(RADIATOR) RADONLINE Table ?

Hugh Irvine hugh at open.com.au
Tue Jul 3 03:19:16 CDT 2001


Hello Chairarth -

The problem you describe below is due to the NAS not sending the 
NAS-Port attribute in the accounting stop record.

There are two things you can do. First, you should lodge a bug report 
with your NAS vendor and get the problem fixed properly. Second, you 
can try adding a Class attribute in the access accept and verify the 
resulting trace 4 to make sure that the Class attribute is properly 
contained in both the accounting start and the accounting stop. If it 
is present, you can write a PreClientHook to copy the Class attribute 
into the NAS-Port attribute and fix the problem that way.

Here is how to add the Class attribute:

	<AuthBy RADMIN>
		......
		AddToReply Class = %{NAS-Port}
	</AuthBy>

Please send me the resulting trace 4 and if the Class attribute is in 
both the accounting start and the accounting stop I will send you a 
PreClientHook to do the job (I have done this for another client 
already).

regards

Hugh


At 14:24 +0700 01/7/3, chairarth wrote:
>Hi,
>
>I'm facing problem about RADONLINE Table.  I found that even if I 
>'ve already log out  but  the Current Sessions Widnows at RADMIN 
>still show it . So I try to look at logfile to see what happen , and 
>then I wonder that after Radiator received Accouning-request type 
>Stop (from NASPORT 49153) why Radiator do query delete  RADONLINE 
>where  NASPORT=0 .
>
>How can I fix it ?
>
>Thanks in advance!
>
>Chairath
>
>------------------------- LOG FILE ------------------------
>*** Received from 10.2.0.1 port 49152 ....
>Code:       Access-Request
>Identifier: 46
>Authentic:  <0><0>X<234><0><0>B<137><0><0>+<186><0><0>%<177>
>Attributes:
>  User-Name = "alan"
>  User-Password = 
>"<150><128><12><217><137><223><150>g<139>p<193><237><136><182>n<150>"
>  Acct-Session-Id = "5600cde1"
>  NAS-IP-Address = 10.10.0.2
>  Shasta-SGROUP = "Shasta 5000: iSOS (tm), 2.1(17)"
>  Service-Type = Framed-User
>  Framed-Protocol = PPP
>  Calling-Station-Id = "ldc_12200000069"
>  NAS-Port = 1644167237
>
>Tue Jul  3 10:24:11 2001: DEBUG: Check if Handler 
>Request-Type=Accounting-Request should be used to handle this request
>Tue Jul  3 10:24:11 2001: DEBUG: Check if Handler Realm=radius 
>should be used to handle this request
>Tue Jul  3 10:24:11 2001: DEBUG: Check if Handler  should be used to 
>handle this request
>Tue Jul  3 10:24:11 2001: DEBUG: Handling request with Handler ''
>Tue Jul  3 10:24:11 2001: DEBUG:  Deleting session for alan, 
>10.10.0.2, 1644167237
>Tue Jul  3 10:24:11 2001: DEBUG: do query is: delete from RADONLINE 
>where NASIDENTIFIER='10.10.0.2' and NASPORT=01644167237
>
>Tue Jul  3 10:24:11 2001: DEBUG: do query is: insert into 
>RADMESSAGES (TIME_STAMP, TYPE, MESSAGE) values (994130651, 4, 
>'Handling with Radius::AuthRADMIN')
>
>Tue Jul  3 10:24:11 2001: DEBUG: do query is: insert into 
>RADMESSAGES (TIME_STAMP, TYPE, MESSAGE) values (994130651, 4, 
>'Handling with Radius::AuthRADMIN')
>
>Tue Jul  3 10:24:11 2001: DEBUG: Query is: select PASS_WORD, 
