RE: (RADIATOR) Session Database and MaxSessions

[Mike McCauley]

--  Forwarded Message  --

Subject: BOUNCE [EMAIL PROTECTED]:Non-member submission from [Frank 
Danielson <[EMAIL PROTECTED]>]
Date: Mon, 3 Mar 2003 08:35:34 -0600
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]

>From [EMAIL PROTECTED] Mon Mar  3 08:35:34 2003
Received: from orlrelay02 ([209.4.229.191])
by server1.open.com.au (8.11.0/8.11.0) with SMTP id h23EZYx03351
for <[EMAIL PROTECTED]>; Mon, 3 Mar 2003 08:35:34 -0600
Received: FROM orlexch02.brience.local BY orlrelay02 ; Mon Mar 03 14:23:53
 2003 -0500 Received: by orlexch02.brience.local with Internet Mail Service
 (5.5.2653.19) id ; Mon, 3 Mar 2003 14:31:20 -0500
Message-ID: <[EMAIL PROTECTED]>
From: Frank Danielson <[EMAIL PROTECTED]>
To: Dan <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
Subject: RE: (RADIATOR) Session Database and MaxSessions
Date: Mon, 3 Mar 2003 14:31:15 -0500
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2653.19)
Content-Type: multipart/alternative;
boundary="_=_NextPart_001_01C2E1BB.74F2FA50"

This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.

--_=_NextPart_001_01C2E1BB.74F2FA50
Content-Type: text/plain;
charset="iso-8859-1"

Dan-

could you also send the clients.cfg (no secrets)?

-Original Message-
From: Dan [mailto:[EMAIL PROTECTED]
Sent: Monday, March 03, 2003 12:23 PM
To: [EMAIL PROTECTED]
Subject: (RADIATOR) Session Database and MaxSessions


I have a existing session database. I am now to the point where I need to
control MaxSessions.

When i add the MaxSessions 1 to my conf. file I get ALOT of people that
can't login because it believes the user is still online or maxsession is
exceeded. I know for a fact that these users are not online. Why is it not
letting them online?


Is there any other way or Proper way to set radiator up to control
maxsessions when I'm getting my auth's from wholesale provider which does
not support snmp to the nas's...? How do other people on the list control
simultaneous usage with Networks like Uunet,Qwest,Megapop etc

I have included the log file (Trace 4) with the errors I get when I add
MaxSessions 1 these errors are occurring even when the user is not trying to
do simultaneous connections.  I have also attached my conf file.

Mon Mar  3 08:06:00 2003: DEBUG: Packet dump:
*** Received from 216.127.139.10 port 3800 
Code:   Access-Request
Identifier: 171
Authentic:  U<143><8><233><171><129><22><252><26>7<148><157>b<21><216>M
Attributes:
 User-Name = " [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> "
 CHAP-Password = <1>#<134><194><141>c(<29>;<243><168><143>D<168>V<213><172>
 NAS-IP-Address = 67.193.160.36
 NAS-Port = 2052
 NAS-Port-Type = Async
 Service-Type = Framed-User
 Framed-Protocol = PPP
 State = ""
 Called-Station-Id = ""
 Acct-Session-Id = "388570715"
 Ascend-Data-Rate = 26400
 Ascend-Xmit-Rate = 50667
 network = "u2"

Mon Mar  3 08:06:00 2003: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Mon Mar  3 08:06:00 2003: DEBUG:  Deleting session for [EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]> , 67.193.160.36, 2052
Mon Mar  3 08:06:00 2003: DEBUG: do query is: delete from RADONLINE where
NASIDENTIFIER='67.193.160.36' and NASPORT=02052

Mon Mar  3 08:06:00 2003: DEBUG: Query is: select NASIDENTIFIER, NASPORT,
ACCTSESSIONID, FRAMEDIPADDRESS from RADONLINE where [EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>

Mon Mar  3 08:06:01 2003: DEBUG: Checking if user is still online: unknown,
[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> , 67.193.160.36
, 13, 388532462  67.193.119.193
Mon Mar  3 08:06:01 2003: DEBUG: Checking if user is still online: unknown,
[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> , 67.193.160.36
, 3203, 388529606  67.193.119.73
Mon Mar  3 08:06:01 2003: DEBUG: Checking if user is still online: unknown,
[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> , 67.193.160.36
, 2121, 388518728  67.193.119.57
Mon Mar  3 08:06:01 2003: DEBUG: Checking if user is still online: unknown,
[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> , 67.193.160.36
, 2244, 388501182  67.193.119.57
Mon Mar  3 08:06:01 2003: DEBUG: Checking if user is still online: unknown,
[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> , 67.193.160.36
, 111, 388543128  67.193.119.187
Mon Mar  3 08:06:01 2003: DEBUG: Checking if user is still online: unknown,
[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> , 67.193.160.47
, 17, 376236234  67.193.170.23
Mon Mar  3 08:06:01 2003: DEBUG: Checking if user is st

Re: (RADIATOR) Session Database and MaxSessions

[Hugh Irvine]

Hello Dan -

This looks very odd.

What version of Radiator are you running? 

And can you send me the contents of the session database and a more complete trace 4 showing the startup messages and also what happens when you have a clean session database? I will need to see multiple access requests together with the corresponding accounting starts and accounting stops.

regards

Hugh


On Tuesday, Mar 4, 2003, at 04:22 Australia/Melbourne, Dan wrote:

I have a existing session database. I am now to the point where I need to control MaxSessions.
 
When i add the MaxSessions 1 to my conf. file I get ALOT of people that can't login because it believes the user is still online or maxsession is exceeded. I know for a fact that these users are not online. Why is it not letting them online?
 
 
Is there any other way or Proper way to set radiator up to control maxsessions when I'm getting my auth's from wholesale provider which does not support snmp to the nas's...? How do other people on the list control simultaneous usage with Networks like Uunet,Qwest,Megapop etc
 
I have included the log file (Trace 4) with the errors I get when I add MaxSessions 1 these errors are occurring even when the user is not trying to do simultaneous connections.  I have also attached my conf file.
 
Mon Mar  3 08:06:00 2003: DEBUG: Packet dump:
*** Received from 216.127.139.10 port 3800 
Code:   Access-Request
Identifier: 171
Authentic:  U<143><8><233><171><129><22><252><26>7<148><157>b<21><216>M
Attributes:
 User-Name = "[EMAIL PROTECTED]"
 CHAP-Password = <1>#<134><194><141>c(<29>;<243><168><143>D<168>V<213><172>
 NAS-IP-Address = 67.193.160.36
 NAS-Port = 2052
 NAS-Port-Type = Async
 Service-Type = Framed-User
 Framed-Protocol = PPP
 State = ""
 Called-Station-Id = ""
 Acct-Session-Id = "388570715"
 Ascend-Data-Rate = 26400
 Ascend-Xmit-Rate = 50667
 network = "u2"
 
Mon Mar  3 08:06:00 2003: DEBUG: Handling request with Handler 'Realm=DEFAULT'
Mon Mar  3 08:06:00 2003: DEBUG:  Deleting session for [EMAIL PROTECTED], 67.193.160.36, 2052
Mon Mar  3 08:06:00 2003: DEBUG: do query is: delete from RADONLINE where NASIDENTIFIER='67.193.160.36' and NASPORT=02052
 
Mon Mar  3 08:06:00 2003: DEBUG: Query is: select NASIDENTIFIER, NASPORT, ACCTSESSIONID, FRAMEDIPADDRESS from RADONLINE where [EMAIL PROTECTED]
 
Mon Mar  3 08:06:01 2003: DEBUG: Checking if user is still online: unknown, [EMAIL PROTECTED], 67.193.160.36 , 13, 388532462  67.193.119.193   
Mon Mar  3 08:06:01 2003: DEBUG: Checking if user is still online: unknown, [EMAIL PROTECTED], 67.193.160.36 , 3203, 388529606  67.193.119.73
Mon Mar  3 08:06:01 2003: DEBUG: Checking if user is still online: unknown, [EMAIL PROTECTED], 67.193.160.36 , 2121, 388518728  67.193.119.57
Mon Mar  3 08:06:01 2003: DEBUG: Checking if user is still online: unknown, [EMAIL PROTECTED], 67.193.160.36 , 2244, 388501182  67.193.119.57
Mon Mar  3 08:06:01 2003: DEBUG: Checking if user is still online: unknown, [EMAIL PROTECTED], 67.193.160.36 , 111, 388543128  67.193.119.187   
Mon Mar  3 08:06:01 2003: DEBUG: Checking if user is still online: unknown, [EMAIL PROTECTED], 67.193.160.47 , 17, 376236234  67.193.170.23
Mon Mar  3 08:06:01 2003: DEBUG: Checking if user is still online: unknown, [EMAIL PROTECTED], 67.193.160.36 , 2065, 388528348  67.193.119.93
Mon Mar  3 08:06:01 2003: DEBUG: Checking if user is still online: unknown, [EMAIL PROTECTED], 67.193.160.47 , 2059, 376233805  67.193.170.77
Mon Mar  3 08:06:01 2003: DEBUG: Checking if user is still online: unknown, [EMAIL PROTECTED], 67.193.160.47 , 209, 376233644  67.193.170.44
Mon Mar  3 08:06:01 2003: INFO: Access rejected for [EMAIL PROTECTED]: MaxSessions exceeded
Mon Mar  3 08:06:01 2003: DEBUG: Packet dump:
*** Sending to 216.127.139.10 port 3800 
Code:   Access-Reject
Identifier: 171
Authentic:  U<143><8><233><171><129><22><252><26>7<148><157>b<21><216>M
Attributes:
 Reply-Message = "Request Denied"


NB: have you included a copy of your configuration file (no secrets), 
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.

Re: (RADIATOR) Session Database and MaxSessions

[Dan]

Frank, List,
 
Here is a snippet of my clients.cfg file 
(attached). All of my client entries look like what i attached.
 
Dan

  - Original Message - 
  From: 
  Frank 
  Danielson 
  To: Dan ; [EMAIL PROTECTED] 
  Sent: Monday, March 03, 2003 1:31 
PM
  Subject: RE: (RADIATOR) Session Database 
  and MaxSessions
  
  Dan-
   
  could you also send the clients.cfg (no secrets)?
  
-Original Message-From: Dan 
[mailto:[EMAIL PROTECTED]Sent: Monday, March 03, 2003 12:23 
PMTo: [EMAIL PROTECTED]Subject: 
(RADIATOR) Session Database and MaxSessions
I have a existing session database. I am now to 
the point where I need to control MaxSessions.
 
When i add the MaxSessions 1 to my conf. file I 
get ALOT of people that can't login because it believes the user is still 
online or maxsession is exceeded. I know for a fact that these users are not 
online. Why is it not letting them online?
 
 
Is there any other way or Proper way to set 
radiator up to control maxsessions when I'm getting my auth's from wholesale 
provider which does not support snmp to the nas's...? How do other people on 
the list control simultaneous usage with Networks like Uunet,Qwest,Megapop 
etc
 
I have included the log file (Trace 
4) with the errors I get when I add MaxSessions 1 these errors are 
occurring even when the user is not trying to do simultaneous 
connections.  I have also attached my conf file.
 
Mon Mar  3 08:06:00 2003: DEBUG: Packet 
dump:*** Received from 216.127.139.10 port 3800 
Code:   
Access-RequestIdentifier: 171Authentic:  
U<143><8><233><171><129><22><252><26>7<148><157>b<21><216>MAttributes: User-Name 
= "[EMAIL PROTECTED]" CHAP-Password = 
<1>#<134><194><141>c(<29>;<243><168><143>D<168>V<213><172> NAS-IP-Address 
= 67.193.160.36 NAS-Port = 2052 NAS-Port-Type = 
Async Service-Type = Framed-User Framed-Protocol = 
PPP State = "" Called-Station-Id = 
"" Acct-Session-Id = 
"388570715" Ascend-Data-Rate = 26400 Ascend-Xmit-Rate = 
50667 network = "u2"
 
Mon Mar  3 08:06:00 2003: DEBUG: Handling 
request with Handler 'Realm=DEFAULT'Mon Mar  3 08:06:00 2003: 
DEBUG:  Deleting session for [EMAIL PROTECTED], 67.193.160.36, 2052Mon 
Mar  3 08:06:00 2003: DEBUG: do query is: delete from RADONLINE where 
NASIDENTIFIER='67.193.160.36' and NASPORT=02052
 
Mon Mar  3 08:06:00 2003: DEBUG: Query is: 
select NASIDENTIFIER, NASPORT, ACCTSESSIONID, FRAMEDIPADDRESS from RADONLINE 
where [EMAIL PROTECTED]
 
Mon Mar  3 08:06:01 2003: DEBUG: Checking 
if user is still online: unknown, [EMAIL PROTECTED], 
67.193.160.36 
, 13, 
388532462  
67.193.119.193    Mon Mar  3 
08:06:01 2003: DEBUG: Checking if user is still online: unknown, [EMAIL PROTECTED], 
67.193.160.36 
, 3203, 
388529606  
67.193.119.73 Mon 
Mar  3 08:06:01 2003: DEBUG: Checking if user is still online: unknown, 
[EMAIL PROTECTED], 
67.193.160.36 
, 2121, 
388518728  
67.193.119.57 Mon 
Mar  3 08:06:01 2003: DEBUG: Checking if user is still online: unknown, 
[EMAIL PROTECTED], 
67.193.160.36 
, 2244, 
388501182  
67.193.119.57 Mon 
Mar  3 08:06:01 2003: DEBUG: Checking if user is still online: unknown, 
[EMAIL PROTECTED], 
67.193.160.36 
, 111, 
388543128  
67.193.119.187    Mon Mar  3 
08:06:01 2003: DEBUG: Checking if user is still online: unknown, [EMAIL PROTECTED], 
67.193.160.47 
, 17, 
376236234  
67.193.170.23 Mon 
Mar  3 08:06:01 2003: DEBUG: Checking if user is still online: unknown, 
[EMAIL PROTECTED], 
67.193.160.36 
, 2065, 
388528348  
67.193.119.93 Mon 
Mar  3 08:06:01 2003: DEBUG: Checking if user is still online: unknown, 
[EMAIL PROTECTED], 
67.193.160.47 
, 2059, 
376233805  
67.193.170.77 Mon 
Mar  3 08:06:01 2003: DEBUG: Checking if user is still online: unknown, 
[EMAIL PROTECTED], 
67.193.160.47 
, 209, 
376233644  
67.193.170.4

(RADIATOR) Session Database and MaxSessions

[Dan]

I have a existing session database. I am now to the 
point where I need to control MaxSessions.
 
