Re: Wrong Realm in the detail files
Rio Yang wrote: I configured two realm in proxy.conf. One is realm ABC (prefix mode), and another is def.org (suffix mode). In my thinking, when request come into radius, prefix will work first then suffix. (configured in radius.conf) Did you list prefix before suffix in radiusd.conf? PS. I'm using freeradius-1.1.2. You should upgrade to 1.1.6. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Wrong Realm in the detail files
I'll try to upgrade to 1.1.6 Thanks Alan. Rio 2007/5/9, Alan DeKok [EMAIL PROTECTED]: Rio Yang wrote: I configured two realm in proxy.conf. One is realm ABC (prefix mode), and another is def.org (suffix mode). In my thinking, when request come into radius, prefix will work first then suffix. (configured in radius.conf) Did you list prefix before suffix in radiusd.conf? PS. I'm using freeradius-1.1.2. You should upgrade to 1.1.6. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Wrong Realm in the detail files
Hi, Recently, I found the wrong realm in the detail files. This log is captured from detail file. Tue May 8 17:46:41 2007 Class = 0x417074696c6f313a313a31383030 User-Name = ABC/[EMAIL PROTECTED] Acct-Status-Type = Start Acct-Session-Id = 464046fecc9c08a5 Acct-Delay-Time = 0 Acct-Authentic = RADIUS Framed-IP-Address = Encrypted NAS-IP-Address = Encrypted NAS-Port-Type = Wireless-802.11 Event-Timestamp = May 8 2007 17:46:41 CST NAS-Identifier = NAS Vendor-13209-Attr-9 = 0x5157464e484150433037 Called-Station-Id = Encrypted Calling-Station-Id = Encrypted Vendor-13209-Attr-1 = 0x5177617265507562537461726275636b73 NAS-Port-Id = NAS-Port WISPr-Location-ID = Encrypted WISPr-Location-Name = Encrypted Proxy-State = 0x30 Client-IP-Address = Encrypted Acct-Unique-Session-Id = 26719654223287c6 Stripped-User-Name = ABC/950160 Realm = def.org Freeradius-Proxied-To = Encrypted Timestamp = 1178617601 I configured two realm in proxy.conf. One is realm ABC (prefix mode), and another is def.org (suffix mode). In my thinking, when request come into radius, prefix will work first then suffix. (configured in radius.conf) In this case, I should have a realm value ABC and Stripped-User-Name value [EMAIL PROTECTED]. But I got the realm value def.org and Stripped-User-Name value ABC/950160. Is it a bug ? or some configuration I missed. PS. I'm using freeradius-1.1.2. Thanks. Rio - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Detail files
Peter Nixon£º
=== 2006-03-18 19:07:46 ===
On Fri 17 Mar 2006 20:57, Lisa Casey wrote:
Hi,
Currently my Freeradius server writes new accounting detail files each day.
In radiusd.conf if I were to change
detailfile = ${radacctdir}/%{Client-IP-Address}/detail-%Y%m%d
to
detailfile = ${radacctdir}/%{Client-IP-Address}/detail-%Y%m
Would it then write one detail file for each month?
Yes
I have viewed the source code of rlm_detail, i really didn't found that which
code
is working on rotating the detail files...
thanks
= = = = = = = = = = = = = = = = = = = =
nsinit
2006-03-20
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Detail files
On Fri 17 Mar 2006 20:57, Lisa Casey wrote:
Hi,
Currently my Freeradius server writes new accounting detail files each day.
In radiusd.conf if I were to change
detailfile = ${radacctdir}/%{Client-IP-Address}/detail-%Y%m%d
to
detailfile = ${radacctdir}/%{Client-IP-Address}/detail-%Y%m
Would it then write one detail file for each month?
Yes
--
Peter Nixon
http://www.peternixon.net/
PGP Key: http://www.peternixon.net/public.asc
pgpXP36xvFxe8.pgp
Description: PGP signature
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Detail files
Hi,
Currently my Freeradius server writes new accounting detail files each day.
In radiusd.conf if I were to change
detailfile = ${radacctdir}/%{Client-IP-Address}/detail-%Y%m%d
to
detailfile = ${radacctdir}/%{Client-IP-Address}/detail-%Y%m
Would it then write one detail file for each month?
Lisa Casey
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
detail Files
Hi,
I sent this email a couple of hours ago but it hasn't appeared on the list
yet so I'm resending it. If it comes through twice, accept my apologies.
