(RADIATOR) Class attribute in Quintum D3000
Hi, I tried to use Class attribute in Quintum D3000 but it seems Quintum doesn't support this attribute. Is there any other attribute like class attribute which I can use in Quintum? I'm using Radiator 3.7.1. thanks in advance, Ganbold === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) AuthBy External clause problem
Hi Hugh, I added following lines in AuthEXTERNAL.pm and tested radiator. - . . . . . . my $exit = $?; # added lines # print exit code $self->log($main::LOG_DEBUG, "first Exit: $exit",$p); print "first Exit: $exit\n"; # This usually sets $? close READER; # Sometimes need to do this too. $exit = $? if waitpid($pid, 0); # added lines # print exit code $self->log($main::LOG_DEBUG, "Exit: $exit",$p); print "Exit: $exit\n"; . . . . . . - External program returns exit status 0, but radiator somehow understands it as 768 which is 3 (768/256) and sends Access-Challenge. I also tested external program with following simple perl program, where test.txt contains access-requests. It also gets return value as 768. - #!/usr/local/pin/perl $x = system("cat test.txt | calccredittime"); print "return is: $x\n"; exit 0; - I wrote simple C program which gets command line argument and returns that argument as a exit status. Small perl program gets restult of program as it supposed to. Very strange. I don't know what should do, I'll try ResultInOutput switch in radius config and let's see what happens. Following is debug: Code: Access-Request Identifier: 9 Authentic: <209><230>]<209><158><179>p<28>G<180><210>*tZ<176>@ Attributes: User-Name = "" User-Password = "<28>_<171>Tm9<183><211>$~<173>l<151><190>Y!" cisco-h323-conf-id = "h323-conf-id=07D022A7 DDB911D7 8008E236 347AF897" cisco-avpair = "h323-ivr-out=transactionID:8" Calling-Station-Id = "11323224" Called-Station-Id = "0011236" Service-Type = Login-User NAS-IP-Address = xxx.xxx.xxx.xxx Thu Sep 4 10:50:24 2003: DEBUG: Rewrote user name to Thu Sep 4 10:50:24 2003: DEBUG: Rewrote user name to Thu Sep 4 10:50:24 2003: DEBUG: Rewrote user name to Thu Sep 4 10:50:24 2003: DEBUG: Rewrote user name to Thu Sep 4 10:50:24 2003: DEBUG: Handling request with Handler 'User-Name = /^([0-9])+$/, Called-Station-Id = /^([0-9])+$/' Thu Sep 4 10:50:24 2003: DEBUG: Rewrote user name to Thu Sep 4 10:50:24 2003: DEBUG: Running command: d:\Radiator-3.6\hooks\CalcCreditTime Thu Sep 4 10:50:24 2003: DEBUG: first Exit: 1604 ^ ^ ^ ^ Thu Sep 4 10:50:24 2003: DEBUG: Exit: 768 ^ ^ ^ ^ Thu Sep 4 10:50:24 2003: DEBUG: Access challenged for : Thu Sep 4 10:50:24 2003: DEBUG: Packet dump: *** Sending to xxx.xxx.xxx.xxx port 21645 Code: Access-Challenge Identifier: 9 Authentic: <209><230>]<209><158><179>p<28>G<180><210>*tZ<176>@ Attributes: cisco-h323-return-code = "h323-return-code=0" cisco-h323-credit-time = "h323-credit-time=2516" Reply-Message = "first 5!" At 09:54 PM 9/3/2003 +1000, you wrote: Hello Ganbold - It is possible that you may need to use "ResultInOutput" in this environment. Have a look at the code in "Radius/AuthEXTERNAL.pm" and maybe add some print statements so you can see what is happening. And please let us know what you find. regards Hugh On Wednesday, Sep 3, 2003, at 21:11 Australia/Melbourne, Ganbold wrote: Hi, I'm testing Radiator-3.6 in Windows 2000 advanced server. I'm using AuthBy External clause in handlers. But when external program returns 0 (Access-Accept) radiator understands it as a 3 and responds with Access-Challenge response. External program worked well in FreeBSD 5.1. It works in FreeBSD as it supposed to. However in Windows above problem occurs. How can I solve this problem? Is it OS issue? or there is something else? I really appreciate if somebody give the right solution. thanks in advance, Ganbold Micom CO.,Ltd --- --- Trace 4 debug: --- --- Code: Access-Request Identifier: 149 Authentic: <157><201><20>5u<249><179><11><8><255><240><236>W<195><253>x Attributes: User-Name = "" User-Pa
(RADIATOR) AuthBy External clause problem
Hi, I'm testing Radiator-3.6 in Windows 2000 advanced server. I'm using AuthBy External clause in handlers. But when external program returns 0 (Access-Accept) radiator understands it as a 3 and responds with Access-Challenge response. External program worked well in FreeBSD 5.1. It works in FreeBSD as it supposed to. However in Windows above problem occurs. How can I solve this problem? Is it OS issue? or there is something else? I really appreciate if somebody give the right solution. thanks in advance, Ganbold Micom CO.,Ltd -- Trace 4 debug: -- Code: Access-Request Identifier: 149 Authentic: <157><201><20>5u<249><179><11><8><255><240><236>W<195><253>x Attributes: User-Name = "" User-Password = "<159><192><246><10><228><184>Z<200>K<1><253><232><162>^Tv" cisco-h323-conf-id = "h323-conf-id=45135D12 DD3911D7 809F812C 9428BE9D" cisco-avpair = "h323-ivr-out=transactionID:114" Calling-Station-Id = "11323224" Called-Station-Id = "002365" Service-Type = Login-User NAS-IP-Address = xxx.xxx.xxx.xxx Wed Sep 3 19:36:01 2003: DEBUG: Rewrote user name to Wed Sep 3 19:36:01 2003: DEBUG: Rewrote user name to Wed Sep 3 19:36:01 2003: DEBUG: Rewrote user name to Wed Sep 3 19:36:01 2003: DEBUG: Rewrote user name to Wed Sep 3 19:36:01 2003: DEBUG: Handling request with Handler 'User-Name = /^([0-9])+$/, Called-Station-Id = /^([0-9])+$/' Wed Sep 3 19:36:01 2003: DEBUG: Rewrote user name to Wed Sep 3 19:36:01 2003: DEBUG: Running command: d:\Radiator-3.6\hooks\CalcCreditTime Wed Sep 3 19:36:01 2003: DEBUG: Access challenged for : Wed Sep 3 19:36:01 2003: DEBUG: Packet dump: *** Sending to xxx.xxx.xxx.xxx port 21661 Code: Access-Challenge Identifier: 149 Authentic: <157><201><20>5u<249><179><11><8><255><240><236>W<195><253>x Attributes: cisco-h323-return-code = "h323-return-code=0" cisco-h323-credit-time = "h323-credit-time=1276" Reply-Message = "first 5!" -- Below is my config: -- #radius.cfg Foreground Trace 4 AuthPort1645 AcctPort1646 LogDir d:\Radiator-3.6\log LogFile %L/logfile.txt DictionaryFile d:\Radiator-3.6\dictionary RewriteUsername s/^\s+// RewriteUsername s/\s+$// RewriteUsername s/\s+//g RewriteUsername tr/[A-Z]/[a-z]/ Secret xxx NasType Cisco SNMPCommunity MN-2008 StatusServerShowClientDetails DBSourcedbi:mysql:voip_prepaid:localhost DBUsername xxx DBAuth xxx Identifier VoipTerminate AuthSelect AccountingTable voip_termination AccountingStopsOnly AcctColumnDef nasipaddress,NAS-IP-Address AcctColumnDef cisco_nas_port,Cisco-NAS-Port AcctColumnDef username,User-Name AcctColumnDef calledstationid,Called-Station-Id AcctColumnDef callingstationid,Calling-Station-Id AcctColumnDef h323_gw_id,cisco-h323-gw-id,literal,trim(substring('%{cisco-h323-gw-id}',locate('=','%{cisco-h323-gw-id}')+1)) AcctColumnDef h323_call_origin,cisco-h323-call-origin,literal,trim(substring('%{cisco-h323-call-origin}',locate('=','%{cisco-h323-call-origin}')+1)) AcctColumnDef h323_call_type,cisco-h323-call-type,literal,trim(substring('%{cisco-h323-call-type}',locate('=','%{cisco-h323-call-type}')+1)) AcctColumnDef h323_setup_time,cisco-h323-setup-time,literal,trim(substring('%{cisco-h323-setup-time}',locate('=','%{cisco-h323-setup-time}')+1)) AcctColumnDef h323_connect_time,cisco-h323-connect-time,literal,trim(substring('%{cisco-h323-connect-time}',locate('=','%{cisco-h323-connect-time}')+1)) AcctColumnDef h323_disconnect_time,cisco-h323-disconnect-time,literal,trim(substring('%{cisco-h323-disconnect-time}',locate('=','%{cisco-h323-disconnect-time}')+1)) AcctColumnDef h323_disconnect_cause,cisco-h323-disconnect-cause,literal,trim(substring('%{cisco-h323-disconnect-cause}',locate('=','%{cisco-h323-disconnect-cause}')+1)) AcctColumnDef h323_voice_quality,ci
Re: (RADIATOR) Hook in different language other than Perl
Secret xxx NasType Cisco SNMPCommunity xxx StatusServerShowClientDetails # authby clause for ACCOUNTING DBSourcedbi:mysql:db:localhost DBUsername dbuser DBAuth dbpass Identifier VoipSQLAcctOnly AuthSelect AccountingTable voip_accounting AccountingStopsOnly AcctColumnDef nasipaddress,NAS-IP-Address AcctColumnDef cisco_nas_port,Cisco-NAS-Port AcctColumnDef card_number,User-Name # authby clause for credit_time DBSourcedbi:mysql:db:localhost DBUsername dbuser DBAuth dbpass Identifier CreditTime AuthSelect select pin,concat('h323-credit-amount=',creditamount),'h323-return-code=0','h323-preferred-lang=en','h323-billing-model=1' from cards where cardnumber='%n' and status='Active' and pin is not null AuthColumnDef 0, Password, check AuthColumnDef 2, cisco-h323-return-code, reply AccountingTable DefaultSimultaneousUse 1 RejectEmptyPassword # authby clause for first second authorizarion DBSourcedbi:mysql:db:localhost DBUsername dbuser DBAuth dbpass Identifier CreditAmount AuthSelect select pin,concat('h323-credit-amount=',creditamount),'h323-return-code=0','h323-preferred-lang=en','h323-billing-model=1' from cards where cardnumber='%n' and status='Active' and pin is not null AuthColumnDef 0, Password, check AuthColumnDef 1, cisco-h323-credit-amount, reply AuthColumnDef 2, cisco-h323-return-code, reply AuthColumnDef 3, cisco-h323-preferred-lang, reply AuthColumnDef 4, cisco-h323-billing-model, reply AccountingTable DefaultSimultaneousUse 1 RejectEmptyPassword # authby clause for transfer balance DBSourcedbi:mysql:db:localhost DBUsername dbuser DBAuth dbpass Identifier SqlTransferBal AuthSelect select concat('h323-credit-amount=',creditamount),'h323-return-code=0' from cards where locate(cardnumber,'%n')=1 and creditamount >= trim(substring('%{cisco-h323-credit-amount}',locate('=','%{cisco-h323-credit-amount}')+1)) and status='Active' AuthColumnDef 0, cisco-h323-credit-amount, reply AuthColumnDef 1, cisco-h323-return-code, reply AccountingTable DefaultSimultaneousUse 1 RejectEmptyPassword PreAuthHook file:"/usr/home/tsgan/Radiator-3.6/hooks/CalculateCreditAmountUsed" AuthBy VoipSQLAcctOnly RejectHasReason AccountingHandled AuthBy SqlTransferBal PostAuthHook file:"/usr/home/tsgan/Radiator-3.6/hooks/TransferBalance" RejectHasReason AccountingHandled AuthBy CreditTime PostAuthHook file:"/usr/home/tsgan/Radiator-3.6/hooks/CalculateCreditTime" PreAuthHook file:"/usr/home/tsgan/Radiator-3.6/hooks/ChangePin" RejectHasReason AccountingHandled SessionDatabase SQL1 AuthBy CreditAmount PostAuthHook file:"/usr/home/tsgan/Radiator-3.6/hooks/CheckPrepaidVoip" DBSourcedbi:mysql:db:localhost DBUsername dbuser DBAuth dbpass Identifier SQL1 AddQuery DeleteQuery ClearNasQuery delete from voip_online where NASIDENTIFIER='%N' CountQuery At 06:03 PM 8/19/2003 +1000, you wrote: Hello Ganbold - You can always use the AuthBy EXTERNAL clause to call an external program in whatever language you prefer. What do you mean by "compile or decrypt the hook codes"? Note that the hooks in Radiator *are* compiled at run time, as is the rest of Radiator. regards Hugh On Tuesday, Aug 19, 2003, at 16:00 Australia/Melbourne, Ganbold wrote: Hi, Is it possible to write various hooks in language other than perl (for example in C)? Or is there anyway to compile or decrypt the hook codes? tia, Ganbold Micom Co., Ltd === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. NB: have you included a copy of your configuration file (no secrets), together with a trace 4 debug showing what is happening? -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Hook in different language other than Perl
Hi, Is it possible to write various hooks in language other than perl (for example in C)? Or is there anyway to compile or decrypt the hook codes? tia, Ganbold Micom Co., Ltd === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Could you please delete my previous message about PreAuthHook?
