(RADIATOR) LDAP AUTH and MySQL Accounting

Andreas Häggander andreas at defero.net
Thu Oct 4 07:36:32 CDT 2001


Hi !

I want use LDAP for Authentucation and store the Accounting in a MySQL 
database. At the same time i want to use a MySQL database for a session 
database.

Is this possible ?

I have tried this (AUTH by FILE and not LDAP for so long) , see below, but 
i can´t get it working with the SessionDB and the Accunting.
A


radius.cfg

AuthPort        1645
AcctPort        1646

<Client x.x.x.x>
         Secret  mysecret
         DupInterval 0
</Client>

<Realm DEFAULT>

         <AuthBy FILE>
               Filename  /usr/local/etc/users
               DefaultSimultaneousUse 1
               AcctLogFileName       /usr/local/etc/detail
         </AuthFile>

<AuthBy SQL>

         DBSource        dbi:mysql:radius
         DBUsername      root
         DBAuth          hegge74

         AccountingTable ACCOUNTING
         AcctColumnDef   USERNAME,User-Name
         AcctColumnDef   TIME_STAMP,Timestamp,integer
         AcctColumnDef   ACCTSTATUSTYPE,Acct-Status-Type
         AcctColumnDef   ACCTDELAYTIME,Acct-Delay-Time,integer
         AcctColumnDef   ACCTINPUTOCTETS,Acct-Input-Octets,integer
         AcctColumnDef   ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
         AcctColumnDef   ACCTSESSIONID,Acct-Session-Id
         AcctColumnDef   ACCTSESSIONTIME,Acct-Session-Time,integer
         AcctColumnDef   ACCTTERMINATECAUSE,Acct-Terminate-Cause
         AcctColumnDef   NASIDENTIFIER,NAS-Identifier
         AcctColumnDef   NASPORT,NAS-Port,integer
         AcctColumnDef   FRAMEDIPADDRESS,Framed-IP-Address

</AuthBy>
</Realm>

<SessionDatabase SQL>

         DBSource        dbi:mysql:radius:localhost
         DBUsername      mysqluser
         DBAuth         mysqlpasswd

</SessionDatabase>



Code:       Access-Request
Identifier: 62
Authentic:  <0><0>b<25><0><0>:<129><0><0>w<19><0><0>HS
Attributes:
         User-Name = "mike at test.net"
         User-Password = 
"<4><255>i<14><204>Ol<177><242>h<207><127><168><180><247><194>"
         Acct-Session-Id = "9800003e"
         NAS-IP-Address = x.x.x.x
         Shasta-SGROUP = "Shasta 5000: iSOS (tm), 2.5.3.0"
         Service-Type = Framed-User
         Framed-Protocol = PPP
         NAS-Port = 123965696

Thu Oct  4 14:12:11 2001: DEBUG: Handling request with Handler 'Realm=DEFAULT'
Thu Oct  4 14:12:11 2001: DEBUG:  Deleting session for mike at test.net, 
x.x.x.x, 123965696
Thu Oct  4 14:12:11 2001: DEBUG: Handling with Radius::AuthFILE:
Thu Oct  4 14:12:11 2001: DEBUG: Radius::AuthFILE looks for match with 
mike at test.net
Thu Oct  4 14:12:11 2001: DEBUG: Radius::AuthFILE ACCEPT:
Thu Oct  4 14:12:11 2001: DEBUG: Access accepted for mike at test.net
Thu Oct  4 14:12:11 2001: DEBUG: Packet dump:
*** Sending to 212.73.0.14 port 49152 ....
Code:       Access-Accept
Identifier: 62
Authentic:  <0><0>b<25><0><0>:<129><0><0>w<19><0><0>HS

Attributes:
         Framed-IP-Address = 0.0.0.0
         Framed-IP-Netmask = 0.0.0.0


Thu Oct  4 14:12:11 2001: DEBUG: Packet dump:
*** Received from x.x.x.x port 49153 ....
Code:       Accounting-Request
Identifier: 89
Authentic:  <227>O<zl<146>#qn<4>9<238><209>3<253><138>
Attributes:
         Acct-Status-Type = Start
         User-Name = "mike at test.net"
         Event-Timestamp = 1002204666
         Service-Type = Annex-Framed-Tunnel
         NAS-IP-Address = x.x.x.x
         Shasta-SGROUP = "Shasta 5000: iSOS (tm), 2.5.3.0"
         NAS-Port = 180
         Acct-Session-Id = "9800003e"
         Acct-Authentic = RADIUS
         Framed-IP-Address = 10.75.0.222
         Framed-IP-Netmask = 255.255.255.255

Thu Oct  4 14:12:11 2001: DEBUG: Handling request with Handler 'Realm=DEFAULT'
Thu Oct  4 14:12:11 2001: DEBUG:  Adding session for mike at test.net, 
x.x.x.x, 180
Thu Oct  4 14:12:11 2001: DEBUG: Handling with Radius::AuthFILE:
Thu Oct  4 14:12:11 2001: DEBUG: Accounting accepted
Thu Oct  4 14:12:11 2001: DEBUG: Packet dump:
*** Sending to 212.73.0.14 port 49153 ....
Code:       Accounting-Response
Identifier: 89
Authentic:  <227>O<zl<146>#qn<4>9<238><209>3<253><138>
Attributes:

Thu Oct  4 14:14:49 2001: DEBUG: Packet dump:
*** Received from x.x.x.x port 49153 ....
Code:       Accounting-Request
Identifier: 90
Authentic:  <196><132><231>`<7><1><155><198>MGZ<173><31><25>Wn
Attributes:
         Acct-Status-Type = Stop
         User-Name = "mike at test.net"
         Event-Timestamp = 1002204823
         Service-Type = Annex-Framed-Tunnel
         NAS-IP-Address = x.x.x.x
         Shasta-SGROUP = "Shasta 5000: iSOS (tm), 2.5.3.0"
         NAS-Port = 180
         Acct-Session-Id = "9800003e"
         Acct-Authentic = RADIUS
         Framed-IP-Address = 10.75.0.222
         Framed-IP-Netmask = 255.255.255.255
         Acct-Input-Octets = 10224
         Acct-Output-Octets = 46328
         Acct-Input-Packets = 92
         Acct-Output-Packets = 95
         Acct-Terminate-Cause = Lost-Carrier
         Acct-Session-Time = 157

Thu Oct  4 14:14:49 2001: DEBUG: Handling request with Handler 'Realm=DEFAULT'
Thu Oct  4 14:14:49 2001: DEBUG:  Deleting session for mike at test.net, 
x.x.x.x, 180
Thu Oct  4 14:14:49 2001: DEBUG: Handling with Radius::AuthFILE:
Thu Oct  4 14:14:49 2001: DEBUG: Accounting accepted
Thu Oct  4 14:14:49 2001: DEBUG: Packet dump:
*** Sending to 212.73.0.14 port 49153 ....
Code:       Accounting-Response
Identifier: 90
Authentic:  <196><132><231>`<7><1><155><198>MGZ<173><31><25>Wn
Attributes:


mysql> select * from ACCOUNTING;
Empty set (0.00 sec)

mysql> select * from RADONLINE;
Empty set (0.00 sec)



Cheers

/Andreas

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list