Currently my Freeradius server writes new accounting detail files each day.
In radiusd.conf, if I were to change
detailfile = ${radacctdir}/%{Client-IP-Address}/detail-%Y%m%d
to
detailfile = ${radacctdir}/%{Client-IP-Address}/detail-%Y%m
Would it then write one detail file for each month?
Lisa Casey
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: detail Files
On Fri, 2006-17-03 at 16:15 -0500, Lisa Casey wrote:
Hi,
I sent this email a couple of hours ago but it hasn't appeared on the list
yet so I'm resending it. If it comes through twice, accept my apologies.
Currently my Freeradius server writes new accounting detail files each day.
In radiusd.conf, if I were to change
detailfile = ${radacctdir}/%{Client-IP-Address}/detail-%Y%m%d
to
detailfile = ${radacctdir}/%{Client-IP-Address}/detail-%Y%m
Would it then write one detail file for each month?
Yes
Normally I don't like the per NAS/Client directories, but
do like daily logs, so I use :
detailfile = ${radacctdir}/detail-%Y%m%d
I use a cron job to compress the daily logs, and archive
them.
I only keep them in case of a legal dispute, all of my
real accounting is done in SQL.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Client-IP-Address in detail files
[EMAIL PROTECTED] [EMAIL PROTECTED] wrote: I am interested to know if this is the intended functionality, or it will revert to the way it was in the past. I have an application that processes this files and depends of the Client-IP-Address attribute. I want to prepare for 1.1.0 release. It's not changed in 1.1.0. I am searching for a doc or example, currently I have bind_address = * and port = 0 and I do not know how to convert them to listen :) The listen directive is documented in radiusd.conf. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Client-IP-Address in detail files
hello, I have recently upgraded from CVS version as of 2005-02-19 with the one from 2005-12-17 and I no longer get the Client-IP-Address attribute in the files produced by the detail module. on the other hand the Client-IP-Address attribute is expanded correctly in sql querys. is there something different ? how can I add Client-IP-Address attribute back to the detail files ? and something else. where can I find the syntax of the listen directive ? (to remove bind_address and port directives) thanks, Razvan Radu - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Client-IP-Address in detail files
and something else. where can I find the syntax of the listen directive ? (to remove bind_address and port directives) It's in radiusd.conf.. Or maybe you are asking for an explanation of the syntax? If so, sorry I can't help with that. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Client-IP-Address in detail files
[EMAIL PROTECTED] [EMAIL PROTECTED] wrote: is there something different ? how can I add Client-IP-Address attribute back to the detail files ? For now, source code patches. and something else. where can I find the syntax of the listen directive ? (to remove bind_address and port directives) Huh? What do you mean by that? Alan DEKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Client-IP-Address in detail files
see in line comments please. Alan DeKok wrote: [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: is there something different ? how can I add Client-IP-Address attribute back to the detail files ? For now, source code patches. I am interested to know if this is the intended functionality, or it will revert to the way it was in the past. I have an application that processes this files and depends of the Client-IP-Address attribute. I want to prepare for 1.1.0 release. and something else. where can I find the syntax of the listen directive ? (to remove bind_address and port directives) Huh? What do you mean by that? I am searching for a doc or example, currently I have bind_address = * and port = 0 and I do not know how to convert them to listen :) thanks, Razvan Radu - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
parsing detail files myself
