How to calculate the handover time?
First of all,i have to say sorry,i know this topic maybe not related to FR.But I guess here is the best place to find out the answer. Enviroment: Fedora 14 + 2 AP(set to WPA_PSK). On the Fedora 14,i use wpa_cli to switch from one wireless network to another,during the handover,there will 10 PING packets be lost.right now ,i hope i could find a way to calculate the accurate handover time? Is there any way to do this? any suggestion will be really appreciate. BTW, is FR be helpful in roaming between wireless network? Or,all the roaming work should be done in the terminal ?(lile laptop) Thank you very much. snan4love -- View this message in context: http://freeradius.1045715.n5.nabble.com/How-to-calculate-the-handover-time-tp4979925p4979925.html Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Problem expand: %{Acct-Input-Gigawords} - always get nothing!
Hello Everybody: Thanks for opening this topic. Right now,I have set up the FreeRadius+Mysql+Wifi system, I could get into the internet via this system on my laptop. But my problem is : No matter how long i stay in the connection, the AcctInputOctets and AcctOutPutOctets are always 0; the debug information from radiusd -X mode regarding this issue is : [sql] expand: %{User-Name} - snan4love [sql] sql_set_user escaped user -- 'snan4love' [sql] expand: %{Acct-Input-Gigawords} - [sql] ... expanding second conditional [sql] expand: %{Acct-Input-Octets} - [sql] ... expanding second conditional [sql] expand: %{Acct-Output-Gigawords} - [sql] ... expanding second conditional [sql] expand: %{Acct-Output-Octets} - [sql] ... expanding second conditional [sql] expand: %{Acct-Delay-Time} - [sql] ... expanding second conditional [sql] expand:UPDATE radacct SET acctstoptime = '%S', acctsessiontime= '%{Acct-Session-Time}', acctinputoctets= '%{%{Acct-Input-Gigawords}:-0}' 32 | '%{%{Acct-Input-Octets}:-0}', acctoutputoctets = '%{%{Acct-Output-Gigawords}:-0}' 32 | '%{%{Acct-Output-Octets}:-0}', acctterminatecause = '%{Acct-Terminate-Cause}', acctstopdelay = '%{%{Acct-Delay-Time}:-0}', connectinfo_stop = '%{Connect-Info}' WHERE acctsessionid = '%{Acct-Session-Id}' AND username = '%{SQL-User-Name}' AND nasipaddress = '%{NAS-IP-Address}' -UPDATE radacct SET acctstoptime = '2011-09-27 15:45:35', acctsessiontime = '1317', acctinputoctets= '0' 32 | '0', acctoutputoctets = '0' 32 | Every expand:%{Acct-Input-...} will get nothing. I know,there must be misconfiguration I made, but I dont know where to fix it. Please help me, Thank you very much. -- View this message in context: http://freeradius.1045715.n5.nabble.com/Problem-expand-Acct-Input-Gigawords-always-get-nothing-tp4844371p4844371.html Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Problem expand: %{Acct-Input-Gigawords} - always get nothing!