Hi, Please delete my previous message from mailing list. I already find out what was the problem. Thank you very much, Ganbold === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) PreAuthHook problem
Hi, I'm having trouble to make PreAuthHook work. It seems like not working and I don't see any problem with PreAuthHook file. Ganbold Following is the hook file and config file. --- sub { use Time::Local; use DBI; my $p = ${$_[0]}; my $rp = ${$_[1]}; my $user_name = $p->get_attr('User-Name'); my ($dsn)="DBI:mysql:radius:202.179.0.140"; my ($namex)="admin"; my ($dbh,$sth); $dbh=DBI->connect($dsn,$namex,"wcup\#02\$",{RaiseError=>1}); if($p->code eq 'Accounting-Request'){ if ($p->get_attr('Acct-Status-Type') eq 'Stop') { my $session_time = $p->get_attr('Acct-Session-Time') + 0; my $time_stamp = $p->{RecvTime} - int $p->get_attr('Acct-Delay-Time'); my $duration = $session_time; my ($rduration, $i); my ($start_stamp); my ($start_hour,$end_hour); my ($start_day, $end_day); my ($s_tstamp_at_0,$s_tstamp_at_7,$e_tstamp_at_0,$e_tstamp_at_7); my ($diff, $day_diff, @numDays, $thismonth); my ($sec,$min,$hour,$mday,$mon,$wday,$yday,$isdst,$year); $rduration = 0; $start_stamp = $time_stamp - $duration; ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime($start_stamp); $s_tstamp_at_0 = timelocal(0,0,0,$mday,$mon,$year); $s_tstamp_at_7 = timelocal(0,0,7,$mday,$mon,$year); for($i=0; $i<12; $i += 2){ $numDays[$i] = 31; } for($i=1; $i<12; $i += 2){ $numDays[$i] = 30; } if(($year % 4) != 0){ $numDays[1] = 28; }elsif(($year % 400) == 0){ $numDays[1] = 29; }elsif(($year % 100) == 0){ $numDays[1] = 28; }else{ $numDays[1] = 29; } $thismonth = $mon; ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime($time_stamp); $e_tstamp_at_0 = timelocal(0,0,0,$mday,$mon,$year); $e_tstamp_at_7 = timelocal(0,0,7,$mday,$mon,$year); ($sec,$min,$start_hour,$start_day,$mon,$year,$wday,$yday,$isdst) = localtime($start_stamp); ($sec,$min,$end_hour,$end_day,$mon,$year,$wday,$yday,$isdst) = localtime($time_stamp); $diff = int $duration/86400;# how many day's connection continued if($end_day < $start_day){ $day_diff = $numDays[$thismonth] - $start_day + $end_day; }else{ $day_diff = $end_day - $start_day; } if($start_hour >= 0 && $start_hour < 7){ if($end_hour >= 0 && $end_hour < 7){ if($day_diff > 0){ $rduration = $duration - ($s_tstamp_at_7 - $start_stamp) - ($diff * 25200) - ($time_stamp - $e_tstamp_at_0); }else{ $rduration = 0; } }elsif($end_hour >= 7 && $end_hour <= 23){ $rduration = $duration - ($s_tstamp_at_7 - $start_stamp) - ($diff * 25200); } }elsif($start_hour >= 7 && $start_hour <= 23){ if($end_hour >= 7 && $end_hour <= 23){ $rduration = $duration - ($day_diff * 25200); }elsif($end_hour >= 0 && $end_hour < 7){ $rduration = $duration - ($time_stamp - $e_tstamp_at_0) - ($diff * 25200); } } print "User: $user_name, Duration: $duration, Real duration: $rduration\n"; &main::log($main::LOG_DEBUG, "Time calculated! Duration: $duration, Real duration: $rduration"); ${$_[0]}->add_attr('Real-Time-Used',$rduration); # my ($sth)=$dbh->prepare (qq{update SUBSCRIBERS set TIMELEFT = (TIMELEFT - $rduration) where USERNAME = '$user_name and PREPAID='YES'}); # $sth->execute(); } } } Config file: . . . . DBSourcedbi:mysql:radi
(RADIATOR) patch for AuthSQL module to calculate real day time ACCTSESSIONTIME
Hi, I just wrote some codes which calculates user's connected time. We have some PREPAID users and every time when they use Internet during day time we have to subtract used time from TIMELEFT column in MySQL table. But it is not always. if user is connected around 23:00:00 and used 3 hours we have to subtract only one hour(3600) from TIMELEFT. If user is connected around 06:00:00 and used 3 hours we have to subtract 2 hours(7200) from TIMELEFT. If user is connected 01:00:00 and used 2 hours then we don't have to subtract anything. If user is connected 10:00:00 and used 3 hours then we have to just subtract ACCTSESSIONTIME. Day time means 07:00:00 - 23:59:59 (this time is charged and we want to subtract used time from TIMELEFT) Night time means 00:00:00 - 07:00:00 (this time is free and we don't want to subtract used time from TIMELEFT) Following is the code I want to add to AuthSQL.pm module. Can somebody look at the code and give me some recommendation on that? Can I add it to AuthSQL.pm module and use? TIA, Ganbold --- # patch for AuthSQL.pm which calculates day only duration # Day means from 07:00:00 to 23:59:59 # if connection continued over 00:00:00 or 07:00:00 we have to get real duration use Time::Local; # in handle_request . . . if ($p->getAttrByNum($Radius::Radius::ACCT_STATUS_TYPE) eq 'Stop') { my $session_time = $p->getAttrByNum($Radius::Radius::ACCT_SESSION_TIME) + 0; my $user_name = $p->getUserName; my $time_stamp = $p->{RecvTime} - int $p->getAttrByNum($Radius::Radius::ACCT_DELAY_TIME); my $duration = $session_time; ### This lines added to calculate real duration during day time ### my ($rduration, $i); my ($start_stamp); my ($start_hour,$end_hour); my ($start_day, $end_day); my ($s_tstamp_at_0,$s_tstamp_at_7,$e_tstamp_at_0,$e_tstamp_at_7); my ($diff, $day_diff, @numDays, $thismonth); my ($sec,$min,$hour,$mday,$mon,$wday,$yday,$isdst,$year); # initialize first real duration $rduration = 0; $start_stamp = $time_stamp - $duration; # stamp at 0 and 7 o'clock of start day ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime($start_stamp); $s_tstamp_at_0 = timelocal(0,0,0,$mday,$mon,$year); $s_tstamp_at_7 = timelocal(0,0,7,$mday,$mon,$year); # calculating number of days in month for($i=0; $i<12; $i += 2){ $numDays[$i] = 31; } for($i=1; $i<12; $i += 2){ $numDays[$i] = 30; } # calculating number of days in February if(($year % 4) != 0){ $numDays[1] = 28; }elsif(($year % 400) == 0){ $numDays[1] = 29; }elsif(($year % 100) == 0){ $numDays[1] = 28; }else{ $numDays[1] = 29; } $thismonth = $mon; # stamp at 0 and 7 o'clock of stop day ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime($time_stamp); $e_tstamp_at_0 = timelocal(0,0,0,$mday,$mon,$year); $e_tstamp_at_7 = timelocal(0,0,7,$mday,$mon,$year); # start and stop hours and start and stop days ($sec,$min,$start_hour,$start_day,$mon,$year,$wday,$yday,$isdst) = localtime($start_stamp); ($sec,$min,$end_hour,$end_day,$mon,$year,$wday,$yday,$isdst) = localtime($time_stamp); $diff = int $duration/86400;# how many day's connection continued # day difference between start and stop # connecton continued until beginning of the next month if($end_day < $start_day){ $day_diff = $numDays[$thismonth] - $start_day + $end_day; }else{ $day_diff = $end_day - $start_day; } if($start_hour >= 0 && $start_hour < 7){ if($end_hour >= 0 && $end_hour < 7){ if($day_diff > 0){ $rduration = $duration - ($s_tstamp_at_7 - $start_stamp) - ($diff * 25200) - ($time_stamp - $e_tstamp_at_0); }else{ $rduration = 0; } }elsif($end_hour >= 7 && $end_hour <= 23)