When i add the MaxSessions 1 to my conf. file I get 
ALOT of people that can't login because it believes the user is still online or 
maxsession is exceeded. I know for a fact that these users are not online. Why 
is it not letting them online?
 
 
Is there any other way or Proper way to set 
radiator up to control maxsessions when I'm getting my auth's from wholesale 
provider which does not support snmp to the nas's...? How do other people on the 
list control simultaneous usage with Networks like Uunet,Qwest,Megapop 
etc
 
I have included the log file (Trace 4) with 
the errors I get when I add MaxSessions 1 these errors are occurring even when 
the user is not trying to do simultaneous connections.  I have also 
attached my conf file.
 
Mon Mar  3 08:06:00 2003: DEBUG: Packet 
dump:*** Received from 216.127.139.10 port 3800 
Code:   Access-RequestIdentifier: 
171Authentic:  
U<143><8><233><171><129><22><252><26>7<148><157>b<21><216>MAttributes: User-Name 
= "[EMAIL PROTECTED]" CHAP-Password = 
<1>#<134><194><141>c(<29>;<243><168><143>D<168>V<213><172> NAS-IP-Address 
= 67.193.160.36 NAS-Port = 2052 NAS-Port-Type = 
Async Service-Type = Framed-User Framed-Protocol = 
PPP State = "" Called-Station-Id = 
"" Acct-Session-Id = "388570715" Ascend-Data-Rate 
= 26400 Ascend-Xmit-Rate = 50667 network = "u2"
 
Mon Mar  3 08:06:00 2003: DEBUG: Handling 
request with Handler 'Realm=DEFAULT'Mon Mar  3 08:06:00 2003: 
DEBUG:  Deleting session for [EMAIL PROTECTED], 67.193.160.36, 2052Mon 
Mar  3 08:06:00 2003: DEBUG: do query is: delete from RADONLINE where 
NASIDENTIFIER='67.193.160.36' and NASPORT=02052
 
Mon Mar  3 08:06:00 2003: DEBUG: Query is: 
select NASIDENTIFIER, NASPORT, ACCTSESSIONID, FRAMEDIPADDRESS from RADONLINE 
where [EMAIL PROTECTED]
 
Mon Mar  3 08:06:01 2003: DEBUG: Checking if 
user is still online: unknown, [EMAIL PROTECTED], 
67.193.160.36 
, 13, 
388532462  
67.193.119.193    Mon Mar  3 
08:06:01 2003: DEBUG: Checking if user is still online: unknown, [EMAIL PROTECTED], 
67.193.160.36 
, 3203, 
388529606  
67.193.119.73 Mon Mar  
3 08:06:01 2003: DEBUG: Checking if user is still online: unknown, [EMAIL PROTECTED], 
67.193.160.36 
, 2121, 
388518728  
67.193.119.57 Mon Mar  
3 08:06:01 2003: DEBUG: Checking if user is still online: unknown, [EMAIL PROTECTED], 
67.193.160.36 
, 2244, 
388501182  
67.193.119.57 Mon Mar  
3 08:06:01 2003: DEBUG: Checking if user is still online: unknown, [EMAIL PROTECTED], 
67.193.160.36 
, 111, 
388543128  
67.193.119.187    Mon Mar  3 
08:06:01 2003: DEBUG: Checking if user is still online: unknown, [EMAIL PROTECTED], 
67.193.160.47 
, 17, 
376236234  
67.193.170.23 Mon Mar  
3 08:06:01 2003: DEBUG: Checking if user is still online: unknown, [EMAIL PROTECTED], 
67.193.160.36 
, 2065, 
388528348  
67.193.119.93 Mon Mar  
3 08:06:01 2003: DEBUG: Checking if user is still online: unknown, [EMAIL PROTECTED], 
67.193.160.47 
, 2059, 
376233805  
67.193.170.77 Mon Mar  
3 08:06:01 2003: DEBUG: Checking if user is still online: unknown, [EMAIL PROTECTED], 
67.193.160.47 
, 209, 
376233644  
67.193.170.44 Mon Mar  
3 08:06:01 2003: INFO: Access rejected for [EMAIL PROTECTED]: MaxSessions exceededMon 
Mar  3 08:06:01 2003: DEBUG: Packet dump:*** Sending to 216.127.139.10 
port 3800 Code:   
Access-RejectIdentifier: 171Authentic:  
U<143><8><233><171><129><22><252><26>7<148><157>b<21><216>MAttributes: Reply-Message 
= "Request Denied"
# common-sql.cfg
#
# Example Radiator configuration file that allows you to
# authenticate from an SQL database.
# With Radiator you can interface with almost any databse schema,
# and there are many more configurable parameters that allow you
# to control database fallback, select statements, column names
# and arrangements etc etc etc.
# See the reference manual for more details.
# This is a very simple exmaple to get you started. It will
# work with the tables created by the goodies/*.sql scripts.
#
# You should consider this file to be a starting point only
# $Id: sql.cfg,v 1.5 2000/11/07 21:18:05 mikem Exp $

Foreground
LogStdout
LogDir  .
DbDir   .
Trace   4
DictionaryFile %D/dictionary.ascend2
include %D/clients.cfg


# This will authenticate users from SUBSCRIBERS


MaxSessions 1


# Adjust DBSource, DB

Re: (RADIATOR) Session Database Verify?

[Hugh Irvine]

Hello William -

This topic has been discussed on the list previously and I seem to 
remember that someone contributed some code, so you should check the 
mailing list archives, the FAQ and possibly the "goodies" directory of 
the Radiator 3.5 distribution.

regards

Hugh

On Saturday, Mar 1, 2003, at 04:22 Australia/Melbourne, William Taylor 
wrote:

I seem to have a problem with users ocasionally remaining in the 
session
sql database. I was wondering if there is a utility I could run from
cron every 5mins or so that would query the database for users and then
query the NAS to see if they are still logged in? If they are not 
logged
in then it would remove them from the session database. Im sure it 
would
be simple to write one but I thought I would check first.

Thanks

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

(RADIATOR) Session Database Verify?

[William Taylor]

I seem to have a problem with users ocasionally remaining in the session
sql database. I was wondering if there is a utility I could run from
cron every 5mins or so that would query the database for users and then
query the NAS to see if they are still logged in? If they are not logged
in then it would remove them from the session database. Im sure it would
be simple to write one but I thought I would check first.

Thanks

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Re: (RADIATOR) Session database with mysql

[Hugh Irvine]

framedipaddress, nasporttype, servicetype, calledstationid,
callingstationid, usrchassiscallslot, usrchassiscallchannel) values
('ec143pop', 4.4.4.4, 4.4.4.4,' 01025, '67109142',  1042807857, 
8.8.8.8,
'Async', 'Framed-User', '', '', 05, 01 )

Fri Jan 17 15:45:54 2003: DEBUG: Handling request with Handler
'Realm=domain.dom,NAS-Port-Type = Async'
Fri Jan 17 15:45:54 2003: DEBUG: Rewrote user name to 
[EMAIL PROTECTED]
Fri Jan 17 15:45:54 2003: DEBUG: Rewrote user name to ec143pop
Fri Jan 17 15:45:54 2003: DEBUG: InSQL Adding session for ec143pop, 
3.3.3.3,
1025
Fri Jan 17 15:45:54 2003: DEBUG: do query is: delete from radonline 
where
acctsessionid='67109142' and username='ec143pop'




- Original Message -
From: "Hugh Irvine" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: 16-01-2003 5:08 AM
Subject: Re: (RADIATOR) Session database with mysql



Hello -

The usual reason for stale records being left in the session database
is missing stop records. In other words, if you do not receive a stop
record when a user session completes, then you will not delete that
users record from the session database.

It is also possible that the delete query that you show below is not
correct. Have you checked a trace 4 to make sure that this is doing 
the
right thing and deleting the correct record?

I will need to see the complete configuration file (no secrets)
together with a trace 4 debug from Radiator showing what is happening.

regards

Hugh


On Wednesday, Jan 15, 2003, at 21:22 Australia/Melbourne,
<[EMAIL PROTECTED]> wrote:

Hello,

Am trying to implement a session database using a mysql database.
My problem is that i notice that there are so many cases when people
have
actually logged out, but not
deleted from the database.

(see my database structure and part of my cfg file)

create table radonline (
username   char(50) NOT NULL,
nasidentifier   char(50),
 nasipaddress char(15),
nasport int,
acctsessionid   char(30) NOT NULL,
time_stamp   int,
framedipaddress  char(15),
nasporttype  char(10),
servicetype  char(20),
calledstationid  char(16),
callingstationid char(16),
 usrchassiscallslot   int,
 usrchassiscallchannelint,

UNIQUE RADONLINE_I (nasidentifier, username),
INDEX RADONLINE_I2 (username)
);



cfg file
=


SessionDatabase SQL>
Identifier InSQL

DBSourcedbi:mysql:radonline:1.1.1.1
DBUsername 
DBAuth xxx


AddQuery insert into radonline (username, \
nasidentifier, \
nasipaddress, \
nasport, \
acctsessionid, \
time_stamp, \
framedipaddress, \
nasporttype, \
servicetype, \
calledstationid, \
callingstationid, \
usrchassiscallslot, \
usrchassiscallchannel) \
values ('%u', \
'%N', \
'%{NAS-IP-Address}', \
0%{NAS-Port}, \
'%{Acct-Session-Id}',  \
%{Timestamp}, \
'%{Framed-IP-Address}', \
'%{NAS-Port-Type}', \
'%{Service-Type}', \
'%{Called-Station-Id}', \
'%{Calling-Station-Id}', \
0%{USR-Chassis-Call-Slot}, \
0%{USR-Chassis-Call-Channel} )

   DeleteQuery delete from radonline where acctsessionid='%4' and
nasipaddress='%2' and username='%u'

   ClearNasQuerydelete from radonline where 
nasidentifier='%N'

   CountQueryselect
nasidentifier,nasport,acctsessionid,framedipaddress from radonline
where
username='%u'


TDN

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.



--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS 

Re: (RADIATOR) Session database with mysql

[tdn]

: delete from radonline where
acctsessionid='67109142' and username='ec143pop'




- Original Message -
From: "Hugh Irvine" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: 16-01-2003 5:08 AM
Subject: Re: (RADIATOR) Session database with mysql


>
> Hello -
>
> The usual reason for stale records being left in the session database
> is missing stop records. In other words, if you do not receive a stop
> record when a user session completes, then you will not delete that
> users record from the session database.
>
> It is also possible that the delete query that you show below is not
> correct. Have you checked a trace 4 to make sure that this is doing the
> right thing and deleting the correct record?
>
> I will need to see the complete configuration file (no secrets)
> together with a trace 4 debug from Radiator showing what is happening.
>
> regards
>
> Hugh
>
>
> On Wednesday, Jan 15, 2003, at 21:22 Australia/Melbourne,
> <[EMAIL PROTECTED]> wrote:
>
> > Hello,
> >
> > Am trying to implement a session database using a mysql database.
> > My problem is that i notice that there are so many cases when people
> > have
> > actually logged out, but not
> > deleted from the database.
> >
> > (see my database structure and part of my cfg file)
> >
> > create table radonline (
> > username   char(50) NOT NULL,
> > nasidentifier   char(50),
> >  nasipaddress char(15),
> > nasport int,
> > acctsessionid   char(30) NOT NULL,
> > time_stamp   int,
> > framedipaddress  char(15),
> > nasporttype  char(10),
> > servicetype  char(20),
> > calledstationid  char(16),
> > callingstationid char(16),
> >  usrchassiscallslot   int,
> >  usrchassiscallchannelint,
> >
> > UNIQUE RADONLINE_I (nasidentifier, username),
> > INDEX RADONLINE_I2 (username)
> > );
> >
> >
> >
> > cfg file
> > =
> >
> >
> > SessionDatabase SQL>
> > Identifier InSQL
> >
> > DBSourcedbi:mysql:radonline:1.1.1.1
> > DBUsername 
> > DBAuth xxx
> >
> >
> > AddQuery insert into radonline (username, \
> > nasidentifier, \
> > nasipaddress, \
> > nasport, \
> > acctsessionid, \
> > time_stamp, \
> > framedipaddress, \
> > nasporttype, \
> > servicetype, \
> > calledstationid, \
> > callingstationid, \
> > usrchassiscallslot, \
> > usrchassiscallchannel) \
> > values ('%u', \
> > '%N', \
> > '%{NAS-IP-Address}', \
> > 0%{NAS-Port}, \
> > '%{Acct-Session-Id}',  \
> > %{Timestamp}, \
> > '%{Framed-IP-Address}', \
> > '%{NAS-Port-Type}', \
> > '%{Service-Type}', \
> > '%{Called-Station-Id}', \
> > '%{Calling-Station-Id}', \
> > 0%{USR-Chassis-Call-Slot}, \
> > 0%{USR-Chassis-Call-Channel} )
> >
> >DeleteQuery delete from radonline where acctsessionid='%4' and
> > nasipaddress='%2' and username='%u'
> >
> >ClearNasQuerydelete from radonline where nasidentifier='%N'
> >
> >CountQueryselect
> > nasidentifier,nasport,acctsessionid,framedipaddress from radonline
> > where
> > username='%u'
> > 
> >
> > TDN
> >
> > ===
> > Archive at http://www.open.com.au/archives/radiator/
> > Announcements on [EMAIL PROTECTED]
> > To unsubscribe, email '[EMAIL PROTECTED]' with
> > 'unsubscribe radiator' in the body of the message.
> >
> >
>
> --
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
> -
> Nets: internetwork inventory and management - graphical, extensible,
> flexible with hardware, software, platform and database independence.
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on [EMAIL PROTECTED]
> To unsubscribe, email '[EMAIL PROTECTED]' with
> 'unsubscribe radiator' in the body of the message.
>

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Re: (RADIATOR) Session database with mysql

[Hugh Irvine]

Hello -

The usual reason for stale records being left in the session database 
is missing stop records. In other words, if you do not receive a stop 
record when a user session completes, then you will not delete that 
users record from the session database.

