Hi
RH 8
NoCat Gateway+NocatAuthserver on linux
FR 1.0.*
I have some problems with my accounting data. We let
the radius server to write accounting data inside the
detail log files. We use RADIUS.pm to add some
attributes and get their values on accounting process,
and it works but not for all. values like
framedipaddress
stop/startconnnectioninfo
terminatecause
NASportType
calledstationid
are still unavailable both in radacct and detail file.
Do we need to enable any scripts through some
configuration file to write it in radacct or detail
log files?
Some of these attr values are available in the other
table in radius db (same db for radacct).Can just the
value be returned from that table (radreply) as
authentication get the return value for the
framedIPaddress (eg)?
>From the dictionary, some of the attributes have many
value, and how is the value being recorded to radacct?
Is it automatically detected (intelligently) by
dedicated NAS machine (since I used Linux as my RADIUS
client-NAS)??Some attributes have no value such as
start/stopconnectioninfo, realm and calledstationID.
Is this value need to be set in any files or scripts
or configuration file? I search but for now can't find
where...Help please..
below are the scripts of RADIUS.pm that had being
altered. critical value that we try to get is the
FramedIPAddress.
++++++++++++++++++++++++++++++++++++++++++++++++++++++
package NoCat::Accounting::RADIUS;
use NoCat::Source;
use Authen::Radius;
use strict;
use vars qw( @ISA @REQUIRED );
@ISA = qw( NoCat::Accounting );
@REQUIRED = qw(
RADIUS_Host RADIUS_Secret
);
sub radius {
my ($self) = @_;
unless ($self->{Radius}) {
my $r;
my $Hosts = $self->{RadiusHostsToUse};
if(! defined($Hosts)) { #This is really the first
time through
and I need to generate my list of servers
$self->{RADIUS_Host} =~ s/,,/,/g; #just to
eliminate any blank entries
my(@Hosts) = split(/,/,$self->{RADIUS_Host});
if($self->{RADIUS_Order} &&
$self->{RADIUS_Order}) { #mix em up.
my @TmpHosts;
my %UsedHosts;
for(my $i=0;$i <= $#Hosts; $i++) {
my $TmpHost;
while(! $TmpHost || ($TmpHost &&
$UsedHosts{$TmpHost})) {
$TmpHost = $Hosts[int(rand($#Hosts + 1))];
last if ! $UsedHosts{$TmpHost};
}
$UsedHosts{$TmpHost} = 1;
$TmpHosts[$i] = $TmpHost;
}
@Hosts = @TmpHosts;
}
$self->{RadiusHostsToUse} = [EMAIL PROTECTED]; #List
generated.
}
if($self->{RadiusHostsToUse}) { #go through
servers one by one
foreach my $Host (@{$self->{RadiusHostsToUse}})
{
my $Secret = $self->{RADIUS_Secret} ?
$self->{RADIUS_Secret} : "";
if($Host =~ s/\*(.*)$//) {
$Secret = $1;
}
$self->log( 0, "Connecting to RADIUS server
$Host with Timeout
" . $self->{RADIUS_TimeOut} );
$r = Authen::Radius->new(
Host => $Host,
Secret => $Secret,
Timeout =>
$self->{RADIUS_TimeOut},
Accounting => 1
);
last if $r; #If we have a good connection,
we're done
$self->log( 0, "Failed to connect to RADIUS
server $Host" );
}
if ($r) { # This is almost always the case...
$self->{Radius} = $r;
} else {
$self->log( 0, "Can't connect to RADIUS
server(s)
$self->{RADIUS_Host}" );
}
} else {
return undef; #no host for them!
}
}
return $self->{Radius};
}
sub usenextserver { #If I fail, take the most recent
host out and
my $self = shift;
return unless $self->{RadiusHostsToUse}; #unless
I've been
through the radius sub above, forget it
my @Hosts = @{$self->{RadiusHostsToUse}};
my $popped = shift(@Hosts); #say goodbye to the
first one
$self->log(0, "popped $popped in usenextserver");
undef($self->{Radius}); #so radius above will get
a new one.