(RADIATOR) Session database
Hi, I have some dial-up users for whom I don't want to use Session Database. How do make radiator not to use Session Database for particular users? TIA, Ganbold === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Problem with Class attribute
Hi Hugh, These class_id and CONTRACTID fields are integer fields. If I choose literal it will write only 0 into these fields. This configuration works sometimes except saying error. It writes these fields as integer values. What do you recommend? What should I change to make it work properly? Ganbold At 03:27 PM 11/25/2002 +1100, you wrote: Hello Ganbold - OK - having looked at the code in AuthSQL.pm, it appears that the problem is due to your AcctColumnDef: AcctColumnDef class_id,Class,integer,substring('%{Class}',1,locate('- ','%{Class}')-> 1) AcctColumnDef CONTRACTID,Class,integer,substring('%{Class}',locate('-> ','%{Class}')+1) ... You have specified "integer" which is causing the problem - you might try "literal" instead. Have a look at section 6.28.14 in the Radiator 3.3.1 reference manual. regards Hugh On Monday, Nov 25, 2002, at 12:39 Australia/Melbourne, Ganbold wrote: Hi Hugh, I changed as you suggested '-' into ':', but it seems like still error. Mon Nov 25 10:11:01 2002: ERR: There is no value named 16:3049 for attribute Class. Using 0. Mon Nov 25 10:11:01 2002: ERR: There is no value named 16:3049 for attribute Class. Using 0. Mon Nov 25 10:11:01 2002: DEBUG: do query is: insert into ACCOUNTING (USERNAME,ACCTSTATUSTYPE,class_id,TIME_STAMP,NASPORT,CALLINGSTATIONID,A CCTDELAYTIME,CONTRACTID,ACCTSESSIONID,ACCTINPUTOCTETS,FRAMEDIPADDRESS,A CCTSESSIONTIME,ACCTOUTPUTOCTETS) values ('ynbstone','Stop',substring('16:3049',1,locate(':','16:3049')- 1),1038190261,'434','11305106',0,substring('16:3049',locate(':','16:304 9')+1),'1D6F',1631,'202.179.xx.xx',18,836) Ganbold At 09:47 AM 11/25/2002 +1100, you wrote: Hello Ganbold - I think a better approach would be to use a different delimiter than "-", which I suspect is confusing things. What about using ":" (colon) instead? Please try it and let me know what happens. regards Hugh On Sunday, Nov 24, 2002, at 17:45 Australia/Melbourne, Ganbold wrote: Hi Hugh, Following is the part of the radius config file where I'm concatenating 2 integer values into one string and putting into 2 integer field from concatenated string: . AuthSelect select ENCRYPTEDPASSWORD,CHECKATTR,REPLYATTR,concat(CLASS_ID,'-',CONTRACTID) from SUBSCRIBERS where USERNAME='%n' and STATUS='Active' EncryptedPassword AuthColumnDef 0, Encrypted-Password, check AuthColumnDef 1, GENERIC, check AuthColumnDef 2, GENERIC, reply AuthColumnDef 3, Class, reply ... AcctColumnDef class_id,Class,integer,substring('%{Class}',1,locate('- ','%{Class}')-> 1) AcctColumnDef CONTRACTID,Class,integer,substring('%{Class}',locate('-> ','%{Class}')+1) ... In dictionary file Class is defined as string. Ganbold At 03:24 PM 11/23/2002 +1100, you wrote: Hello Ganbold - What definition do you have for "Class" in your dictionary (looks like "integer")? It should be defined as "string". Here is the entry from the standard dictionary: ATTRIBUTE Class 25 string regards Hugh On Friday, Nov 22, 2002, at 17:20 Australia/Melbourne, Ganbold wrote: Hi, I'm having trouble with Radiator 3.3.1. I'm putting concatenated value to Class attribute. But in radius logfile it says ERR: There is no value named 19-400 for attribute Class. Using 0. In insert statement it gets Class value and gets part of string and puts into 2 different int field. Following is the part of logfile and insert statement. Ganbold --Logfile -- Thu Nov 21 19:53:08 2002: ERR: There is no value named 19-400 for attribute Class. Using 0. Thu Nov 21 19:53:08 2002: ERR: There is no value named 19-400 for attribute Class. Using 0. Thu Nov 21 19:53:08 2002: DEBUG: do query is: insert into ACCOUNTING (USERNAME,ACCTSTATUSTYPE,class_id,TIME_STAMP,ACCTTERMINAT ECAUSE,NASPORT,CALLINGSTATIONID,ACCTDELAYTIME,CONTRACTID,ACCTSESSIO NI D, ACCTINPUTOCTETS,FRAMEDIPADDRESS,ACCTSESSIONTIME,ACCTOUT PUTOCTETS) values ('skytel','Stop',substring('19-400',1,locate('-','19-400')- 1),1037879588,'User-Request','56','11366801',0,su bstring('19-400',locate('-','19- 400')+1),'000F6CE3',511690,'202.179.x.xx',3131,7864103) === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. -- Radiator: the most portable, flexible and conf
Re: (RADIATOR) Problem with Class attribute
Hi Hugh, I changed as you suggested '-' into ':', but it seems like still error. Mon Nov 25 10:11:01 2002: ERR: There is no value named 16:3049 for attribute Class. Using 0. Mon Nov 25 10:11:01 2002: ERR: There is no value named 16:3049 for attribute Class. Using 0. Mon Nov 25 10:11:01 2002: DEBUG: do query is: insert into ACCOUNTING (USERNAME,ACCTSTATUSTYPE,class_id,TIME_STAMP,NASPORT,CALLINGSTATIONID,ACCTDELAYTIME,CONTRACTID,ACCTSESSIONID,ACCTINPUTOCTETS,FRAMEDIPADDRESS,ACCTSESSIONTIME,ACCTOUTPUTOCTETS) values ('ynbstone','Stop',substring('16:3049',1,locate(':','16:3049')-1),1038190261,'434','11305106',0,substring('16:3049',locate(':','16:3049')+1),'1D6F',1631,'202.179.xx.xx',18,836) Ganbold At 09:47 AM 11/25/2002 +1100, you wrote: Hello Ganbold - I think a better approach would be to use a different delimiter than "-", which I suspect is confusing things. What about using ":" (colon) instead? Please try it and let me know what happens. regards Hugh On Sunday, Nov 24, 2002, at 17:45 Australia/Melbourne, Ganbold wrote: Hi Hugh, Following