(RADIATOR) Help getting MySQL Accounting working

Steve Caporossi capoross at musc.edu
Mon Aug 5 14:17:06 CDT 2002


Thanks Hugh.

I have a couple more questions,  Why is the timestamp inserted with the incorrect date?  I tried all the permutations of the timestamp but, I either get 0000-00-00 00:00:00 or an incorrect date such as 2000-10-28 57:17:65 which is from 5 minutes ago.  

Thanks,
Steve
  ----- Original Message ----- 
  From: Hugh Irvine 
  To: Steve Caporossi 
  Cc: radiator at open.com.au 
  Sent: Tuesday, July 30, 2002 7:47 PM
  Subject: Re: (RADIATOR) Help getting MySQL Accounting working


  Hello Steve -

  You should do it this way:

  # define Realm
  # Note the AuthByPolicy with the accounting first and authentication second

  <Realm DEFAULT>

  AuthByPolicy ContinueAlways

          <AuthBy SQL>
          DBSource        dbi:mysql:radiuslogs
          DBUsername      removed
          DBAuth          removed

          AuthSelect
   
          AccountingTable ACCOUNTING
          AcctColumnDef   USERNAME,username
          AcctColumnDef   TIME_STAMP,Timestamp,integer
          AcctColumnDef   ACCTSTATUSTYPE,Acct-Status-Type
          AcctColumnDef   ACCTDELAYTIME,Acct-Delay-Time,integer
          AcctColumnDef   ACCTINPUTOCTETS,Acct-Input-Octets,integer
          AcctColumnDef   ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
          AcctColumnDef   ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
          AcctColumnDef   ACCTINPUTPACKETS,Acct-Input-Packets,integer
          AcctColumnDef   ACCTOUTPUTPACKETS,Acct-Output-Packets,integer
          AcctColumnDef   ACCTSESSIONID,Acct-Session-Id
          AcctColumnDef   ACCTSESSIONTIME,Acct-Session-Time,integer
          AcctColumnDef   ACCTTERMINATECAUSE,Acct-Terminate-Cause,integer
          AcctColumnDef   NASIPADDRESS,NAS-IP-Address,
          AcctColumnDef   NASIDENTIFIER,NAS-Identifier
          AcctColumnDef   NASPORT,NAS-Port,integer
          AcctColumnDef   NASPORTTYPE,NAS-Port-Type
          AcctColumnDef   FRAMEDIPADDRESS,Framed-IP-Address
          AcctColumnDef   CALLEDSTATIONID,Called-Station-Id
          AcctColumnDef   CALLINGSTATIONID,Calling-Station-Id
          AcctColumnDef   ACCTAUTHENTIC,Acct-Authentic
          AcctColumnDef   FRAMEDPROTOCOL,Framed-Protocol
          AcctColumnDef   ACCTLINKCNT,Acct-Link-Count
          AcctColumnDef   ACCTMULTISESSID,Acct-Multi-Session-Id
          AcctColumnDef   CLASS,Class
          AcctColumnDef   ACCOUNTSESSIONTIME,Acct-Session-Time,integer
          AcctColumnDef   TUNNELCLIENTENDPOINT,Tunnel-Client-Endpoint
   
          # AcctFailedLogFileName %D/missedaccounting
          </AuthBy>

          <AuthBy UNIX>
                  Filename /etc/shadow
          </AuthBy>
   
         # Log accounting to a detail file
          AcctLogFileName %L/%{Client:Identifier}/%m%d%y.log
   
   </Realm>

  regards

  Hugh

  On Tuesday, July 30, 2002, at 10:02 PM, Steve Caporossi wrote:


    Can anyone give me any hints as to why I cannot get any accounting entries in my database?   Below is my radius config and the output from a Trace 4.  I am authenticating from the system password file OK but no accounting is being put into the database.  I am running RH7.2 and Radiator 3.0.
     
