>From discussion here, and my own needs, there is quite a demand for adding
some additional limitations, on a per-user and per unix-group-id basis,
regardless of whether it scales well or works with secondary radius servers,
specifically:
Block/kill multiple logins (except ISDN users with the port-limit set)
Per-day time limit (kick off user after X hours)
The first I've done with my modified 'pmwhoall.pl' script, run several times
an hour it drops any duplicate connections it discovers. Not the best
solution, but it works.
Basically, 'something' needs to take store the accumulated minutes for
each user, on new calls, it simply subtracts the time-so-far from the time
allowed, then set the session-limit to disconnect them at that point.
On end-of-call accounting packets, it would read the old time, add the
Acct-Session-Time, and save the new total.
And of course the accumulated minutes need to be reset at midnight,
and calls that started before midnight and ended after need to have just
the 'new' minutes logged. Unfortunately, Radius Accounting packets don't
seem to log the time the session started, so we just have to work
backwards from the current time.
======================================================================
Anybody care to suggest the best mechanism for implementing the above?