(RADIATOR) Help getting MySQL Accounting working
Steve Caporossi
capoross at musc.edu
Mon Aug 5 14:17:06 CDT 2002
Thanks Hugh.
I have a couple more questions, Why is the timestamp inserted with the incorrect date? I tried all the permutations of the timestamp but, I either get 0000-00-00 00:00:00 or an incorrect date such as 2000-10-28 57:17:65 which is from 5 minutes ago.
Thanks,
Steve
----- Original Message -----
From: Hugh Irvine
To: Steve Caporossi
Cc: radiator at open.com.au
Sent: Tuesday, July 30, 2002 7:47 PM
Subject: Re: (RADIATOR) Help getting MySQL Accounting working
Hello Steve -
You should do it this way:
# define Realm
# Note the AuthByPolicy with the accounting first and authentication second
<Realm DEFAULT>
AuthByPolicy ContinueAlways
<AuthBy SQL>
DBSource dbi:mysql:radiuslogs
DBUsername removed
DBAuth removed
AuthSelect
AccountingTable ACCOUNTING
AcctColumnDef USERNAME,username
AcctColumnDef TIME_STAMP,Timestamp,integer
AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer
AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
AcctColumnDef ACCTINPUTPACKETS,Acct-Input-Packets,integer
AcctColumnDef ACCTOUTPUTPACKETS,Acct-Output-Packets,integer
AcctColumnDef ACCTSESSIONID,Acct-Session-Id
AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause,integer
AcctColumnDef NASIPADDRESS,NAS-IP-Address,
AcctColumnDef NASIDENTIFIER,NAS-Identifier
AcctColumnDef NASPORT,NAS-Port,integer
AcctColumnDef NASPORTTYPE,NAS-Port-Type
AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
AcctColumnDef CALLEDSTATIONID,Called-Station-Id
AcctColumnDef CALLINGSTATIONID,Calling-Station-Id
AcctColumnDef ACCTAUTHENTIC,Acct-Authentic
AcctColumnDef FRAMEDPROTOCOL,Framed-Protocol
AcctColumnDef ACCTLINKCNT,Acct-Link-Count
AcctColumnDef ACCTMULTISESSID,Acct-Multi-Session-Id
AcctColumnDef CLASS,Class
AcctColumnDef ACCOUNTSESSIONTIME,Acct-Session-Time,integer
AcctColumnDef TUNNELCLIENTENDPOINT,Tunnel-Client-Endpoint
# AcctFailedLogFileName %D/missedaccounting
</AuthBy>
<AuthBy UNIX>
Filename /etc/shadow
</AuthBy>
# Log accounting to a detail file
AcctLogFileName %L/%{Client:Identifier}/%m%d%y.log
</Realm>
regards
Hugh
On Tuesday, July 30, 2002, at 10:02 PM, Steve Caporossi wrote:
Can anyone give me any hints as to why I cannot get any accounting entries in my database? Below is my radius config and the output from a Trace 4. I am authenticating from the system password file OK but no accounting is being put into the database. I am running RH7.2 and Radiator 3.0.
Thanks, Steve
*************************** Config ***************************
# radius.cfg
#
# Radiator configuration file.
#
#
#Foreground
#LogStdout
LogDir /var/log/radius
DbDir /etc/radiator
# Use a low trace level in production systems. Increase
# it to 4 or 5 for debugging, or use the -trace flag to radiusd
Trace 4
# Add other Clients below...
<Client xxx.xxx.xxx.xxx>
Identifier ppp
Secret removed
DupInterval 0
</Client>
<Client xxx.xxx.xxx.xxx>
Identifier ppp
Secret removed
DupInterval 0
</Client>
<Client xxx.xxx.xxx.xxx>
Identifier vpn
Secret removed
DupInterval 0
</Client>
<Realm DEFAULT>
<AuthBy UNIX>
Filename /etc/shadow
</AuthBy>
# Log accounting to a detail file
AcctLogFileName %L/%{Client:Identifier}/%m%d%y.log
<AuthBy SQL>
DBSource dbi:mysql:radiuslogs
DBUsername removed
DBAuth removed
AuthSelect
AccountingTable ACCOUNTING
AcctColumnDef USERNAME,username
AcctColumnDef TIME_STAMP,Timestamp,integer
AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer
AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
AcctColumnDef ACCTINPUTPACKETS,Acct-Input-Packets,integer
AcctColumnDef ACCTOUTPUTPACKETS,Acct-Output-Packets,integer
AcctColumnDef ACCTSESSIONID,Acct-Session-Id
AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause,integer
AcctColumnDef NASIPADDRESS,NAS-IP-Address,
AcctColumnDef NASIDENTIFIER,NAS-Identifier
AcctColumnDef NASPORT,NAS-Port,integer
AcctColumnDef NASPORTTYPE,NAS-Port-Type
AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
AcctColumnDef CALLEDSTATIONID,Called-Station-Id
AcctColumnDef CALLINGSTATIONID,Calling-Station-Id
AcctColumnDef ACCTAUTHENTIC,Acct-Authentic
AcctColumnDef FRAMEDPROTOCOL,Framed-Protocol
AcctColumnDef ACCTLINKCNT,Acct-Link-Count
AcctColumnDef ACCTMULTISESSID,Acct-Multi-Session-Id
AcctColumnDef CLASS,Class
AcctColumnDef ACCOUNTSESSIONTIME,Acct-Session-Time,integer
AcctColumnDef TUNNELCLIENTENDPOINT,Tunnel-Client-Endpoint
# AcctFailedLogFileName %D/missedaccounting
</AuthBy>
</Realm>
*************************** TRACE 4 ***************************
Mon Jul 29 15:37:22 2002: DEBUG: Packet dump:
*** Received from x.x.x.x port 1645 ....
Code: Access-Request
Identifier: 57
Authentic: ?R<210><13>r<<135><132>R<192><4><28><207>9<183><134>
Attributes:
NAS-IP-Address = x.x.x.x
NAS-Port = 114
NAS-Port-Type = Async
User-Name = "username"
Called-Station-Id = "3238732"
Calling-Station-Id = "5551212"
User-Password = "<202><2>]L><195><197>u<184><248><130><198><128>.<30>9"
Service-Type = Framed-User
Framed-Protocol = PPP
Mon Jul 29 15:37:22 2002: DEBUG: Handling request with Handler 'Realm=DEFAULT'
Mon Jul 29 15:37:22 2002: DEBUG: Deleting session for username, x.x.x.x, 114
Mon Jul 29 15:37:22 2002: DEBUG: Handling with Radius::AuthUNIX:
Mon Jul 29 15:37:22 2002: DEBUG: Radius::AuthUNIX looks for match with username
Mon Jul 29 15:37:22 2002: DEBUG: Radius::AuthUNIX ACCEPT:
Mon Jul 29 15:37:22 2002: DEBUG: Access accepted for username
Mon Jul 29 15:37:22 2002: DEBUG: Packet dump:
*** Sending to x.x.x.x port 1645 ....
Code: Access-Accept
Identifier: 57
Authentic: ?R<210><13>r<<135><132>R<192><4><28><207>9<183><134>
Attributes:
Mon Jul 29 15:37:22 2002: DEBUG: Packet dump:
*** Received from x.x.x.x port 1646 ....
Code: Accounting-Request
Identifier: 58
Authentic: Q<29>:<144>-A<198><199>z<154>*}<<145>Q<171>
Attributes:
NAS-IP-Address = x.x.x.x
NAS-Port = 114
NAS-Port-Type = Async
User-Name = "username"
Called-Station-Id = "3238732"
Calling-Station-Id = "5551212"
Acct-Status-Type = Start
Acct-Authentic = RADIUS
Service-Type = Framed-User
Acct-Session-Id = "000001D4"
Framed-Protocol = PPP
Acct-Link-Count = 1
Acct-Multi-Session-Id = "44"
Framed-IP-Address = x.x.x.49
Acct-Delay-Time = 0
Mon Jul 29 15:37:22 2002: DEBUG: Handling request with Handler 'Realm=DEFAULT'
Mon Jul 29 15:37:22 2002: DEBUG: Adding session for username, x.x.x.x, 114
Mon Jul 29 15:37:22 2002: DEBUG: Handling with Radius::AuthUNIX:
Mon Jul 29 15:37:22 2002: DEBUG: Accounting accepted
Mon Jul 29 15:37:22 2002: DEBUG: Packet dump:
*** Sending to x.x.x.x port 1646 ....
Code: Accounting-Response
Identifier: 58
Authentic: Q<29>:<144>-A<198><199>z<154>*}<<145>Q<171>
Attributes:
Mon Jul 29 15:38:18 2002: DEBUG: Packet dump:
*** Received from x.x.x.x port 1646 ....
Code: Accounting-Request
Identifier: 59
Authentic: <2>j!<3><165><174><239><227>X<242>0neH[)
Attributes:
NAS-IP-Address = x.x.x.x
NAS-Port = 114
NAS-Port-Type = Async
User-Name = "username"
Called-Station-Id = "3238732"
Calling-Station-Id = "5551212"
Acct-Status-Type = Stop
Acct-Authentic = RADIUS
Service-Type = Framed-User
Acct-Session-Id = "000001D4"
Framed-Protocol = PPP
Acct-Link-Count = 1
Acct-Multi-Session-Id = "44"
Framed-IP-Address = x.x.x.49
Acct-Terminate-Cause = User-Request
Acct-Input-Octets = 1363
Acct-Output-Octets = 721
Acct-Input-Packets = 37
Acct-Output-Packets = 15
Acct-Session-Time = 54
Acct-Delay-Time = 0
Mon Jul 29 15:38:18 2002: DEBUG: Handling request with Handler 'Realm=DEFAULT'
Mon Jul 29 15:38:18 2002: DEBUG: Deleting session for username, x.x.x.x, 114
Mon Jul 29 15:38:18 2002: DEBUG: Handling with Radius::AuthUNIX:
Mon Jul 29 15:38:18 2002: DEBUG: Accounting accepted
Mon Jul 29 15:38:18 2002: DEBUG: Packet dump:
*** Sending to x.x.x.x port 1646 ....
Code: Accounting-Response
Identifier: 59
Authentic: <2>j!<3><165><174><239><227>X<242>0neH[)
Attributes:
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc
on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X etc etc
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.open.com.au/pipermail/radiator/attachments/20020805/cbb1a712/attachment.html>
More information about the radiator
mailing list