It is also possible that the delete query that you show below is not 
correct. Have you checked a trace 4 to make sure that this is doing the 
right thing and deleting the correct record?

I will need to see the complete configuration file (no secrets) 
together with a trace 4 debug from Radiator showing what is happening.

regards

Hugh


On Wednesday, Jan 15, 2003, at 21:22 Australia/Melbourne, 
<[EMAIL PROTECTED]> wrote:

Hello,

Am trying to implement a session database using a mysql database.
My problem is that i notice that there are so many cases when people 
have
actually logged out, but not
deleted from the database.

(see my database structure and part of my cfg file)

create table radonline (
username   char(50) NOT NULL,
nasidentifier   char(50),
 nasipaddress char(15),
nasport int,
acctsessionid   char(30) NOT NULL,
time_stamp   int,
framedipaddress  char(15),
nasporttype  char(10),
servicetype  char(20),
calledstationid  char(16),
callingstationid char(16),
 usrchassiscallslot   int,
 usrchassiscallchannelint,

UNIQUE RADONLINE_I (nasidentifier, username),
INDEX RADONLINE_I2 (username)
);



cfg file
=


SessionDatabase SQL>
Identifier InSQL

DBSourcedbi:mysql:radonline:1.1.1.1
DBUsername 
DBAuth xxx


AddQuery insert into radonline (username, \
nasidentifier, \
nasipaddress, \
nasport, \
acctsessionid, \
time_stamp, \
framedipaddress, \
nasporttype, \
servicetype, \
calledstationid, \
callingstationid, \
usrchassiscallslot, \
usrchassiscallchannel) \
values ('%u', \
'%N', \
'%{NAS-IP-Address}', \
0%{NAS-Port}, \
'%{Acct-Session-Id}',  \
%{Timestamp}, \
'%{Framed-IP-Address}', \
'%{NAS-Port-Type}', \
'%{Service-Type}', \
'%{Called-Station-Id}', \
'%{Calling-Station-Id}', \
0%{USR-Chassis-Call-Slot}, \
0%{USR-Chassis-Call-Channel} )

   DeleteQuery delete from radonline where acctsessionid='%4' and
nasipaddress='%2' and username='%u'

   ClearNasQuerydelete from radonline where nasidentifier='%N'

   CountQueryselect
nasidentifier,nasport,acctsessionid,framedipaddress from radonline 
where
username='%u'


TDN

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.



--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

(RADIATOR) Session database with mysql

[tdn]

Hello,

Am trying to implement a session database using a mysql database.
My problem is that i notice that there are so many cases when people have
actually logged out, but not
deleted from the database.

(see my database structure and part of my cfg file)

create table radonline (
username   char(50) NOT NULL,
nasidentifier   char(50),
 nasipaddress char(15),
nasport int,
acctsessionid   char(30) NOT NULL,
time_stamp   int,
framedipaddress  char(15),
nasporttype  char(10),
servicetype  char(20),
calledstationid  char(16),
callingstationid char(16),
 usrchassiscallslot   int,
 usrchassiscallchannelint,

UNIQUE RADONLINE_I (nasidentifier, username),
INDEX RADONLINE_I2 (username)
);



cfg file
=


SessionDatabase SQL>
Identifier InSQL

DBSourcedbi:mysql:radonline:1.1.1.1
DBUsername 
DBAuth xxx


AddQuery insert into radonline (username, \
nasidentifier, \
nasipaddress, \
nasport, \
acctsessionid, \
time_stamp, \
framedipaddress, \
nasporttype, \
servicetype, \
calledstationid, \
callingstationid, \
usrchassiscallslot, \
usrchassiscallchannel) \
values ('%u', \
'%N', \
'%{NAS-IP-Address}', \
0%{NAS-Port}, \
'%{Acct-Session-Id}',  \
%{Timestamp}, \
'%{Framed-IP-Address}', \
'%{NAS-Port-Type}', \
'%{Service-Type}', \
'%{Called-Station-Id}', \
'%{Calling-Station-Id}', \
0%{USR-Chassis-Call-Slot}, \
0%{USR-Chassis-Call-Channel} )

   DeleteQuery delete from radonline where acctsessionid='%4' and
nasipaddress='%2' and username='%u'

   ClearNasQuerydelete from radonline where nasidentifier='%N'

   CountQueryselect
nasidentifier,nasport,acctsessionid,framedipaddress from radonline where
username='%u'


TDN

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Re: (RADIATOR) Session database

[Hugh Irvine]

Hello Ganbold -

The answer to this depends on what else you are doing, but you can 
either use Handlers with a SessionDatabase NULL, or you can use a very 
large value for the Simultaneous-Use check item (or NULL if you are 
using an SQL database).

regards

Hugh


On Monday, Dec 9, 2002, at 15:16 Australia/Melbourne, Ganbold wrote:

Hi,

I have some dial-up users for whom I don't want to use Session 
Database.
How do make radiator not to use Session Database for particular users?

TIA,

Ganbold


===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.



--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

(RADIATOR) Session database

[Ganbold]

Hi,

I have some dial-up users for whom I don't want to use Session Database.
How do make radiator not to use Session Database for particular users?

TIA,

Ganbold


===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Re: (RADIATOR) Session database

[Hugh Irvine]

Hello TDN -

You should add the relevant columns to the session database table, and 
specify your own SQL queries.

Have a look at section 6.7 in the Radiator 3.3.1 reference manual.

regards

Hugh


On Wednesday, October 23, 2002, at 05:12 PM, <[EMAIL PROTECTED]> wrote:

How would I modify my radwho.cgi / session database (dbm format), to 
show
calledstationid and callingstationid?

Rgds
TDN


===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.



NB: I am travelling this week, so there may be delays in our 
correspondence.

--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

(RADIATOR) Session database

[tdn]

How would I modify my radwho.cgi / session database (dbm format), to show
calledstationid and callingstationid?

Rgds
TDN


===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Re: (RADIATOR) session database problem

[Hugh Irvine]

Hello Laramie -

It looks to me like you are not connecting to the database (have you installed DBI and DBD?).

Could you send me a trace 4 debug showing the Radiator startup sequence and what happens when you first access the database?

regards

Hugh


On Tuesday, October 22, 2002, at 01:47 AM, Laramie Combs wrote:

Hello all,
 
We have been using Radiator for several years now, with very few major problems, but I have run into one now that I just can't understand.
 
We upgraded our server to Redhat 8.0 recently (Friday), and when I came in this morning, I noticed that the radwho.cgi script was showing 0 users logged in.  After a quick check to the terminal servers, I noticed that this was not the case.
 
I quickly moved to my trusty Trace 4 to see what was happening, and it looks like the SQL query is being run to delete old userinfo from the RADONLINE table when a new user logs in on the port, but it never tries to insert the new user's info into the table as seen below:
 
---
Mon Oct 21 11:36:29 2002: DEBUG: Handling request with Handler 'User-Name = /^[a-zA-Z][a-zA-Z][a-zA-Z]/'
Mon Oct 21 11:36:29 2002: DEBUG: SDB1 Deleting session for jamesdg, 152.10.12.99, 6
Mon Oct 21 11:36:29 2002: DEBUG: do query is: delete from RADONLINE where NASIDENTIFIER='152.10.12.99' and NASPORT=06
 
Mon Oct 21 11:36:29 2002: DEBUG: Handling with Radius::AuthSQL
Mon Oct 21 11:36:29 2002: DEBUG: Handling with Radius::AuthFILE: static_ips
Mon Oct 21 11:36:29 2002: DEBUG: Radius::AuthFILE looks for match with jamesdg
Mon Oct 21 11:36:29 2002: DEBUG: Radius::AuthFILE looks for match with DEFAULT
Mon Oct 21 11:36:29 2002: DEBUG: Handling with Radius::AuthRADIUS
Mon Oct 21 11:36:29 2002: DEBUG: Packet dump:
---
 
Anyone have any ideas?  My config is exactly the same as it was before the move to Redhat 8.0.
 
Thanks in advance,
 
Laramie Combs
Network Analyst
Appalachian State University


NB: I am travelling this week, so there may be delays in our correspondence.

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.

(RADIATOR) session database problem

[Laramie Combs]

Hello all, 
 
We have been using Radiator for several years now, 
with very few major problems, but I have run into one now that I just can't 
understand.
 
We upgraded our server to Redhat 8.0 recently 
(Friday), and when I came in this morning, I noticed that the radwho.cgi script 
was showing 0 users logged in.  After a quick check to the terminal 
servers, I noticed that this was not the case.
 
I quickly moved to my trusty Trace 4 to see what 
was happening, and it looks like the SQL query is being run to delete old 
userinfo from the RADONLINE table when a new user logs in on the port, but it 
never tries to insert the new user's info into the table as seen 
below:
 
---
Mon Oct 21 11:36:29 2002: DEBUG: Handling request 
with Handler 'User-Name = /^[a-zA-Z][a-zA-Z][a-zA-Z]/'Mon Oct 21 11:36:29 
2002: DEBUG: SDB1 Deleting session for jamesdg, 152.10.12.99, 6Mon Oct 21 
11:36:29 2002: DEBUG: do query is: delete from RADONLINE where 
NASIDENTIFIER='152.10.12.99' and NASPORT=06
 
Mon Oct 21 11:36:29 2002: DEBUG: Handling with 
Radius::AuthSQLMon Oct 21 11:36:29 2002: DEBUG: Handling with 
Radius::AuthFILE: static_ipsMon Oct 21 11:36:29 2002: DEBUG: 
Radius::AuthFILE looks for match with jamesdgMon Oct 21 11:36:29 2002: 
DEBUG: Radius::AuthFILE looks for match with DEFAULTMon Oct 21 11:36:29 
2002: DEBUG: Handling with Radius::AuthRADIUSMon Oct 21 11:36:29 2002: 
DEBUG: Packet dump:---
 
Anyone have any ideas?  My config is exactly 
the same as it was before the move to Redhat 8.0.
 
Thanks in advance, 
 
Laramie Combs
Network Analyst
Appalachian State 
University

Re: (RADIATOR) session database

[Hugh Irvine]

Hello Ray -

Yes you can do this.

regards

Hugh


On Mon, 29 Apr 2002 22:13, [EMAIL PROTECTED] wrote:
> Hello,
>
>
>  Is it possible to have a sql session database for every handler?
>
>  ex. 
>  
>  .
>  .
>  
>  
>  .
>  .
>
>
>
> Ray
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on [EMAIL PROTECTED]
> To unsubscribe, email '[EMAIL PROTECTED]' with
> 'unsubscribe radiator' in the body of the message.

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

(RADIATOR) session database

[rcortez]

Hello,


 Is it possible to have a sql session database for every handler?

 ex. 
 
 .
 .
 
 
 .
 .



Ray

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Re: (RADIATOR) Session database SQL

[Hugh Irvine]

Hello Matthew -

On Wed, 30 Jan 2002 13:56, mhobbs wrote:
> I have set up a session database using the following
>
> 
>   DBSourcedbi:mysql:RADONLINE
>   DBUsername  
>   DBAuth  
>
> AddQuery insert into RADONLINE (FRAMEDIPADDRESS, USERNAME, NASIDENTIFIER,
> NASPORT, PASSWORD) values ('%{Framed-Address}', '%U', '%N', 0%{NAS-Port},
> '%{User-Password}')
>
> DeleteQuery delete from RADONLINE where NASIDENTIFIER='%1' and NASPORT=0%2
> ClearNasQuery delete from RADONLINE where NASIDENTIFIER='%N'
>
> CountQuery
> FailureBackoffTime 5
> 
>
> All work wells accept the getting the user's password details. I have also
> tried "%P" but it just inserts nothing into the database how do I get this
> to work ?
>

You will have to check a trace 4 debug to see what is happening.

> Also in the manual it says
> "If CountQuery is defined as an empty string, then the query will not be
> executed, and the current session count will be fixed at 0."
>
> So what is the syntax for this ?
>

Your configuration already has the correct syntax.

CountQuery

regards

Hugh


-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

(RADIATOR) Session database SQL

[mhobbs]

I have set up a session database using the following


  DBSourcedbi:mysql:RADONLINE
  DBUsername  
  DBAuth  

AddQuery insert into RADONLINE (FRAMEDIPADDRESS, USERNAME, NASIDENTIFIER,
NASPORT, PASSWORD) values ('%{Framed-Address}', '%U', '%N', 0%{NAS-Port},
'%{User-Password}')

DeleteQuery delete from RADONLINE where NASIDENTIFIER='%1' and NASPORT=0%2
ClearNasQuery delete from RADONLINE where NASIDENTIFIER='%N'

CountQuery
FailureBackoffTime 5


All work wells accept the getting the user's password details. I have also
tried "%P" but it just inserts nothing into the database how do I get this
to work ?

Also in the manual it says
"If CountQuery is defined as an empty string, then the query will not be
executed, and the current session count will be fixed at 0."

So what is the syntax for this ?

Thanks
Matthew Hobbs
Speedlink

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Re: (RADIATOR) Session Database issues.

[Utku Er]

Hi Griff, 
 
The reason of that strange lines that you mention 
is the radiator's default session database implementation which is right. Its 
because only one user can be connected from the same nasidentifier and nas port 
at any time...  
 
 When a user access request 
comes, radiator first erases the line with the same nas and same nas port 
in the database just in case of a problem... this means it has to run 
DeleteQuery first... 
 
 Since your two radpwtst tests sends 
the same nasidentifier and nasport, regardless of the other things, you will 
always get OK for that... Try changing nas_ip_address or nas_port to see 
the real behaviour... 
 
 The other conceptual problem is changing the 
calling-number attribute does not affect anything since this attribute either 
not exists in the countquery or the deletequery.
 
Utku Er.
 