As a follow on the my requirement of reading the detail file and updating them into MSSQL database, I have written a program to parse the content of the file, which is produced by ***ONE*** single Cisco box sending data to free radius 1.04, and this is what I noticed, I need someone to tell me if this is an expected behaviour or somewhere there is something wrong :- My observations :- 1. The number attributes in a records ( ie the number of lines in a record ) is not consistent. I have skipped those Cisco-AVPair in the files, and this is the stats :- acount=25, value=0 acount=26, value=0 acount=27, value=0 acount=28, value=0 acount=29, value=14 acount=30, value=16 acount=31, value=7290 acount=32, value=6724 acount=33, value=0 acount=34, value=0 acount=35, value=0 In other words, in my detail file, there are 14 records which have 29 attributes, 16 records with 30 attributes, 7290 records which have 31 attributes and 6724 records with 32 attributes. Question is why don't they have the same number of attributes ? 2. Not only that, the occurances of the attributes are not consistent either :- attrib=Acct-Authentic, occurance=14043 attrib=Acct-Delay-Time, occurance=14043 attrib=Acct-Input-Octets, occurance=14043 attrib=Acct-Input-Packets, occurance=14043 attrib=Acct-Output-Octets, occurance=14043 attrib=Acct-Output-Packets, occurance=14043 attrib=Acct-Session-Time, occurance=14043 attrib=Acct-Status-Type, occurance=14043 attrib=Acct-Unique-Session-Id, occurance=14055 attrib=Called-Station-Id, occurance=14043 attrib=Calling-Station-Id, occurance=14013 attrib=Cisco-NAS-Port, occurance=6194 attrib=Client-IP-Address, occurance=14045 attrib=NAS-IP-Address, occurance=14043 attrib=NAS-Port, occurance=6194 attrib=NAS-Port-Type, occurance=6194 attrib=Service-Type, occurance=14043 attrib=Timestamp, occurance=21349 attrib=User-Name, occurance=14013 attrib=gw-final-xlated-cdn, occurance=545 attrib=gw-rxd-cdn, occurance=14043 attrib=h323-call-origin, occurance=14043 attrib=h323-call-type, occurance=14043 attrib=h323-conf-id, occurance=14043 attrib=h323-connect-time, occurance=14043 attrib=h323-disconnect-cause, occurance=14043 attrib=h323-disconnect-time, occurance=14043 attrib=h323-gw-id, occurance=14043 attrib=h323-incoming-conf-id, occurance=14043 attrib=h323-remote-address, occurance=7849 attrib=h323-setup-time, occurance=14043 attrib=h323-voice-quality, occurance=14043 attrib=session-protocol, occurance=7849 attrib=subscriber, occurance=14043 Take for example, why Cisco NAS port has such low occurances in the detail file ? Similarly why h323-remote-address has such a low occurances ? Is it a Cisco thingy or free radius did not parse what Cisco sent correctly ? Appreciate any help or comments. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: parsing detail files myself
On Tuesday 22 November 2005 20:59, Ming-Ching Tiew wrote: My observations :- 1. The number attributes in a records ( ie the number of lines in a record ) is not consistent. I have skipped those Cisco-AVPair in the files, and this is the stats :- Why skip anything? It will only confuse you and anyone else you show it to. acount=25, value=0 acount=26, value=0 acount=27, value=0 acount=28, value=0 acount=29, value=14 acount=30, value=16 acount=31, value=7290 acount=32, value=6724 acount=33, value=0 acount=34, value=0 acount=35, value=0 In other words, in my detail file, there are 14 records which have 29 attributes, 16 records with 30 attributes, 7290 records which have 31 attributes and 6724 records with 32 attributes. Question is why don't they have the same number of attributes ? Why should they? 2. Not only that, the occurances of the attributes are not consistent either :- Take for example, why Cisco NAS port has such low occurances in the detail file ? Similarly why h323-remote-address has such a low occurances ? Is it a Cisco thingy or free radius did not parse what Cisco sent correctly ? FreeRADIUS will log what it is sent and what you tell it to. You have 7849 records that have session-protocol and h323-remote-address in common. There are 6194 records with NAS-Port, NAS-Port-Type and Cisco-NAS-Port. 7849+6194 = 14043. The attributes that have that count (14043) are common to both types of records. There are 30 records that have no User-Name ( 14 + 16 = your shortest records?). I don't know why you have so many timestamps. If you are going to parse the detail files you should examine them with your eyes first to see what is being sent. How are Start records different from Stop? What type of record has gw-final-xlated-cdn? Then you will know that Apples + Oranges Brie Zoltan Ori - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: detail files and accounting Alive packets
That was it. It works perfectly. Thanks!
Mike Mitchell wrote:
Hi Christopher,
I do something like this (YMMV as I've made changes to the code to support
stuff I want to do, this could have been one of those changes? ;-) )
In acct_users:
DEFAULT Acct-Status-Type == Alive, Acct-Type := ACK
And in radiusd.conf:
modules {
...
always handled {
rcode = ok
}
...
}
preacct {
...
files
...
}
accounting {
...
detail
Acct-Type ACK {
handled
}
...
}
Give it a go, have a mess with it, and see what happens.
Hope that helps.
