(RADIATOR) Re: Problem about Time check item
Hugh Irvine
hugh at open.com.au
Thu Jun 21 06:34:44 CDT 2001
Hello Chairarth -
You cannot configure Radiator as you have shown below - you will need
to use cascaded AuthBy clauses, something like this:
# define AuthBy FILE
<AuthBy FILE>
Identifier CheckUsers
Filename %D/adsl.users
</AuthBy>
# define Realms
<Realm qnetadsl>
AuthBy CheckUsers
</Realm>
Then in the file "adsl.users", something like this:
# define DEFAULT users
DEFAULT Prefix = S, Time = "SaSu0000-2359", Auth-Type RADMINAUTH
DEFAULT Prefix = P, Time = "Wk2200-0000", Auth-Type RADMINAUTH
hth
Hugh
At 5:16 PM +0700 6/21/01, chairarth wrote:
>Hi Hugh,
>
>Our concept is customer who login with username Sxxx at qnetadsl will
>be allowed to log on only on Saturday-Sunday , and only on Monday -
>Friday from 22:00 - 00:00 for username Pxxx at qnetadsl
>So I try to use Time and Prefix check item but it show error like these
>
>ERR : Unknow keyword 'DEFAULT'
>ERR : Unknow keyword 'Time'
>
>How can I fix it ?
>
>Thanks in advance,
>Chairath
>
>
>P.S. Now I'm implement RADIATOR version 2.18.2 and RADMIN version
>1.4 based on Windows NT
>
>Foreground
>LogStdout
>LogDir d:/Radiator-Demo-2.18/log
>DbDir d:/Radiator-Demo-2.18
>LogFile %L/logfile-%d-%m-%Y
>
># Dont turn this up too high, since all log messages are logged
># to the RADMESSAGES table in the database. 3 will give you everything
># except debugging messages
>Trace 4
>
>
># You will probably want to change this to suit your site.
># You should list all the clients you have, and their secrets
># If you are using the Radmin Clients table, you wil probably
># want to disable this.
>#<Client DEFAULT>
># Secret mysecret
># DupInterval 0
>#</Client>
>
># You can put additonal (or all) client details in your Radmin
># database table
># and get their details from there with something like this:
># You can then use the Radmin 'Add Radius Client' to add new clients.
><ClientListSQL>
> DBSource dbi:ODBC:Radmin
> DBUsername xxx
> DBAuth xxx
></ClientListSQL>
>
>#<AuthBy RADIUS>
># Identifier ProxyTofunk
># Host xxx
># Secret xxx
>#</AuthBy>
>
>#<Realm funk>
># strip Realm
># RewriteUsername s/^([^@]+).*/$1/
># AuthBy ProxyTofunk
>#</Realm>
>
><AuthBy RADMIN>
> Identifier RADMINAUTH
> # Change DBSource, DBUsername, DBAuth for your database
> # See the reference manual. You will also have to
> # change the one in <SessionDatabse SQL> below
> # so its the same
> DBSource dbi:ODBC:Radmin
> DBUsername xxx
> DBAuth xxx
> DateFormat %e %m %Y %T
> # You can add to or change these if you want, but you
> # will probably want to change the database schema first
> AccountingTable RADUSAGE
> AcctColumnDef USERNAME,User-Name
> AcctColumnDef TIME_STAMP,Timestamp,integer
> AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type,integer
> AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer
> AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
> AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
> AcctColumnDef ACCTSESSIONID,Acct-Session-Id
> AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
> AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause,integer
> AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
> AcctColumnDef NASIDENTIFIER,NAS-Identifier
> AcctColumnDef NASIDENTIFIER,NAS-IP-Address
> AcctColumnDef NASPORT,NAS-Port,integer
> AcctColumnDef DNIS,Called-Station-Id
> AcctColumnDef DATE,Timestamp,integer-date
> # This updates the time and octets left
> # for this user
> AcctSQLStatement update RADUSERS set
>TIMELEFT=TIMELEFT-0%{Acct-Session-Time},
>OCTETSINLEFT=OCTETSINLEFT-0%{Acct-Input-Octets},
>OCTETSOUTLEFT=OCTETSOUTLEFT-0%{Acct-Output-Octets} where
>USERNAME='%n'
>
> # These are the classic things to add to each users
> # reply to allow a PPP dialup session. It may be
> # different for your NAS. This will add some
> # reply items to everyone's reply
> AddToReply Framed-Protocol = PPP,\
> Service-Type = Framed-User,\
> Framed-IP-Netmask = 255.255.255.255,\
> Framed-Routing = None,\
> Framed-MTU = 1500,\
> Framed-Compression = Van-Jacobson-TCP-IP,\
> Idle-Timeout = 600
></AuthBy>
>
>
><Realm qnetadsl>
> DEFAULT Prefix = S
> Time = "SaSu0000-2359"
> AuthBy RADMINAUTH
>
> DEFAULT Prefix = P
> Time = "Wk2200-0000"
> AuthBy RADMINAUTH
></Realm>
>
># Handle everyone with RADMIN
><Realm DEFAULT>
> AuthBy RADMINAUTH
></Realm>
>
><SessionDatabase SQL>
> # This database spec usually should be exactly the same
> # as in <AuthBy RADMIN> above
> DBSource dbi:ODBC:Radmin
> DBUsername xxx
> DBAuth xxx
> ClearNasQuery
></SessionDatabase>
>
--
NB: I am travelling this week, so there may be delays in our correspondence.
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.open.com.au/pipermail/radiator/attachments/20010621/dbcdb379/attachment.html>
More information about the radiator
mailing list