  - Original Message - 
  From: 
  Griff Hamlin, III 
  
  To: [EMAIL PROTECTED] 
  Sent: Thursday, January 17, 2002 9:02 
  PM
  Subject: (RADIATOR) Session Database 
  issues.
  I am using Radiator 2.18.3 on AIX. I find that even though in 
  my configfile I have DefaultSimultaneousUse 1 set, all users are still 
  allowedon. I use an SQL session database, and when I try tests using 
  radpwtst Ifind something peculiar.I first run the following 
  command:/usr/local/Radiator-2.18/radpwtst -nostop -user=hamlin 
  -password=-auth_port=1645 -acct_port=1646 -calling_station_id 
  9095551212-nas_ip_address 127.0.0.1This gives me an accesss accept 
  and place the user information into mysql 'online' table. I purposely do 
  not let radpwtst send a stop packetso that the information will remain in 
  the online table.I then change the phone number (because I have a hook 
  that checks forit) and run the following command from 
  radpwtst./usr/local/Radiator-2.18/radpwtst -noacct -user=hamlin 
  -password=-auth_port=1645 -acct_port=1646 -calling_station_id 
  9495551213-nas_ip_address 127.0.0.1Notice that now, I have changed 
  it to -noacct since all I want is theaccess reply.Strangely 
  enough, it is accepted! Yet I can see the row in the onlinedatabase. I get 
  the following from the logfile on trace 4. This is theaccess request after 
  the user is already in the online sql database.-logfile output 
  *** Received from 127.0.0.1 port 46269 
  Code:   
  Access-RequestIdentifier: 17Authentic:  
  1234567890123456Attributes:   User-Name = 
  "hamlin"   Service-Type = Framed-User   
  NAS-IP-Address = 127.0.0.1   NAS-Port = 1234   
  Called-Station-Id = "123456789"   Calling-Station-Id = 
  "9491234546"   NAS-Port-Type = Async   
  User-Password 
  ="<207><184>f<154><223>5p<246><188>8<9><160><216>}x<153>"Fri 
  Jan 18 05:39:47 2002: INFO: Checking :hamlin: call-id :9491234546:Fri Jan 
  18 05:39:47 2002: INFO: CallIDHook: returned row --->  
  'hamlin','9095551212'Fri Jan 18 05:39:47 2002: DEBUG: Check if Handler 
  Service-Type =Call-Check should be used to handle this requestFri Jan 
  18 05:39:47 2002: DEBUG: Check if Handler User-Name = adminshould be used 
  to handle this requestFri Jan 18 05:39:47 2002: DEBUG: Check if 
  HandlerRequest-Type=Accounting-Request should be used to handle this 
  requestFri Jan 18 05:39:47 2002: DEBUG: Check if Handler  should be 
  used tohandle this requestFri Jan 18 05:39:47 2002: DEBUG: Handling 
  request with Handler ''Fri Jan 18 05:39:47 2002: DEBUG: Rewrote user name 
  to hamlinFri Jan 18 05:39:47 2002: DEBUG:  Deleting session for 
  hamlin,127.0.0.1, 1234   <-### This seems odd to 
  meFri Jan 18 05:39:47 2002: DEBUG: do query is: delete from online 
  where(nasidentifier='127.0.0.1')&&(nasport='1234')Fri Jan 
  18 05:39:47 2002: DEBUG: Handling with Radius::AuthGROUPFri Jan 18 
  05:39:47 2002: DEBUG: Handling with Radius::AuthSQLFri Jan 18 05:39:47 
  2002: DEBUG: Handling with Radius::AuthSQL:Fri Jan 18 05:39:47 2002: 
  DEBUG: Query is: select check_items,reply_items, case when 
  (prepay='false') thenif(session_timeout,session_timeout,NULL) 
  when((prepay='true')&&(ISNULL(session_timeout))) then 
  prepaid_timeleft 
  when((prepay='true')&&(!(ISNULL(session_timeout 
  thenif(prepaid_timeleftend 
  from users where (username='hamlin' && 
  handler_group='defau')Fri Jan 18 05:39:47 2002: DEBUG: Radius::AuthSQL 
  looks for match withhamlinFri Jan 18 05:39:47 2002: DEBUG: Query is: 
  select username,acctsessionid from online where 
  username='hamlin'Fri Jan 18 05:39:47 2002: DEBUG: Radius::AuthSQL 
  ACCEPT:Fri Jan 18 05:39:47 2002: DEBUG: Access accepted for hamlinFri 
  Jan 18 05:39:47 2002::hamlin accepted from 127.0.0.1, called123456789 
  from9491234546Fri Jan 18 05:39:47 2002: DEBUG: Pa

RE: (RADIATOR) Session Database issues.

[Frank Danielson]

It looks like radpwtst is sending the default NAS-Port of 1234 for each
request. Since radiator sees the second call coming in on the same physical
port it assumes that the first session had to have ended. Change the
NAS-Port in the second test using the -nas_port parameter of radpwtst so it
looks like you  are putting up a second simultaneous call.

-Frank

-Original Message-
From: Griff Hamlin, III [mailto:[EMAIL PROTECTED]]
Sent: Thursday, January 17, 2002 2:03 PM
To: [EMAIL PROTECTED]
Subject: (RADIATOR) Session Database issues.


I am using Radiator 2.18.3 on AIX. I find that even though in my config
file I have DefaultSimultaneousUse 1 set, all users are still allowed
on. I use an SQL session database, and when I try tests using radpwtst I
find something peculiar.

I first run the following command:
/usr/local/Radiator-2.18/radpwtst -nostop -user=hamlin -password=
-auth_port=1645 -acct_port=1646 -calling_station_id 9095551212
-nas_ip_address 127.0.0.1

This gives me an accesss accept and place the user information into my
sql 'online' table. I purposely do not let radpwtst send a stop packet
so that the information will remain in the online table.

I then change the phone number (because I have a hook that checks for
it) and run the following command from radpwtst.
/usr/local/Radiator-2.18/radpwtst -noacct -user=hamlin -password=
-auth_port=1645 -acct_port=1646 -calling_station_id 9495551213
-nas_ip_address 127.0.0.1

Notice that now, I have changed it to -noacct since all I want is the
access reply.

Strangely enough, it is accepted! Yet I can see the row in the online
database. I get the following from the logfile on trace 4. This is the
access request after the user is already in the online sql database.

-logfile output 
*** Received from 127.0.0.1 port 46269 
Code:   Access-Request
Identifier: 17
Authentic:  1234567890123456
Attributes:
   User-Name = "hamlin"
   Service-Type = Framed-User
   NAS-IP-Address = 127.0.0.1
   NAS-Port = 1234
   Called-Station-Id = "123456789"
   Calling-Station-Id = "9491234546"
   NAS-Port-Type = Async
   User-Password =
"<207><184>f<154><223>5p<246><188>8<9><160><216>}x<153>"

Fri Jan 18 05:39:47 2002: INFO: Checking :hamlin: call-id :9491234546:
Fri Jan 18 05:39:47 2002: INFO: CallIDHook: returned row --->  'hamlin',
'9095551212'
Fri Jan 18 05:39:47 2002: DEBUG: Check if Handler Service-Type =
Call-Check should be used to handle this request
Fri Jan 18 05:39:47 2002: DEBUG: Check if Handler User-Name = admin
should be used to handle this request
Fri Jan 18 05:39:47 2002: DEBUG: Check if Handler
Request-Type=Accounting-Request should be used to handle this request
Fri Jan 18 05:39:47 2002: DEBUG: Check if Handler  should be used to
handle this request
Fri Jan 18 05:39:47 2002: DEBUG: Handling request with Handler ''
Fri Jan 18 05:39:47 2002: DEBUG: Rewrote user name to hamlin
Fri Jan 18 05:39:47 2002: DEBUG:  Deleting session for hamlin,
127.0.0.1, 1234   <-### This seems odd to me
Fri Jan 18 05:39:47 2002: DEBUG: do query is: delete from online where
(nasidentifier='127.0.0.1')&&(nasport='1234')

Fri Jan 18 05:39:47 2002: DEBUG: Handling with Radius::AuthGROUP
Fri Jan 18 05:39:47 2002: DEBUG: Handling with Radius::AuthSQL
Fri Jan 18 05:39:47 2002: DEBUG: Handling with Radius::AuthSQL:
Fri Jan 18 05:39:47 2002: DEBUG: Query is: select check_items,
reply_items, case when (prepay='false') then
if(session_timeout,session_timeout,NULL) when
((prepay='true')&&(ISNULL(session_timeout))) then prepaid_timeleft when
((prepay='true')&&(!(ISNULL(session_timeout then
if(prepaid_timeleft

   DBSource %{GlobalVar:DbServer}
   DBUsername %{GlobalVar:DbUser}
   DBAuth %{GlobalVar:DbPass}

   AddQuery insert into online (username, nasidentifier, nasport,\
acctsessionid, callingid, framedaddress) values ('%U','%c',\

'%{NAS-Port}','%{Acct-Session-Id}','%{Calling-Station-Id}',\

'%{Framed-IP-Address}')

   DeleteQuery delete from online where
(nasidentifier='%1')&&(nasport='%2')

   CountQuery select username, acctsessionid from online where
username='%n'




  Identifier log1
  Filename %L/logfile
  LogSuccess 1
  LogFailure 1
@

  SuccessFormat %l::%n accepted from %c, called %{Called-Station-Id}
from %{Calling-Station-Id}
  FailureFormat %l::%n rejected from %c, %1, Called %{Called-Station-Id}
from %{Calling-Station-Id}, password=%P


# Process call-check requests.

   AcctLogFileName %L/callcheck.log
   
  DBSource%{GlobalVar:DbServer}
  DBUsername  %{GlobalVar:DbUser}
  DBAuth  %{GlobalVar:DbPass}
  Timeout 8
  FailureBackoffTim

(RADIATOR) Session Database issues.

[Griff Hamlin, III]

I am using Radiator 2.18.3 on AIX. I find that even though in my config
file I have DefaultSimultaneousUse 1 set, all users are still allowed
on. I use an SQL session database, and when I try tests using radpwtst I
find something peculiar.

I first run the following command:
/usr/local/Radiator-2.18/radpwtst -nostop -user=hamlin -password=
-auth_port=1645 -acct_port=1646 -calling_station_id 9095551212
-nas_ip_address 127.0.0.1

This gives me an accesss accept and place the user information into my
sql 'online' table. I purposely do not let radpwtst send a stop packet
so that the information will remain in the online table.

I then change the phone number (because I have a hook that checks for
it) and run the following command from radpwtst.
/usr/local/Radiator-2.18/radpwtst -noacct -user=hamlin -password=
-auth_port=1645 -acct_port=1646 -calling_station_id 9495551213
-nas_ip_address 127.0.0.1

Notice that now, I have changed it to -noacct since all I want is the
access reply.

Strangely enough, it is accepted! Yet I can see the row in the online
database. I get the following from the logfile on trace 4. This is the
access request after the user is already in the online sql database.

-logfile output 
*** Received from 127.0.0.1 port 46269 
Code:   Access-Request
Identifier: 17
Authentic:  1234567890123456
Attributes:
   User-Name = "hamlin"
   Service-Type = Framed-User
   NAS-IP-Address = 127.0.0.1
   NAS-Port = 1234
   Called-Station-Id = "123456789"
   Calling-Station-Id = "9491234546"
   NAS-Port-Type = Async
   User-Password =
"<207><184>f<154><223>5p<246><188>8<9><160><216>}x<153>"

Fri Jan 18 05:39:47 2002: INFO: Checking :hamlin: call-id :9491234546:
Fri Jan 18 05:39:47 2002: INFO: CallIDHook: returned row --->  'hamlin',
'9095551212'
Fri Jan 18 05:39:47 2002: DEBUG: Check if Handler Service-Type =
Call-Check should be used to handle this request
Fri Jan 18 05:39:47 2002: DEBUG: Check if Handler User-Name = admin
should be used to handle this request
Fri Jan 18 05:39:47 2002: DEBUG: Check if Handler
Request-Type=Accounting-Request should be used to handle this request
Fri Jan 18 05:39:47 2002: DEBUG: Check if Handler  should be used to
handle this request
Fri Jan 18 05:39:47 2002: DEBUG: Handling request with Handler ''
Fri Jan 18 05:39:47 2002: DEBUG: Rewrote user name to hamlin
Fri Jan 18 05:39:47 2002: DEBUG:  Deleting session for hamlin,
127.0.0.1, 1234   <-### This seems odd to me
Fri Jan 18 05:39:47 2002: DEBUG: do query is: delete from online where
(nasidentifier='127.0.0.1')&&(nasport='1234')

Fri Jan 18 05:39:47 2002: DEBUG: Handling with Radius::AuthGROUP
Fri Jan 18 05:39:47 2002: DEBUG: Handling with Radius::AuthSQL
Fri Jan 18 05:39:47 2002: DEBUG: Handling with Radius::AuthSQL:
Fri Jan 18 05:39:47 2002: DEBUG: Query is: select check_items,
reply_items, case when (prepay='false') then
if(session_timeout,session_timeout,NULL) when
((prepay='true')&&(ISNULL(session_timeout))) then prepaid_timeleft when
((prepay='true')&&(!(ISNULL(session_timeout then
if(prepaid_timeleft

   DBSource %{GlobalVar:DbServer}
   DBUsername %{GlobalVar:DbUser}
   DBAuth %{GlobalVar:DbPass}

   AddQuery insert into online (username, nasidentifier, nasport,\
acctsessionid, callingid, framedaddress) values ('%U','%c',\

'%{NAS-Port}','%{Acct-Session-Id}','%{Calling-Station-Id}',\

'%{Framed-IP-Address}')

   DeleteQuery delete from online where
(nasidentifier='%1')&&(nasport='%2')

   CountQuery select username, acctsessionid from online where
username='%n'




  Identifier log1
  Filename %L/logfile
  LogSuccess 1
  LogFailure 1
@

  SuccessFormat %l::%n accepted from %c, called %{Called-Station-Id}
from %{Calling-Station-Id}
  FailureFormat %l::%n rejected from %c, %1, Called %{Called-Station-Id}
from %{Calling-Station-Id}, password=%P


# Process call-check requests.

   AcctLogFileName %L/callcheck.log
   
  DBSource%{GlobalVar:DbServer}
  DBUsername  %{GlobalVar:DbUser}
  DBAuth  %{GlobalVar:DbPass}
  Timeout 8
  FailureBackoffTime 10

  AuthSelect select handler_group from check where \
 (dialing_number='%{Calling-Station-Id}')&& \
 (handler_group='%{Handler-Group}')

  AuthColumnDef 0,Handler-Group,check


   


# Get rid of admin accounting requests



# Handle all accounting here.

  RewriteUsername s/^([^@]+).*/$1/
  # Need a little hook here to determine if this is an accounting packet

