如何为Freeradius上的用户提供开始日期

时间:2015-06-03 07:07:58

标签: mysql sql freeradius

我希望能够延迟激活登录。例如,我可以创建一个用户星期一,但我只是想让他只从星期五连接到我的网络登录。

所以我在文件dictionary.conf

上创建了一个属性 
ATTRIBUTE      Acc-start-date           3003    date

此属性在数据库sql中用作属性

在授权部分的/ site-available / default中

if (Acc-Start-Date < "%{Current-Time}") {
            reject
    }

但是我收到了错误,

    rad_recv: Access-Request packet from host 127.0.0.1 port 58341, id=131, length=277
    ChilliSpot-Version = "1.3.0"
    User-Name = "date"
    User-Password = "date"
    Service-Type = Login-User
    Acct-Session-Id = "556ea52d00000004"
    Framed-IP-Address = 10.10.4.200
    NAS-Port-Type = Wireless-802.11
    NAS-Port = 4
    NAS-Port-Id = "00000004"
    Calling-Station-Id = "00-1B-77-16-34-1A"
    Called-Station-Id = "00-50-56-B2-BF-8D"
    NAS-IP-Address = 10.10.4.254
    NAS-Identifier = "vlan4"
    WISPr-Location-ID = "isocc=,cc=,ac=,network=Coova,Vlan4_ssid"
    WISPr-Location-Name = "Vlan_4"
    WISPr-Logoff-URL = "http://10.10.4.254:3990/logoff"
    Message-Authenticator = 0x96a538a9ed829e695c3d62f22e5d1962
Wed Jun  3 08:57:48 2015 : Info: # Executing section authorize from file /etc/freeradius/sites-enabled/default
Wed Jun  3 08:57:48 2015 : Info: +- entering group authorize {...}
Wed Jun  3 08:57:48 2015 : Info: ++? if (!NAS-IP-Address)
Wed Jun  3 08:57:48 2015 : Info: ? Evaluating !(NAS-IP-Address) -> FALSE
Wed Jun  3 08:57:48 2015 : Info: ++? if (!NAS-IP-Address) -> FALSE
Wed Jun  3 08:57:48 2015 : Info: ++[preprocess] returns ok
Wed Jun  3 08:57:48 2015 : Info: ++[chap] returns noop
Wed Jun  3 08:57:48 2015 : Info: ++[mschap] returns noop
Wed Jun  3 08:57:48 2015 : Info: ++[digest] returns noop
Wed Jun  3 08:57:48 2015 : Info: [suffix] No '@' in User-Name = "date", looking up realm NULL
Wed Jun  3 08:57:48 2015 : Info: [suffix] No such realm "NULL"
Wed Jun  3 08:57:48 2015 : Info: ++[suffix] returns noop
Wed Jun  3 08:57:48 2015 : Info: [eap] No EAP-Message, not doing EAP
Wed Jun  3 08:57:48 2015 : Info: ++[eap] returns noop
Wed Jun  3 08:57:48 2015 : Info: [sql]  expand: %{User-Name} -> date
Wed Jun  3 08:57:48 2015 : Info: [sql] sql_set_user escaped user --> 'date'
Wed Jun  3 08:57:48 2015 : Debug: rlm_sql (sql): Reserving sql socket id: 3
Wed Jun  3 08:57:48 2015 : Info: [sql]  expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = 'date'           ORDER BY id
Wed Jun  3 08:57:48 2015 : Info: [sql] User found in radcheck table
Wed Jun  3 08:57:48 2015 : Info: [sql]  expand: SELECT id, username, attribute, value, op           FROM radreply           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radreply           WHERE username = 'date'           ORDER BY id
Wed Jun  3 08:57:48 2015 : Info: [sql]  expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = 'date'           ORDER BY priority
Wed Jun  3 08:57:48 2015 : Info: [sql]  expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'date_check'           ORDER BY id
Wed Jun  3 08:57:48 2015 : Info: [sql] User found in group date_check
Wed Jun  3 08:57:48 2015 : Info: [sql]  expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'date_check'           ORDER BY id
Wed Jun  3 08:57:48 2015 : Debug: rlm_sql (sql): Released sql socket id: 3
Wed Jun  3 08:57:48 2015 : Info: ++[sql] returns ok
Wed Jun  3 08:57:48 2015 : Debug: rlm_sqlcounter: Entering module authorize code
Wed Jun  3 08:57:48 2015 : Debug: rlm_sqlcounter: Could not find Check item value pair
Wed Jun  3 08:57:48 2015 : Info: ++[chillispot_max_bytes] returns noop
Wed Jun  3 08:57:48 2015 : Debug: rlm_sqlcounter: Entering module authorize code
Wed Jun  3 08:57:48 2015 : Debug: rlm_sqlcounter: Could not find Check item value pair
Wed Jun  3 08:57:48 2015 : Info: ++[noresetcounter] returns noop
Wed Jun  3 08:57:48 2015 : Debug: rlm_sqlcounter: Entering module authorize code
Wed Jun  3 08:57:48 2015 : Debug: rlm_sqlcounter: Could not find Check item value pair
Wed Jun  3 08:57:48 2015 : Info: ++[dailycounter] returns noop
Wed Jun  3 08:57:48 2015 : Info: ++? if (Acc-Start-Date < "%{Current-Time}")
Wed Jun  3 08:57:48 2015 : Info:    expand: %{Current-Time} -> 
Wed Jun  3 08:57:48 2015 : Info:     (Attribute Acc-Start-Date was not found)
Wed Jun  3 08:57:48 2015 : Info: ? Evaluating (Acc-Start-Date < "%{Current-Time}") -> FALSE
Wed Jun  3 08:57:48 2015 : Info: ++? if (Acc-Start-Date < "%{Current-Time}") -> FALSE
Wed Jun  3 08:57:48 2015 : Info: ++[expiration] returns noop
Wed Jun  3 08:57:48 2015 : Info: ++[logintime] returns noop
Wed Jun  3 08:57:48 2015 : Info: ++[pap] returns updated

我的freeradius无法找到我的attribut,我应该在查询sql的某个地方写一下这个属性吗?

1 个答案:

答案 0 :(得分:0)

您可能希望在policy.conf中添加此内容,而不是默认

if (Acc-start-date < "%{Current-Time}") {
                reject
        }
相关问题
最新问题