is the part of the radius config file where I'm concatenating 2 integer values into one string and putting into 2 integer field from concatenated string: . AuthSelect select ENCRYPTEDPASSWORD,CHECKATTR,REPLYATTR,concat(CLASS_ID,'-',CONTRACTID) from SUBSCRIBERS where USERNAME='%n' and STATUS='Active' EncryptedPassword AuthColumnDef 0, Encrypted-Password, check AuthColumnDef 1, GENERIC, check AuthColumnDef 2, GENERIC, reply AuthColumnDef 3, Class, reply ... AcctColumnDef class_id,Class,integer,substring('%{Class}',1,locate('-','%{Class}')-> 1) AcctColumnDef CONTRACTID,Class,integer,substring('%{Class}',locate('-> ','%{Class}')+1) ... In dictionary file Class is defined as string. Ganbold At 03:24 PM 11/23/2002 +1100, you wrote: Hello Ganbold - What definition do you have for "Class" in your dictionary (looks like "integer")? It should be defined as "string". Here is the entry from the standard dictionary: ATTRIBUTE Class 25 string regards Hugh On Friday, Nov 22, 2002, at 17:20 Australia/Melbourne, Ganbold wrote: Hi, I'm having trouble with Radiator 3.3.1. I'm putting concatenated value to Class attribute. But in radius logfile it says ERR: There is no value named 19-400 for attribute Class. Using 0. In insert statement it gets Class value and gets part of string and puts into 2 different int field. Following is the part of logfile and insert statement. Ganbold --Logfile -- Thu Nov 21 19:53:08 2002: ERR: There is no value named 19-400 for attribute Class. Using 0. Thu Nov 21 19:53:08 2002: ERR: There is no value named 19-400 for attribute Class. Using 0. Thu Nov 21 19:53:08 2002: DEBUG: do query is: insert into ACCOUNTING (USERNAME,ACCTSTATUSTYPE,class_id,TIME_STAMP,ACCTTERMINAT ECAUSE,NASPORT,CALLINGSTATIONID,ACCTDELAYTIME,CONTRACTID,ACCTSESSIONI D, ACCTINPUTOCTETS,FRAMEDIPADDRESS,ACCTSESSIONTIME,ACCTOUT PUTOCTETS) values ('skytel','Stop',substring('19-400',1,locate('-','19-400')- 1),1037879588,'User-Request','56','11366801',0,su bstring('19-400',locate('-','19- 400')+1),'000F6CE3',511690,'202.179.x.xx',3131,7864103) === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Problem with Class attribute
Hi, I'm having trouble with Radiator 3.3.1. I'm putting concatenated value to Class attribute. But in radius logfile it says ERR: There is no value named 19-400 for attribute Class. Using 0. In insert statement it gets Class value and gets part of string and puts into 2 different int field. Following is the part of logfile and insert statement. Ganbold --Logfile -- Thu Nov 21 19:53:08 2002: ERR: There is no value named 19-400 for attribute Class. Using 0. Thu Nov 21 19:53:08 2002: ERR: There is no value named 19-400 for attribute Class. Using 0. Thu Nov 21 19:53:08 2002: DEBUG: do query is: insert into ACCOUNTING (USERNAME,ACCTSTATUSTYPE,class_id,TIME_STAMP,ACCTTERMINAT ECAUSE,NASPORT,CALLINGSTATIONID,ACCTDELAYTIME,CONTRACTID,ACCTSESSIONID,ACCTINPUTOCTETS,FRAMEDIPADDRESS,ACCTSESSIONTIME,ACCTOUT PUTOCTETS) values ('skytel','Stop',substring('19-400',1,locate('-','19-400')-1),1037879588,'User-Request','56','11366801',0,su bstring('19-400',locate('-','19-400')+1),'000F6CE3',511690,'202.179.x.xx',3131,7864103) === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Question regarding Internet phone
Hi, Also there some billing systems we are interesting. MIND CTI, Portal etc. Are there anybody knows about these system on Radiator? Please let me know. thanks in advance, Ganbold Hugh Irvine wrote: > Hello Ganbold - > > Radiator can be used for any application that uses the radius protocol. > > The question to ask is "what protocol does the NAS use to authenticate > Voice-Over-IP?". > > As you rightly point out, Radiator is not a billing system, so you will still > have to address that aspect, either by developing it yourself or by > purchasing something. > > regards > > Hugh > > > On Thursday 06 September 2001 04:02, ganbold wrote: > >>Hi, >> >>We want to use Radiator for Internet phone. Is it possible to use >>Radiator in this purpose? If possible how will be difficult to write >>Internet phone billing software for Radiator? >>Also I would like to know about compatibility issue with Radiator if we >>buy some other Internet phone billing software. >> >>thanks in advance, >> >>Ganbold Ts. >> >>=== >>Archive at http://www.open.com.au/archives/radiator/ >>Announcements on [EMAIL PROTECTED] >>To unsubscribe, email '[EMAIL PROTECTED]' with >>'unsubscribe radiator' in the body of the message. >> > === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Question regarding Internet phone
Hi Hugh, Yes, NAS will use Voice over IP. How it would be in this case? Ganbold Hugh Irvine wrote: > Hello Ganbold - > > Radiator can be used for any application that uses the radius protocol. > > The question to ask is "what protocol does the NAS use to authenticate > Voice-Over-IP?". > > As you rightly point out, Radiator is not a billing system, so you will still > have to address that aspect, either by developing it yourself or by > purchasing something. > > regards > > Hugh > > > On Thursday 06 September 2001 04:02, ganbold wrote: > >>Hi, >> >>We want to use Radiator for Internet phone. Is it possible to use >>Radiator in this purpose? If possible how will be difficult to write >>Internet phone billing software for Radiator? >>Also I would like to know about compatibility issue with Radiator if we >>buy some other Internet phone billing software. >> >>thanks in advance, >> >>Ganbold Ts. >> >>=== >>Archive at http://www.open.com.au/archives/radiator/ >>Announcements on [EMAIL PROTECTED] >>To unsubscribe, email '[EMAIL PROTECTED]' with >>'unsubscribe radiator' in the body of the message. >> > === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Question regarding Internet phone
Hi, We want to use Radiator for Internet phone. Is it possible to use Radiator in this purpose? If possible how will be difficult to write Internet phone billing software for Radiator? Also I would like to know about compatibility issue with Radiator if we buy some other Internet phone billing software. thanks in advance, Ganbold Ts. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) URGENT:AuthByPolicy problem!