  # whether we use the Livingston or Acct-Terminate-Cause attributes.
  # This gets the attribute Livingston if it exists, if not, gets
  # Acct-Terminate-Cause, if not gets Ascend-Disconnect-Cause
  # Put the correct one in new attribute %{Term-Cause} to be used later
  PreAuthHook file:"/etc/raddb/accounting.hook"

  
AuthByPolicy ContinueWhileAccept

  DBSourcedbi:mysql:cheetah:ns.quik.com.au
  DBUsername  %{GlobalVar:DbUser}
  DBAuth  %{GlobalV

RE: (RADIATOR) Session Database

[Hugh Irvine]

Hello Kyle -

I will also need to see a copy of the configuration file (no secrets).

thanks

Hugh


At 11:56 AM -0400 6/28/01, Kitabjian, Dave wrote:
>Hey.
>
>1) Have you tested INSERTing to your DB from the command line to make sure
>it's working? Perhaps from a Perl command line?
>
>2) Put "Trace  4" in your config file, restart Radiator, try again, and then
>let us know what shows up in your logfile. I'd like to know if it's even
>TRYING to do the INSERT...
>
>Dave
>
>>  -Original Message-
>>  From: Kyle [mailto:[EMAIL PROTECTED]]
>>  Sent: Thursday, June 28, 2001 5:51 AM
>>  To: [EMAIL PROTECTED]
>>  Subject: (RADIATOR) Session Database
>>
>>
>>  I've got this directive in my . However, when
>>  an user logs onto the system, and is authenticated by
>>  Radiator, it fails to put an entry into the session table.
>>  What am I doing wrong? Radiator-2.18.2 with RH-7.0 and mySql-3.23.38.
>>
>>  
>>
>>## Set the database Identifier
>>Identifier SDB1
>>
>>## Set the database source
>>DBSource  dbi:mysql:**
>>DBUsername**
>>DBAuth**
>>
>>AddQuery insert into RADONLINE (USERNAME, \
>>NASIDENTIFIER, NASPORT, \
>>ACCTSESSIONID, TIME_STAMP, FRAMEDADDRESS, PORTTYPE, \
>>SERVICETYPE) values ('%n','%N',%{NAS-Port}, \
>>'%{Acct-Session-Id}', %{Timestamp}, \
>>'%{Framed-Address}','%{Port-Type}','%{Service-Type}')
>>
>>DeleteQuery delete from RADONLINE where USERNAME='%n' and \
>>NASIDENTIFIER='%N' and NASPORT=%{NAS-Port}
>>
>>ClearNasQuery delete from RADONLINE where NASIDENTIFIER="%N'
>>CountQuery select NASIDENTIFIER,NASPORT,ACCTSESSIONID from \
>>RADONLINE where USERNAME='%n'
>>
>>  
>>  ===
>>  Archive at http://www.open.com.au/archives/radiator/
>>  Announcements on [EMAIL PROTECTED]
>>  To unsubscribe, email '[EMAIL PROTECTED]' with
>>  'unsubscribe radiator' in the body of the message.
>>
>===
>Archive at http://www.open.com.au/archives/radiator/
>Announcements on [EMAIL PROTECTED]
>To unsubscribe, email '[EMAIL PROTECTED]' with
>'unsubscribe radiator' in the body of the message.

-- 

NB: I am travelling this week, so there may be delays in our correspondence.

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

RE: (RADIATOR) Session Database

[Kitabjian, Dave]

Hey.

1) Have you tested INSERTing to your DB from the command line to make sure
it's working? Perhaps from a Perl command line?

2) Put "Trace  4" in your config file, restart Radiator, try again, and then
let us know what shows up in your logfile. I'd like to know if it's even
TRYING to do the INSERT...

Dave

> -Original Message-
> From: Kyle [mailto:[EMAIL PROTECTED]] 
> Sent: Thursday, June 28, 2001 5:51 AM
> To: [EMAIL PROTECTED]
> Subject: (RADIATOR) Session Database
> 
> 
> I've got this directive in my . However, when 
> an user logs onto the system, and is authenticated by 
> Radiator, it fails to put an entry into the session table. 
> What am I doing wrong? Radiator-2.18.2 with RH-7.0 and mySql-3.23.38.
> 
> 
> 
>   ## Set the database Identifier
>   Identifier SDB1
> 
>   ## Set the database source
>   DBSource  dbi:mysql:**
>   DBUsername**
>   DBAuth**
> 
>   AddQuery insert into RADONLINE (USERNAME, \
>   NASIDENTIFIER, NASPORT, \
>   ACCTSESSIONID, TIME_STAMP, FRAMEDADDRESS, PORTTYPE, \
>   SERVICETYPE) values ('%n','%N',%{NAS-Port}, \
>   '%{Acct-Session-Id}', %{Timestamp}, \
>   '%{Framed-Address}','%{Port-Type}','%{Service-Type}')
> 
>   DeleteQuery delete from RADONLINE where USERNAME='%n' and \
>   NASIDENTIFIER='%N' and NASPORT=%{NAS-Port}
> 
>   ClearNasQuery delete from RADONLINE where NASIDENTIFIER="%N'
>   CountQuery select NASIDENTIFIER,NASPORT,ACCTSESSIONID from \
>   RADONLINE where USERNAME='%n'
> 
> 
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on [EMAIL PROTECTED]
> To unsubscribe, email '[EMAIL PROTECTED]' with
> 'unsubscribe radiator' in the body of the message.
> 
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

(RADIATOR) Session Database

[Kyle]

I've got this directive in my . However, when an user
logs onto the system, and is authenticated by Radiator, it fails to put
an entry into the session table. What am I doing wrong? Radiator-2.18.2
with RH-7.0 and mySql-3.23.38.



  ## Set the database Identifier
  Identifier SDB1

  ## Set the database source
  DBSource  dbi:mysql:**
  DBUsername**
  DBAuth**

  AddQuery insert into RADONLINE (USERNAME, \
  NASIDENTIFIER, NASPORT, \
  ACCTSESSIONID, TIME_STAMP, FRAMEDADDRESS, PORTTYPE, \
  SERVICETYPE) values ('%n','%N',%{NAS-Port}, \
  '%{Acct-Session-Id}', %{Timestamp}, \
  '%{Framed-Address}','%{Port-Type}','%{Service-Type}')

  DeleteQuery delete from RADONLINE where USERNAME='%n' and \
  NASIDENTIFIER='%N' and NASPORT=%{NAS-Port}

  ClearNasQuery delete from RADONLINE where NASIDENTIFIER="%N'
  CountQuery select NASIDENTIFIER,NASPORT,ACCTSESSIONID from \
  RADONLINE where USERNAME='%n'


===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Re: (RADIATOR) session database not logging variable %{Framed-IP-Address}

[Hugh Irvine]

Hello John -

Can you send me a trace 4 debug showing the packet dumps and so on please?

thanks

Hugh

On Friday 08 June 2001 16:26, John Coy wrote:
> I just upgraded to Radiator 2.18.1 on a Sun Solaris box.  After
> my upgrade, my session database is no longer logging the
> %{Framed-IP-Address} variable.  It appears to be undefined.  Included
> below are my session database config and a debug output from
> a Trace 4 on the insertion process.
>
> The variable %{Framed-IP-Address} is being logged on my RADIUS
> accounting packets, however.
>
> I'm curious if this is a bug with the session database that someone
> else has encountered?  Advice appreciated.
>
> PS - I saw today that 2.18.2 was released, but no mention of
> a bug that affects the session database.
>
> 
>  DBSourcedbi:Oracle:XYZ
>  DBUsername  ABC
>  DBAuth  123
>
>  AddQuery \
>  INSERT INTO radonline \
>  ( username, \
>server, \
>port, \
>session_id, \
>login_time, \
>framed_address ) \
>  VALUES \
>  ( LOWER(SUBSTR('%{User-Name}', 0, 50)), \
>'%{NAS-Identifier}', \
>NVL((%{NAS-Port}-0), 0), \
>'%{Acct-Session-Id}', \
>NVL((%{Timestamp}-0), 0), \
>'%{Framed-IP-Address}' )
>
>  DeleteQuery \
>  DELETE FROM radonline \
>  WHERE username = LOWER(SUBSTR('%{User-Name}', 0, 50)) \
>  AND   port = NVL((%{NAS-Port}-0), 0) \
>  AND   server   = '%{NAS-Identifier}'
>
>  ClearNasQuery \
>  DELETE FROM radonline \
>  WHERE  server = '%{NAS-Identifier}'
>
>  CountQuery \
>  SELECT server, port, session_id \
>  FROM   radonline \
>  WHERE  username = LOWER(SUBSTR('%{User-Name}', 0, 50))
>
> 
>
> Fri Jun  8 01:23:51 2001: DEBUG: do query is: INSERT INTO radonline (
> username,
> server, port, session_id, login_time, framed_address ) VALUES (
> LOWER(SUBSTR('ch
> rist', 0, 50)), '216.152.9.3', NVL((20203-0), 0), '360159532',
> NVL((991981431-0)
> , 0), '' )
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on [EMAIL PROTECTED]
> To unsubscribe, email '[EMAIL PROTECTED]' with
> 'unsubscribe radiator' in the body of the message.

-- 
Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

(RADIATOR) session database not logging variable %{Framed-IP-Address}

[John Coy]

I just upgraded to Radiator 2.18.1 on a Sun Solaris box.  After
my upgrade, my session database is no longer logging the
%{Framed-IP-Address} variable.  It appears to be undefined.  Included
below are my session database config and a debug output from
a Trace 4 on the insertion process.

The variable %{Framed-IP-Address} is being logged on my RADIUS
accounting packets, however.

I'm curious if this is a bug with the session database that someone
else has encountered?  Advice appreciated.

PS - I saw today that 2.18.2 was released, but no mention of
a bug that affects the session database.


 DBSourcedbi:Oracle:XYZ
 DBUsername  ABC
 DBAuth  123

 AddQuery \
 INSERT INTO radonline \
 ( username, \
   server, \
   port, \
   session_id, \
   login_time, \
   framed_address ) \
 VALUES \
 ( LOWER(SUBSTR('%{User-Name}', 0, 50)), \
   '%{NAS-Identifier}', \
   NVL((%{NAS-Port}-0), 0), \
   '%{Acct-Session-Id}', \
   NVL((%{Timestamp}-0), 0), \
   '%{Framed-IP-Address}' )

 DeleteQuery \
 DELETE FROM radonline \
 WHERE username = LOWER(SUBSTR('%{User-Name}', 0, 50)) \
 AND   port = NVL((%{NAS-Port}-0), 0) \
 AND   server   = '%{NAS-Identifier}'

 ClearNasQuery \
 DELETE FROM radonline \
 WHERE  server = '%{NAS-Identifier}'

 CountQuery \
 SELECT server, port, session_id \
 FROM   radonline \
 WHERE  username = LOWER(SUBSTR('%{User-Name}', 0, 50))



Fri Jun  8 01:23:51 2001: DEBUG: do query is: INSERT INTO radonline ( 
username,
server, port, session_id, login_time, framed_address ) VALUES ( 
LOWER(SUBSTR('ch
rist', 0, 50)), '216.152.9.3', NVL((20203-0), 0), '360159532', 
NVL((991981431-0)
, 0), '' )

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Re: (RADIATOR) Session Database Not Updating???

[Hugh Irvine]

Hello Shon -

I don't think the queries that you have defined below will work correctly - 
why do you want to change the defaults? (see my  previous mail)

The way the session database works is as follows:

1. an access request arrives - do a delete based on the NAS/NAS-Port 
combination as by definition a session cannot already be present there
(this is to provide some self-healing in the face of lost stop packets)

2. check the session database for other entries for the same user - reject 
request if limit exceeded, accept otherwise

3. if the request above was accepted, on receipt of the accounting start 
request, add the corresponding record to the session database

4. when the session terminates and the accounting stop is received, delete 
the record from the session database

If you want me to investigate further, you will have to send me a copy of 
your configurartion file (no secrets) together with a trace 4 debug from 
Radiator showing what is going on.

BTW - the latest version of Radiator is 2.18.1.

regards

Hugh



On Saturday 12 May 2001 09:00, Shon Stephens wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> I am using Radiator 2.17 and . I have setup and
> AddQuery, DeleteQuery, ClearNasQuery, and CountQuery. I noticed from
> logs that when a user connects, the first thing that happens is a
> delete from the sessions table. The next thing that happens is a
> select from the sessions table. However, there is never any insert
> into the sessions table. If there is no insert or everytime a user
> logs in (Access-Request Accepted) they are deleted from the sessions
> table, how can I enforce MaxSessions? I don't know what is wrong at
> all. Here is how I configure my SessionDatabase:
>
> 
>
>   # Session DB Identifier. Use this to assign a name that can be
>   # referred to later.
>   Identifier DefaultSDB
>
>   # How we connect to the MySQL server.
>   DBSource dbi:mysql:radius:sqlserver
>   DBUsername user
>   DBAuth secret
>
>   # How we add entries to the session table.
>   AddQuery insert into sessions (username, time_stamp, session_id, \
>   nas_identifier, nas_port, framed_ip_addr) values ('%U', \
>   '%{GlobalVar:TimestampFormatted}', '%{Acct-Session-Id}', \
>   '%{NAS-Identifier}', '%{NAS-Port}', '%{Framed-IP-Address}')
>
>  # How we delete entries from the session table.
>  #DeleteQuery delete from sessions where username='%U' and \
>  #nas_identifier='%{NAS-Identifier}' and nas_port='%{NAS-Port}'
>  DeleteQuery delete from sessions where username='%U'
>
>   # Clear the sessions table whenever a NAS is rebooted.
>   ClearNasQuery delete from sessions where nas_identifier= \
>   '%{NAS-Identifier}'
>
>   # Count number of simultaneous sessions.
>   CountQuery select nas_identifier,nas_port,session_id from sessions
> \
>   where username='%U'
>
> 
>
> Thanks,
> Shon Stephens
> [EMAIL PROTECTED]
>
> -BEGIN PGP SIGNATURE-
> Version: PGPfreeware 7.0.3 for non-commercial use 
>
> iQA/AwUBOvxvHUwGLkuD4lDdEQKAUQCglH5CB0+vIPX30Va2uD4D6FZNg90AniQ7
> p48z2lbLqnclCBYYlWEZJQxt
> =ISZR
> -END PGP SIGNATURE-
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on [EMAIL PROTECTED]
> To unsubscribe, email '[EMAIL PROTECTED]' with
> 'unsubscribe radiator' in the body of the message.

