[Fwd: (RADIATOR) AuthBySQL]

Paulo Rodrigues prodrigues at vianetworks.pt
Wed Sep 26 07:44:50 CDT 2001 

Paulo Rodrigues wrote:
> 
> Hugh Irvine wrote:
> >
> > Hello Paulo -
> >
> > You will need to configure your Handlers for the different requests.
> >
> > <Handler Acct-Status-Type = Start>
> >     <AuthBy SQL>
> >         AccountingStartsOnly
> >         .....
> >     </AuthBy>
> > </Handler>
> >
> > <Handler Acct-Status-Type = Stop>
> >     <AuthBy SQL>
> >         AccountingStopsOnly
> >         .....
> >     </AuthBy>
> > </Handler>
> >
> > Note that is would be much simpler to just use AccountingStopsOnly in a
> > single AuthBy SQL clause.
> >
> > regards
> >
> > Hugh
> >
> > On Wednesday 26 September 2001 01:20, Paulo Rodrigues wrote:
> > > Hi,
> > >
> > > I've been trying to do Authentication on one server and Accounting on
> > > another (which works) and my goal now is to have Stops update the
> > > corresponding Start, instead of inserting another row; this is just the
> > > goodies/simple.cfg edited for my purposes; the insert (Start) works, but
> > > the update (Stop) doesn't.
> > >
> > > Here is the conf file:
> > >
> > > Foreground
> > > LogStdout
> > > LogDir          .
> > > DbDir           .
> > > Trace           9
> > > <Client DEFAULT>
> > >         Secret  mysecret
> > >         DupInterval 0
> > > </Client>
> > > <ClientListSQL>
> > >         DBSource        dbi:Pg:dbname=radiator
> > >         DBUsername      radiator
> > >         DBAuth          radiator
> > > </ClientListSQL>
> > > <Handler Request-Type = Accounting-Request>
> > >     <AuthBy SQL>
> > >         AccountingStartsOnly
> > >         DBSource        dbi:Pg:dbname=radiator
> > >         DBUsername      radiator
> > >         DBAuth          radiator
> > >         AccountingTable ACCOUNTING
> > >         AcctColumnDef   USERNAME,User-Name
> > >         AcctColumnDef   TIME_STAMP,Timestamp,integer
> > >         AcctColumnDef   ACCTSTATUSTYPE,Acct-Status-Type
> > >         AcctColumnDef   ACCTDELAYTIME,Acct-Delay-Time,integer
> > >         AcctColumnDef   ACCTINPUTOCTETS,Acct-Input-Octets,integer
> > >         AcctColumnDef   ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
> > >         AcctColumnDef   ACCTSESSIONID,Acct-Session-Id
> > >         AcctColumnDef   ACCTSESSIONTIME,Acct-Session-Time,integer
> > >         AcctColumnDef   ACCTTERMINATECAUSE,Acct-Terminate-Cause
> > >         AcctColumnDef   NASIDENTIFIER,NAS-Identifier
> > >         AcctColumnDef   NASPORT,NAS-Port,integer
> > >         AcctColumnDef   FRAMEDIPADDRESS,Framed-IP-Address
> > >     </AuthBy SQL>
> > >         AcctLogFileName ./pgdetail
> > > </Handler>
> > > <Handler Request-Type = Accounting-Request>
> > >     <AuthBy SQL>
> > >         AccountingStopsOnly
> > >         DBSource        dbi:Pg:dbname=radiator
> > >         DBUsername      radiator
> > >         DBAuth          radiator
> > >         AcctSQLStatement update ACCOUNTING \
> > > set ACCTSESSIONTIME='%{Acct-Session-Time}', \
> > > ACCTTERMINATECAUSE='%{Acct-Terminate-Cause}', \
> > > ACCTINPUTOCTETS='%{Acct-Input-Octets}', \
> > > ACCTOUTPUTOCTETS='%{Acct-Output-Octets}', \
> > > ACCTSTATUSTYPE='C' where USERNAME='%{User-Name}' and \
> > > ACCTSESSIONID='%{Acct-Session-Id}' and \
> > > ACCTSTATUSTYPE='Start'
> > >     </AuthBy SQL>
> > >         AcctLogFileName ./pgdetail