Yes,I checked the entire debug output, there is no attribute about the Acct-Input-Octets in the accounting-Request packet. And here is my stupid question again: How to add it? I use the nas table in MySQL to store the information about the nas here is the configuration: mysql select * from nas where id=1; ++---+---+---+---+--++---+---+ | id | nasname | shortname | type | ports | secret | server | community | description | ++---+---+---+---+--++---+---+ | 1 | 192.168.0.143 | AP1 | other | NULL | 12345678 | NULL | NULL | RADIUS Client | ++---+---+---+---+--++---+---+ 1 row in set (0.00 sec) And Here is debug info : rad_recv: Accounting-Request packet from host 192.168.0.143 port 3073, id=100, length=150 Acct-Session-Id = 386D4387-0008 Acct-Status-Type = Start Acct-Authentic = RADIUS User-Name = snan4love NAS-IP-Address = 192.168.0.143 NAS-Identifier = AP NAS-Port = 0 Called-Station-Id = 00-80-48-6E-1A-87:143 Calling-Station-Id = 00-1E-65-50-D4-EA NAS-Port-Type = Wireless-802.11 Connect-Info = CONNECT 11Mbps 802.11b # Executing section preacct from file /etc/raddb/sites-enabled/default +- entering group preacct {...} ++[preprocess] returns ok [acct_unique] Hashing 'NAS-Port = 0,Client-IP-Address = 192.168.0.143,NAS-IP-Address = 192.168.0.143,Acct-Session-Id = 386D4387-0008,User-Name = snan4love' [acct_unique] Acct-Unique-Session-ID = f6139abfb9132394. ++[acct_unique] returns ok [suffix] No '@' in User-Name = snan4love, looking up realm NULL [suffix] No such realm NULL ++[suffix] returns noop ++[files] returns noop # Executing section accounting from file /etc/raddb/sites-enabled/default +- entering group accounting {...} [detail]expand: %{Packet-Src-IP-Address} - 192.168.0.143 [detail]expand: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d - /var/log/radius/radacct/192.168.0.143/detail-20110927 [detail] /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d expands to /var/log/radius/radacct/192.168.0.143/detail-20110927 [detail]expand: %t - Tue Sep 27 15:53:48 2011 ++[detail] returns ok [radutmp] expand: /var/log/radius/radutmp - /var/log/radius/radutmp [radutmp] expand: %{User-Name} - snan4love ++[radutmp] returns ok [sql] expand: %{User-Name} - snan4love [sql] sql_set_user escaped user -- 'snan4love' [sql] expand: %{Acct-Delay-Time} - [sql] ... expanding second conditional [sql] expand:INSERT INTO radacct (acctsessionid, acctuniqueid, username, realm,nasipaddress, nasportid, nasporttype, acctstarttime,acctstoptime, acctsessiontime, acctauthentic,connectinfo_start, connectinfo_stop, acctinputoctets, acctoutputoctets, calledstationid, callingstationid, acctterminatecause, servicetype, framedprotocol, framedipaddress, acctstartdelay, acctstopdelay,xascendsessionsvrkey) VALUES ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port-Type}', '%S', NULL, '0', '%{Acct-Authentic}', '%{Connect-Info}', '', '0', '0', '%{Called-Station-Id}', '%{Calling-Station-Id}', '', '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}', rlm_sql (sql): Reserving sql socket id: 3 rlm_sql (sql): Released sql socket id: 3 ++[sql] returns ok ++[exec] returns noop [attr_filter.accounting_response] expand: %{User-Name} - snan4love attr_filter: Matched entry DEFAULT at line 12 ++[attr_filter.accounting_response] returns updated Sending Accounting-Response of id 100 to 192.168.0.143 port 3073 Finished request 31. Cleaning up request 31 ID 100 with timestamp +1832 Going to the next request Waking up in 4.8 seconds. Cleaning up request 21 ID 90 with timestamp +1832 Cleaning up request 22 ID 91 with timestamp +1832 Cleaning up request 23 ID 92 with timestamp +1832 Cleaning up request 24 ID 93 with timestamp +1832 Cleaning up request 25 ID 94 with timestamp +1832 Cleaning up request 26 ID 95 with timestamp +1832 Cleaning up request 27 ID 96 with timestamp +1832 Cleaning up request 28 ID 97 with timestamp +1832 Cleaning up request 29 ID 98 with timestamp +1832 Cleaning up request 30 ID 99 with timestamp +1832 Ready to process requests. rad_recv: Accounting-Request packet from host 192.168.0.143 port 3073, id=101, length=168 Acct-Session-Id = 386D4387-0008 Acct-Status-Type = Stop Acct
Re: Problem expand: %{Acct-Input-Gigawords} - always get nothing!