t;<146><227><146>;{<148>I<212><186><166> Attributes: NAS-IP-Address = 202.179.0.135 NAS-Port = 536 Cisco-NAS-Port = "Async3/104" NAS-Port-Type = Async User-Name = "stac" Called-Station-Id = "1633" Calling-Station-Id = "11315556" User-Password = "M<253><156>Z<167><2>R[&T<226><210>_<220><251>-" Service-Type = Framed-User Framed-Protocol = PPP User-Id = "stac" NAS-Identifier = "202.179.0.135" User-Realm = "" Service-Type = Framed-User Framed-Protocol = PPP Framed-MTU = 1500 Framed-Compression = Van-Jacobson-TCP-IP Class = "3b7c799c.e.nmc.ub.mng.net" Fri Aug 17 09:57:40 2001: DEBUG: Received reply in AuthRADIUS for req 197 from 202.179.0.106:1645 Fri Aug 17 09:57:40 2001: DEBUG: Access accepted for stac Fri Aug 17 09:57:40 2001: DEBUG: Packet dump: *** Sending to 202.179.0.135 port 1645 Code: Access-Accept Identifier: 212 Authentic: <237><204><218>3y<212><208>t <153><225><241><1><219><153>b Attributes: NAS-IP-Address = 202.179.0.135 NAS-Port = 536 Cisco-NAS-Port = "Async3/104" NAS-Port-Type = Async User-Name = "stac" Called-Station-Id = "1633" Calling-Station-Id = "11315556" User-Password = "M<253><156>Z<167><2>R[&T<226><210>_<220><251>-" Service-Type = Framed-User Framed-Protocol = PPP User-Id = "stac" NAS-Identifier = "202.179.0.135" User-Realm = "" Service-Type = Framed-User Framed-Protocol = PPP Framed-MTU = 1500 Framed-Compression = Van-Jacobson-TCP-IP Class = "3b7c799c.e.nmc.ub.mng.net" Class = "MERIT" Fri Aug 17 09:57:40 2001: DEBUG: Packet dump: *** Received from 202.179.0.167 port 1645 Code: Access-Reject Identifier: 201 Authentic: c<247><16><143><203><222><144><189>x<236><215><163><6>2<176><216> Attributes: Fri Aug 17 09:57:40 2001: DEBUG: Received reply in AuthRADIUS for req 201 from 202.179.0.167:1645 Fri Aug 17 09:57:40 2001: INFO: Access rejected for stac: Proxied Fri Aug 17 09:57:40 2001: DEBUG: Packet dump: *** Sending to 202.179.0.135 port 1645 Code: Access-Reject Identifier: 212 Authentic: <237><204><218>3y<212><208>t <153><225><241><1><219><153>b Attributes: NAS-IP-Address = 202.179.0.135 NAS-Port = 536 Cisco-NAS-Port = "Async3/104" NAS-Port-Type = Async User-Name = "stac" Called-Station-Id = "1633" Calling-Station-Id = "11315556" User-Password = "M<253><156>Z<167><2>R[&T<226><210>_<220><251>-" Service-Type = Framed-User Framed-Protocol = PPP User-Id = "stac" NAS-Identifier = "202.179.0.135" User-Realm = "" Service-Type = Framed-User Framed-Protocol = PPP Framed-MTU = 1500 Framed-Compression = Van-Jacobson-TCP-IP Class = "3b7c799c.e.nmc.ub.mng.net" Class = "MERIT" Class = "IPASS" Reply-Message = "Proxied" --- I don't understand why Radiator sending Access-Request simultaneously to both iPass outbound and Merit AAA. Could you help me to solve it? I think Radiator should to do authentication one-by-one. We are using "ContinueUntilAccept" policy. Is it correct? I attached Radiator configuration file. Thank you, Ganbold # radius.cfg Foreground Trace 4 AuthPort1645 AcctPort1646 LogDir /var/log/radius #DbDir /usr/local/mysql/var/radius LogFile %L/logfile DictionaryFile /root/radiator/Radiator-2.18.1/dictionary #FingerProg /usr/bin/finger SnmpgetProg /usr/local/bin/snmpget Secret DupInterval 15 # NoIgnoreDuplicates Access-Request NasType Cisco RewriteUsername tr/[A-Z]/[a-z]/ RewriteUsername s/^([^@]+).*/$1/ SNMPCommunity public StatusServerShowClientDetails Secret DupInterval 15 # NoIgnoreDuplicates Access-Request NasType Cisco RewriteUsername tr/[A-Z]/[a-z]/ RewriteUsername s/^([^@]+).*/$1/ S
(RADIATOR) Bad encrypted password
Hello, We have some problem with our Radiator-2.18.1 in FreeBSD 4.3 We have DES encrypted password for almost all users in Mysql database. Some users have MD5 passwords in database. Users can change password from web and it uses UNIX crypt() function to encrypt it and saves to database. Problem is: Sometimes users can't login to Radiator. It says bad encrypted password. Sometimes users can login but after disconnecting connection and trying reestablishing connection it says again bad encrypted password. In system when I issue command ls -l /usr/lib/libcrypt* it points to DES libraries. But when I change password from shell it creates MD5 passwords for users. Also seems like sometimes some users password changed from DES to MD5 without user intervention. Is it problem of OS or problem of FreeBSD? Of course it is off topic question but are there anyone who can help me to solve this kind of problem? Can somebody give me advice, direction to solve this problem? Also I want to have only one encryption standard for all users. How to accomplish that? thanks in advance, Ganbold === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Problem with Ascend
Hello, We have problem with Ascend Max with Radiator 2.18.1. Ascend sends garbage something like banner, initial-banner, route1 etc. I read FAQ and configured Ascend in that way but again it didn't solve the problem. What should I do in this case? I searched through mailing list but seems like there is no solution. Is there any solution exits? thanks in advance, Ganbold === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
RE: (RADIATOR) Important - How to do Block Time users
Yes, I tried CheckBlockTIme script from goodies directory. First time itworked when I had 2.17.1 version and Cisco IOS 11.0. But when I upgradedCisco IOS to latest version it didn't worked. So I solved it in that way.Ganbold
Re: (RADIATOR) Important - How to do Block Time users
