Here is my conf: # radius.cfg # # You should consider this file to be a starting point only # $Id: linux-radius.cfg,v 1.2 2001/08/30 03:41:02 mikem Exp $
#Foreground #LogStdout LogDir /var/log/radius DbDir /etc/radiator DictionaryFile %D/dictionary # Use a low trace level in production systems. Increase # it to 4 or 5 for debugging, or use the -trace flag to radiusd Trace 3 #Lower case RewriteUsername tr/A-Z/a-z/ #Remove Spaces RewriteUsername s/\s+//g <ClientListSQL> #this is part of the MS SQL database DBSource DBI:Sybase:database=databasename;server=server DBUsername username DBAuth xxxxx GetClientQuery select NASIDENTIFIER,SECRET,IGNOREACCTSIGNATURE,DUPINTERVAL,DEFAULTREALM,NASTYP E,SNMPCOMMUNITY,LIVINGSTONOFFS,LIVINGSTONHOLE,FRAMEDGROUPBASEADDRESS,FRA MEDGROUPMAXPORTSPERCLASSC,REWRITEUSERNAME,NOIGNOREDUPLICATES,PREHANDLERH OOK from NASClients </ClientListSQL> <SessionDatabase SQL> DBSource dbi:mysql:radius:xxx.xxx.xxx.xxx DBUsername radiusd DBAuth ch2900 </SessionDatabase> <Handler Realm=go-concepts.com,Request-Type=Access-Request> RewriteUsername s/^([^@]+).*/$1/ <AuthBy SQL> Identifier GOCsql DefaultReply Ascend-Shared-Profile-Enable=0,User-Service=Framed-User,Framed-Protocol= PPP,Framed-Routing=None,Ascend-Base-Channel-Count=1,Ascend-Minimum-Chann els=1,Ascend-Maximum-Channels=1,Ascend-Assign-IP-Pool=1,Ascend-Multicast -Client=Multicast-Yes DBSource DBI:Sybase:database=datbasename;server=server DBUsername username DBAuth xxxxx AuthSelect AuthSelect %n AuthColumnDef 0, User-Password, check AuthColumnDef 1, Framed-Address, reply AuthColumnDef 2, Framed-Protocol, reply AuthColumnDef 3, Ascend-Maximum-Channels, reply AuthColumnDef 4, Ascend-IP-Direct, reply AuthColumnDef 5, Ascend-Assign-IP-Pool, reply AuthColumnDef 6, GENERAL, reply AddToReplyIfNotExist User-Service=Framed-User,Framed-Protocol=PPP,Framed-Routing=None,Ascend- Base-Channel-Count=1,Ascend-Minimum-Channels=1,Ascend-Maximum-Channels=1 ,Ascend-Assign-IP-Pool=1,Ascend-Multicast-Client=Multicast-Yes </AuthBy SQL> </Handler> <Handler Request-Type=Accounting-Request> <AuthBy SQL> Identifier MySQL DBSource dbi:mysql:radius:xxx.xxx.xxx.xxx DBUsername username DBAuth xxxxx AuthSelect AcctColumnDef USERNAME,%n,formatted AcctColumnDef TIME_STAMP,Timestamp,integer AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer AcctColumnDef ACCTSESSIONID,Acct-Session-Id AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause AcctColumnDef NASIDENTIFIER,NAS-Identifier AcctColumnDef NASPORT,NAS-Port,integer </AuthBy SQL> </Handler> We do several rewrites to the username, that is why we us %n for the username field, that way you see the formatted username after all the rewrites occur. The Accounting Request are all logged into the mysql server. You can define what you want logged into what columns using the AcctColumnDef command. We are not yet using this in a production server but we have tested it may time and it works great. If you have any questions feel free to ask. Thanks, Tony B, CCNA, Network+ Systems Administration GO Concepts, Inc. / www.go-concepts.com Are you on the GO yet? What about those you know, are they on the GO? 513.934.2800 1.888.ON.GO.YET -----Original Message----- From: Shane Malden [mailto:[EMAIL PROTECTED]] Sent: Sunday, March 10, 2002 11:51 PM To: tonyb Subject: Re: (RADIATOR) Logging to MSSQL 7.0 Tony, I would be interested on more information on how to do accounting with SQL. We use Radiator 2.19 and authenticate with SecurID. We don't have any direct control over our NAS as they are supported by out Telecommunications provider. I would be very interested in finding out how to see what data and time users are connecting for. If your able to help, it would be appreciated. Regards, Shane ----- Original Message ----- From: "tonyb" <[EMAIL PROTECTED]> To: "Dan Melomedman" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Monday, March 11, 2002 2:38 PM Subject: RE: (RADIATOR) Logging to MSSQL 7.0 > We are an ISP that just recently evaluated and purchased radiator. And > I agree that it is a great radius program...anyway back to sql > > We use FreeTDS for many of our perl scripts, not just radiator. If you > have FreeTDS installed and configured you can use the perl DBD::Sybase > to connect to a MSSQL. Setup varies slightly based on the version of > FreeTDS and Sybase module but if you would like more detailed > installation information I would be happy to help. We you MSSQL for > authenticating and MySQL for accounting but I dough that it would be any > different for logging > > Thanks, > Tony B CCNA, Network+ > GO Concepts, Inc. > http://www.go-concepts.com > > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On > Behalf Of Dan Melomedman > Sent: Saturday, March 09, 2002 2:04 PM > To: [EMAIL PROTECTED] > Subject: (RADIATOR) Logging to MSSQL 7.0 > > First, let me add my praise about this product to the already long list. > > We're evaluating Radiator. This is the best commercial server product I > have > ever dealt with, great job! Finally a RADIUS server that's almost, if > not, > perfect. Rock on! > > Anyway, we use FreeTDS for PHP scripts, and some things work, some break > and > cause segfaults depending on the features we're trying to use through > FreeTDS. As much as I hate logging to the database, some of our existing > > reporting scripts (VB Script) require it anyway, so this is a part of > evaluation as well. Do any of you on this list log to an MSSQL database > from > a Unix variant with FreeTDS library? Any caveats? Thanks much. > > === > Archive at http://www.open.com.au/archives/radiator/ > Announcements on [EMAIL PROTECTED] > To unsubscribe, email '[EMAIL PROTECTED]' with > 'unsubscribe radiator' in the body of the message. > > === > Archive at http://www.open.com.au/archives/radiator/ > Announcements on [EMAIL PROTECTED] > To unsubscribe, email '[EMAIL PROTECTED]' with > 'unsubscribe radiator' in the body of the message. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.