On 13/06/2012 5:05 p.m., ali Eblice wrote:
> Hi
> before i ask this problem here i asked it in freeradius mailing list
> and they said that it's a nas problem .
>
> here are the things i did :
>
> i have squid connected to freeradius ((freeradius: FreeRADIUS Version
> 2.1.10, for host x86_64-pc-linux-gnu, built on Nov 24 2011 at
> 07:53:12)) and
> problem is that after a Max-Daily-Session time ended user stay
> connected and can use squid proxy .
> here is my configuration:
>
> i did this config on users file of freeradius
> ------------------------------------------------
> "alice" Cleartext-Password := "passme", Max-Daily-Session :="100"
> Reply-Message = "Hello, %{User-Name}"
> -------------------------------------------------
>
>
> and uncomment daily in accounting and authorize section of
> sites-enabled/default file of freeradius and uncommented the daily in
> instantiate section of radiusd.conf and
> added this to moduls/counter
> -----------------------------------------------------------------------------------------------
> counter daily {
> filename = ${db_dir}/db.daily
> key = User-Name
> count-attribute = Acct-Session-Time
> reset = daily
> counter-name = Daily-Session-Time
> check-name = Max-Daily-Session
> reply-name = Session-Timeout
> # allowed-servicetype = Framed-User
> cache-size = 5000
> # return-attribute = Session-Timeout
> }
> -------------------------------------------------------------------------------------------------
>
>
> but after 100 second the user doesn't disconnect .
Unfortunately none of what you describe has anything to do with Squid
either.
The only possible connection this might have with Squid is if a RADIUS
helper (auth_param or external_acl_type) was in use. In which case the
squid.conf settings for the helper result cache may be affecting when
timeouts occur. Other than that Squid has no control or interaction with
RADIUS timeouts.
>
> i checked the " access.log " of squid but nothing about disconnecting
> user was in there .
There won't be. At most a sudden rejection of the users requests is the
only sign in HTTP that anything has changed.
Amos
Received on Wed Jun 13 2012 - 10:03:34 MDT
This archive was generated by hypermail 2.2.0 : Wed Jun 13 2012 - 12:00:04 MDT