-- 
Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

(RADIATOR) Session Database Not Updating???

[Shon Stephens]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

I am using Radiator 2.17 and . I have setup and
AddQuery, DeleteQuery, ClearNasQuery, and CountQuery. I noticed from
logs that when a user connects, the first thing that happens is a
delete from the sessions table. The next thing that happens is a
select from the sessions table. However, there is never any insert
into the sessions table. If there is no insert or everytime a user
logs in (Access-Request Accepted) they are deleted from the sessions
table, how can I enforce MaxSessions? I don't know what is wrong at
all. Here is how I configure my SessionDatabase:



  # Session DB Identifier. Use this to assign a name that can be 
  # referred to later.
  Identifier DefaultSDB

  # How we connect to the MySQL server.
  DBSource dbi:mysql:radius:sqlserver
  DBUsername user
  DBAuth secret

  # How we add entries to the session table.
  AddQuery insert into sessions (username, time_stamp, session_id, \
  nas_identifier, nas_port, framed_ip_addr) values ('%U', \
  '%{GlobalVar:TimestampFormatted}', '%{Acct-Session-Id}', \
  '%{NAS-Identifier}', '%{NAS-Port}', '%{Framed-IP-Address}')

 # How we delete entries from the session table.
 #DeleteQuery delete from sessions where username='%U' and \
 #nas_identifier='%{NAS-Identifier}' and nas_port='%{NAS-Port}'
 DeleteQuery delete from sessions where username='%U'

  # Clear the sessions table whenever a NAS is rebooted.
  ClearNasQuery delete from sessions where nas_identifier= \
  '%{NAS-Identifier}'

  # Count number of simultaneous sessions.
  CountQuery select nas_identifier,nas_port,session_id from sessions
\
  where username='%U'



Thanks,
Shon Stephens
[EMAIL PROTECTED]

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 7.0.3 for non-commercial use 

iQA/AwUBOvxvHUwGLkuD4lDdEQKAUQCglH5CB0+vIPX30Va2uD4D6FZNg90AniQ7
p48z2lbLqnclCBYYlWEZJQxt
=ISZR
-END PGP SIGNATURE-

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Re: (RADIATOR) Session Database Curly..

[Jeremy Burton]

Argh.. this is where everyone should yell at me to RTFM! Just stumbled
over the Identifier parameter for SessionDatabase clauses... just shoot
me :)

Jeremy

On Wed, Apr 18, 2001 at 11:22:54AM +1000, Jeremy Burton wrote:
> Hi All,
> I have a question 'bout session databases...  We have a setup where we
> provide dialup access for a subsidiary (but separate) company - ie they
> have their own customers but use our dialup equipment. To do this, we give
> them their own dialin number on our NAS and use 
>  as the way of telling radiator to
> forward the requests onto their radius server. That way, a user of their
> service doesn't need to append @theirname.com.au to the end of their
> usernames to get authenticated properly. This is all working fine except
> for one problem: we use an SQL session database to keep track of
> simultaneous use for our own customers. If a user called user1 logs into
> their service, and then a user called user1 with simultaneous use=1 logs
> into our service, they are denied. Why? Because the session database
> already has an entry for user user1. In theory, a nice way around it would
> be to have in the session database username@realm, however that is just
> the problem: we don't have differenct realms here. Is there some way of
> indicating within an AuthBy that we don't want the session database used
> for the present AuthBy. This way, if we have an AuthBy purely for
> forwarding, we can bypass the session database. 
> 
> Thanks,
> 
> Jeremy
>  
> 
> -- 
> Jeremy Burton
> Database Administrator, Netspace Online Systems
> [EMAIL PROTECTED]
> [EMAIL PROTECTED]
> 
> ===
> Archive at http://www.starport.net/~radiator/
> Announcements on [EMAIL PROTECTED]
> To unsubscribe, email '[EMAIL PROTECTED]' with
> 'unsubscribe radiator' in the body of the message.

-- 
Jeremy Burton
Database Administrator, Netspace Online Systems
[EMAIL PROTECTED]
[EMAIL PROTECTED]

===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

(RADIATOR) Session Database Curly..

[Jeremy Burton]

Hi All,
I have a question 'bout session databases...  We have a setup where we
provide dialup access for a subsidiary (but separate) company - ie they
have their own customers but use our dialup equipment. To do this, we give
them their own dialin number on our NAS and use 
 as the way of telling radiator to
forward the requests onto their radius server. That way, a user of their
service doesn't need to append @theirname.com.au to the end of their
usernames to get authenticated properly. This is all working fine except
for one problem: we use an SQL session database to keep track of
simultaneous use for our own customers. If a user called user1 logs into
their service, and then a user called user1 with simultaneous use=1 logs
into our service, they are denied. Why? Because the session database
already has an entry for user user1. In theory, a nice way around it would
be to have in the session database username@realm, however that is just
the problem: we don't have differenct realms here. Is there some way of
indicating within an AuthBy that we don't want the session database used
for the present AuthBy. This way, if we have an AuthBy purely for
forwarding, we can bypass the session database. 

Thanks,

Jeremy
 

-- 
Jeremy Burton
Database Administrator, Netspace Online Systems
[EMAIL PROTECTED]
[EMAIL PROTECTED]

===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Re: (RADIATOR) session database failover

[Hugh Irvine]

Hello Swee-Chuan -

At 17:57 +0800 4/12/00, Swee-Chuan Khoo wrote:
>hi,
>
>i am using oracle as my user database as well as the session database,
>i can use multiple server for authentication, for high availability
>purposes.
>
>can i do the same thing with session database?
>

Yes you can, however keep in mind that unless the two copies are 
synchronised, failing over will not help much.

regards

Hugh
-- 

NB: I am travelling this week, so there may be delays in our correspondence.

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.

===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

(RADIATOR) session database failover

[Swee-Chuan Khoo]

hi,

i am using oracle as my user database as well as the session database,
i can use multiple server for authentication, for high availability
purposes.

can i do the same thing with session database?

-- 
Swee-Chuan Khoo [EMAIL PROTECTED]

A layman knows he has to kick it.; An amateur knows where to kick it.; A
professional knows how hard.

===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Re: (RADIATOR) Session Database Logic

[Hugh Irvine]

Hello William -

On Sat, 07 Oct 2000, William Hernandez wrote:
> Hello everyone,
> 
> I was using a modification to AuthGeneric.pm that uses finger to
> count simultaneous-user,
> but had to trash it because the output of finger truncates the
> user name and because we have
> valid user names in the format [EMAIL PROTECTED] I rewrote it
> to use snmpwalk, but
> had to trash that also because response times were too slow and I
> was getting too
> many timeouts. So now we're considering AuthbySQL.
> 
> The following excerpt is from the archives.
> 
> I'd like to go over this because we are thinking about using
> AuthSQL (with mySQL),
> but I have hesitated because I didn't fully understand how
> Radiator went about
> checking the integrity/consistency of the database.
> 
> >> And it is also not clear, why the users session is deleted
> before a SELECT
> >> query is made on the RADONLINE table.
> >>
> 
> >What happens is this. When Radiator receives an Access-Request,
> it first of all
> >does some housekeeping and deletes any old session database
> record for that NAS
> >and Port number. This is because we might have missed a Stop
> record, and also
> >because by definition there cannot be an existing session for
> that NAS and Port
> >combination.
> 
> We have users that have a Simultaneous-Use of more that 1. In
> that case,  isn't it
> possible to have existing multiple records in the database with a
> the same NASIDENTIFIER and
> NASPORT, but with different ACCTSESSIONID (I'm thinking that
> ACCTSESSIONID is
> the same as the SessionID reported with finger. Is that
> correct?)?
> 

No. By definition, there can only be one session on a particular port on a NAS.
Either there is a call present on a port and hence there is a session, or there
isn't. So no, you can't have multiple records with the same NASIDENTIFIER and
NASPORT.

> >Secondly, Radiator verifies the session database to check on
> >simultaneous use limits. Thirdly, only if there are already the
> maximum number
> >of simultaneous sessions for the user will Radiator then go and
> check with the
> >NAS(s) whether the sessions in the session database are still
> present.
> 
> How does the RADONLINE table get rebuilt after a disconnection?
> During the time a connection was not available only
> Simultaneous-Use would be affected?
> During the time a connection was not avaiable does Radiator then
> directly poll "all" of
> the NASIDENTIFIER/NASPORT combinations (using finger for
> example)?
> 

I'm not sure what you mean by a disconnection. If a NAS restarts and it sends
an Accounting-On, all records for that NAS will be cleared. If you are meaning
the session database itself goes away, Radiator doesn't do anything other than
the previously mentioned delete upon reception of new access requests, which
will cause the session database to self-heal (over time admittedly).

hth

Hugh


-- 
Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.



===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

(RADIATOR) Session Database Logic

[William Hernandez]

Hello everyone,

I was using a modification to AuthGeneric.pm that uses finger to
count simultaneous-user,
but had to trash it because the output of finger truncates the
user name and because we have
valid user names in the format [EMAIL PROTECTED] I rewrote it
to use snmpwalk, but
had to trash that also because response times were too slow and I
was getting too
many timeouts. So now we're considering AuthbySQL.

The following excerpt is from the archives.

I'd like to go over this because we are thinking about using
AuthSQL (with mySQL),
but I have hesitated because I didn't fully understand how
Radiator went about
checking the integrity/consistency of the database.

>> And it is also not clear, why the users session is deleted
before a SELECT
>> query is made on the RADONLINE table.
>>

>What happens is this. When Radiator receives an Access-Request,
it first of all
>does some housekeeping and deletes any old session database
record for that NAS
>and Port number. This is because we might have missed a Stop
record, and also
>because by definition there cannot be an existing session for
that NAS and Port
>combination.

We have users that have a Simultaneous-Use of more that 1. In
that case,  isn't it
possible to have existing multiple records in the database with a
the same NASIDENTIFIER and
NASPORT, but with different ACCTSESSIONID (I'm thinking that
ACCTSESSIONID is
the same as the SessionID reported with finger. Is that
correct?)?

>Secondly, Radiator verifies the session database to check on
>simultaneous use limits. Thirdly, only if there are already the
maximum number
>of simultaneous sessions for the user will Radiator then go and
check with the
>NAS(s) whether the sessions in the session database are still
present.

How does the RADONLINE table get rebuilt after a disconnection?
During the time a connection was not available only
Simultaneous-Use would be affected?
During the time a connection was not avaiable does Radiator then
directly poll "all" of
the NASIDENTIFIER/NASPORT combinations (using finger for
example)?

Thanks in advance.
William


===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Re: (RADIATOR) Session Database Difficulty

[Hugh Irvine]

Hello David -

On Tue, 21 Dec 1999, David Lloyd wrote:
> Hello, I've got a 3COM box that uses MPIP to synchronize the multilink
> information between two router cards.  My problem is that whenever someone
> connects one channel into each card, an accounting entry is made that
> looks like a regular accounting entry, except the NAS-Port-Type is set to
> 'Virtual'.
> 
> This means that if someone connects, one channel into each box, the
> session database will record three entries instead of two!
> 
> Is there a way where I can selectively ignore any accounting request in
> which the NAS-Port-Type is Virtual, or better still, can I simply avoid
> inserting that entry into my session database?  Or can I set CountQuery to
> somehow ignore those?
> 

I will need to see your  configuration file, but this can be done by defining a
second session database and using it for the offending packets. Something like
this:

# this is your existing session database





# add this


Identifier InMemory


# then this


SessionDatabase InMemory

Filename %D/virtual-users



# then the rest of your configuration



# virtual-users file contains this 
(should never be used, but this is for security)

Virtual Auth-Type = Reject


The usual caveats apply regarding Realms and Handlers. Also note that the above
configuration uses the Request-Type check item which is implemented in a patch
to Radiator 2.14.1. And in addition the  must follow
your existing session database to work properly (there is a fix for
the Identifier coming).

hth

Hugh


-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8,
NT, Rhapsody

===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

(RADIATOR) Session Database Difficulty

[David Lloyd]

Hello, I've got a 3COM box that uses MPIP to synchronize the multilink
information between two router cards.  My problem is that whenever someone
connects one channel into each card, an accounting entry is made that
looks like a regular accounting entry, except the NAS-Port-Type is set to
'Virtual'.

This means that if someone connects, one channel into each box, the
session database will record three entries instead of two!

Is there a way where I can selectively ignore any accounting request in
which the NAS-Port-Type is Virtual, or better still, can I simply avoid
inserting that entry into my session database?  Or can I set CountQuery to
somehow ignore those?

Thanks...

--
Dave Lloyd


===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

RE: (RADIATOR) Session Database

[Roy Hooper]

> Note however that you can specify an internal session database,
> just like the
> others, and as it runs entirely in memory it will be fast and won't leave
> anything lying around.

Ahh, yes, this is what I was trying to figure out.

> Actually, I have just been looking at the code, and it says that
> the *last*
> session database defined will be the default. Which way did you
> set up your
> configuration? And does it work as you would expect?

I've got one unnamed session database, followed by SDB1 and SDB2.  It seems
to be using the first one as the default, and thus working correctly.
Perhaps it uses  the last unnamed one?  (Maybe I should go look at the code
too)

--
Roy Hooper ([EMAIL PROTECTED])
Sr. Systems Administrator
Network Operations
Cyberus Online Inc, an eisa.com company



===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

RE: (RADIATOR) Session Database

[Hugh Irvine]

Hi Roy -

On Mon, 29 Nov 1999, Roy Hooper wrote:
> Thanks!  That worked well.
> 

Good.

> Is there any way to just discard instead of using two (or 3) session
> databases?
> 

No, not really, as you need the first one as a place-holder in any case. Its
always the first one that is used by default (** see comments below **), and the
second (and third...) can be referenced via the Identifier and used for other
purposes.

> What would happen if I told it to use a different SessionDatabase that I had
> not previously defined? :)
> 

You would probably just fill up your log files quicker with complaints about
not being able to access that session database.

Note however that you can specify an internal session database, just like the
others, and as it runs entirely in memory it will be fast and won't leave
anything lying around.

