I am finding that auth requests are proxied, as expected, but not
accounting.
This appears to affect domain names which are proxied according to wildcard
entries in the users file as follows:
# following is used to map subdomains of *.abc.co.uk
# to be proxied according to the realm abc.co.uk
DEFAULT User-Name =~ @.*\.abc\.co\.uk$, Proxy-To-Realm :=
abc.co.uk
it doesn't affect those domains which are actually fully specified in the
proxy.conf file.
the follign compares the radiusd -X output for an auth only request, and an
acct start/stop.
any ideas? is this a bug? i am using freeradius 1.0.2 on linux debian 3.1.
Tariq
-- AUTH:
rad_recv: Access-Request packet from host 212.135.9.6:1499, id=15,
length=113
User-Name = [EMAIL PROTECTED]
Service-Type = Framed-User
NAS-IP-Address = 82.108.57.17
NAS-Port = 1234
Called-Station-Id = 123456789
Calling-Station-Id = 987654321
NAS-Port-Type = Async
User-Password = ***
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 1
modcall[authorize]: module preprocess returns ok for request 1
modcall[authorize]: module chap returns noop for request 1
modcall[authorize]: module mschap returns noop for request 1
rlm_realm: Looking up realm dsl3.ukonline.co.uk for User-Name =
[EMAIL PROTECTED]
rlm_realm: No such realm dsl3.ukonline.co.uk
modcall[authorize]: module suffix returns noop for request 1
rlm_eap: No EAP-Message, not doing EAP
modcall[authorize]: module eap returns noop for request 1
users: Matched entry DEFAULT at line 7
modcall[authorize]: module files returns ok for request 1
modcall: group authorize returns ok for request 1
Processing the pre-proxy section of radiusd.conf
modcall: entering group pre-proxy for request 1
radius_xlat:
'/opt/freeradius102/var/log/radius/radacct/212.135.9.6/pre-proxy-detail-2005
0805'
rlm_detail:
/opt/freeradius102/var/log/radius/radacct/%{Client-IP-Address}/pre-proxy-det
ail-%Y%m%d expands to
/opt/freeradius102/var/log/radius/radacct/212.135.9.6/pre-proxy-detail-20050
805
modcall[pre-proxy]: module pre_proxy_log returns ok for request 1
modcall: group pre-proxy returns ok for request 1
Sending Access-Request of id 0 to 195.40.1.66:1645
User-Name = [EMAIL PROTECTED]
Service-Type = Framed-User
NAS-IP-Address = 82.108.57.17
NAS-Port = 1234
Called-Station-Id = 123456789
Calling-Station-Id = 987654321
NAS-Port-Type = Async
User-Password = ***
Proxy-State = 0x3135
--- Walking the entire request list ---
Waking up in 6 seconds...
rad_recv: Access-Accept packet from host 195.40.1.66:1645, id=0, length=66
Framed-Protocol = PPP
Framed-IP-Address = 87.81.112.13
Framed-IP-Netmask = 255.255.255.255
X-Ascend-Client-Primary-DNS = 212.135.1.36
X-Ascend-Client-Secondary-DNS = 195.40.1.36
X-Ascend-Client-Assign-DNS = 1
Service-Type = Framed-User
Proxy-State = 0x3135
Processing the post-proxy section of radiusd.conf
modcall: entering group post-proxy for request 1
radius_xlat:
'/opt/freeradius102/var/log/radius/radacct/212.135.9.6/post-proxy-detail-200
50805'
rlm_detail:
/opt/freeradius102/var/log/radius/radacct/%{Client-IP-Address}/post-proxy-de
tail-%Y%m%d expands to
/opt/freeradius102/var/log/radius/radacct/212.135.9.6/post-proxy-detail-2005
0805
modcall[post-proxy]: module post_proxy_log returns ok for request 1
modcall[post-proxy]: module eap returns noop for request 1
modcall: group post-proxy returns ok for request 1
authorize: Skipping authorize in post-proxy stage
rad_check_password: Found Auth-Type
rad_check_password: Auth-Type = Accept, accepting the user
Sending Access-Accept of id 15 to 212.135.9.6:1499
Framed-Protocol = PPP
Framed-IP-Address = 87.81.112.13
Framed-IP-Netmask = 255.255.255.255
X-Ascend-Client-Primary-DNS = 212.135.1.36
X-Ascend-Client-Secondary-DNS = 195.40.1.36
X-Ascend-Client-Assign-DNS = 1
Service-Type = Framed-User
- ACCT:
rad_recv: Accounting-Request packet from host 212.135.9.6:1512, id=29,
length=117
User-Name = [EMAIL PROTECTED]
Service-Type = Framed-User
NAS-IP-Address = 82.108.57.17
NAS-Port = 1234
NAS-Port-Type = Async
Acct-Session-Id = 1234
Acct-Status-Type = Start
Called-Station-Id = 123456789
Calling-Station-Id = 987654321
Acct-Delay-Time = 0
Processing the preacct section of radiusd.conf
modcall: entering group preacct for request 2
modcall[preacct]: module preprocess returns noop for request 2
rlm_acct_unique: Hashing 'NAS-Port = 1234,Client-IP-Address =
212.135.9.6,NAS-IP-Address = 82.108.57.17,Acct-Session-Id =
1234,User-Name = [EMAIL PROTECTED]'
rlm_acct_unique: Acct-Unique-Session-ID = d0c84fbbd11b50cb.