(RADIATOR) insert errors / new patch

Jerome Fleury jerome.fleury at freesbee.net
Mon Oct 29 08:32:34 CST 2001 

--On Monday, October 22, 2001 10:23:24 AM +1000 Mike McCauley 
<mikem at open.com.au> wrote:

> Hello Jerome,
>
> Thanks for the patch. I think you are right: it is more correct to match
> on  the real IP address of the originator, rather than what is claimed in
> NAS-IP-Address.
>
> We have rolled in your patch for the next release.
>

Thanks for having inluded it in 2.19.

I can read this in the changelog:

Improved duplicate detection in the case (such as Lucent TNT) where
   the Nas-IP-Address is not necessarily constant. Patch contributed by
   b.grange at libertysurf.fr.

This is not exactly what the patch does, the patch checks for UDP source 
port number, because many NAS sometimes send the same Identifiers to the 
radius server and the server believes there are duplicates. The IP array is 
to be more secure again. (Hope I'm clear enough, sorry for my bad english :)
Another point, this patch is contributed by Benoit Grange 
<b.grange at libertysurf.fr> and Jerome Fleury <jerome.fleury at freesbee.net>

Here is another patch, that is pretty useful to us. The purpose is to be 
able to insert IP addresses in the SQL database in Integer format. We 
handle a lot of accounting tickets in our database (1 million insert/day), 
and doing searches based on integer values is DEFINITELY more efficient 
than doing them on string values (such as '212.129.4.x').
It's quite simple to use, we just do something like this in our config file:
 AcctColumnDef   FRAMEDIPADDRESS,Framed-IP-Address,inet_aton
in an <AuthSQL> statement.
Then we can search through the database using the function INET_ATON('<ip 
address>') of mysql (don't know if it exists in other SQL systems)

This patch should work on 2.18.4 and 2.19 and I hope it will be included in 
next release, as it is very simple, but quite useful :)
This patch is contributed by Benoit Grange <b.grange at libertysurf.fr> and 
Jerome Fleury <jerome.fleury at freesbee.net>

Thanks for your great support!

--
Jerome Fleury     Tiscali/LibertySurf/WC
Network Engineer  Tel/Fax: +33 1 45082314


*** Radius/AuthSQL.pm.orig	Mon Oct 29 14:42:53 2001
--- Radius/AuthSQL.pm	Mon Oct 29 15:21:59 2001
***************
*** 386,394 ****
  	}
  	elsif ($type eq 'literal')
  	{
! 	    # Foramtting has already been done above. This is just to
  	    # avoid quotes
  	}
  	# Could define other data types here?
  	else
  	{
--- 386,405 ----
  	}
  	elsif ($type eq 'literal')
  	{
! 	    # Formatting has already been done above. This is just to
  	    # avoid quotes
  	}
+  	elsif ($type eq 'inet_aton')
+  	{
+ 	    # Patch by Benoit Grange <b.grange at libertysurf.fr>
+ 	    # and Jerome Fleury <jerome.fleury at freesbee.net>
+  	    # Convert an IPv4 address to an unsigned integer (32 bits)
+  	    # Can be used with MySQL 3.23 INET_ATON() and INET_NTOA() functions
+  	    my $ip = 0;
+  	    map ($ip = $ip*256+$_, split('\.', $value));
+  	    $value = sprintf ("%u", $ip);
+  	    $format = undef; # formatting done
+  	}
  	# Could define other data types here?
  	else
  	{
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <http://www.open.com.au/pipermail/radiator/attachments/20011029/84cadcc1/attachment.bin>

More information about the radiator mailing list