[Chilli] Period "Reauthorisation"
Tim White
timwhite88 at gmail.com
Tue Jun 14 05:35:38 UTC 2011
Ok, so far I've got CoA replies working. So I guess this becomes more
unlang/module stuff.
For example, in the accounting section, I have the following
update coa {
User-Name = "%{User-Name}"
Acct-Session-Id = "%{Acct-Session-Id}"
NAS-IP-Address = "%{NAS-IP-Address}"
# ChilliSpot-Max-Total-Octets = "%{noresetBytecounter: ''}"
# noresetcounter
# noresetByteCounter
}
Now, with every accounting packet, a CoA request is initiated from the
server to Coova Chilli. Great!
I'm a bit lost at now getting the sqlcounter information back into this
packet. Without any ChilliSpot attributes going back to CoovaChilli, it
assumes those attributes no longer matter, and so for example the user
gets no limits!
Does anyone have some example FreeRadius stuff that might assist here?
Otherwise I'll have to go pester the FreeRadius list. When it's all
working I'll post a nice article with details for others.
Tim
On 14/06/11 11:09, Royce Ausburn wrote:
> You could look at doing this from your RADIUS server's end rather than from within chilli. Using accounting updates chilli already sends and initiating a RADIUS CoA when you need to kick/wall garden.
>
> HTH
>
> --Royce
>
> On 14/06/2011, at 10:43 AM, Tim White wrote:
>
>> I'm wondering if there has been any discussion about implementing period reauthorisation in Coova Chilli?
>> Basically, I'm hoping to implement "recurring limits" using sqlcounter. However, this becomes more difficult with sessions that go over the time period used for recurrance.
>>
>> For example, data limits. If you have an hourly data limit of 50Mb, the only attribute you can use to tell Coova this is the ChilliSpot-Max-Total-Octets. Ideally what we need is for Chilli to periodically reauthorise the sessions so that new attributes can be sent back.
>>
>> My guess is that this could cause lots of problems with leaky_bucket and other counters, so I was thinking that it's probably best implemented by ending the current session, and starting a new session, all transparently to the user.
>> From my understanding of RADIUS, it would need a whole new authentication, which would require saving the users password. And, if the user uses CHAP (which I believe comes from RADIUS and not CoovaChilli) then we are dead in the water.
>>
>> Can someone with a better understanding of RADIUS and CoovaChilli let me know if this is possible in the world of RADIUS, or totally impossible?
>>
>> I think I'm beginning to understand why ISP's generally use a monthly limit! :-P
>>
>> Tim
>> _______________________________________________
>> Chilli mailing list
>> Chilli at coova.org
>> http://lists.coova.org/cgi-bin/mailman/listinfo/chilli
More information about the Chilli
mailing list