mysql - 如何为 Freeradius 上的用户提供开始日期

标签 mysql sql freeradius

我希望能够延迟激活登录。例如,我可以在星期一创建一个用户,但我只想允许他仅从星期五连接到登录我的网络。

所以我在文件dictionary.conf上创建了一个属性

ATTRIBUTE      Acc-start-date           3003    date

该属性在数据库sql中像属性一样使用

并在/site-available/default 的授权部分

if (Acc-Start-Date < "%{Current-Time}") {
            reject
    }

但我收到错误,

    rad_recv: Access-Request packet from host 127.0.0.1 port 58341, id=131, length=277
    ChilliSpot-Version = "1.3.0"
    User-Name = "date"
    User-Password = "date"
    Service-Type = Login-User
    Acct-Session-Id = "556ea52d00000004"
    Framed-IP-Address = 10.10.4.200
    NAS-Port-Type = Wireless-802.11
    NAS-Port = 4
    NAS-Port-Id = "00000004"
    Calling-Station-Id = "00-1B-77-16-34-1A"
    Called-Station-Id = "00-50-56-B2-BF-8D"
    NAS-IP-Address = 10.10.4.254
    NAS-Identifier = "vlan4"
    WISPr-Location-ID = "isocc=,cc=,ac=,network=Coova,Vlan4_ssid"
    WISPr-Location-Name = "Vlan_4"
    WISPr-Logoff-URL = "http://10.10.4.254:3990/logoff"
    Message-Authenticator = 0x96a538a9ed829e695c3d62f22e5d1962
Wed Jun  3 08:57:48 2015 : Info: # Executing section authorize from file /etc/freeradius/sites-enabled/default
Wed Jun  3 08:57:48 2015 : Info: +- entering group authorize {...}
Wed Jun  3 08:57:48 2015 : Info: ++? if (!NAS-IP-Address)
Wed Jun  3 08:57:48 2015 : Info: ? Evaluating !(NAS-IP-Address) -> FALSE
Wed Jun  3 08:57:48 2015 : Info: ++? if (!NAS-IP-Address) -> FALSE
Wed Jun  3 08:57:48 2015 : Info: ++[preprocess] returns ok
Wed Jun  3 08:57:48 2015 : Info: ++[chap] returns noop
Wed Jun  3 08:57:48 2015 : Info: ++[mschap] returns noop
Wed Jun  3 08:57:48 2015 : Info: ++[digest] returns noop
Wed Jun  3 08:57:48 2015 : Info: [suffix] No '@' in User-Name = "date", looking up realm NULL
Wed Jun  3 08:57:48 2015 : Info: [suffix] No such realm "NULL"
Wed Jun  3 08:57:48 2015 : Info: ++[suffix] returns noop
Wed Jun  3 08:57:48 2015 : Info: [eap] No EAP-Message, not doing EAP
Wed Jun  3 08:57:48 2015 : Info: ++[eap] returns noop
Wed Jun  3 08:57:48 2015 : Info: [sql]  expand: %{User-Name} -> date
Wed Jun  3 08:57:48 2015 : Info: [sql] sql_set_user escaped user --> 'date'
Wed Jun  3 08:57:48 2015 : Debug: rlm_sql (sql): Reserving sql socket id: 3
Wed Jun  3 08:57:48 2015 : Info: [sql]  expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = 'date'           ORDER BY id
Wed Jun  3 08:57:48 2015 : Info: [sql] User found in radcheck table
Wed Jun  3 08:57:48 2015 : Info: [sql]  expand: SELECT id, username, attribute, value, op           FROM radreply           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radreply           WHERE username = 'date'           ORDER BY id
Wed Jun  3 08:57:48 2015 : Info: [sql]  expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = 'date'           ORDER BY priority
Wed Jun  3 08:57:48 2015 : Info: [sql]  expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'date_check'           ORDER BY id
Wed Jun  3 08:57:48 2015 : Info: [sql] User found in group date_check
Wed Jun  3 08:57:48 2015 : Info: [sql]  expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'date_check'           ORDER BY id
Wed Jun  3 08:57:48 2015 : Debug: rlm_sql (sql): Released sql socket id: 3
Wed Jun  3 08:57:48 2015 : Info: ++[sql] returns ok
Wed Jun  3 08:57:48 2015 : Debug: rlm_sqlcounter: Entering module authorize code
Wed Jun  3 08:57:48 2015 : Debug: rlm_sqlcounter: Could not find Check item value pair
Wed Jun  3 08:57:48 2015 : Info: ++[chillispot_max_bytes] returns noop
Wed Jun  3 08:57:48 2015 : Debug: rlm_sqlcounter: Entering module authorize code
Wed Jun  3 08:57:48 2015 : Debug: rlm_sqlcounter: Could not find Check item value pair
Wed Jun  3 08:57:48 2015 : Info: ++[noresetcounter] returns noop
Wed Jun  3 08:57:48 2015 : Debug: rlm_sqlcounter: Entering module authorize code
Wed Jun  3 08:57:48 2015 : Debug: rlm_sqlcounter: Could not find Check item value pair
Wed Jun  3 08:57:48 2015 : Info: ++[dailycounter] returns noop
Wed Jun  3 08:57:48 2015 : Info: ++? if (Acc-Start-Date < "%{Current-Time}")
Wed Jun  3 08:57:48 2015 : Info:    expand: %{Current-Time} -> 
Wed Jun  3 08:57:48 2015 : Info:     (Attribute Acc-Start-Date was not found)
Wed Jun  3 08:57:48 2015 : Info: ? Evaluating (Acc-Start-Date < "%{Current-Time}") -> FALSE
Wed Jun  3 08:57:48 2015 : Info: ++? if (Acc-Start-Date < "%{Current-Time}") -> FALSE
Wed Jun  3 08:57:48 2015 : Info: ++[expiration] returns noop
Wed Jun  3 08:57:48 2015 : Info: ++[logintime] returns noop
Wed Jun  3 08:57:48 2015 : Info: ++[pap] returns updated

我的 freeradius 找不到我的属性,我应该在某处编写查询 sql 来查找此属性吗?

最佳答案

您可能希望将其添加到您的policy.conf中,而不是默认的

if (Acc-start-date < "%{Current-Time}") {
                reject
        }

关于mysql - 如何为 Freeradius 上的用户提供开始日期,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/30613133/

上一篇:mysql主从分区表不存在

下一篇:mysql - MySQL 中条件不适用的情况

相关文章:

php - 如何从 php 中的 youtube id 创建 mysql 表?

mysql - MSSQL BIT_COUNT(汉明距离)

php - 如何将两个 MySQL 查询连接到一个数组中?

mysql - 清空慢查询日志

c# - EF Core/Sqlite 一对多关系因唯一索引约束而失败

linux - 发回 Av-Pair attr 自由半径

radius - 什么是 acctinputoctets?

SQL Server 2008 查询查找列中包含非字母数字字符的行

sql - 识别 SQL Server 2000 中未使用表的策略?

port - 如何更改Freeradius3默认端口(auth1812 & Account1813)

©2024 IT工具网  联系我们