Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    FreeRADIUS - quota exceeded CP wrong message

    Scheduled Pinned Locked Moved pfSense Packages
    4 Posts 2 Posters 557 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      emiliano_tomei
      last edited by

      hi everyone, I set the traffic & bandwidth to 5Mb (in test), time period DAILY, interim interval 61sec.
      when the quota is reached, the radius disconnects the user, and the syslog reports correctly

      Jun 6 16:59:56 logportalauth 95137 Zone: wifi_koysha - QUOTA EXCEEDED: test, c8:bc:c8:a2:55:78, 192.168.201.202

      Jun 6 16:57:51 logportalauth 339 Zone: wifi_koysha - ACCEPT: test, c8:bc:c8:a2:55:78, 192.168.201.202

      but at the next login of the user TEST, the captive portal responds "invalid credential", instead of answering something like "your maximum daily usage has been reached".

      pfs 2.4.4 R p3
      freeradius 0.15.7_7

      has anyone found and solved this problem?

      GertjanG 1 Reply Last reply Reply Quote 0
      • GertjanG
        Gertjan @emiliano_tomei
        last edited by

        @emiliano_tomei said in FreeRADIUS - quota exceeded CP wrong message:

        "invalid credential"

        That message doesn't exists.
        This one does : https://github.com/pfsense/pfsense/blob/85cbd521b3ea6ffa0da8d8d5f36aadbfbb7cbd71/src/etc/inc/captiveportal.inc#L1578

        This text is a general placeholder.
        The error text, if it exists, is parsed out, and reported back.

        Does FreeRadius returns more useful info ?

        Technically, the message ins't incorrect : credentials are not 'useful' or 'correct' when the quota is consumed.
        Easy solution : tell users that they have a quota and over-quota will stop the access for the rest of the day, week or month.

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        1 Reply Last reply Reply Quote 0
        • E
          emiliano_tomei
          last edited by

          hi Gertjan, freeradius does not report further messages except for disconnection due to quota or time range reached.
          the error message creates confusion in the user, and having about 300 the thing is a little annoying, but the operation reaches the goal, having a satellite connection with just 12Mbps.
          thank you

          1 Reply Last reply Reply Quote 0
          • GertjanG
            Gertjan
            last edited by

            I just ran into another FreeRadius question, an found this :

            clog /var/log/system.log | grep "FreeRADIUS: User"

            Run it yourself on your system.
            Console access or SSH, option 8.

            Now, when user logs in, you have it's user name, right ?!
            Let say, the user is called "107"

            What about this :

            clog /var/log/system.log | grep "FreeRADIUS: User 107"

            Now, take the last line :
            clog /var/log/system.log | grep "FreeRADIUS: User 107"

            clog /var/log/system.log | grep "FreeRADIUS: User" | tail -1

            My idea is : when you make your own portal login page
            and
            portal error page (the page where the red error shows teh somewhat misleading : ""invalid credential"")

            Edit this error page, and add some PHP code that executes these shell commands - and if there is some result (read : useful messages).
            Show the result on the error page !

            Something like :

            User x has reached the daily amount of upload and download traffic (124 MB of 8 MB). The login request was denied.

            Now, all you need to do is scripting this together using some PHP and the commands you found above, and put it into the captive portal error page.

            No "help me" PM's please. Use the forum, the community will thank you.
            Edit : and where are the logs ??

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.