURATION

       modules {
	 ...
	 acct_unique {
	    key = "User-Name, Acct-Session-Id, NAS-IP-Address, NAS-Port"
	 }
	 ...
       }
	...
       preacct {
	 ...
	 acct_unique
	 ...
       }

       After  generating  the MD5 hash, the module adds it to the accounting request packet received from the client.  It will look something like
       this in your detail file:

	    Acct-Unique-Session-Id = "c66ef57e480b9d26"

       NOTE:  Any attribute you specify that is not found in the 'dictionary' file will cause the server to fail and exit with an error.

       NOTE:  If you want the Acct-Unique-Session-Id of the Start and the Stop packet of a particular session to match, you must  use  values  for
       the key that will stay the same for the Start and Stop.	The above example is a good start.  Adding 'Acct-Session-Time', for example, would
       cause a mismatch because that value is not the same on the Start and Stop accounting packets.

SECTIONS

       authorization, pre-accounting, accounting

FILES

       /etc/raddb/radiusd.conf

SEE ALSO

       radiusd(8), radiusd.conf(5)

AUTHORS

       Chris Parker, cparker@segv.org

								  3 February 2004						rlm_acct_unique(5)

Check Out this Related Man Page

rlm_counter(5)							 FreeRADIUS Module						    rlm_counter(5)

NAME

       rlm_counter - FreeRADIUS Module

DESCRIPTION

       The  rlm_counter module provides a general framework to allow access based on accumulated usage of a resource, such as total time online in
       a given period, total data transferred in a given period, etc.  This is very useful in a 'Prepaid Service' situation, where a user has paid
       for a finite amount of usage and should not be allowed to use more than that service.  Collection, monitoring, and replenishment of prepaid
       services are beyond the scope of this module.

       The main configuration items to be aware of are:

       filename
	      The filename where the usage data is stored.

       key    An attribute which will be present in the Access-Request to be used as the 'index' value for the counter. A counter entry is tracked
	      for each unique key.  The most likely key you will want to use is User-Name.

       count_attribute
	      An  attribute  which  will  be  used to increment the counter value.  If this attribute is Acct-Session-Time or an integer value the
	      counter data is incremented by the Attribute value.  For all other attribute types the counter is incremented by one.

       reset  How frequently the counter data should be set back to 0.	Valid values for this variable are: hourly, daily, weekly,  monthly,  orn-
	      ever  Alternatively, it can be user defined, in the form: num[hdwm].  num is a numeric value, followed by one or none of the follow-
	      ing letters.  h: hours, d: days, w: weeks, m: months.

       check_name
	      This defines an attribute name which will be registered by the counter module and can be used to set the maximum allowed	value  for
	      the  counter  after which the user is rejected.  If Daily-Session-Time is set, you can use the following syntax in the Users file to
	      set a cap of 3600 seconds ( 8 hours ):

       DEFAULT Max-Daily-Session := 3600

       reply_name
	      This is the name of the attribute which will contain the remaining value for the counter in the reply packet when the user  is  suc-
	      cessfully authorized. The default attribute name is "Session-Timeout".

       allowed_service_type
	      This can be used to only apply the limitations to specific service types of sessions.  For example, setting this to Framed-User will
	      only apply the counter module to Framed sessions, excluding other types such as Telnet or Rlogin.

       cache_size
	      The maximum size of the cache to be used by the module.  The default is 1000.

NOTES

       This module registers an attribute, so it should be added to the instantiate section, to be called on server startup.   When  used  in  the
       authorize section, it must come after any modules which set the 'check_name' attribute.

SECTIONS

       instantiate, authorize, accounting

FILES

       /etc/raddb/radiusd.conf

SEE ALSO

       radiusd(8), radiusd.conf(5) rlm_sqlcounter(5)

AUTHOR

       Chris Parker, cparker@segv.org

								   13 March 2004						    rlm_counter(5)
Man Page