Re: (RADIATOR) Logging to MSSQL 7.0

2002-03-11 Thread Dan Melomedman 

Hugh Irvine writes: 

 BTW - you say that Radiator is *almost* perfect - we would be keen to hear 
 any suggestions for improvements. 
 
 regards 
 
 Hugh

Hi Hugh, 

AuthLog Pipe: I'd like to be able to fork an external program, and pipe 
the log data to it for logging, instead of logging directly to a file. I'd 
like to use the daemontools' 'multilog' since it does nice log rotation and 
TAI timestamping. 

Is there some way to rotate logs in Radiator?
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

RE: (RADIATOR) Logging to MSSQL 7.0

2002-03-11 Thread Tony B 

Here is my conf:

# radius.cfg
#
# You should consider this file to be a starting point only
# $Id: linux-radius.cfg,v 1.2 2001/08/30 03:41:02 mikem Exp $

#Foreground
#LogStdout
LogDir  /var/log/radius
DbDir   /etc/radiator
DictionaryFile %D/dictionary
# Use a low trace level in production systems. Increase
# it to 4 or 5 for debugging, or use the -trace flag to radiusd
Trace   3


#Lower case
RewriteUsername   tr/A-Z/a-z/

#Remove Spaces
RewriteUsername  s/\s+//g

ClientListSQL
#this is part of the MS SQL database
DBSource DBI:Sybase:database=databasename;server=server
DBUsername username
DBAuth x
GetClientQuery select
NASIDENTIFIER,SECRET,IGNOREACCTSIGNATURE,DUPINTERVAL,DEFAULTREALM,NASTYP
E,SNMPCOMMUNITY,LIVINGSTONOFFS,LIVINGSTONHOLE,FRAMEDGROUPBASEADDRESS,FRA
MEDGROUPMAXPORTSPERCLASSC,REWRITEUSERNAME,NOIGNOREDUPLICATES,PREHANDLERH
OOK from NASClients
/ClientListSQL


SessionDatabase SQL
DBSource dbi:mysql:radius:xxx.xxx.xxx.xxx
DBUsername radiusd
DBAuth  ch2900
/SessionDatabase

Handler Realm=go-concepts.com,Request-Type=Access-Request
RewriteUsername s/^([^@]+).*/$1/
AuthBy SQL
Identifier GOCsql
DefaultReply
Ascend-Shared-Profile-Enable=0,User-Service=Framed-User,Framed-Protocol=
PPP,Framed-Routing=None,Ascend-Base-Channel-Count=1,Ascend-Minimum-Chann
els=1,Ascend-Maximum-Channels=1,Ascend-Assign-IP-Pool=1,Ascend-Multicast
-Client=Multicast-Yes

DBSource DBI:Sybase:database=datbasename;server=server
DBUsername username
DBAuth x

AuthSelect AuthSelect %n

AuthColumnDef 0, User-Password, check
AuthColumnDef 1, Framed-Address, reply
AuthColumnDef 2, Framed-Protocol, reply
AuthColumnDef 3, Ascend-Maximum-Channels, reply
AuthColumnDef 4, Ascend-IP-Direct, reply
AuthColumnDef 5, Ascend-Assign-IP-Pool, reply
AuthColumnDef 6, GENERAL, reply

AddToReplyIfNotExist
User-Service=Framed-User,Framed-Protocol=PPP,Framed-Routing=None,Ascend-
Base-Channel-Count=1,Ascend-Minimum-Channels=1,Ascend-Maximum-Channels=1
,Ascend-Assign-IP-Pool=1,Ascend-Multicast-Client=Multicast-Yes

/AuthBy SQL
/Handler
 

Handler Request-Type=Accounting-Request
AuthBy SQL
Identifier MySQL
DBSource dbi:mysql:radius:xxx.xxx.xxx.xxx
DBUsername username
DBAuth  x 


AuthSelect  

AcctColumnDef   USERNAME,%n,formatted
AcctColumnDef   TIME_STAMP,Timestamp,integer
AcctColumnDef   ACCTSTATUSTYPE,Acct-Status-Type
AcctColumnDef   ACCTDELAYTIME,Acct-Delay-Time,integer
AcctColumnDef
ACCTINPUTOCTETS,Acct-Input-Octets,integer
AcctColumnDef
ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
AcctColumnDef   ACCTSESSIONID,Acct-Session-Id
AcctColumnDef
ACCTSESSIONTIME,Acct-Session-Time,integer
AcctColumnDef   ACCTTERMINATECAUSE,Acct-Terminate-Cause
AcctColumnDef   NASIDENTIFIER,NAS-Identifier
AcctColumnDef   NASPORT,NAS-Port,integer
/AuthBy SQL
/Handler

We do several rewrites to the username, that is why we us %n for the
username field, that way you see the formatted username after all the
rewrites occur.  The Accounting Request are all logged into the mysql
server.  You can define what you want logged into what columns using the
AcctColumnDef command.   We are not yet using this in a production
server but we have tested it may time and it works great.  If you have
any questions feel free to ask. 

Thanks,
Tony B, CCNA, Network+
Systems Administration
GO Concepts, Inc. / www.go-concepts.com
Are you on the GO yet?
What about those you know, are they on the GO?
513.934.2800
1.888.ON.GO.YET


-Original Message-
From: Shane Malden [mailto:[EMAIL PROTECTED]] 
Sent: Sunday, March 10, 2002 11:51 PM
To: tonyb
Subject: Re: (RADIATOR) Logging to MSSQL 7.0

Tony,
I would be interested on more information on how to do
accounting
with SQL. We use Radiator 2.19 and authenticate with SecurID. We don't
have
any direct control over our NAS as they are supported by out
Telecommunications provider. I would be very interested in finding out
how
to see what data and time users are connecting for. If your able to
help, it
would be appreciated.

Regards,
Shane

- Original Message -
From: tonyb [EMAIL PROTECTED]
To: Dan Melomedman [EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Monday, March 11, 2002 2:38 PM
Subject: RE: (RADIATOR) Logging to MSSQL 7.0


 We are an ISP that just recently evaluated and purchased radiator.
And
 I agree that it is a great radius program...anyway back to sql

 We use

Re: (RADIATOR) Logging to MSSQL 7.0

2002-03-10 Thread Hugh Irvine 


Hello Dan -

On Sun, 10 Mar 2002 06:04, Dan Melomedman wrote:
 First, let me add my praise about this product to the already long list.
 We're evaluating Radiator. This is the best commercial server product I
 have ever dealt with, great job! Finally a RADIUS server that's almost, if
 not, perfect. Rock on!

 Anyway, we use FreeTDS for PHP scripts, and some things work, some break
 and cause segfaults depending on the features we're trying to use through
 FreeTDS. As much as I hate logging to the database, some of our existing
 reporting scripts (VB Script) require it anyway, so this is a part of
 evaluation as well. Do any of you on this list log to an MSSQL database
 from a Unix variant with FreeTDS library? Any caveats? Thanks much.


FreeTDS is known to have a few problems. In general you are better off using 
a commercial ODBC driver.

regards

Hugh


-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.