# define an internal session database as the first default


Identifier SDB1


Actually, I have just been looking at the code, and it says that the *last*
session database defined will be the default. Which way did you set up your
configuration? And does it work as you would expect?

thanks

Hugh


--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8,
NT, Rhapsody

===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

RE: (RADIATOR) Session Database

[Roy Hooper]

Thanks!  That worked well.

Is there any way to just discard instead of using two (or 3) session
databases?

What would happen if I told it to use a different SessionDatabase that I had
not previously defined? :)

--
Roy Hooper ([EMAIL PROTECTED])
Sr. Systems Administrator
Network Operations
Cyberus Online Inc, an eisa.com company



> -Original Message-
> From: Hugh Irvine [mailto:[EMAIL PROTECTED]]
> Sent: Monday, November 29, 1999 12:05 AM
> To: Roy Hooper; tom minchin
> Cc: [EMAIL PROTECTED]; Roy Hooper
> Subject: RE: (RADIATOR) Session Database
>
>
>
> Hi Roy (and Tom) -
>
> On Mon, 29 Nov 1999, Roy Hooper wrote:
> > >
> > > If they're using something that's always the same, then
> create a Handler
> > > that matches and ignores these packets (although you may want to log
> > > them to make sure they're doing their job etc).
> >
> > I'm already doing this (here's my Session config & my Accounting
> > handler(s)):
> > I *MUST* respond to the NAS to indicate that I got the packets, so
> > discarding outright doesn't help.  The best approach that I
> found to what I
> > want to do was the AuthBy TEST module :)  If I'm wrong, someone, please
> > correct me! :)
> >
>
> There is a rather obscure way of dealing with your problem, and that is by
> defining two session databases, one for your default entries and
> the second for
> the entries you really want to see. Something like this:
>
> # This is your first session database definition
>
> 
>   DBSource  dbi:mysql:radius
>   DBUsername  XXX
>   DBAuth  XXX
>
>   AddQuery  insert into RADONLINE \
>   (USERNAME, NASIDENTIFIER, NASPORT, ACCTSESSIONID,
> TIME_STAMP, \
>   FRAMEDADDRESS, PORTTYPE, SERVICETYPE) values ('%n', '%N', \
>   '%{NAS-Port}', '%{Acct-Session-Id}', %{Timestamp}, \
>   '%{Framed-IP-Address}', '%{Port-Type}', '%{Service-Type}')
>
>   DeleteQuery  delete from RADONLINE where USERNAME='%n' and
> NASIDENTIFIER
> ='%N' and NASPORT='%{NAS-Port}'
> 
>
> # This is your second session database definition
> # note the use of Identifier for reference (and a second table)
>
> 
>   IdentifierSDB2
>   DBSource  dbi:mysql:radius
>   DBUsername  XXX
>   DBAuth  XXX
>
>   AddQuery  insert into RADONLINE2 \
>   (USERNAME, NASIDENTIFIER, NASPORT, ACCTSESSIONID,
> TIME_STAMP, \
>   FRAMEDADDRESS, PORTTYPE, SERVICETYPE) values ('%n', '%N', \
>   '%{NAS-Port}', '%{Acct-Session-Id}', %{Timestamp}, \
>   '%{Framed-IP-Address}', '%{Port-Type}', '%{Service-Type}')
>
>   DeleteQuery  delete from RADONLINE2 where USERNAME='%n' and
> NASIDENTIFIER
> ='%N' and NASPORT='%{NAS-Port}'
> 
>
> # Accounting handlers
> #
> # Log details for @eisa.com users only from @eisa.com to file from
> # border1.cyberus.ca 209.195.69.147
>  /Start|Stop/,NAS-IP-Address=209.195.69.147,User-Name
> =/.*\@eisa.com/>
>   RewriteUsername s/^([^@]+).*/$1/
>   
>   
>   AcctLogFileName %L/acct/eisa.com/%C/detail
> 
>
> # Accept the rest of the entries from 209.195.69.147, but don't log them
> 
> #  RewriteUsername s/^([^@]+).*/$1/
>   
>   
> #AcctLogFileName %L/acct/eisa.com/7552-details
> 
>
> # Ignore UUnet test packets
>  Acct-Session-Id =
> "dontTryMacth">
>   
>   
> 
>
> # Accept start and stop for the rest.
> 
>   RewriteUsername s/^([^@]+).*/$1/
>   
>   
>   AcctLogFileName %L/acct/eisa.com/%C/detail
>   SessionDatabase SDB2
> 
>
> Your final Handler will use the session database defined by SDB2,
> while the
> others will continue to use the first one (which is the default).
>
> hth
>
> Hugh
>
>
> --
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8,
> NT, Rhapsody
>


===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

RE: (RADIATOR) Session Database

[Hugh Irvine]

Hi Roy (and Tom) -

On Mon, 29 Nov 1999, Roy Hooper wrote:
> >
> > If they're using something that's always the same, then create a Handler
> > that matches and ignores these packets (although you may want to log
> > them to make sure they're doing their job etc).
> 
> I'm already doing this (here's my Session config & my Accounting
> handler(s)):
> I *MUST* respond to the NAS to indicate that I got the packets, so
> discarding outright doesn't help.  The best approach that I found to what I
> want to do was the AuthBy TEST module :)  If I'm wrong, someone, please
> correct me! :)
> 

There is a rather obscure way of dealing with your problem, and that is by
defining two session databases, one for your default entries and the second for
the entries you really want to see. Something like this:

# This is your first session database definition


  DBSource  dbi:mysql:radius
  DBUsername  XXX
  DBAuth  XXX

  AddQuery  insert into RADONLINE \
  (USERNAME, NASIDENTIFIER, NASPORT, ACCTSESSIONID, TIME_STAMP, \
  FRAMEDADDRESS, PORTTYPE, SERVICETYPE) values ('%n', '%N', \
  '%{NAS-Port}', '%{Acct-Session-Id}', %{Timestamp}, \
  '%{Framed-IP-Address}', '%{Port-Type}', '%{Service-Type}')

  DeleteQuery  delete from RADONLINE where USERNAME='%n' and
NASIDENTIFIER
='%N' and NASPORT='%{NAS-Port}'


# This is your second session database definition
# note the use of Identifier for reference (and a second table)


  IdentifierSDB2
  DBSource  dbi:mysql:radius
  DBUsername  XXX
  DBAuth  XXX

  AddQuery  insert into RADONLINE2 \
  (USERNAME, NASIDENTIFIER, NASPORT, ACCTSESSIONID, TIME_STAMP, \
  FRAMEDADDRESS, PORTTYPE, SERVICETYPE) values ('%n', '%N', \
  '%{NAS-Port}', '%{Acct-Session-Id}', %{Timestamp}, \
  '%{Framed-IP-Address}', '%{Port-Type}', '%{Service-Type}')

  DeleteQuery  delete from RADONLINE2 where USERNAME='%n' and
NASIDENTIFIER
='%N' and NASPORT='%{NAS-Port}'


# Accounting handlers
#
# Log details for @eisa.com users only from @eisa.com to file from
# border1.cyberus.ca 209.195.69.147

  RewriteUsername s/^([^@]+).*/$1/
  
  
  AcctLogFileName %L/acct/eisa.com/%C/detail


# Accept the rest of the entries from 209.195.69.147, but don't log them

#  RewriteUsername s/^([^@]+).*/$1/
  
  
#AcctLogFileName %L/acct/eisa.com/7552-details


# Ignore UUnet test packets

  
  


# Accept start and stop for the rest.

  RewriteUsername s/^([^@]+).*/$1/
  
  
  AcctLogFileName %L/acct/eisa.com/%C/detail
  SessionDatabase SDB2


Your final Handler will use the session database defined by SDB2, while the
others will continue to use the first one (which is the default).

hth

Hugh


--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8,
NT, Rhapsody

===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

RE: (RADIATOR) Session Database

[Roy Hooper]

>
> If they're using something that's always the same, then create a Handler
> that matches and ignores these packets (although you may want to log
> them to make sure they're doing their job etc).

I'm already doing this (here's my Session config & my Accounting
handler(s)):
I *MUST* respond to the NAS to indicate that I got the packets, so
discarding outright doesn't help.  The best approach that I found to what I
want to do was the AuthBy TEST module :)  If I'm wrong, someone, please
correct me! :)


DBSourcedbi:mysql:radius
DBUsername  XXX
DBAuth  XXX

AddQuery  insert into RADONLINE \
(USERNAME, NASIDENTIFIER, NASPORT, ACCTSESSIONID, TIME_STAMP, \
FRAMEDADDRESS, PORTTYPE, SERVICETYPE) values ('%n', '%N', \
'%{NAS-Port}', '%{Acct-Session-Id}', %{Timestamp}, \
'%{Framed-IP-Address}', '%{Port-Type}', '%{Service-Type}')

DeleteQuery  delete from RADONLINE where USERNAME='%n' and
NASIDENTIFIER
='%N' and NASPORT='%{NAS-Port}'


# Accounting handlers
#
# Log details for @eisa.com users only from @eisa.com to file from
# border1.cyberus.ca 209.195.69.147

RewriteUsername s/^([^@]+).*/$1/


AcctLogFileName %L/acct/eisa.com/%C/detail


# Accept the rest of the entries from 209.195.69.147, but don't log them

#RewriteUsername s/^([^@]+).*/$1/


#   AcctLogFileName %L/acct/eisa.com/7552-details


# Ignore UUnet test packets





# Accept start and stop for the rest.

RewriteUsername s/^([^@]+).*/$1/


AcctLogFileName %L/acct/eisa.com/%C/detail



===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Re: (RADIATOR) Session Database

[tom minchin]

On Sun, Nov 28, 1999 at 10:44:22PM -0500, Roy Hooper wrote:
> At present, I have two situations I want to rememedy:
> 
> 1. I'm getting a number of "noise" accounting packets sent by one of our
> vendors to check our server is working.  These packets tend to pollute the
> session database, but can be easily ignored if I can prevent them from
> making it to the session database by UserID.

If they're using something that's always the same, then create a Handler
that matches and ignores these packets (although you may want to log
them to make sure they're doing their job etc).
> 
> 2. I've got a number of accounting packets coming in from one NAS in order
> to track 1-800 service.  50% of this same NAS includes accounting packets I
> do not want in the radwho database, and am presently not logging to file
> because I don't want to see them, except when debugging.  The rest of the
> packets I am very interested in tracking, and am presentlying doing this by
> realm for this NAS -- packets w/o a realm are ignored for logging to file
> for accounting, the rest are kept.
> 

If you can distinguish them easily based on Radius attributes then another
Handle to collect the discardables would be the solution.

[EMAIL PROTECTED]

===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

RE: (RADIATOR) Session Database

[Roy Hooper]

Hmmm...

You appear to be right, it appears sane today.  There are no stragglers.

I would like to find a way, however, to not list certain NAS, Clients, or
Usernames in the session database.

At present, I have two situations I want to rememedy:

1. I'm getting a number of "noise" accounting packets sent by one of our
vendors to check our server is working.  These packets tend to pollute the
session database, but can be easily ignored if I can prevent them from
making it to the session database by UserID.

2. I've got a number of accounting packets coming in from one NAS in order
to track 1-800 service.  50% of this same NAS includes accounting packets I
do not want in the radwho database, and am presently not logging to file
because I don't want to see them, except when debugging.  The rest of the
packets I am very interested in tracking, and am presentlying doing this by
realm for this NAS -- packets w/o a realm are ignored for logging to file
for accounting, the rest are kept.

Any suggestions for either of these?

--
Roy Hooper ([EMAIL PROTECTED])
Sr. Systems Administrator
Network Operations
Cyberus Online Inc, an eisa.com company



> -Original Message-
> From: Hugh Irvine [mailto:[EMAIL PROTECTED]]
> Sent: Sunday, November 28, 1999 7:38 PM
> To: Roy Hooper; [EMAIL PROTECTED]
> Cc: Roy Hooper
> Subject: Re: (RADIATOR) Session Database
>
>
>
> Hello Roy -
>
> On Sat, 27 Nov 1999, Roy Hooper wrote:
> > I'm looking at the session database, and it appears that
> Acct-Start records
> > are not what is used to create an entry, but rather
> authentication-Accept
> > packets.
> >
> > Is there a particular reason for this?  I'm finding that this method is
> > leaving stray data behind.
> >
>
> Here is the relevant code fragment from Handler.pm:
>
>
> if ($status_type eq 'Start' || $status_type eq 'Alive')
> {
> # Some Ciscos dont send accounting-on, so we will
> # detect a reboot with the first session (ID 0001)
> $sessdb->clearNas($nas_id, $p)
> if $session_id eq '0001';
>
> # Ciscos sometimes sends Alive. Use them to make _sure_
> # there is an entry in the database
> $sessdb->add($original_username, $nas_id, $nas_port, $p);
> }
> elsif ($status_type eq 'Stop')
> {
> $sessdb->delete($original_username, $nas_id, $nas_port, $p);
> }
>
>
> As you can see, the session database is updated from the
> Accounting packets
> (Start, Alive and Stop). The Access-Request packet is used as a tidy up to
> remove session database entries that may not been removed due to
> a missed Stop.
>
> Perhaps there is something else amiss? Send us a trace 4 debug
> log and we'll
> have a look.
>
> hth
>
> Hugh
>
> --
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8,
> NT, Rhapsody
>


===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Re: (RADIATOR) Session Database

[Hugh Irvine]

Hello Roy -

On Sat, 27 Nov 1999, Roy Hooper wrote:
> I'm looking at the session database, and it appears that Acct-Start records
> are not what is used to create an entry, but rather authentication-Accept
> packets.
> 
> Is there a particular reason for this?  I'm finding that this method is
> leaving stray data behind.
> 

Here is the relevant code fragment from Handler.pm:


if ($status_type eq 'Start' || $status_type eq 'Alive')
{
# Some Ciscos dont send accounting-on, so we will
# detect a reboot with the first session (ID 0001)
$sessdb->clearNas($nas_id, $p)
if $session_id eq '0001';

# Ciscos sometimes sends Alive. Use them to make _sure_
# there is an entry in the database
$sessdb->add($original_username, $nas_id, $nas_port, $p);
}
elsif ($status_type eq 'Stop')
{
$sessdb->delete($original_username, $nas_id, $nas_port, $p);
}   


As you can see, the session database is updated from the Accounting packets
(Start, Alive and Stop). The Access-Request packet is used as a tidy up to
remove session database entries that may not been removed due to a missed Stop.

