[Main Page]

Using CoovaChilli with FreeRADIUS

Dictionaries

Put the following dictionaries in your FreeRADIUS dictionaries directory and include them in the main dictionary file.

Notes

When using the acctupdate option, which allows you to send session parameter (session-timeout or bandwidth limitations) updates in Accounting-Response packets, you must ensure you FreeRADIUS server can send these attributes. If you are using the attrs.accounting_response file in raddb, be sure to allow these attributes or do not that FreeRADIUS feature. Here is the standard attrs.accounting_response file: 

#       $Id: attrs.accounting_response,v 1.1 2006/11/22 21:48:35 aland Exp $
#
#       This configuration file is used to remove almost all of the attributes
#       From an Accounting-Response message.  The RFC's say that an
#       Accounting-Response packet can contain only a few attributes.
#       We enforce that here.
#
DEFAULT
       Vendor-Specific =* ANY,
       Message-Authenticator =* ANY,
       Proxy-State =* ANY

To allow Session-Timeout, add: 

       Session-Timeout =* ANY

To allow ChilliSpot attributes, add: 

       ChilliSpot-Max-Input-Octets =* ANY
       ChilliSpot-Max-Output-Octets =* ANY
       ChilliSpot-Max-Total-Octets =* ANY

To allow WISPr attributes, add: 

       WISPr-Bandwidth-Max-Up =* ANY
       WISPr-Bandwidth-Max-Down =* ANY
       WISPr-Session-Terminate-Time =* ANY

To make FreeRADIUS send the attributes in the response packets, you need to add some more things. Assuming you want to send the Session-Timeout attribute, you are using FreeRADIUS with mysql and than you have Max-All-Session for every user in radcheck table, you need to declare under the module{} section in radiusd.conf a rewrite for the attribute Session-Timeout like this: 

  attr_rewrite updatesessiontimeout {
     attribute = Session-Timeout
     searchin = reply
     searchfor = "[+ ]"
     replacewith = "%{sql:SELECT ch.Value-IF(SUM(acct.AcctSessionTime) \
                             IS NULL, 0, SUM(acct.AcctSessionTime)) FROM radcheck AS ch \
                             LEFT JOIN radacct AS acct ON acct.Username=ch.UserName \
                             AND acct.AcctSessionId!='%{Acct-Session-Id}'  \
                             AND acct.AcctUniqueId!='%{Acct-Unique-Session-Id}' \
                             WHERE ch.UserName='%{User-Name}' \
                             AND ch.Attribute='Max-All-Session'"
     new_attribute = yes
     append = no
  }

and in the accounting{} session add: 

  updatesessiontimeout

This make radius update the attribute Session-Timeout at every response packet to chilli.

Search >>

This page has been accessed 3,870 times. This page was last modified 10:57, 5 November 2007.