(RADIATOR) AccountingStopsOnly in AuthBy RADIUS?

Hugh Irvine hugh at open.com.au
Tue Sep 18 04:16:27 CDT 2001 

Hello Hylke -

I hope you had a pleasant summer holiday? Did you do lots of sailing?

On Tuesday 18 September 2001 17:32, h.zuidema at kpn.com wrote:
> Hi Hugh,
>
> In our network we have to proxy all accounting packets (starts, stops,
> alives) to our customers. In addition to this I want to proxy stop packets
> only to our reporting system. Could I use AccountingStopsOnly (as described
> for AuthBy SQL)?
>
> For example (this Realm does not handle auth):
>
> <Realm xxx>
>     AccountingHandled
>     <AuthBy RADIUS>
>         ... proxy to customer ....
>         IgnoreAccoutingResponse
>     </AuthBy>
>     <AuthBy RADIUS>
>         AccountingStopsOnly
>         ... proxy to reporting system ....
>         IgnoreAccoutingResponse
>     </AuthBy>
> </Realm>
>
> If not, is there another way to achieve this?
>

In this case, if you are using Realms, I think you will have to set up a 
PreAuthHook to do this. You would just define the AuthBy RADIUS clause once, 
and set up the Hook for each Realm that you want to use it in.

# define AuthBy

<AuthBy RADIUS>
	Identifier ProxyToReportingSystem
	.....
	IgnoreAccountingResponse
</AuthBy>

# define Realms

<Realm xxx>
	AccountingHandled
	PreAuthHook file:"%D/reporting.pl"
	<AuthBy RADIUS>
		.....
	</AuthBy>
</Realm>


The file "reporting.pl" would contain something like this:

# reporting.pl
#
# PreAuthHook to forward accounting
# stops only to the reporting system.
#
# Author: Hugh Irvine (hugh at open.com.au)
# Copyright (C) 2001 Open System Consultants
#

sub
{
    my $p = ${$_[0]};
    my $rp = ${$_[1]};

    my $status = $p->get_attr('Acct-Status-Type');

    if ($status eq 'Stop')
    {
        my $authby = Radius::AuthGeneric::find('ProxyToReportingSystem');
        my ($rc, $reason) = $authby->handle_request($p, $rp); 
    }
    return;
}

This is pretty rough and I haven't tested it, but you should get the idea.

You can look at the example hooks in the file "goodies/hooks.txt" if you want 
to add debug statements and so on to the above.

Please let me know how you get on.

regards

Hugh
	

-- 
Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list