> > > </Handler>
> > > <Handler>
> > >     <AuthBy SQL>
> > >         DBSource        dbi:Pg:dbname=radiator
> > >         DBUsername      radiator
> > >         DBAuth          radiator
> > >     </AuthBy>
> > >         AcctLogFileName ./pgdetail
> > > </Handler>
> > >
> > > This is a snippet of the logfile:
> > >
> > > Tue Sep 25 16:02:53 2001: DEBUG: Check if Handler Request-Type =
> > > Accounting-Request should be used to handle this request
> > > Tue Sep 25 16:02:53 2001: DEBUG: Handling request with Handler
> > > 'Request-Type = Accounting-Request'
> > > Tue Sep 25 16:02:53 2001: DEBUG:  Deleting session for mikem,
> > > 203.63.154.1, 1234
> > > Tue Sep 25 16:02:53 2001: DEBUG: Handling with Radius::AuthSQL
> > > Tue Sep 25 16:02:53 2001: DEBUG: Handling accounting with
> > > Radius::AuthSQL
> > > Tue Sep 25 16:02:53 2001: DEBUG: Accounting accepted
> > > Tue Sep 25 16:02:53 2001: DEBUG: Packet dump:
> > > *** Sending to 127.0.0.1 port 1054 ....
> > > Code:       Accounting-Response
> > > Identifier: 39
> > >
> > > As you can see, it doesn't try to run the update; I'm sure I'm missing
> > > something obvious here, can anyone enlighten me?
> > >
> > > Thanks, and sorry for the huge paste,
> > > Paulo
> > >
> > > --
> > > Paulo Rodrigues
> > > Professional Services / MIS
> > > prodrigues at vianetworks.pt
> > >
> > > VIA NET.WORKS Portugal
> > > http://www.vianetworks.pt
> > > local touch global reach
> > > -------------------------
> > > Sabe quem tem acesso à rede da sua empresa?
> > > http://security.vianetworks.pt/sig/
> > > ===
> > > Archive at http://www.open.com.au/archives/radiator/
> > > Announcements on radiator-announce at open.com.au
> > > To unsubscribe, email 'majordomo at open.com.au' with
> > > 'unsubscribe radiator' in the body of the message.
> >
> > --
> > Radiator: the most portable, flexible and configurable RADIUS server
> > anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
> > -
> > Nets: internetwork inventory and management - graphical, extensible,
> > flexible with hardware, software, platform and database independence.
> > ===
> > Archive at http://www.open.com.au/archives/radiator/
> > Announcements on radiator-announce at open.com.au
> > To unsubscribe, email 'majordomo at open.com.au' with
> > 'unsubscribe radiator' in the body of the message.
> 
> Hello Hugh,
> 
> thanks for your (as usual) invaluable help. It works now, but I still do
> have one doubt; I'm trying to do Auth on one database and Accounting on
> another, that's why I put two entries for Accounting and one for Auth.
> Do you think I should also have <Handler Request-Type = Access-Request>
> in the Auth handler?
> 
> Thanks,
> Paulo
> 
> --
> Paulo Rodrigues
> Professional Services / MIS
> prodrigues at vianetworks.pt
> 
> VIA NET.WORKS Portugal
> http://www.vianetworks.pt
> local touch global reach
> -------------------------
> Sabe quem tem acesso à rede da sua empresa?
> http://security.vianetworks.pt/sig/

Hello,

sorry, I sent that to Hugh directly by mistake.

Thanks,
Paulo

-- 
Paulo Rodrigues
Professional Services / MIS
prodrigues at vianetworks.pt

VIA NET.WORKS Portugal
http://www.vianetworks.pt
local touch global reach
-------------------------
Sabe quem tem acesso à rede da sua empresa?
http://security.vianetworks.pt/sig/
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list