>STATICADDRESS, TIMELEFT, MAXLOGINS from RADUSERS where 
>USERNAME='alan' and BADLOGINS < 5 and VALIDFROM < 994130651 and 
>VALIDTO > 994130651
>
>Tue Jul  3 10:24:11 2001: DEBUG: do query is: insert into 
>RADMESSAGES (TIME_STAMP, TYPE, MESSAGE) values (994130651, 4, 
>'Radius::AuthRADMIN looks for match with alan')
>
>Tue Jul  3 10:24:11 2001: DEBUG: Query is: select NASIDENTIFIER, 
>NASPORT, ACCTSESSIONID, FRAMEDIPADDRESS from RADONLINE where 
>USERNAME='alan'
>
>Tue Jul  3 10:24:11 2001: DEBUG: do query is: insert into 
>RADMESSAGES (TIME_STAMP, TYPE, MESSAGE) values (994130651, 4, 
>'Radius::AuthRADMIN ACCEPT: ')
>
>Tue Jul  3 10:24:11 2001: DEBUG: do query is: update RADUSERS set 
>BADLOGINS=0 where USERNAME='alan'
>
>Tue Jul  3 10:24:11 2001: DEBUG: Access accepted for alan
>Tue Jul  3 10:24:11 2001: DEBUG: Packet dump:
>*** Sending to 10.2.0.1 port 49152 ....
>Code:       Access-Accept
>Identifier: 46
>Authentic:  <0><0>X<234><0><0>B<137><0><0>+<186><0><0>%<177>
>Attributes:
>  Session-Timeout = 289
>  Framed-Protocol = PPP
>  Service-Type = Framed-User
>  Framed-IP-Netmask = 255.255.255.255
>  Framed-Routing = None
>  Framed-MTU = 1500
>  Framed-Compression = Van-Jacobson-TCP-IP
>  Idle-Timeout = 600
>
>Tue Jul  3 10:24:14 2001: DEBUG: Packet dump:
>*** Received from 10.2.0.1 port 49153 ....
>Code:       Accounting-Request
>Identifier: 30
>Authentic:  4<143><194><161>y;<9><206>W<141>IJO<207><209><203>
>Attributes:
>  Acct-Status-Type = Start
>  User-Name = "alan"
>  Shasta-SGROUP = "Shasta 5000: iSOS (tm), 2.1(17)"
>  Event-Timestamp = 994155664
>  Service-Type = Framed-User
>  NAS-IP-Address = 10.10.0.2
>  NAS-Port = 1644167237
>  Acct-Session-Id = "5600cde1"
>  Acct-Authentic = RADIUS
>  Framed-IP-Address = 10.10.64.26
>  Framed-IP-Netmask = 255.255.255.255
>  Calling-Station-Id = "ldc_12200000069"
>
>Tue Jul  3 10:24:14 2001: DEBUG: Check if Handler 
>Request-Type=Accounting-Request should be used to handle this request
>Tue Jul  3 10:24:14 2001: DEBUG: Handling request with Handler 
>'Request-Type=Accounting-Request'
>Tue Jul  3 10:24:14 2001: DEBUG:  Adding session for alan, 
>10.10.0.2, 1644167237
>Tue Jul  3 10:24:14 2001: DEBUG: do query is: delete from RADONLINE 
>where NASIDENTIFIER='10.10.0.2' and NASPORT=01644167237
>
>Tue Jul  3 10:24:14 2001: DEBUG: do query is: insert into RADONLINE 
>(USERNAME, NASIDENTIFIER, NASPORT, ACCTSESSIONID, TIME_STAMP, 
>FRAMEDIPADDRESS, NASPORTTYPE, SERVICETYPE) values ('alan', 
>'10.10.0.2', 01644167237, '5600cde1', 994130654, '10.10.64.26', '', 
>'Framed-User')
>
>Tue Jul  3 10:24:14 2001: DEBUG: do query is: insert into 
>RADMESSAGES (TIME_STAMP, TYPE, MESSAGE) values (994130654, 4, 
>'Handling with Radius::AuthRADMIN')
>
>Tue Jul  3 10:24:14 2001: DEBUG: do query is: insert into 
>RADMESSAGES (TIME_STAMP, TYPE, MESSAGE) values (994130654, 4, 
>'Handling accounting with Radius::AuthRADMIN')
>
>Tue Jul  3 10:24:14 2001: DEBUG: do query is: update RADUSERS set 
>TIMELEFT=TIMELEFT-0, OCTETSINLEFT=OCTETSINLEFT-0, 
>OCTETSOUTLEFT=OCTETSOUTLEFT-0 where USERNAME='alan'
>
>Tue Jul  3 10:24:14 2001: DEBUG: do query is: insert into RADUSAGE
