1145
1157
# detailperm = 0600
1148
# Create a unique accounting session Id. Many NASes re-use or
1149
# repeat values for Acct-Session-Id, causing no end of
1161
# The rlm_sql_log module appends the SQL queries in a log
1162
# file which is read later by the radsqlrelay program.
1164
# This module only performs the dynamic expansion of the
1165
# variables found in the SQL statements. No operation is
1166
# executed on the database server. (this could be done
1167
# later by an external program) That means the module is
1168
# useful only with non-"SELECT" statements.
1170
# See rlm_sql_log(5) manpage.
1173
# path = ${radacctdir}/sql-relay
1174
# acct_table = "radacct"
1175
# postauth_table = "radpostauth"
1177
# Start = "INSERT INTO ${acct_table} (AcctSessionId, UserName, \
1178
# NASIPAddress, FramedIPAddress, AcctStartTime, AcctStopTime, \
1179
# AcctSessionTime, AcctTerminateCause) VALUES \
1180
# ('%{Acct-Session-Id}', '%{User-Name}', '%{NAS-IP-Address}', \
1181
# '%{Framed-IP-Address}', '%S', '0', '0', '');"
1182
# Stop = "INSERT INTO ${acct_table} (AcctSessionId, UserName, \
1183
# NASIPAddress, FramedIPAddress, AcctStartTime, AcctStopTime, \
1184
# AcctSessionTime, AcctTerminateCause) VALUES \
1185
# ('%{Acct-Session-Id}', '%{User-Name}', '%{NAS-IP-Address}', \
1186
# '%{Framed-IP-Address}', '0', '%S', '%{Acct-Session-Time}', \
1187
# '%{Acct-Terminate-Cause}');"
1188
# Alive = "INSERT INTO ${acct_table} (AcctSessionId, UserName, \
1189
# NASIPAddress, FramedIPAddress, AcctStartTime, AcctStopTime, \
1190
# AcctSessionTime, AcctTerminateCause) VALUES \
1191
# ('%{Acct-Session-Id}', '%{User-Name}', '%{NAS-IP-Address}', \
1192
# '%{Framed-IP-Address}', '0', '0', '%{Acct-Session-Time}','');"
1194
# Post-Auth = "INSERT INTO ${postauth_table} \
1195
# (user, pass, reply, date) VALUES \
1196
# ('%{User-Name}', '%{User-Password:-Chap-Password}', \
1197
# '%{reply:Packet-Type}', '%S');"
1201
# Create a unique accounting session Id. Many NASes re-use
1202
# or repeat values for Acct-Session-Id, causing no end of
1152
1205
# This module will add a (probably) unique session id
1153
1206
# to an accounting packet based on the attributes listed
1323
1376
cache-size = 5000
1380
# This module is an SQL enabled version of the counter module.
1382
# Rather than maintaining seperate (GDBM) databases of
1383
# accounting info for each counter, this module uses the data
1384
# stored in the raddacct table by the sql modules. This
1385
# module NEVER does any database INSERTs or UPDATEs. It is
1386
# totally dependent on the SQL module to process Accounting
1389
# The 'sqlmod_inst' parameter holds the instance of the sql
1390
# module to use when querying the SQL database. Normally it
1391
# is just "sql". If you define more and one SQL module
1392
# instance (usually for failover situations), you can
1393
# specify which module has access to the Accounting Data
1396
# The 'reset' parameter defines when the counters are all
1397
# reset to zero. It can be hourly, daily, weekly, monthly or
1398
# never. It can also be user defined. It should be of the
1401
# h: hours, d: days, w: weeks, m: months
1402
# If the letter is ommited days will be assumed. In example:
1403
# reset = 10h (reset every 10 hours)
1404
# reset = 12 (reset every 12 days)
1406
# The 'key' parameter specifies the unique identifier for the
1407
# counter records (usually 'User-Name').
1409
# The 'query' parameter specifies the SQL query used to get
1410
# the current Counter value from the database. There are 3
1411
# parameters that can be used in the query:
1412
# %k 'key' parameter
1413
# %b unix time value of beginning of reset period
1414
# %e unix time value of end of reset period
1416
# The 'check-name' parameter is the name of the 'check'
1417
# attribute to use to access the counter in the 'users' file
1418
# or SQL radcheck or radcheckgroup tables.
1420
# DEFAULT Max-Daily-Session > 3600, Auth-Type = Reject
1421
# Reply-Message = "You've used up more than one hour today"
1423
sqlcounter dailycounter {
1424
counter-name = Daily-Session-Time
1425
check-name = Max-Daily-Session
1430
# This query properly handles calls that span from the
1431
# previous reset period into the current period but
1432
# involves more work for the SQL server than those
1434
query = "SELECT SUM(AcctSessionTime - \
1435
GREATEST((%b - UNIX_TIMESTAMP(AcctStartTime)), 0)) \
1436
FROM radacct WHERE UserName='%{%k}' AND \
1437
UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime > '%b'"
1439
# This query ignores calls that started in a previous
1440
# reset period and continue into into this one. But it
1441
# is a little easier on the SQL server
1442
# query = "SELECT SUM(AcctSessionTime) FROM radacct WHERE \
1443
# UserName='%{%k}' AND AcctStartTime > FROM_UNIXTIME('%b')"
1445
# This query is the same as above, but demonstrates an
1446
# additional counter parameter '%e' which is the
1447
# timestamp for the end of the period
1448
# query = "SELECT SUM(AcctSessionTime) FROM radacct \
1449
# WHERE UserName='%{%k}' AND AcctStartTime BETWEEN \
1450
# FROM_UNIXTIME('%b') AND FROM_UNIXTIME('%e')"
1453
sqlcounter monthlycounter {
1454
counter-name = Monthly-Session-Time
1455
check-name = Max-Monthly-Session
1460
# This query properly handles calls that span from the
1461
# previous reset period into the current period but
1462
# involves more work for the SQL server than those
1464
query = "SELECT SUM(AcctSessionTime - \
1465
GREATEST((%b - UNIX_TIMESTAMP(AcctStartTime)), 0)) \
1466
FROM radacct WHERE UserName='%{%k}' AND \
1467
UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime > '%b'"
1469
# This query ignores calls that started in a previous
1470
# reset period and continue into into this one. But it
1471
# is a little easier on the SQL server
1472
# query = "SELECT SUM(AcctSessionTime) FROM radacct WHERE \
1473
# UserName='%{%k}' AND AcctStartTime > FROM_UNIXTIME('%b')"
1475
# This query is the same as above, but demonstrates an
1476
# additional counter parameter '%e' which is the
1477
# timestamp for the end of the period
1478
# query = "SELECT SUM(AcctSessionTime) FROM radacct \
1479
# WHERE UserName='%{%k}' AND AcctStartTime BETWEEN \
1480
# FROM_UNIXTIME('%b') AND FROM_UNIXTIME('%e')"
1326
1484
# The "always" module is here for debugging purposes. Each
1327
1485
# instance simply returns the same result, always, without
1328
1486
# doing anything.