Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Idle timeout caused by negative session time and wrong volume count in 2.0.3

    Scheduled Pinned Locked Moved Captive Portal
    6 Posts 3 Posters 2.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E Offline
      Enrica_CH
      last edited by

      I use captiveportal with an external radius server for authentification and accounting. I installed version 2.0.3 because the last activity wasn't updated in 2.0.2. In version 2.0.1 captive portal with radius authentification worked not bad but seldom there was a negative session time.

      Version 2.0.2 didn't work because of missing update of last activity. But 2.0.3 isn't better because

      First problem:
      I had 26'000 times negative session time (see attached log) within 22 hours. This produces an idle timeout in the condition "if ($lastact && (($pruning_time - $lastact) >= $uidletimeout)) ". It must be that "$lastact" is negative. Therefore captiveportal with timeout function is unusable.

      Second problem:
      The volume log in our radius server shows small volumes only. I have seen that the volume isn't added to the previous values during the interim update. It only transmit the volume since last update. I have seen that the function getVolume is based in IPFW also. As you can see in the attachment the entrystats volume values are reseted to 0 after one minute.

      Both problems have a link to the ipfw function of FreeBSD.

      I'm a little bit confused why nobody else has the same problem. I loaded the update image. Is it possible that the update function from version 2.0.1 -> 2.0.2 -> 2.0.3 has mixed old and new program code? The dashboard shows me version 2.0.3 or has somebody same issues?

      Is there a quick fix or should I change to version 2.1?

      Thank you for your help.
      Log_Radius_Server.JPG
      Log_Radius_Server.JPG_thumb
      getVolume_s.jpg
      getVolume_s.jpg_thumb
      larg_ses_time_debug.txt

      1 Reply Last reply Reply Quote 0
      • T Offline
        thermo
        last edited by

        2.0.2 which I am using has the same problems. The accounting volume can be made to work by disabling any speed limits on the captive portal page and not sending any Max-Bandwidth* attributes. I don't use any session attributes, so I am not sure if this can cause problems as well.

        1 Reply Last reply Reply Quote 0
        • J Offline
          joe_adk
          last edited by

          I'm having this same problem. Has there been any fix or workaround?

          1 Reply Last reply Reply Quote 0
          • E Offline
            Enrica_CH
            last edited by

            Sorry I no good news.I had to disable all timeout function.The last activity isn't updated with version 2.0.3.
            I changed to release 2.1 already. For my purpose it's more stable than current production release and it's maintained.Bugs are fixed in short time while in 2.0 nothing happens.

            1 Reply Last reply Reply Quote 0
            • T Offline
              thermo
              last edited by

              Is there any improvement in 2.1 over 2.x.x in Session Timeout handling and Accounting when limits are set?

              1 Reply Last reply Reply Quote 0
              • E Offline
                Enrica_CH
                last edited by

                Theoretically it's the same handling, but it works with 2.1

                In 2.0.2 and 2.0.3 the last activity date isn't reseted nor updated always. So pfsense logouts useres just after login.

                I use an external Radius server for authorization.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.