(RADIATOR) BillMax 1.4.5 on RedHat

Mike McCauley mikem at open.com.au
Tue Sep 25 06:51:27 CDT 2001 

Hello All.

We have completed some detailed testing with BillMax 1.5.4 on RedHat Linux 
7.1 against Radiator 2.18.4.

Our conclusion is that BillMax is a very full featured web-based Unix ISP 
billing package that installs in RH7.1 very easily, and is very easy to use, 
with an extensive web interface. It uses Apache and mysql. It comes with its 
own optional radius server (a Merit variant) and works (through file 
importing and exporting) with any radius server, but we have been exploring 
how to make Radiator interface directly.

This integration was very successful, and allows you much greater 
configurability and flexibility than the built in server. With the attached 
config file, Radiator authenticates directly from the BillMax mysql database, 
and inserts accounting directly into it.

I have attached a config file and some explanatory text, which will both be 
included in the next release 2.19 of Radiator.

We dont have any commercial interest in BillMax: this is for general interest 
of the community.

Feedback, problems and suggestions to me directly, please.

Cheers.
-------------- next part --------------
# billmax.cfg
#
# Example Radiator configuration file that allows you to
# authenticate from a BillMax MySQL database.
# With Radiator you can interface with almost any database schema,
# and there are many more configurable parameters that allow you
# to control database fallback, select statements, column names
# and arrangements etc etc etc.
#
# This config will work with the basic BillMax setup where 
# the dialup service has resource number 1.
#
# See the reference manual for more details.
# This is a very simple exmaple to get you started. 
#
# You should consider this file to be a starting point only
# $Id: sql.cfg,v 1.5 2000/11/07 21:18:05 mikem Exp $

Foreground
LogStdout
LogDir		.
DbDir		.

# You will probably want to change this to suit your site.
# You should prpobably create a Client clause for each NAS in your
# Network.
<Client DEFAULT>
	Secret	mysecret
	DupInterval 0
</Client>

# This will authenticate from the BillMax tables.
<Realm DEFAULT>
    <AuthBy SQL>
	# Adjust DBSource, DBUsername, DBAuth to suit your DB
	# The standard BillMax database, username and password are fixed
	# This DBSource will work fine when Radiator and BillMax are on 
	# the same machine. You will need to change it and set up permissions
	# in the MySQL access control tables if you ewant to connect from
	# a remote host.
	DBSource	dbi:mysql:database=flcdba;mysql_socket=/tmp/mysql.sock
	DBUsername	flcdba
	DBAuth		flcdba

	# This AuthSelct is suitable for BillMax systems that do not have 
	# Terminal Servers configured.
	# It selects users with services with resource number 1 enabled
	# You should make sure that the users to be permitted to dial
	# in have a service with Resource number 1 enabled. If its not
	# resource 1, then you will need to change the number that
	# service.resources is masked with to 2**(n-1)
	AuthSelect	select service.d02, service.number \
		from service, user, account \
		where service.d01=%0 \
		and (service.resources & 1) != 0 \
		and service.user = user.number \
		and user.account = account.number \
		and account.state = 0 \
		and user.state = 0 \
		and service.state = 0

	# This AuthSelect is suitable for BillMax systems 
	# That have Terminal Servers configured and used to define
	# which users have access to which terminal server
#	AuthSelect  select service.d02, service.number \
#		FROM service,termservers WHERE service.d01=%0 AND \
#		service.state=0 AND service.resources&termservers.resources \
#		AND termservers.ipnum='%N' ORDER BY number

	# This tells Radiator what to do with the columns we get back 
	# from AuthSelect. We use the Class to remember which Service 
	# we authenticated.	
	AuthColumnDef	0,Encrypted-Password,check
	AuthColumnDef	1,Class,reply