Mike
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of Christopher Carver
Sent: Tuesday, 15 November 2005 1:51 PM
To: FreeRadius users mailing list
Subject: detail files and accounting Alive packets
Several NAS's we lease, whose configurations we cannot
change, authenticate through our freeradius server. The
Alive packets we are receiving from these machines are
filling up our hard drive. Is there any way to deny just
these Alive type packets and continue to accept Start and
Stop packets? Everything I read seems to indicate this is
impossible. Can someone please confirm or deny?
Thanks
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
detail files and accounting Alive packets
Several NAS's we lease, whose configurations we cannot change, authenticate through our freeradius server. The Alive packets we are receiving from these machines are filling up our hard drive. Is there any way to deny just these Alive type packets and continue to accept Start and Stop packets? Everything I read seems to indicate this is impossible. Can someone please confirm or deny? Thanks - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: detail files and accounting Alive packets
Hi Christopher,
I do something like this (YMMV as I've made changes to the code to support
stuff I want to do, this could have been one of those changes? ;-) )
In acct_users:
DEFAULT Acct-Status-Type == Alive, Acct-Type := ACK
And in radiusd.conf:
modules {
...
always handled {
rcode = ok
}
...
}
preacct {
...
files
...
}
accounting {
...
detail
Acct-Type ACK {
handled
}
...
}
Give it a go, have a mess with it, and see what happens.
Hope that helps.
Mike
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of Christopher Carver
Sent: Tuesday, 15 November 2005 1:51 PM
To: FreeRadius users mailing list
Subject: detail files and accounting Alive packets
Several NAS's we lease, whose configurations we cannot
change, authenticate through our freeradius server. The
Alive packets we are receiving from these machines are
filling up our hard drive. Is there any way to deny just
these Alive type packets and continue to accept Start and
Stop packets? Everything I read seems to indicate this is
impossible. Can someone please confirm or deny?
Thanks
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
detail files vs. SQL Accounting.
Lo everyone,
I'm not 100% sure on where the problem lies, so please bare with me.
The relavent parts of my configuration:
details {
detail details {
detailfile = ${radacctdir}/detail-%{Realm:-LOCAL}
detailperm = 0600
dirperm = 0755
locking = yes
}
radutmp {
filename = ${logdir}/radutmp
username = %{User-Name}
case_sensitive = no
check_with_nas = yes
perm = 0600
callerid = yes
}
}
...
accounting {
main-pool
acct_unique
sql
details
radutmp
}
So far so good. I get accouting data in my details-Realm file, as well as
in my SQL Database.
Now, using radreport (I know, not a FR product), radreport uses the details
file to analyse usage... However, the data from the details file does not
even come close to being accurate in regards to what is in the SQL
database A quick example:
First entry in the details file:
Mar 9 00:00:01 efanious newsyslog[42211]: logfile turned over
Wed Mar 9 00:00:28 2005
Service-Type = Framed-User
Framed-Protocol = PPP
NAS-Identifier = my.nas
NAS-Port = 704
NAS-Port-Type = Ethernet
User-Name = [EMAIL PROTECTED]
Calling-Station-Id = 00:02:6F:35:58:13
Called-Station-Id = WSMD01
NAS-Port-Id = WSMD01
MS-CHAP-Domain = realm
Acct-Session-Id = 81600123
Framed-IP-Address = 198.18.4.172
Acct-Authentic = RADIUS
Acct-Session-Time = 19501
Acct-Input-Octets = 10675400
Acct-Input-Packets = 131729
Acct-Output-Octets = 38961988
Acct-Output-Packets = 93368
Acct-Status-Type = Alive
NAS-IP-Address = 198.18.255.6
Acct-Delay-Time = 0
Mikrotik-Attr-9 = 0x766172796e65742e636f2e7a61
Client-IP-Address = 198.18.255.6
Acct-Unique-Session-Id = 159ff80d20a7567a
Stripped-User-Name = user
Realm = realm
SQL-User-Name = [EMAIL PROTECTED]
Timestamp = 1110319228
Last entry in the details file for user:
Wed Mar 16 22:19:21 2005
Service-Type = Framed-User
Framed-Protocol = PPP
NAS-Identifier = my.nas
NAS-Port = 2455
NAS-Port-Type = Ethernet
User-Name = [EMAIL PROTECTED]
Calling-Station-Id = 00:02:6F:35:58:13
Called-Station-Id = WSMD01
NAS-Port-Id = WSMD01
MS-CHAP-Domain = realm
Acct-Session-Id = 81a00230
Framed-IP-Address = 198.18.4.122
Acct-Authentic = RADIUS
Acct-Session-Time = 14358
Acct-Input-Octets = 1303338
Acct-Input-Packets = 14895
Acct-Output-Octets = 19294818
Acct-Output-Packets = 20664
Acct-Status-Type = Stop
Acct-Terminate-Cause = User-Request
NAS-IP-Address = 198.19.0.10
Acct-Delay-Time = 0
Mikrotik-Attr-9 = 0x766172796e65742e636f2e7a61
Client-IP-Address = my.nas
Acct-Unique-Session-Id = 024b1b0448b3b67d
Stripped-User-Name = user
Realm = realm
SQL-User-Name = [EMAIL PROTECTED]
Timestamp = 004361
Radreport:
[EMAIL PROTECTED]:/var/log/radacct# radreport -b -l [EMAIL PROTECTED] -f
detail-realm
Radius Log Report for: [EMAIL PROTECTED]
Date LoginLogout Ontime Port BW-In/Out
Total Data transferred In/Out: 0.0K/0.0K
TOTAL USAGE REPORTS
--
Total number of unique users= 0
USER Total Hrs Avg/DayAvg/Sess
[EMAIL PROTECTED]0h00m 0h00m 0h00m
HOWEVER, using SQL...