    Thanks, Steve
     
    *************************** Config ***************************
    # radius.cfg
    #
    # Radiator configuration file.
    #
    #
     
    #Foreground
    #LogStdout
    LogDir          /var/log/radius
    DbDir           /etc/radiator
    # Use a low trace level in production systems. Increase
    # it to 4 or 5 for debugging, or use the -trace flag to radiusd
    Trace           4
     
    # Add other Clients below...
    <Client xxx.xxx.xxx.xxx>
            Identifier ppp 
            Secret removed
            DupInterval 0
    </Client>
     
    <Client xxx.xxx.xxx.xxx>
            Identifier ppp
            Secret removed
            DupInterval 0
    </Client>
     
    <Client xxx.xxx.xxx.xxx>
            Identifier vpn
            Secret removed
            DupInterval 0
    </Client>
     

    <Realm DEFAULT>
            <AuthBy UNIX>
                    Filename /etc/shadow
            </AuthBy>
            # Log accounting to a detail file
            AcctLogFileName %L/%{Client:Identifier}/%m%d%y.log
     
            <AuthBy SQL>
            DBSource        dbi:mysql:radiuslogs
            DBUsername      removed
            DBAuth          removed
            AuthSelect
     
            AccountingTable ACCOUNTING
            AcctColumnDef   USERNAME,username
            AcctColumnDef   TIME_STAMP,Timestamp,integer
            AcctColumnDef   ACCTSTATUSTYPE,Acct-Status-Type
            AcctColumnDef   ACCTDELAYTIME,Acct-Delay-Time,integer
            AcctColumnDef   ACCTINPUTOCTETS,Acct-Input-Octets,integer
            AcctColumnDef   ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
            AcctColumnDef   ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
            AcctColumnDef   ACCTINPUTPACKETS,Acct-Input-Packets,integer
            AcctColumnDef   ACCTOUTPUTPACKETS,Acct-Output-Packets,integer
            AcctColumnDef   ACCTSESSIONID,Acct-Session-Id
            AcctColumnDef   ACCTSESSIONTIME,Acct-Session-Time,integer
            AcctColumnDef   ACCTTERMINATECAUSE,Acct-Terminate-Cause,integer
            AcctColumnDef   NASIPADDRESS,NAS-IP-Address,
            AcctColumnDef   NASIDENTIFIER,NAS-Identifier
            AcctColumnDef   NASPORT,NAS-Port,integer
            AcctColumnDef   NASPORTTYPE,NAS-Port-Type
            AcctColumnDef   FRAMEDIPADDRESS,Framed-IP-Address
            AcctColumnDef   CALLEDSTATIONID,Called-Station-Id
            AcctColumnDef   CALLINGSTATIONID,Calling-Station-Id
            AcctColumnDef   ACCTAUTHENTIC,Acct-Authentic
            AcctColumnDef   FRAMEDPROTOCOL,Framed-Protocol
            AcctColumnDef   ACCTLINKCNT,Acct-Link-Count
            AcctColumnDef   ACCTMULTISESSID,Acct-Multi-Session-Id
            AcctColumnDef   CLASS,Class
            AcctColumnDef   ACCOUNTSESSIONTIME,Acct-Session-Time,integer
            AcctColumnDef   TUNNELCLIENTENDPOINT,Tunnel-Client-Endpoint
     
            # AcctFailedLogFileName %D/missedaccounting
            </AuthBy>
    </Realm>
     
     
    *************************** TRACE 4 ***************************
    Mon Jul 29 15:37:22 2002: DEBUG: Packet dump:
    *** Received from x.x.x.x port 1645 ....
    Code:       Access-Request
    Identifier: 57
    Authentic:  ?R<210><13>r<<135><132>R<192><4><28><207>9<183><134>
    Attributes:
            NAS-IP-Address = x.x.x.x
            NAS-Port = 114
            NAS-Port-Type = Async
            User-Name = "username"
            Called-Station-Id = "3238732"
            Calling-Station-Id = "5551212"
            User-Password = "<202><2>]L><195><197>u<184><248><130><198><128>.<30>9"
            Service-Type = Framed-User
            Framed-Protocol = PPP
     