Hello Arran: Here is a stop request at the bottom of that debug information. And something more confusing, I used the user name snan4love log in my system for hundreds time, there is only one time, I get the currect response with Acct-Input-Octets and Acct-Output-Octets . Here is the log information: This is the only time ,i get the correct data, at the STOP request, the username changed. Thu Sep 22 15:35:18 2011 Acct-Session-Id = 386D4387-0008 Acct-Status-Type = Start Acct-Authentic = RADIUS User-Name = snan4love NAS-IP-Address = 192.168.0.143 NAS-Identifier = AP NAS-Port = 0 Called-Station-Id = 00-80-48-6E-1A-87:143 Calling-Station-Id = 00-1E-65-50-D4-EA NAS-Port-Type = Wireless-802.11 Connect-Info = CONNECT 11Mbps 802.11b Acct-Unique-Session-Id = f6139abfb9132394 Timestamp = 1316676918 Thu Sep 22 15:37:11 2011 Acct-Session-Id = 386D4387-0008 Acct-Status-Type = Stop Acct-Authentic = RADIUS User-Name = host/20101022-1029 NAS-IP-Address = 192.168.0.143 NAS-Identifier = AP NAS-Port = 0 Called-Station-Id = 00-80-48-6E-1A-87:143 Calling-Station-Id = 00-1E-65-50-D4-EA NAS-Port-Type = Wireless-802.11 Connect-Info = CONNECT 11Mbps 802.11b Acct-Session-Time = 113 Acct-Input-Packets = 81 Acct-Output-Packets = 7 Acct-Input-Octets = 3036 Acct-Output-Octets = 2290 Event-Timestamp = Jan 1 2000 14:13:47 CST Acct-Unique-Session-Id = a1815b5b9e77a40d Timestamp = 1316677031 The following is the normal no Acct-Output(Input)-Octets log: Thu Sep 22 15:39:11 2011 Acct-Session-Id = 386D4387-000B Acct-Status-Type = Start Acct-Authentic = RADIUS User-Name = snan4love NAS-IP-Address = 192.168.0.143 NAS-Identifier = AP NAS-Port = 0 Called-Station-Id = 00-80-48-6E-1A-87:143 Calling-Station-Id = 00-1E-65-50-D4-EA NAS-Port-Type = Wireless-802.11 Connect-Info = CONNECT 11Mbps 802.11b Acct-Unique-Session-Id = 02a52d5fc2ac00e6 Timestamp = 1316677151 Thu Sep 22 15:39:22 2011 Acct-Session-Id = 386D4387-000B Acct-Status-Type = Stop Acct-Authentic = RADIUS User-Name = snan4love NAS-IP-Address = 192.168.0.143 NAS-Identifier = AP NAS-Port = 0 Called-Station-Id = 00-80-48-6E-1A-87:143 Calling-Station-Id = 00-1E-65-50-D4-EA NAS-Port-Type = Wireless-802.11 Connect-Info = CONNECT 11Mbps 802.11b Acct-Session-Time = 11 Event-Timestamp = Jan 1 2000 14:15:58 CST Acct-Terminate-Cause = User-Request Acct-Unique-Session-Id = 02a52d5fc2ac00e6 Timestamp = 1316677162 -- View this message in context: http://freeradius.1045715.n5.nabble.com/Problem-expand-Acct-Input-Gigawords-always-get-nothing-tp4844371p4844607.html Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Confused what to do next~How to understand FreeRadius
Hello Everyone: Thank you very much for opening this topic. I have worked on FreeRadius for almost 2 monthes,my purpose is to set up a Radius server which could be used for authentication , authority and accounting for my WLAN. Right now, I guess i have finished the Authentication Step. I installed the Radius server + MySQL on my FC 14 host,there is a client AP connect to this radius server, the users hold Windows XP laptop could get authentication from radius server via PEAP or EAP-TLS. Here is a first little problem.Right now i could add and delete user in the radcheck table of MySQL,but all the passwords were stored in cleartext?is this the only way to store this password? is it safe enough?is it could be store in the format of ** like what we set in the wpa-psk mode? Most Seriously, I am confused how to implement the Authority Step and Accounting Step. For the Authority Step,in my thought, I should create several different GROUPs, each GROUP has different authority,and then divide the users into different GROUPs and get different authority. Is that correct? For the Accounting Step,i used DaloRadius,but found out there are few help for this web base management system online, and the MANUAL will cost $250.And also the additional mySQL tables makes me more confused. I want to know if there is a example that set up the authority and accounting features of FreeRadius?or just give me a little hints about where to start it step by step.I know there is a really big question. Any hints will be really help,any useful docments and links will be really appreciate. For example, there are 9 tables in the defalut mysql scheme, like radcheck,radacct,nas,radgroup,radgroupreply etc, is there a document to describe these features? I read all the .conf files couple of times ,but still confused about this stuff. -- View this message in context: http://freeradius.1045715.n5.nabble.com/Confused-what-to-do-next-How-to-understand-FreeRadius-tp4844643p4844643.html Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html