Vouchers getting Expired before remaining Time
-
I have one new production system working since 20 Days with up to 2500 Captive Portal users. I am facing strange problem first time in 2.5 Stable release. vouchers getting expired before the time. 5-10 people daily complaining for voucher expiring.
as example today got one person need to disconnect his device as first one broken and to enter same voucher on new device. as we disconnected this user next device it says voucher expired and still 6 Days left for this voucher to expire.
Apr 5 17:51:45 logportalauth 58051 Zone: platinum - 1152682738 (6/47) already used and expired Apr 5 17:51:27 logportalauth 58051 Zone: platinum - DISCONNECT: 1152682738, 30:aa:e4:db:7b:0c, 10.20.6.43 -
Hi,
First things first : your lcoal system time is ok ?
Next : you can test vouchers codes here : Diagnostics > Authentication
When you create a bunch of vouchers that last 2 hours, and you test them, do you find "120 minutes of unused time", or less ?
-
I can confirm System time is correct there is no issue with it.
secondly its Voucher so i cannot see any option under Diagnostics--->Authentication to test voucher but local DB with username and password. I instead tested with Status--->Captive Portal ----> Test Vouchers and it showed expired.
While creating vouchers ( 1 Month " 43200 Minutes ) when person activate the voucher remaining time shows correctly
-
Hello @wazim4u ,
That's strange...
one question, could you open the file/var/db/voucher_{$cpzone}_active_{$roll}.db& check what's inside?The format of this file is
{voucher_number},{timestamp_of_activation_time},{allowed_time_in_minutes}.Could you specifically check :
- For "in use vouchers", do the allowed time in minutes & the activation timestamp correspond to the reality ?
- Is there any expired voucher still inside? (It should not be the case, but just in case, could you check?)
Here is (in simplified version, the exact code can be found here) how the voucher expiration is performed in pfSense :
// This code is executed automatically every minute // and manually for some rare events (pfSense shudown, submit on the voucher edit page of the GUI, HA Sync between 2 pfSense, etc...) $roll = '5'; // The voucher roll $cpzone = 'myCpZone'; // The Captive Portal zone $file = fopen("/var/db/voucher_{$cpzone}_active_{$roll}.db", "r"); while (!feof($file)) { $line = trim(fgets($file)); list($voucher, $timestamp, $minutes) = explode(",", $line); // voucher,timestamp,allowed time if ((($timestamp + (60*$minutes)) - time()) =< 0) { // (The maximum int on PHP is 9223372036854775807, which mean an integer overflow is not possible here) $expired = True; } }That's why I see two possibilities :
- The timestamp / allowed time is not correct in the file
- or the time() function of PHP does not give correct results
Honestly, my bet on this issue is that the allowed time in the file are somehow not correct.
Could you confirm me that ? -
@free4
Here is the output of active voucher roll as requested. roll no.1 having only 6 active vouchers and output of file is given belowcat /var/db/voucher_platinum_active_1.db 793338274,1616951824,14400 474432784,1617051821,14400 82728594,1617125331,14400 1434727374,1617193376,14400 723599534,1617209155,14400 9883922256,1617692216,14400I am unable to understand timestamp format but voucher and given time is fine. all expired voucher roll shows nothing it means no active voucher remain in roll.
as i mentioned almost 2500 active users few of them getting this issue. yesterday active voucher we disconnected because mobile was broken and as we entered this code in other device it shows expired even 6 days still to go we seen while disconnecting.
-
The timestamp (also called epoch) is the number of seconds that have elapsed since January 1, 1970 at midnight UTC.
You can convert a timestamp to date on website like https://www.epochconverter.com/
I'm not seeing anything wrong in the 6 active vouchers...
