(RADIATOR) Block-time users problem
Deepak Shrestha
deepak at mos.com.np
Wed May 9 08:49:19 CDT 2001
Hi,
I am trying to configure Radiator 2.18.1 for block-time users.
The config files and the trace debug are below:
<AuthBy SQL>
Identifier auth_surfers
DBSource dbi:Sybase:RADIATOR
DBUsername radius
DBAuth *****
AuthSelect select surfers_UserPwd, surfers_SimConnection,
surfers_Hours from surfers_DialUp where surfers_UserName="%n" and
surfers_Status=1
AuthColumnDef 0, User-Password, check
AuthColumnDef 1, Simultaneous-Use, check
AuthColumnDef 2, Session-Timeout, reply
AddToReply Idle-Timeout = 900
NoDefault
FailureBackoffTime 10
AccountingTable surfers_RADACCTTAB
AcctColumnDef USERNAME,User-Name
AcctColumnDef TIMESTAMP,Timestamp,integer
AcctColumnDef TIME_STAMP,Timestamp,integer-date
AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer
AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
AcctColumnDef
ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
AcctColumnDef ACCTSESSIONID,Acct-Session-Id
AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause
AcctColumnDef NASIDENTIFIER,NAS-Identifier
AcctColumnDef NASIDENTIFIER,NAS-IP-Address
AcctColumnDef NASPORT,NAS-Port,integer
AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
AcctSQLStatement update surfers_DialUp set
surfers_Hours=surfers_Hours-0%{Acct-Session-Time} where
surfers_UserName='%n'
</AuthBy>
<Handler>
AuthBy auth_surfers
PostAuthHook file:"%D/checkblocktimeleft"
</Handler>
----------------------------------------------------------------
#CheckBlockTimeLeft
#
# PostAuthHook to check time left for a block user
# by verifying the Session-Timeout attribute
#
# Author: Hugh Irvine (hugh at open.com.au)
# Copyright (C) 2000 Open System Consultants
# $Id: blocktime.txt,v 1.1 2000/11/21 01:36:22 mikem Exp $
sub
{
my $p = ${$_[0]};
my $rp = ${$_[1]};
my $result = ${$_[2]};
my $name = $p->get_attr('User-Name');
my $timeout = $rp->get_attr('Session-Timeout');
if (($result == $main::ACCEPT) && ($timeout <= 0))
{
&main::log($main::LOG_DEBUG, "User $name has no time left");
${$_[2]} = $main::REJECT;
}
return;
}
-------------------------------------------------------------
*** Received from 127.0.0.1 port 1229 ....
Code: Access-Request
Identifier: 17
Authentic: 1234567890123456
Attributes:
User-Name = "v0111111"
Service-Type = Framed-User
NAS-IP-Address = 203.63.154.1
NAS-Port = 1234
Called-Station-Id = "123456789"
Calling-Station-Id = "987654321"
NAS-Port-Type = Async
User-Password =
"<140><225>(<194><195>\<4><246><188>8<9><160><216>}x<153>"
Wed May 9 19:12:40 2001: DEBUG: Check if Handler should be used to
handle this request
Wed May 9 19:12:40 2001: DEBUG: Handling request with Handler ''
Wed May 9 19:12:40 2001: DEBUG: Deleting session for v0111111,
203.63.154.1, 1234
Wed May 9 19:12:40 2001: DEBUG: Handling with Radius::AuthSQL
Wed May 9 19:12:40 2001: DEBUG: Handling with Radius::AuthSQL
Wed May 9 19:12:40 2001: DEBUG: Query is: select surfers_UserPwd,
surfers_SimConnection, surfers_Hours from surfers_DialUp where
surfers_UserName="v0111111" and surfers_Status=1
Wed May 9 19:12:40 2001: DEBUG: Radius::AuthSQL looks for match with
v0111111
Wed May 9 19:12:40 2001: DEBUG: Radius::AuthSQL ACCEPT:
Wed May 9 19:12:40 2001: DEBUG: Access accepted for v0111111
Wed May 9 19:12:40 2001: DEBUG: Packet dump:
*** Sending to 127.0.0.1 port 1229 ....
Code: Access-Accept
Identifier: 17
Authentic: 1234567890123456
Attributes:
Session-Timeout = 58
Idle-Timeout = 900
Wed May 9 19:12:40 2001: DEBUG: Packet dump:
