Core Function Analysis

The GuestNet system processes all RADIUS requests through a central handler function called handle_request. This function acts as the main decision engine and routes requests based on their type, ensuring proper handling of authentication and accounting flows.

1. 3.1 Request Routing Logic

The system classifies incoming RADIUS packets and directs them to the appropriate function.

Access-Request → AuthUser (Authentication)
Accounting-Start → AcctStart
Accounting-Alive → AcctAlive
Accounting-Stop → AcctStop

2. 3.2 Authentication Flow (AuthUser)

The AuthUser function is responsible for validating user access and assigning session parameters.

2.1. 3.2.1 Authentication Workflow

2.2. 3.2.2 Cache Loading

To improve performance, the system loads frequently used data into memory.

SELECT ID, CI FROM LOCATION WHERE STATUS=0;
SELECT ID, TIME_QUOTA, VALID_FOR FROM PACKAGES WHERE STATUS=0;

Purpose: - Reduce database load - Enable fast validation of location and package mappings

2.3. 3.2.3 User Validation

SELECT
    unix_timestamp(CREATE_DATE) AS CD,
    IFNULL(unix_timestamp(FIRST_LOGIN),0) AS FL,
    unix_timestamp(NOW()) AS CT,
    PASSWORD,
    PKG_ID,
    LOC_ID,
    USED_TIME_QUOTA,
    STATUS
FROM ACCOUNT
WHERE PIN = '<username>'
LIMIT 1;

Purpose: - Validate user existence - Retrieve quota, package, and status

2.4. 3.2.4 Password Validation

Two modes are supported:

Normal password validation
Master password (dialog) bypass

Decision: - If password mismatch → Reject - Else → Continue

2.5. 3.2.5 Location Resolution

The system determines the user location using two methods:

2.5.1. L2 Detection (Circuit-ID)

SELECT CI
FROM WIFI.WIFI_IP
WHERE circuit_id = '<circuit_id>'
AND remote_id = '<remote_id>'
LIMIT 1;

2.5.2. L3 Detection (IP-Based)

SELECT CI
FROM WIFI.WIFI_IP
WHERE start_ip <= inet_aton('<ip>')
AND inet_aton('<ip>') <= end_ip
LIMIT 1;

2.6. 3.2.6 Package Validation

SELECT 1
FROM PKG_TO_LOC
WHERE PKG_ID = '<pkg_id>'
AND LOC_ID = '<loc_id>';

Purpose: - Ensure user package is allowed at the current location

2.7. 3.2.7 Concurrency Control

SELECT COUNT(*) AS CNT
FROM WIFI.RADONLINE
WHERE USERNAME LIKE '<username>%';

Purpose: - Enforce maximum allowed simultaneous sessions

2.8. 3.2.8 Session Timeout Calculation

Session timeout depends on package type:

PKGTYPE	Expiry Base	Session Logic
1	First Login	Until expiry
2	Create Date	Until expiry
3	First Login	Quota-based
4	Create Date	Quota-based

PKGTYPE

Expiry Base

Session Logic

First Login

Until expiry

Create Date

Until expiry

First Login

Quota-based

Create Date

Quota-based

Rules: - Reject if expired - Reject if quota exhausted - Maximum session capped at 7 days

2.9. 3.2.9 RADIUS Response Attributes

If authentication succeeds:

Session-Timeout
Idle-Timeout
Class attribute
Service-Info
Account-Info
Vendor-specific attributes

3. 3.3 Accounting Flow

Accounting tracks session lifecycle and usage.

3.1. 3.3.1 Accounting Start (AcctStart)

3.1.1. SQL Operations

DELETE FROM WIFI.RADONLINE WHERE FRAMEDIPADDRESS = '<ip>';

INSERT INTO WIFI.RADONLINE (...)
VALUES (...);

UPDATE ACCOUNT
SET FIRST_LOGIN = NOW()
WHERE FIRST_LOGIN IS NULL
AND PIN = '<username>';

3.2. 3.3.2 Accounting Interim (AcctAlive)

3.2.1. SQL Operations

SELECT sessionTime, download, upload
FROM WIFI.RADONLINE
WHERE ACCTSESSIONID = '<session_id>';

UPDATE ACCOUNT
SET USED_TIME_QUOTA = USED_TIME_QUOTA + <delta_time>
WHERE PIN = '<username>';

3.3. 3.3.3 Accounting Stop (AcctStop)

3.3.1. SQL Operations

DELETE FROM WIFI.RADONLINE
WHERE ACCTSESSIONID = '<session_id>';

INSERT INTO CDR (...)
VALUES (...);

INSERT INTO WIFI.CDRS (...)
VALUES (...);

4. 3.4 Class Attribute Lifecycle

The Class attribute carries session metadata across all stages.

Format:

LOCID:<loc>|CUID:<user>|PKG:<pkg>|CI:walkin|GCUID:<id>

Usage: - Authentication → Created - Accounting Start → Parsed - Interim Updates → Maintained - Stop → Stored in CDR

5. 3.5 Database Interaction Summary

Function	Tables	Operations
AuthUser	ACCOUNT, RADONLINE	SELECT
AcctStart	RADONLINE, ACCOUNT	INSERT, UPDATE
AcctAlive	RADONLINE, ACCOUNT	SELECT, UPDATE
AcctStop	RADONLINE, CDR	DELETE, INSERT

Function

Tables

Operations

AuthUser

ACCOUNT, RADONLINE

SELECT

AcctStart

RADONLINE, ACCOUNT

INSERT, UPDATE

AcctAlive

RADONLINE, ACCOUNT

SELECT, UPDATE

AcctStop

RADONLINE, CDR

DELETE, INSERT

6. 3.6 Key Design Principles

Cache-driven validation for performance
Delta-based accounting for accuracy
Stateless session tracking via Class attribute
Strong separation of authentication and accounting
Optimized database interaction

7. 3.7 Summary

The Core Function Analysis demonstrates that GUESTNET:

Provides robust RADIUS-based authentication
Ensures strict policy enforcement
Tracks sessions accurately using accounting flows
Maintains high performance via caching
Supports scalable and reliable guest WiFi access