-
Notifications
You must be signed in to change notification settings - Fork 9
/
Copy pathcounter
163 lines (151 loc) · 6.25 KB
/
counter
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
# -*- text -*-
#
# $Id: a5ac1e60ef117a2c59ace1a9d061d8f70d1da538 $
# counter module:
# This module takes an attribute (count-attribute).
# It also takes a key, and creates a counter for each unique
# key. The count is incremented when accounting packets are
# received by the server. The value of the increment depends
# on the attribute type.
# If the attribute is Acct-Session-Time or of an integer type we add
# the value of the attribute. If it is anything else we increase the
# counter by one.
#
# The 'reset' parameter defines when the counters are all reset to
# zero. It can be hourly, daily, weekly, monthly or never.
#
# hourly: Reset on 00:00 of every hour
# daily: Reset on 00:00:00 every day
# weekly: Reset on 00:00:00 on sunday
# monthly: Reset on 00:00:00 of the first day of each month
#
# It can also be user defined. It should be of the form:
# num[hdwm] where:
# h: hours, d: days, w: weeks, m: months
# If the letter is omitted days will be assumed. In example:
# reset = 10h (reset every 10 hours)
# reset = 12 (reset every 12 days)
#
#
# The check_name attribute defines an attribute which will be
# registered by the counter module and can be used to set the
# maximum allowed value for the counter after which the user
# is rejected.
# Something like:
#
# DEFAULT Max-Daily-Session := 36000
# Fall-Through = 1
#
# You should add the counter module in the instantiate
# section so that it registers check_name before the files
# module reads the users file.
#
# If check_name is set and the user is to be rejected then we
# send back a Reply-Message and we log a Failure-Message in
# the radius.log
#
# If the count attribute is Acct-Session-Time then on each
# login we send back the remaining online time as a
# Session-Timeout attribute ELSE and if the reply_name is
# set, we send back that attribute. The reply_name attribute
# MUST be of an integer type.
#
# The counter_name can also be used instead of using the check_name
# like below:
#
# DEFAULT Daily-Session-Time > 3600, Auth-Type = Reject
# Reply-Message = "You've used up more than one hour today"
#
# The allowed_service_type attribute can be used to only take
# into account specific sessions. For example if a user first
# logs in through a login menu and then selects ppp there will
# be two sessions. One for Login-User and one for Framed-User
# service type. We only need to take into account the second one.
#
# The module should be added in the instantiate, authorize and
# accounting sections. Make sure that in the authorize
# section it comes after any module which sets the
# 'check_name' attribute.
#
#counter daily {
# filename = ${db_dir}/db.daily
# key = User-Name
# count_attribute = Acct-Session-Time
# reset = daily
# counter_name = Daily-Session-Time
# check_name = Max-Daily-Session
# reply_name = Session-Timeout
# allowed_service_type = Framed-User
# cache_size = 5000
#}
sqlcounter dailycounter {
counter_name = Daily-Session-Time
check_name = Max-Daily-Session
reply_name = Session-Timeout
sql_module_instance = sql
key = User-Name
reset = daily
# This query properly handles calls that span from the
# previous reset period into the current period but
# involves more work for the SQL server than those
# below
query = "SELECT SUM(acctsessiontime - \
GREATEST((%b - UNIX_TIMESTAMP(acctstarttime)), 0)) \
FROM radacct WHERE username = '%{%k}' AND \
UNIX_TIMESTAMP(acctstarttime) + acctsessiontime > '%b'"
# This query ignores calls that started in a previous
# reset period and continue into into this one. But it
# is a little easier on the SQL server
# query = "SELECT SUM(acctsessiontime) FROM radacct WHERE \
# username = '%{%k}' AND acctstarttime > FROM_UNIXTIME('%b')"
# This query is the same as above, but demonstrates an
# additional counter parameter '%e' which is the
# timestamp for the end of the period
# query = "SELECT SUM(acctsessiontime) FROM radacct \
# WHERE username = '%{%k}' AND acctstarttime BETWEEN \
# FROM_UNIXTIME('%b') AND FROM_UNIXTIME('%e')"
}
sqlcounter monthlycounter {
counter_name = Monthly-Session-Time
check_name = Max-Monthly-Session
reply_name = Session-Timeout
sql_module_instance = sql
key = User-Name
reset = monthly
# This query properly handles calls that span from the
# previous reset period into the current period but
# involves more work for the SQL server than those
# below
query = "SELECT SUM(acctsessiontime - \
GREATEST((%b - UNIX_TIMESTAMP(acctstarttime)), 0)) \
FROM radacct WHERE username='%{%k}' AND \
UNIX_TIMESTAMP(acctstarttime) + acctsessiontime > '%b'"
# This query ignores calls that started in a previous
# reset period and continue into into this one. But it
# is a little easier on the SQL server
# query = "SELECT SUM(acctsessiontime) FROM radacct WHERE \
# username='%{%k}' AND acctstarttime > FROM_UNIXTIME('%b')"
# This query is the same as above, but demonstrates an
# additional counter parameter '%e' which is the
# timestamp for the end of the period
# query = "SELECT SUM(acctsessiontime) FROM radacct \
# WHERE username='%{%k}' AND acctstarttime BETWEEN \
# FROM_UNIXTIME('%b') AND FROM_UNIXTIME('%e')"
}
sqlcounter noresetcounter {
counter_name = Max-All-Session-Time
check_name = Max-All-Session
sql_module_instance = sql
key = User-Name
reset = never
query = "SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='%{%k}'"
}
sqlcounter monthlytrafficcounter {
counter_name = Monthly-Traffic
check_name = Max-Monthly-Traffic
reply_name = Monthly-Traffic-Limit
sql_module_instance = sql
key = User-Name
reset = monthly
query = "SELECT SUM(acctinputoctets + acctoutputoctets) DIV 1048576 FROM radacct WHERE UserName='%{%k}' AND UNIX_TIMESTAMP(AcctStartTime) > '%b'"
}