*** Received from 127.0.0.1 port 1229 ....
Code: Accounting-Request
Identifier: 18
Authentic: <250><7>_<7><28><192>l=<243><10>x<3>@<224>*<165>
Attributes:
User-Name = "v0111111"
Service-Type = Framed-User
NAS-IP-Address = 203.63.154.1
NAS-Port = 1234
NAS-Port-Type = Async
Acct-Session-Id = "00001234"
Acct-Status-Type = Start
Called-Station-Id = "123456789"
Calling-Station-Id = "987654321"
Wed May 9 19:12:40 2001: DEBUG: Check if Handler should be used to
handle this request
Wed May 9 19:12:40 2001: DEBUG: Handling request with Handler ''
Wed May 9 19:12:40 2001: DEBUG: Adding session for v0111111,
203.63.154.1, 1234
Wed May 9 19:12:40 2001: DEBUG: Handling with Radius::AuthSQL
Wed May 9 19:12:40 2001: DEBUG: Handling accounting with Radius::AuthSQL
Wed May 9 19:12:40 2001: DEBUG: do query is: update surfers_DialUp set
surfers_Hours=surfers_Hours-0 where surfers_UserName='v0111111'
Wed May 9 19:12:40 2001: DEBUG: do query is: insert into
surfers_RADACCTTAB
(USERNAME, TIMESTAMP, TIME_STAMP, ACCTSTATUSTYPE,
ACCTSESSIONID, NASIDENTIFIER, NASPORT)
values
('v0111111', 989414860, 'May 9, 2001 19:12', 'Start',
'00001234', '203.63.154.1', 1234)
Wed May 9 19:12:40 2001: DEBUG: User v0111111 has no time left
Wed May 9 19:12:45 2001: DEBUG: Packet dump:
*** Received from 127.0.0.1 port 1229 ....
Code: Accounting-Request
Identifier: 19
Authentic:
<228><169><165><2><209><193><240><224><194><150>L<177>i^<132><161>
Attributes:
User-Name = "v0111111"
Service-Type = Framed-User
NAS-IP-Address = 203.63.154.1
NAS-Port = 1234
NAS-Port-Type = Async
Acct-Session-Id = "00001234"
Acct-Status-Type = Stop
Called-Station-Id = "123456789"
Calling-Station-Id = "987654321"
Acct-Delay-Time = 0
Acct-Session-Time = 100
Acct-Input-Octets = 20000
Acct-Output-Octets = 30000
Wed May 9 19:12:45 2001: DEBUG: Check if Handler should be used to
handle this request
Wed May 9 19:12:45 2001: DEBUG: Handling request with Handler ''
Wed May 9 19:12:45 2001: DEBUG: Deleting session for v0111111,
203.63.154.1, 1234
Wed May 9 19:12:45 2001: DEBUG: Handling with Radius::AuthSQL
Wed May 9 19:12:45 2001: DEBUG: Handling accounting with Radius::AuthSQL
Wed May 9 19:12:45 2001: DEBUG: do query is: update surfers_DialUp set
surfers_Hours=surfers_Hours-0100 where surfers_UserName='v0111111'
Wed May 9 19:12:45 2001: DEBUG: do query is: insert into
surfers_RADACCTTAB
(USERNAME, TIMESTAMP, TIME_STAMP, ACCTSTATUSTYPE,
ACCTDELAYTIME, ACCTINPUTOCTETS, ACCTOUTPUTOCTETS, ACCTSESSIONID,
ACCTSESSIONTIME, NASIDENTIFIER, NASPORT)
values
('v0111111', 989414865, 'May 9, 2001 19:12', 'Stop', 0,
20000, 30000, '00001234', 100, '203.63.154.1', 1234)
Wed May 9 19:12:45 2001: DEBUG: User v0111111 has no time left
--------------------------------------------------------------------------
I get this error when the timeleft is negative.
ed May 9 19:15:34 2001: DEBUG: Packet dump:
*** Received from 127.0.0.1 port 1231 ....
Code: Access-Request
Identifier: 225
Authentic: 1234567890123456
Attributes:
User-Name = "v0111111"
Service-Type = Framed-User
NAS-IP-Address = 203.63.154.1
NAS-Port = 1234
Called-Station-Id = "123456789"
Calling-Station-Id = "987654321"
NAS-Port-Type = Async
User-Password =
"<140><225>(<194><195>\<4><246><188>8<9><160><216>}x<153>"
Wed May 9 19:15:34 2001: DEBUG: Check if Handler should be used to
handle this request
Wed May 9 19:15:34 2001: DEBUG: Handling request with Handler ''
Wed May 9 19:15:34 2001: DEBUG: Deleting session for v0111111,
203.63.154.1, 1234
Wed May 9 19:15:34 2001: DEBUG: Handling with Radius::AuthSQL
Wed May 9 19:15:35 2001: DEBUG: Handling with Radius::AuthSQL
Wed May 9 19:15:35 2001: DEBUG: Query is: select surfers_UserPwd,
surfers_SimConnection, surfers_Hours from surfers_DialUp where
surfers_UserName="v0111111" and surfers_Status=1
Wed May 9 19:15:35 2001: DEBUG: Radius::AuthSQL looks for match with
v0111111
Wed May 9 19:15:35 2001: DEBUG: Radius::AuthSQL ACCEPT:
Wed May 9 19:15:35 2001: DEBUG: User v0111111 has no time left
Wed May 9 19:15:35 2001: INFO: Access rejected for v0111111:
Wed May 9 19:15:35 2001: ERR: There is no value named -290 for attribute
Session-Timeout. Using 0.
Wed May 9 19:15:35 2001: DEBUG: Packet dump:
*** Sending to 127.0.0.1 port 1231 ....
Code: Access-Reject
Identifier: 225
Authentic: 1234567890123456
Attributes:
Session-Timeout = -290
Idle-Timeout = 900
Reply-Message = "Request Denied"
----------------------------------------------------------------
I get No Reply for Accounting START/STOP.
Negative Session-Timeout errors as well in the logfile.
What and where could be the problem.
Any help would be appreciated.
Regards,
Deepak
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list