Perhaps there is something else amiss? Send us a trace 4 debug log and we'll
have a look.

hth

Hugh

--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8,
NT, Rhapsody

===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

(RADIATOR) Session Database

[Roy Hooper]

I'm looking at the session database, and it appears that Acct-Start records
are not what is used to create an entry, but rather authentication-Accept
packets.

Is there a particular reason for this?  I'm finding that this method is
leaving stray data behind.


--
Roy Hooper ([EMAIL PROTECTED])
Sr. Systems Administrator
Network Operations
Cyberus Online Inc, an eisa.com company


===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Re: (RADIATOR) Session database

[John Coy]

Look at section 6.5 of the RADIATOR manual under the
 section.  There is an option called
AddQuery and one called DeleteQuery to handle what you're
asking.



At 10:42 PM 8/28/99 +0530, you wrote:
>Hi all
>i am using sql for maintaining session logs.
>How can I change the query that is executed for insert delete so that I can
>vary the parameters that can be inserted into the table
>
>
>Rajesh
>
>
>Get your own FREE, personal Netscape WebMail account today at 
>http://webmail.netscape.com.
>
>
>Archive at http://www.thesite.com.au/~radiator/
>To unsubscribe, email '[EMAIL PROTECTED]' with
>'unsubscribe radiator' in the body of the message.


===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

(RADIATOR) Session database

[Rajesh Khator]

Hi all
i am using sql for maintaining session logs.
How can I change the query that is executed for insert delete so that I can
vary the parameters that can be inserted into the table


Rajesh


Get your own FREE, personal Netscape WebMail account today at 
http://webmail.netscape.com.

ÿ
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Re: (RADIATOR) Session Database problems

[Mike McCauley]

Hi Chris,

>From your debug trace the example shown did not have any errors, therefore we
would need a trace that does explicityly show both the incoming request and the
resulting SQL statement that causes the error.

We suspect that the error is caused by a NAS-specific accounting request.

Cheers.


On Jul 18,  6:47pm, Chris M wrote:
> Subject: (RADIATOR) Session Database problems
> While turning on the SessionDatabase SQL feature with a Linux Postgres
> database I encountered lots of errors occasionally happening on stdout:
>
> DBD::Pg::db do failed: ERROR:  parser: parse error at or near ","
> DBD::Pg::db do failed: ERROR:  parser: parse error at or near ""
> DBD::Pg::db do failed: ERROR:  parser: parse error at or near ""
> DBD::Pg::db do failed: ERROR:  parser: parse error at or near ","
>
> etc. etc.
>
> The records in the Radiator log look normal, any ideas what is causing this?
>
> Chris
>
> Sun Jul 18 18:50:11 1999: DEBUG: Handling request with Handler 'Realm='
> Sun Jul 18 18:50:11 1999: DEBUG: Rewrote user name to mark
> Sun Jul 18 18:50:11 1999: DEBUG: Rewrote user name to mark
> Sun Jul 18 18:50:11 1999: DEBUG: Rewrote user name to mark
> Sun Jul 18 18:50:11 1999: DEBUG: Handling with Radius::AuthDBFILE
> Sun Jul 18 18:50:11 1999: DEBUG: SessionDB Adding session for mark,
> 207.174.103.7,
> 17
> Sun Jul 18 18:50:11 1999: DEBUG: do query is: delete from RADONLINE where
> NASIDENTI
> FIER='207.174.103.7' and NASPORT=17
>
> Sun Jul 18 18:50:12 1999: DEBUG: do query is: insert into RADONLINE
> (USERNAME, NASI
> DENTIFIER, NASPORT, ACCTSESSIONID, TIME_STAMP, FRAMEDIPADDRESS,
> NASPORTTYPE, SERVIC
> ETYPE) values ('mark', '207.174.103.7', 17, '3D000E6E', 932345411,
> '204.144.244.65'
> , 'ISDN', 'Framed-User')
>
> Sun Jul 18 18:50:12 1999: DEBUG: Accounting accepted
> Sun Jul 18 18:50:12 1999: DEBUG: Packet dump:
> *** Sending to 207.174.103.7 port 1026 
> Code:   Accounting-Response
> Identifier: 125
> Authentic:  X<10><11>d.<172><212><191>N<160>S<30><2><135>Z<14>
>
>
>
>
> ===
> Archive at http://www.thesite.com.au/~radiator/
> To unsubscribe, email '[EMAIL PROTECTED]' with
> 'unsubscribe radiator' in the body of the message.
>-- End of excerpt from Chris M



-- 
Mike McCauley   [EMAIL PROTECTED]
Open System Consultants Pty. LtdUnix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia   http://www.open.com.au
Phone +61 3 9598-0985   Fax   +61 3 9598-0955

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8, 
NT, Rhapsody
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

(RADIATOR) Session Database problems

[Chris M]

While turning on the SessionDatabase SQL feature with a Linux Postgres
database I encountered lots of errors occasionally happening on stdout:

DBD::Pg::db do failed: ERROR:  parser: parse error at or near ","
DBD::Pg::db do failed: ERROR:  parser: parse error at or near ""
DBD::Pg::db do failed: ERROR:  parser: parse error at or near ""
DBD::Pg::db do failed: ERROR:  parser: parse error at or near ","

etc. etc.

The records in the Radiator log look normal, any ideas what is causing this?

Chris

Sun Jul 18 18:50:11 1999: DEBUG: Handling request with Handler 'Realm='
Sun Jul 18 18:50:11 1999: DEBUG: Rewrote user name to mark
Sun Jul 18 18:50:11 1999: DEBUG: Rewrote user name to mark
Sun Jul 18 18:50:11 1999: DEBUG: Rewrote user name to mark
Sun Jul 18 18:50:11 1999: DEBUG: Handling with Radius::AuthDBFILE
Sun Jul 18 18:50:11 1999: DEBUG: SessionDB Adding session for mark,
207.174.103.7,
17
Sun Jul 18 18:50:11 1999: DEBUG: do query is: delete from RADONLINE where
NASIDENTI
FIER='207.174.103.7' and NASPORT=17

Sun Jul 18 18:50:12 1999: DEBUG: do query is: insert into RADONLINE
(USERNAME, NASI
DENTIFIER, NASPORT, ACCTSESSIONID, TIME_STAMP, FRAMEDIPADDRESS,
NASPORTTYPE, SERVIC
ETYPE) values ('mark', '207.174.103.7', 17, '3D000E6E', 932345411,
'204.144.244.65'
, 'ISDN', 'Framed-User')

Sun Jul 18 18:50:12 1999: DEBUG: Accounting accepted
Sun Jul 18 18:50:12 1999: DEBUG: Packet dump:
*** Sending to 207.174.103.7 port 1026 
Code:   Accounting-Response
Identifier: 125
Authentic:  X<10><11>d.<172><212><191>N<160>S<30><2><135>Z<14>




===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Re: (RADIATOR) Session database not being updated

[Mike McCauley]

Hi Rich,

On Apr 28, 12:37pm, Richard Hawley wrote:
> Subject: (RADIATOR) Session database not being updated
> I have had several instances since putting Radiator into production
> where the session database does not get updated.  When I check the
> accounting files, I notice that the accounting database never received a
> stop request for that session.  My question is, what would cause the
> stop request to either not be sent, or not be received by Radiator?  The
> NAS is a USR Hiper Modem Chassis.  Could it be a problem with the
> dictionary file?  I am using the dictionary.usr which came with
> Radiator.  Thanks.

The usual cause of this sort of thing is to do with the NAS:
1. Some NASs have software problems that sometimes prevent the Stop being sent.
2. With some NAS types, if the NAS restarts, the sessions that were up at the
time wont get a Stop. (If the NAS sends a accounting on packet Radiator will
use that to clerar all the sessions that were on that NAS, but not all NASs
send accounting start)
3. sometimes it can be casued by (longish) network outages, where the Stop
fails to get through the network in spite if the NASs normal retransmissions.
Eventually the NAS will give up trying to send it.

I would probably consider item 1 as the most likely.

Hope that helps.

Cheers.

-- 
Mike McCauley   [EMAIL PROTECTED]
Open System Consultants Pty. LtdUnix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia   http://www.open.com.au
Phone +61 3 9598-0985   Fax   +61 3 9598-0955

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, external, etc etc on Unix, Win95/8, NT, Rhapsody
===
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

(RADIATOR) Session database not being updated

[Richard Hawley]

I have had several instances since putting Radiator into production
where the session database does not get updated.  When I check the
accounting files, I notice that the accounting database never received a
stop request for that session.  My question is, what would cause the
stop request to either not be sent, or not be received by Radiator?  The
NAS is a USR Hiper Modem Chassis.  Could it be a problem with the
dictionary file?  I am using the dictionary.usr which came with
Radiator.  Thanks.

..Rich

--

Richard W. Hawley - Network Engineer
CyberZone Internet Services
http://www.cyberzone.net
[EMAIL PROTECTED]



===
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

FW: RE: (RADIATOR) session database?

[Arturo Pina]

-BEGIN PGP SIGNED MESSAGE-


- -FW: RE: (RADIATOR) session database?-

Date: Thu, 11 Mar 1999 09:36:33 +0100 (CET)
From: Arturo Pina <[EMAIL PROTECTED]>
To: "Jason W." <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
Subject: RE: (RADIATOR) session database?

Hi,
I presume you have some device able to direct the requests based on the
address/port they're going to. As you have everything in a shared NFS the
only problem you have is the actual session information. You just need to
set up the Radiators so that they store that session information somehow
in the shared NFS, as if they do it in RAM you'll end up with a big mess.
So (see pages 20-23) you'll have to use  or
 which is actually very fast and perhaps easier to
set up... And it will be a file in the NFS share.
HTH
 
On 10-Mar-99 Jason W. wrote:
> I have some questions about setting up Radiator
> with multiple servers.  We have 3 Sun Ultra boxes
> that are load balanced for many services.  I want
> to set radiator up on all three of these servers, and
> have them load balance.  Also in this architecture
> we have an NFS mounted disk shelf that stores
> most of our user data.  I would like to install Radiator
> on all three servers, but have the database data
> NFS mounted to the disk shelf, so that all three servers
> will pull their info from the same database.  Is this
> possible with Radiator, and do you have any suggestions
> in setting this up?  Would I need to also use the
>  option?  I would not
> think so since all the accounting data for all three
> servers would be saved on the NFS mounted
> volume.  Also I'm going to use mySQL for our
> SQL database. 
> 
> TIA...
> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> Jason W   [EMAIL PROTECTED] 
> I-Land NOC Tech http://www.iland.net
> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> 
> 
> ===
> To unsubscribe, email '[EMAIL PROTECTED]' with
> 'unsubscribe radiator' in the body of the message.

- ---
Arturo Pina - [EMAIL PROTECTED]
CTV Internet [http://www.ctv.es/]
+34 902 444557

- --End of forwarded message-

- ---
Arturo Pina - [EMAIL PROTECTED]
CTV Internet [http://www.ctv.es/]
+34 902 444557

-BEGIN PGP SIGNATURE-
Version: 2.6.3i
Charset: noconv

iQCVAwUBNueES9+A5jTOp/8tAQFmUQP+PI1KmQMRGDUEZhpwvu5Gj6pJKIx6TCFx
loIem/+szvCRoKNq+m+z7ibPH05WMhsd/LOQ7YuqX4OynVOT9kgV0E50loM6GnNf
pdiD0u7mOfJX2FHPTK4xl7ZqqXAnx5jhm3OwVN1NDDN2oATosx6dM1/1BXcJzdJQ
A0Jl2XXPAIw=
=k+/I
-END PGP SIGNATURE-

===
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

RE: (RADIATOR) session database?

[Arturo Pina]

Hi,
I presume you have some device able to direct the requests based on the
address/port they're going to. As you have everything in a shared NFS the
only problem you have is the actual session information. You just need to
set up the Radiators so that they store that session information somehow
in the shared NFS, as if they do it in RAM you'll end up with a big mess.
So (see pages 20-23) you'll have to use  or
 which is actually very fast and perhaps easier to
set up... And it will be a file in the NFS share.
HTH
 
On 10-Mar-99 Jason W. wrote:
> I have some questions about setting up Radiator
> with multiple servers.  We have 3 Sun Ultra boxes
> that are load balanced for many services.  I want
> to set radiator up on all three of these servers, and
> have them load balance.  Also in this architecture
> we have an NFS mounted disk shelf that stores
> most of our user data.  I would like to install Radiator
> on all three servers, but have the database data
> NFS mounted to the disk shelf, so that all three servers
> will pull their info from the same database.  Is this
> possible with Radiator, and do you have any suggestions
> in setting this up?  Would I need to also use the
>  option?  I would not
> think so since all the accounting data for all three
> servers would be saved on the NFS mounted
> volume.  Also I'm going to use mySQL for our
> SQL database. 
> 
> TIA...
> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> Jason W   [EMAIL PROTECTED] 
> I-Land NOC Tech http://www.iland.net
> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> 
> 
> ===
> To unsubscribe, email '[EMAIL PROTECTED]' with
> 'unsubscribe radiator' in the body of the message.

---
Arturo Pina - [EMAIL PROTECTED]
CTV Internet [http://www.ctv.es/]
+34 902 444557

===
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

(RADIATOR) session database?

[Jason W.]

I have some questions about setting up Radiator
with multiple servers.  We have 3 Sun Ultra boxes
that are load balanced for many services.  I want
to set radiator up on all three of these servers, and
have them load balance.  Also in this architecture
we have an NFS mounted disk shelf that stores
most of our user data.  I would like to install Radiator
on all three servers, but have the database data
NFS mounted to the disk shelf, so that all three servers
will pull their info from the same database.  Is this
possible with Radiator, and do you have any suggestions
in setting this up?  Would I need to also use the
 option?  I would not
think so since all the accounting data for all three
servers would be saved on the NFS mounted
volume.  Also I'm going to use mySQL for our
SQL database. 

TIA...
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Jason W   [EMAIL PROTECTED] 
I-Land NOC Tech http://www.iland.net
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=


===
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.