Код: Выделить всё
authorize {
preprocess
chap
mschap
digest
suffix
eap {
ok = return
}
sql
noresetcounter
octetslimit
expire_on_login
expiration
logintime
}
Код: Выделить всё
...
rlm_sqlcounter: Entering module authorize code
rlm_sqlcounter: Could not find Check item value pair
++[noresetcounter] = noop
rlm_sqlcounter: Entering module authorize code
WARNING: Please replace '%k' with '${key}'
sqlcounter_expand: 'SELECT IFNULL(SUM(acctoutputoctets),0) from radacct WHERE UserName='%{User-Name}''
[octetslimit] expand: SELECT IFNULL(SUM(acctoutputoctets),0) from radacct WHERE UserName='%{User-Name}' -> SELECT IFNULL(SUM(acctoutputoctets),0) from radacct WHERE UserName='garzot15'
WARNING: Please replace '%S' with '${sqlmod-inst}'
sqlcounter_expand: '%{sql:SELECT IFNULL(SUM(acctoutputoctets),0) from radacct WHERE UserName='garzot15'}'
[octetslimit] sql_xlat
[octetslimit] expand: %{User-Name} -> garzot15
[octetslimit] sql_set_user escaped user --> 'garzot15'
[octetslimit] expand: SELECT IFNULL(SUM(acctoutputoctets),0) from radacct WHERE UserName='garzot15' -> SELECT IFNULL(SUM(acctoutputoctets),0) from radacct WHERE UserName='garzot15'
rlm_sql (sql): Reserving sql socket id: 3
[octetslimit] sql_xlat finished
rlm_sql (sql): Released sql socket id: 3
[octetslimit] expand: %{sql:SELECT IFNULL(SUM(acctoutputoctets),0) from radacct WHERE UserName='garzot15'} -> 87050165
[b]rlm_sqlcounter: (Check item - counter) is less than zero
rlm_sqlcounter: Rejected user garzot15, check_item=52428800, counter=87050165
++[octetslimit] = reject [/b] ####################################### Здесь авторизация должна была остановиться.
rlm_sqlcounter: Entering module authorize code
WARNING: Please replace '%k' with '${key}'
sqlcounter_expand: 'SELECT TIME_TO_SEC(TIMEDIFF(NOW(), acctstarttime)) FROM radacct WHERE UserName='%{User-Name}' ORDER BY acctstarttime LIMIT 1;'
[expire_on_login] expand: SELECT TIME_TO_SEC(TIMEDIFF(NOW(), acctstarttime)) FROM radacct WHERE UserName='%{User-Name}' ORDER BY acctstarttime LIMIT 1; -> SELECT TIME_TO_SEC(TIMEDIFF(NOW(), acctstarttime)) FROM radacct WHERE UserName='garzot15' ORDER BY acctstarttime LIMIT 1;
WARNING: Please replace '%S' with '${sqlmod-inst}'
sqlcounter_expand: '%{sql:SELECT TIME_TO_SEC(TIMEDIFF(NOW(), acctstarttime)) FROM radacct WHERE UserName='garzot15' ORDER BY acctstarttime LIMIT 1;}'
[expire_on_login] sql_xlat
[expire_on_login] expand: %{User-Name} -> garzot15
[expire_on_login] sql_set_user escaped user --> 'garzot15'
[expire_on_login] expand: SELECT TIME_TO_SEC(TIMEDIFF(NOW(), acctstarttime)) FROM radacct WHERE UserName='garzot15' ORDER BY acctstarttime LIMIT 1; -> SELECT TIME_TO_SEC(TIMEDIFF(NOW(), acctstarttime)) FROM radacct WHERE UserName='garzot15' ORDER BY acctstarttime LIMIT 1;
rlm_sql (sql): Reserving sql socket id: 2
[expire_on_login] sql_xlat finished
rlm_sql (sql): Released sql socket id: 2
[expire_on_login] expand: %{sql:SELECT TIME_TO_SEC(TIMEDIFF(NOW(), acctstarttime)) FROM radacct WHERE UserName='garzot15' ORDER BY acctstarttime LIMIT 1;} -> 239033
rlm_sqlcounter: Check item is greater than query result
rlm_sqlcounter: Authorized user garzot15, check_item=432000, counter=239033
rlm_sqlcounter: Sent Reply-Item for user garzot15, Type=Session-Timeout, value=192967
++[expire_on_login] = ok
++[expiration] = noop
++[logintime] = noop
++[pap] = updated
+} # group authorize = updated
Found Auth-Type = PAP
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!! Replacing User-Password in config items with Cleartext-Password. !!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!! Please update your configuration so that the "known good" !!!
!!! clear text password is in Cleartext-Password, and not in User-Password. !!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+group PAP {
[pap] login attempt with password "nidpokak"
[pap] Using clear text password "nidpokak"
[pap] User authenticated successfully
++[pap] = ok
+} # group PAP = ok
# Executing section session from file /usr/local/etc/raddb/sites-enabled/default
+group session {
++[sql] = noop
+} # group session = noop
Login OK: [garzot15/nidpokak]