Hi, I solved it in following way. Below is PostAuthHook script. # CheckBlockTimeLeft # # PostAuthHook to check time left for a block user # by verifying the Session-Timeout attribute # sub { my $p = ${$_[0]}; my $rp = ${$_[1]}; my $result = ${$_[2]}; my $name = $p->get_attr('User-Name'); my $timeoutxx = 0; use DBI; my ($dsn)="DBI:mysql:radius:localhost"; my ($namex)="xxx"; #my ($password11)="xxx"; my ($dbh,$sth); my (@ary); $dbh=DBI->connect($dsn,$namex,"xxx",{RaiseError=>1}); my ($sth)=$dbh->prepare (qq{ SELECT USERNAME,TIMELEFT FROM SUBSCRIBERS WHERE USERNAME='$name' }); $sth->execute(); while(my $hash_ref=$sth->fetchrow_hashref()) { print join ("\t",$hash_ref->{USERNAME},$hash_ref->{TIMELEFT}). "\n"; $timeoutxx = $hash_ref->{TIMELEFT}; } $sth->finish(); $dbh->disconnect(); if (($result == $main::ACCEPT) && ($timeoutxx <= 0)) { &main::log($main::LOG_DEBUG, "User $name has no time left"); if($timeoutxx<0){ $dbh=DBI->connect($dsn,$namex,"xxx",{RaiseError=>1}); my ($sth)=$dbh->prepare (qq{ UPDATE SUBSCRIBERS SET TIMELEFT=0 WHERE USERNAME='$name' }); $sth->execute(); $sth->finish(); $dbh->disconnect(); } #${$_[2]} = $main::REJECT; if($p->code eq 'Access-Request'){ $rp->delete_attr('Filter-Id'); $rp->delete_attr('Session-Timeout'); $rp->delete_attr('Framed-Protocol'); $rp->delete_attr('Service-Type'); $rp->delete_attr('Framed-MTU'); $rp->delete_attr('Framed-Compression'); $rp->set_code('Access-Reject'); $rp->change_attr('Reply-Message','Prepaid time limit reached!'); $p->{Client}->replyTo($rp,$p); } if($p->code eq 'Accounting-Request'){ $rp->set_code('Accounting-Response'); $p->{Client}->replyTo($rp,$p); } } return; } # HTH, Ganbold Ts. - Original Message - From: "William Hernandez" <[EMAIL PROTECTED]> To: "Radiator" <[EMAIL PROTECTED]> Sent: Wednesday, April 25, 2001 11:25 PM Subject: RE: (RADIATOR) Important - How to do Block Time users > Hello everyone, > > I'm trying to follow Hugh's tips, but I'm doing something wrong. > > In my radius.cfg I have: > > > Identifier TimeBlock-SQL > DBSource* > DBUsername* > DBAuth* > AuthSelect select TIMEBLOCK from XSTOP where > USERNAME='%n' > AuthColumnDef 0, Time, check > > > AuthBy Check-FILE > AuthBy System > # This AuthBy will check the Time check-item > AuthBy TimeBlock-SQL > # This hook calculates the session-timeout > PostAuthHook file:"/etc/raddb/setSessionTimeout" > AcctLogFileName /var/log/radacct/detail > PasswordLogFileName /var/log/radius.log > ExcludeFromPasswordLog root > > > In my PostAuthHook I have: > my $timeblock=$p->get_attr('Time'); > > The problem is $timeblock is coming back an empty string. I can't > get the value to the PostAuthHook. > The "ERR: Invalid timeblock for user whr" in the radius.log comes > from the PostAuthHook. > > A Trace 4 radius.log shows: > Wed Apr 25 11:05:31 2001: DEBUG: Packet dump: > *** Received from 208.249.78.6 port 4319 > Code: Access-Request > Identifier: 196 > Authentic: 1234567890123456 > Attributes: > User-Name = "whr" > Service-Type = Framed-User > NAS-IP-Address = 203.63.154.1 > NAS-Port = 1234 > NAS-Port-Type = Async > User-Password = > "<146><208><238><158><247><22><144><5><164><133><228><17 > 4><1>H<30>x" > > Wed Apr 25 11:05:31 2001: DEBUG: Handling request with Handler > 'Realm=DEFAULT' > Wed Apr 25 11:05:31 2001: DEBUG: Deleting session for whr, > 203.63.154.1, 1234 > Wed Apr 25 11:05:31 2001: DEBUG: do query is: delete from > RADONLINE where NASIDE > NTIFIER='203.63.154.1' and NASPORT=01234 > > Wed Apr 25 11:05:31 2001: DEBUG: Handling with Radius::AuthFILE > Wed Apr 25 11:05:31 2001: DEBUG: Radius::AuthFILE looks for match > with whr > Wed Apr 25 11:05:31 2001: DEBUG: Radius::AuthFILE looks for match > with DEFAULT > Wed Apr 25 11:05:31 2001: DEBUG: Handling with Radius::AuthUNIX &
(RADIATOR) AuthSelect problem
Hi! I'm asking previously posted question. Is it possible conditional parsing of radius.cfg?Another words - if it's possible to realise following algorithm:AuthSelect select SERVICE from .if SERVICE == 1 then AuthColumnDef 0, Framed-Protocol, replyelse AuthColumnDef 0, Login-Service, replyend thanks in advance, Ganbold
(RADIATOR) Accounting-Response problem
Hi, I have problem with Radiator-2.18 in FreeBSD 4.0. All modules installed. All is working fine except Radiator is not sending accounting-response after receiving accounting-request from NAS. Here is my radiator config file. # radius.cfg ForegroundTrace 5 AuthPort 1645AcctPort 1646 LogDir /var/log/radiusDbDir /usr/local/var/radius LogFile %L/logfile DictionaryFile %D/dictionary#DictionaryFile %D/dictionary.cisco#DictionaryFile %D/dictionary.ascend#DictionaryFile %D/dictionary.ascend2 FingerProg /usr/bin/fingerSnmpgetProg /usr/local/bin/snmpget #RewriteUsername tr/[A-Z]/[a-z]/#RewriteUsername s/\S+//g #PreClientHook sub { print "Here I am in PreClentHook\n"; }#StartupHook sub {print "here I am in StartupHook $_[0]\n";} Secret xxx DupInterval 0 NoIgnoreDuplicates Access-Request NasType Cisco# NasType Ascend# RewriteUsername s/^([^@]+).*/$1/# RewriteUsername tr/[A-Z]/[a-z]/ StatusServerShowClientDetails Secret xxx DupInterval 0 NoIgnoreDuplicates Access-Request NasType Cisco# NasType Ascend# RewriteUsername s/^([^@]+).*/$1/# RewriteUsername tr/[A-Z]/[a-z]/ StatusServerShowClientDetails Secret xxx DupInterval 0 NoIgnoreDuplicates Access-Request NasType Cisco# NasType Ascend# RewriteUsername s/^([^@]+).*/$1/# RewriteUsername tr/[A-Z]/[a-z]/ StatusServerShowClientDetails # RewriteUsername s/^([^@]+).