Regression #13947


Remove 4096GB quota limit

Added by Reid Linnemann about 1 year ago. Updated about 1 year ago.

Target version:
Start date:
Due date:
% Done:


Estimated time:
Plus Target Version:
Affected Version:
Affected Plus Version:
Affected Architecture:


The 4096GB quota limit introduced to prevent pfSense-Max-Total-Octets overflowing uint32 for captive portal artificially restricts quotas. Replace the validation with a warning regarding captive portal limitations when reauth is disabled.

Actions #1

Updated by Reid Linnemann about 1 year ago

  • Tracker changed from Todo to Regression
  • Affected Version set to 2.7.0
  • Affected Plus Version set to 23.01
  • Affected Architecture All added
Actions #2

Updated by Dale Harron about 1 year ago

As an observation, you can avoid the overflow consequences of premature logout due to the 32 bit unsigned integer overflow while you fix the pfSense-Max-Total-Octets to accurately determine the $utrafficquota by simply changing $timedout = true; below to $timedout = false; This will result in only freeRadius invoking a logout until you have fixed the problem. You can still send the warning but users will be able to continue to use freeRadius as before, even if pfSense-Max-Total-Octets overflows. There will still be an issue with the (by design) interim accounting setting not summing used-octets-user-uniqueID into used-octets-user but there are simple fixes for that using cron. I can supply the code I use if you wish. I have been testing this for the last 40 hrs on the current 23.01 RC dev release, it works perfectly, logouts are normal again. Stop/Start simply doesn't scale well enough for us to live with it unless we can change the per minute to more like per accounting period, i.e. around 600 seconds.

Approx line 669 in

if (!$timedout && $utrafficquota > 0) {
$volume = getVolume($cpentry[2]);
if (($volume['input_bytes'] + $volume['output_bytes']) > $utrafficquota) {
$timedout = true;  // change to $timedout = false; until the 32bit unsigned overflow is corrected
$term_cause = 10; // NAS-Request
$logout_cause = 'QUOTA EXCEEDED';
Actions #3

Updated by Reid Linnemann about 1 year ago

  • Status changed from New to Feedback

Validation removed in ddebe728, plumbed through plus-devel and 23.01

Actions #4

Updated by Jim Pingle about 1 year ago

  • Target version deleted (2.7.0)
  • Plus Target Version deleted (23.01)

Also available in: Atom PDF