$self->{RadiusHostsToUse} = [EMAIL PROTECTED];
}
sub create_session_id {
my $self = shift;
return $self->radius->NewSessionID();
}
sub start {
my ($self, $peer, $stats) = @_;
if (! $peer->session_id)
{
$peer->session_id($self->radius->NewSessionId());
}
return $self->accounting({ Name => 1, Value =>
$peer->user, Type
=> 'string'}, # User-Name
{ Name => 4, Value =>
$self->{GatewayAddr}, Type => 'ipaddr'},
# NAS-IP-Address
{ Name => 5, Value =>
$self->{GatewayPort}, Type => 'integer'},
# NAS-Port
{ Name => 7, Value => '1', Type =>
'integer'}, #
Framed-Protocol
{ Name => 8, Type => 'ipaddr' , Value
=> $peer->id},
# Framed-IP-Address
{ Name => 31, Value => $peer->id, Type
=> 'string'},
{ Name => 32, Value =>
$peer->{GatewayAddr}, Type => 'string'},
#
Calling-Station-Id
{ Name => 40, Value => '1', Type =>
'integer'}, #
Acct-Status-Type(Start)
{ Name => 40, Value => '7', Type =>
'integer'}, #
Acct-Status-Type(Accounting-On)
{ Name => 42, Value =>
${$stats}{'InOctets'}, Type =>
'integer'},
{ Name => 43, Value =>
${$stats}{'OutOctets'}, Type => 'integer'},
{ Name => 44, Value =>
$peer->session_id, Type => 'string'},
{ Name => 45, Value => '1', Type =>
'integer'}
);
}
sub stop {
my ($self, $peer, $stats) = @_;
return $self->accounting({ Name => 1, Value =>
$peer->user, Type
=> 'string'}, # User-Name
{ Name => 4, Value =>
$self->{GatewayAddr}, Type => 'ipaddr'},
# NAS-IP-Address
{ Name => 5, Value =>
$self->{GatewayPort}, Type => 'integer'},
# NAS-Port
{ Name => 7, Value => '1', Type =>
'integer'}, #
Framed-Protocol
{ Name => 8, Type => 'ipaddr' , Value
=> $peer->id},
# Framed-IP-Address
{ Name => 31, Value => $peer->id, Type
=> 'string'}, #
Calling-Station-Id
{ Name => 32, Value =>
$peer->{GatewayAddr}, Type =>
'string'}, # Calling-Station-Id
{ Name => 40, Value => '2', Type =>
'integer'}, #
Acct-Status-Type(Stop)
{ Name => 40, Value => '8', Type =>
'integer'},
# Acct-Status-Type(Accounting-Off)
{ Name => 44, Value =>
$peer->session_id, Type =>
'string'}, # Acct-Session-Id
{ Name => 42, Value =>
${$stats}{'InOctets'}, Type =>
'integer'}, # Acct-Input-Octets
{ Name => 43, Value =>
${$stats}{'OutOctets'}, Type
=> 'integer'}, # Acct-Output-Octets
{ Name => 45, Value => '1', Type =>
'integer'},
{ Name => 46, Value =>
$peer->session_time, Type => 'integer'},
# Acct-Session-Time
#{ Name=> 49, Type=>'integer',Value =>
$cause}
#Acct-Terminate-Cause
);
}
sub update {
my ($self, $peer, $stats) = @_;
return $self->accounting({ Name => 1, Value =>
$peer->user, Type
=> 'string' }, # User-Name
{ Name => 4, Value =>
$self->{GatewayAddr}, Type =>
'ipaddr'}, # NAS-IP-Address
{ Name => 5, Value =>
$self->{GatewayPort}, Type =>
'integer'}, # NAS-Port
{ Name => 7, Value => '1', Type =>
'integer'}, #
Framed-Protocol
{ Name => 8, Type => 'ipaddr' , Value
=> $peer->id},
# Framed-IP-Address
{ Name => 31, Value => $peer->id, Type
=> 'string'}, # Calling-Station-Id
{ Name => 40, Value => '3', Type =>
'integer' },
# Acct-Status-Type(Alive)
{ Name => 44, Value =>
$peer->session_id, Type =>
'string'}, # Acct-Session-Id
{ Name => 42, Value =>
${$stats}{'InOctets'}, Type =>
'integer'}, # Acct-Input-Octets - These are not
really legal on
{ Name => 43, Value =>
${$stats}{'OutOctets'}, Type
=> 'integer'}, # Acct-Output-Octets - update, but
everyone does it.
{ Name => 45, Value => '1', Type =>
'integer'},
{ Name => 46, Value =>
$peer->session_time, Type => 'integer'} #
Acct-Session-Time
);
}
sub accounting {
my ($self, @attributes) = @_;
my $result;
my $loop = 0;
while(! $loop) {
my $radius = $self->radius();
# mimic the start_acct from Authen::Radius
$radius->clear_attributes;
$radius->add_attributes(@attributes);
my $radiuscheckok = 0;
if($radius->send_packet
(Authen::Radius::ACCOUNTING_REQUEST())) {
my $radiusresult = $radius->recv_packet;
if(defined($radiusresult)) {
$radiuscheckok = 1;
}
}
if(! $radiuscheckok) {
my(@TmpHosts) = @{$self->{RadiusHostsToUse}};
if(! $#TmpHosts) { #it failed because we've
run out of servers
$loop = 1;
$result = 0;
$self->log(0,"Out of servers to try");
} else {
$self->log(0,"Going to the next server: check
the
secret/port/reachability of this one");
$self->usenextserver;
}
} else {
$loop = 1;
}
}
return $result;
}
1;
_______________________________________________________
Thank you in advanced for any help.
__________________________________
Do you Yahoo!?
Yahoo! Mail - Helps protect you from nasty viruses.
http://promotions.yahoo.com/new_mail
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