	# We only store the stops at the end of a session	
	AccountingStopsOnly

	# Note: this does not set enddate or endtime
	AccountingTable	datacall
	AcctColumnDef	username,User-Name
	AcctColumnDef	callnum,Acct-Session-Id
	AcctColumnDef	service,Class,integer
	AcctColumnDef	termip,NAS-Identifier
	AcctColumnDef	startdate,Timestamp,integer-date,%Y-%m-%e
	AcctColumnDef	starttime,Timestamp,integer-date,%T
	AcctColumnDef	length,Acct-Session-Time,integer
	AcctColumnDef	progress,Ascend-Connect-Progress
	AcctColumnDef	disconnect,Acct-Terminate-Cause
	AcctColumnDef	userip,Framed-IP-Address
	AcctColumnDef	dnis,Called-Station-Id
	AcctColumnDef	protocol,Framed-Protocol
	AcctColumnDef	baudup,Ascend-Data-Rate
	AcctColumnDef	bauddown,Ascend-Xmit-Rate
	AcctColumnDef	bytesin,Acct-Input-Octets
	AcctColumnDef	bytesout,Acct-Output-Octets
	AcctColumnDef	pktin,Acct-Input-Packets
	AcctColumnDef	pktout,Acct-Output-Packets
	AcctColumnDef	port,Ascend-Modem-PortNo
	AcctColumnDef	slot,Ascend-Modem-SlotNo
	AcctColumnDef	shelf,Ascend-Modem-ShelfNo
	AcctColumnDef	mlid,Ascend-Multilink-ID
	AcctColumnDef	mlnum,Ascend-Num-In-Multilink
	AcctColumnDef	callerid,Calling-Station-Id


	# You can arrange to log accounting to a file if the
	# SQL insert fails with AcctFailedLogFileName
	# That way you could recover from a broken SQL
	# server by using the BillMax radius accounting importing
	# utility
	#AcctFailedLogFileName %D/missedaccounting
    </AuthBy>
</Realm>
-------------- next part --------------
Radiator works fine with BillMax, and can be configured to work 
either directly or indirectly with BillMax.

Indirect:

Radiator works with users files exported from BillMax with the gen_radius
program (see the BillMax docs for more details), and with accounting
detail files imported into BillMax with radparse.

Radiator can also be configured to proxy to the BillMax Radius server.

Direct:
Radiator can be used to integrate directly with BillMax. This means that
Radiator will query directly to the BillMax MySQL database. You would
do this if you wanted to use Radiator instead of the radius server
provided with BillMax. You might want to use Radiator instead of the
BillMax radius server becasue Radiator provides many more and more
sophisticated features than their Merit variant.

When you use Radiator directly with BillMax, you can run Radiator either
on the same host as BillMax, or on one or more other hosts. 
In either case, you need to install perl, DBI and DBD-mysql on the 
Radiator host, followed by Radiator.

Hint: If you install DBD-myql from RedHat rpms, you may also
have to install the mysql rpms. If you do that you _must_ remove the 
/etc/my.cnf that is installed by the mysql rpm. If you dont you will be 
_unable_ to start the BillMax MySQL server, eg:

rpm -Uvh mysql-3.23.36-1.i386.rpm   
rpm -Uvh mysql-devel-3.23.36-1.i386.rpm      
rpm -Uvh perl-DBD-MySQL-1.2215-1.i386.rpm 
rm -f /etc/my.cnf   

Hint:
The BillMax MySQL server is configured to use /tmp/mysql.sock as its Unix
socket.

There is an example Radiator configuration file billmax.cfg that
will work with BillMax on the same host as Radiator:

   perl radiusd -config_file goodies/billmax.cfg trace 4  

This config file assumes that you have not defined any Termianl Servers,
but rather that you have defined Resource 1 to 
represent dialup permission, and that the dialup Service has that Resource
enabled, and that all your dialup users have the dialup Service.

So to test with BillMax, you need to:

1. Install BillMax.
2. Start BillMax,
3. Using the BillMax web interface, Settings menu, create a Resource
   number 1.
4. Under Settings menu, create a Service Definition, with the Resouce
   you created above.
5. Create an Account with a User, who has the Service you created above.


If you are using a different Resource numbr for dialup, or if you
have different resource numbers for different types of Radius
controlled services, you can change the AuthSelect in billmax.cfg to suit.
A Resource is basically a bit in the service.resources bitmask, where resource
1 is the least significant bit, resource 2 is bit 2 etc.

For example, if you want to permit users only if they have a service with
Resource 3, you would need to change your AuthSelect to something like:

	AuthSelect	select d02 from service, user, account \
	where service.d01=%0 \
	and (service.resources & 8) != 0 \
	and service.user = user.number \
	and user.account = account.number \
	and account.state = 0 \
	and user.state = 0 \
	and service.state = 0


If you wish to use the configured Terminal Server entries to define
what services to use, you could use an AuthSelect like this:

AuthSelect  service.d02, service.number \
FROM service,termservers WHERE service.d01=%0 AND \
service.state=0 AND service.resources&termservers.resources \
AND termservers.ipnum='%N' ORDER BY number

More information about the radiator mailing list