mysql SELECT SUM(AcctInputOctets) AS Downloaded, SUM(AcctOutputOctets) AS
Uploaded FROM RadiusAccounting WHERE UserName='[EMAIL PROTECTED]';
+++
| Downloaded | Uploaded |
+++
| 95126878 | 2431385067 |
+++
1 row in set (1.84 sec)
Now... If someone wants to tell me this is a radreport error, I'm not going
to argue...
My questions thus...
1) Is there a application available that can write detail files back from
MySQL Accounting tables?
2) Is there a replacement program similar to radreport (that preferably uses
SQL instead of detail files).
Thanks,
Chris.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: detail files vs. SQL Accounting.
Now, using radreport (I know, not a FR product), radreport uses the details the radreport I tried some months ago was broken, very broken. sql-accounting and details files in FR are 100% accurate, at least here. My questions thus... 1) Is there a application available that can write detail files back from MySQL Accounting tables? converting something structured back into loosely textfiles ? 2) Is there a replacement program similar to radreport (that preferably uses SQL instead of detail files). take a look at dialup_admin, it should give you an idea about queries used. I do each and every reports with SQL-queries, some within a small webpage (i.e. for billing-department); there's not much you can't get out of the DB.. Michael - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: detail files vs. SQL Accounting.
Now, using radreport (I know, not a FR product), radreport uses the details the radreport I tried some months ago was broken, very broken. sql-accounting and details files in FR are 100% accurate, at least here. Allrighty. I suspected that. My questions thus... 1) Is there a application available that can write detail files back from MySQL Accounting tables? converting something structured back into loosely textfiles ? Well no. I'd like to avoid that if at all possible Just figured it might be needed for another report generator that may want to use detail files. 2) Is there a replacement program similar to radreport (that preferably uses SQL instead of detail files). take a look at dialup_admin, it should give you an idea about queries used. I do each and every reports with SQL-queries, some within a small webpage (i.e. for billing-department); there's not much you can't get out of the DB.. We have our own in-house system we're busy developing... I'll have a look. I suppose the queries and all will remain the same, just figured I'd ask and find out whether there are any alternatives first, prior to jumping in and hitting the perl code again. We're basically looking for per realm and per user stats in the form of a monthly report. Guess it's back to the programming we go. Thanks allot, Chris. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Merging Detail Files
Radiusreport can read multiple files. radiusreport -t -l username -f /var/adm/radacct/xxx.xxx.xxx.xxx/detail:/var/adm/radacct/xxx.xxx.xxx.xxx/detail:/var/adm/radacct/xxx.xxx.xxx.xxx/detail -- Jeff At 10:41 10/02/2004, Matt wrote: I want to merge a bunch of detail files into one big file so I can run radiusreport on it. Anyone tell me how to do that? Matt Merging them into one file in chronological order ? No doubt there is a perl script out there that can do it, but are you sure that radiusreport can't read multiple detail files and handle it itself ? I know that RadiusContext (what I use) can... Trying to merge them is an extra step that shouldn't be necessary if you use the right software to analyze them. Regards, Simon - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