    Mon Jul 29 15:37:22 2002: DEBUG: Handling request with Handler 'Realm=DEFAULT'
    Mon Jul 29 15:37:22 2002: DEBUG:  Deleting session for username, x.x.x.x, 114
    Mon Jul 29 15:37:22 2002: DEBUG: Handling with Radius::AuthUNIX:
    Mon Jul 29 15:37:22 2002: DEBUG: Radius::AuthUNIX looks for match with username
    Mon Jul 29 15:37:22 2002: DEBUG: Radius::AuthUNIX ACCEPT:
    Mon Jul 29 15:37:22 2002: DEBUG: Access accepted for username
    Mon Jul 29 15:37:22 2002: DEBUG: Packet dump:
    *** Sending to x.x.x.x port 1645 ....
    Code:       Access-Accept
    Identifier: 57
    Authentic:  ?R<210><13>r<<135><132>R<192><4><28><207>9<183><134>
    Attributes:
     
    Mon Jul 29 15:37:22 2002: DEBUG: Packet dump:
    *** Received from x.x.x.x port 1646 ....
    Code:       Accounting-Request
    Identifier: 58
    Authentic:  Q<29>:<144>-A<198><199>z<154>*}<<145>Q<171>
    Attributes:
            NAS-IP-Address = x.x.x.x
            NAS-Port = 114
            NAS-Port-Type = Async
            User-Name = "username"
            Called-Station-Id = "3238732"
            Calling-Station-Id = "5551212"
            Acct-Status-Type = Start
            Acct-Authentic = RADIUS
            Service-Type = Framed-User
            Acct-Session-Id = "000001D4"
            Framed-Protocol = PPP
            Acct-Link-Count = 1
            Acct-Multi-Session-Id = "44"
            Framed-IP-Address = x.x.x.49
            Acct-Delay-Time = 0
     
    Mon Jul 29 15:37:22 2002: DEBUG: Handling request with Handler 'Realm=DEFAULT'
    Mon Jul 29 15:37:22 2002: DEBUG:  Adding session for username, x.x.x.x, 114
    Mon Jul 29 15:37:22 2002: DEBUG: Handling with Radius::AuthUNIX:
    Mon Jul 29 15:37:22 2002: DEBUG: Accounting accepted
    Mon Jul 29 15:37:22 2002: DEBUG: Packet dump:
    *** Sending to x.x.x.x port 1646 ....
    Code:       Accounting-Response
    Identifier: 58
    Authentic:  Q<29>:<144>-A<198><199>z<154>*}<<145>Q<171>
    Attributes:
     
    Mon Jul 29 15:38:18 2002: DEBUG: Packet dump:
    *** Received from x.x.x.x port 1646 ....
    Code:       Accounting-Request
    Identifier: 59
    Authentic:  <2>j!<3><165><174><239><227>X<242>0neH[)
    Attributes:
            NAS-IP-Address = x.x.x.x
            NAS-Port = 114
            NAS-Port-Type = Async
            User-Name = "username"
            Called-Station-Id = "3238732"
            Calling-Station-Id = "5551212"
            Acct-Status-Type = Stop
            Acct-Authentic = RADIUS
            Service-Type = Framed-User
            Acct-Session-Id = "000001D4"
            Framed-Protocol = PPP
            Acct-Link-Count = 1
            Acct-Multi-Session-Id = "44"
            Framed-IP-Address = x.x.x.49
            Acct-Terminate-Cause = User-Request
            Acct-Input-Octets = 1363
            Acct-Output-Octets = 721
            Acct-Input-Packets = 37
            Acct-Output-Packets = 15
            Acct-Session-Time = 54
            Acct-Delay-Time = 0
     
    Mon Jul 29 15:38:18 2002: DEBUG: Handling request with Handler 'Realm=DEFAULT'
    Mon Jul 29 15:38:18 2002: DEBUG:  Deleting session for username, x.x.x.x, 114
    Mon Jul 29 15:38:18 2002: DEBUG: Handling with Radius::AuthUNIX:
    Mon Jul 29 15:38:18 2002: DEBUG: Accounting accepted
    Mon Jul 29 15:38:18 2002: DEBUG: Packet dump:
    *** Sending to x.x.x.x port 1646 ....
    Code:       Accounting-Response
    Identifier: 59
    Authentic:  <2>j!<3><165><174><239><227>X<242>0neH[)
    Attributes:


  --
  Radiator: the most portable, flexible and configurable RADIUS server 
  anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
  Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc 
  on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X etc etc


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.open.com.au/pipermail/radiator/attachments/20020805/cbb1a712/attachment.html>


More information about the radiator mailing list