>   (USERNAME, TIME_STAMP, ACCTSTATUSTYPE, ACCTSESSIONID, 
>FRAMEDIPADDRESS, NASIDENTIFIER, NASPORT, DATE)
>   values
>   ('alan', 994130654, 1, '5600cde1', '10.10.64.26', '10.10.0.2', 
>1644167237, ' 3 07  2001 10:24:14')
>
>Tue Jul  3 10:24:14 2001: DEBUG: Accounting accepted
>Tue Jul  3 10:24:14 2001: DEBUG: Packet dump:
>*** Sending to 10.2.0.1 port 49153 ....
>Code:       Accounting-Response
>Identifier: 30
>Authentic:  4<143><194><161>y;<9><206>W<141>IJO<207><209><203>
>Attributes:
>
>Tue Jul  3 10:27:00 2001: DEBUG: Packet dump:
>*** Received from 10.2.0.1 port 49153 ....
>Code:       Accounting-Request
>Identifier: 31
>Authentic:  <160>r<248><134><4>|<143>,a<255><151><217>s<243>6'
>Attributes:
>  Acct-Status-Type = Stop
>  User-Name = "alan"
>  Shasta-SGROUP = "Shasta 5000: iSOS (tm), 2.1(17)"
>  Event-Timestamp = 994155829
>  Service-Type = Framed-User
>  NAS-IP-Address = 10.10.0.2
>  Acct-Session-Id = "5600cde1"
>  Acct-Authentic = RADIUS
>  Framed-IP-Address = 10.10.64.26
>  Framed-IP-Netmask = 255.255.255.255
>  Calling-Station-Id = "ldc_12200000069"
>  Acct-Input-Octets = 4320
>  Acct-Output-Octets = 1176
>  Acct-Input-Packets = 34
>  Acct-Output-Packets = 21
>  Acct-Terminate-Cause = User-Request
>  Acct-Session-Time = 165
>
>Tue Jul  3 10:27:00 2001: DEBUG: Check if Handler 
>Request-Type=Accounting-Request should be used to handle this request
>Tue Jul  3 10:27:00 2001: DEBUG: Handling request with Handler 
>'Request-Type=Accounting-Request'
>Tue Jul  3 10:27:00 2001: DEBUG:  Deleting session for alan, 10.10.0.2,
>Tue Jul  3 10:27:00 2001: DEBUG: do query is: delete from RADONLINE 
>where NASIDENTIFIER='10.10.0.2' and NASPORT=0
>
>Tue Jul  3 10:27:00 2001: DEBUG: do query is: insert into 
>RADMESSAGES (TIME_STAMP, TYPE, MESSAGE) values (994130820, 4, 
>'Handling with Radius::AuthRADMIN')
>
>Tue Jul  3 10:27:00 2001: DEBUG: do query is: insert into 
>RADMESSAGES (TIME_STAMP, TYPE, MESSAGE) values (994130820, 4, 
>'Handling accounting with Radius::AuthRADMIN')
>
>Tue Jul  3 10:27:00 2001: DEBUG: do query is: update RADUSERS set 
>TIMELEFT=TIMELEFT-0165, OCTETSINLEFT=OCTETSINLEFT-04320, 
>OCTETSOUTLEFT=OCTETSOUTLEFT-01176 where USERNAME='alan'
>
>Tue Jul  3 10:27:00 2001: DEBUG: do query is: insert into RADUSAGE
>   (USERNAME, TIME_STAMP, ACCTSTATUSTYPE, ACCTINPUTOCTETS, 
>ACCTOUTPUTOCTETS, ACCTSESSIONID, ACCTSESSIONTIME, 
>ACCTTERMINATECAUSE, FRAMEDIPADDRESS, NASIDENTIFIER, DATE)
>   values
>   ('alan', 994130820, 2, 4320, 1176, '5600cde1', 165, 1, 
>'10.10.64.26', '10.10.0.2', ' 3 07  2001 10:27:00')
>
>Tue Jul  3 10:27:00 2001: DEBUG: Accounting accepted
>Tue Jul  3 10:27:00 2001: DEBUG: Packet dump:
>*** Sending to 10.2.0.1 port 49153 ....
>Code:       Accounting-Response
>Identifier: 31
>Authentic:  <160>r<248><134><4>|<143>,a<255><151><217>s<243>6'
>Attributes:

-- 

NB: I am travelling this week, so there may be delays in our correspondence.

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.open.com.au/pipermail/radiator/attachments/20010703/c6f05610/attachment.html>


More information about the radiator mailing list