*/$1/# RewriteUsername tr/[A-Z]/[a-z]/ MaxSessions 1# AcctLogFileName %L/detail # AcctLogFileFormat %{Timestamp} %{Acct-Session-Id} %{User-Name} # WtmpFileName %L/wtmp# PasswordLogFileName %L/password.log RejectHasReason AuthByPolicy ContinueWhileIgnore AccountingHandled SessionDatabase SQL1 DBSource dbi:mysql:radius DBUsername root DBAuth xxx # AuthSelect select PASSWORD,CHECKATTR,REPLYATTR from SUBSCRIBERS where USERNAME='%n' AuthSelect select PASSWORD,REPLYATTR,TIMELEFT from SUBSCRIBERS where USERNAME='%n' AuthColumnDef 0, User-Password, check AuthColumnDef 1, GENERIC, reply AuthColumnDef 2, Session-Timeout, reply AddToReply Framed-Protocol = PPP,Service-Type = Framed-User,Framed-MTU = 1500,Framed-Compression = Van-Jacobson-TCP-IP AccountingTable ACCOUNTING AccountingStopsOnly AcctColumnDef USERNAME,User-Name AcctColumnDef TIME_STAMP,Timestamp,integer AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer AcctColumnDef ACCTSESSIONID,Acct-Session-Id AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause AcctColumnDef NASIDENTIFIER,NAS-Identifier AcctColumnDef NASPORT,NAS-Port,integer AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address AcctColumnDef CALLINGSTATIONID,Calling-Station-Id AcctSQLStatement update SUBSCRIBERS set TIMELEFT=TIMELEFT-%{Acct-Session-Time} where USERNAME='%n' RejectEmptyPassword AcctFailedLogFileName %L/misseddetails Host xxx.net Secret xxx AuthPort 1645 AcctPort 1646 Retries 4 RetryTimeout 5 CachePasswords RejectEmptyPassword# AcctLogFileName %L/misseddetails2 ## PostAuthHook file:"%D/CheckBlockTimeLeft" # DBSource dbi:mysql:radius DBUsername root DBAuth xxx DBSource dbi:mysql:radius DBUsername root DBAuth xxx # Optional identifier. Its just a name Identifier SQL1 AddQuery insert into RADONLINE (USERNAME,NASIDENTIFIER,NASPORT,ACCTSESSIONID,TIME_STAMP,FRAMEDIPADDRESS,NASPORTTYPE,SERVICETYPE) values('%n','%N',%{NAS-Port},'%{Acct-Session-Id}',%{Timestamp},'%{Framed-IP-Address}','%{Port-Type}','%{Service-Type}')DeleteQuery delete from RADONLINE where USERNAME='%n' and NASIDENTIFIER='%N' and NASPORT=%{NAS-Port}ClearNasQuery delete from RADONLINE where NASIDENTIFIER='%N'CountQuery select NASIDENTIFIER,NASPORT,ACCTSESSIONID from RADONLINE where USERNAME='%n' # Log to a file Filename %L/mylog Trace 5 # Log to syslog (Unix only) Facility user Trace 4 # # Defines how to connect to the database. See examples above# DBSource dbi:mysql:radius# DBUsername mikem# DBAuth fred # Trace level to use (allows same values as the global Trace level)# Trace 4# #
(RADIATOR) Accounting-Response problem
Hi, I have problem with Radiator-2.18 in FreeBSD 4.0. All modules installed. All is working fine except Radiator is not sending accounting-response after receiving accounting-request from NAS. Here is my radiator config file. # radius.cfg ForegroundTrace 5 AuthPort 1645AcctPort 1646 LogDir /var/log/radiusDbDir /usr/local/var/radius LogFile %L/logfile DictionaryFile %D/dictionary#DictionaryFile %D/dictionary.cisco#DictionaryFile %D/dictionary.ascend#DictionaryFile %D/dictionary.ascend2 FingerProg /usr/bin/fingerSnmpgetProg /usr/local/bin/snmpget #RewriteUsername tr/[A-Z]/[a-z]/#RewriteUsername s/\S+//g #PreClientHook sub { print "Here I am in PreClentHook\n"; }#StartupHook sub {print "here I am in StartupHook $_[0]\n";} Secret xxx DupInterval 0 NoIgnoreDuplicates Access-Request NasType Cisco# NasType Ascend# RewriteUsername s/^([^@]+).*/$1/# RewriteUsername tr/[A-Z]/[a-z]/ StatusServerShowClientDetails Secret xxx DupInterval 0 NoIgnoreDuplicates Access-Request NasType Cisco# NasType Ascend# RewriteUsername s/^([^@]+).*/$1/# RewriteUsername tr/[A-Z]/[a-z]/ StatusServerShowClientDetails Secret xxx DupInterval 0 NoIgnoreDuplicates Access-Request NasType Cisco# NasType Ascend# RewriteUsername s/^([^@]+).*/$1/# RewriteUsername tr/[A-Z]/[a-z]/ StatusServerShowClientDetails # RewriteUsername s/^([^@]+).*/$1/# RewriteUsername tr/[A-Z]/[a-z]/ MaxSessions 1# AcctLogFileName %L/detail # AcctLogFileFormat %{Timestamp} %{Acct-Session-Id} %{User-Name} # WtmpFileName %L/wtmp# PasswordLogFileName %L/password.log RejectHasReason AuthByPolicy ContinueWhileIgnore AccountingHandled SessionDatabase SQL1 DBSource dbi:mysql:radius DBUsername root DBAuth xxx # AuthSelect select PASSWORD,CHECKATTR,REPLYATTR from SUBSCRIBERS where USERNAME='%n' AuthSelect select PASSWORD,REPLYATTR,TIMELEFT from SUBSCRIBERS where USERNAME='%n' AuthColumnDef 0, User-Password, check AuthColumnDef 1, GENERIC, reply AuthColumnDef 2, Session-Timeout, reply AddToReply Framed-Protocol = PPP,Service-Type = Framed-User,Framed-MTU = 1500,Framed-Compression = Van-Jacobson-TCP-IP AccountingTable ACCOUNTING AccountingStopsOnly AcctColumnDef USERNAME,User-Name AcctColumnDef TIME_STAMP,Timestamp,integer AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer AcctColumnDef ACCTSESSIONID,Acct-Session-Id AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause AcctColumnDef NASIDENTIFIER,NAS-Identifier AcctColumnDef NASPORT,NAS-Port,integer AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address AcctColumnDef CALLINGSTATIONID,Calling-Station-Id AcctSQLStatement update SUBSCRIBERS set TIMELEFT=TIMELEFT-%{Acct-Session-Time} where USERNAME='%n' RejectEmptyPassword AcctFailedLogFileName %L/misseddetails Host xxx.net Secret xxx AuthPort 1645 AcctPort 1646 Retries 4 RetryTimeout 5 CachePasswords RejectEmptyPassword# AcctLogFileName %L/misseddetails2 ## PostAuthHook file:"%D/CheckBlockTimeLeft" # DBSource dbi:mysql:radius DBUsername root DBAuth xxx DBSource dbi:mysql:radius DBUsername root DBAuth xxx # Optional identifier. Its just a name Identifier SQL1 AddQuery insert into RADONLINE (USERNAME,NASIDENTIFIER,NASPORT,ACCTSESSIONID,TIME_STAMP,FRAMEDIPADDRESS,NASPORTTYPE,SERVICETYPE) values('%n','%N',%{NAS-Port},'%{Acct-Session-Id}',%{Timestamp},'%{Framed-IP-Address}','%{Port-Type}','%{Service-Type}')DeleteQuery delete from RADONLINE where USERNAME='%n' and NASIDENTIFIER='%N' and NASPORT=%{NAS-Port}ClearNasQuery delete from RADONLINE where NASIDENTIFIER='%N'CountQuery select NASIDENTIFIER,NASPORT,ACCTSESSIONID from RADONLINE where USERNAME='%n' # Log to a file Filename %L/mylog Trace 5 # Log to syslog (Unix only) Facility user Trace 4 # # Defines how to connect to the database. See examples above# DBSource dbi:mysql:radius# DBUsername mikem# DBAuth fred # Trace level to use (allows same values as the global Trace level)# Trace 4# #