(RADIATOR) Simultaneous-Use check item in flat file
Gib Salisbury
gsalisbu at qtm.net
Fri Aug 16 14:00:25 CDT 2002
Hey again everyone,
Thanks for all the tips for my previous emails. I'm having a problem with
Simultaneous-Use checking. The DefaultSimultaneoususe item is set to 1,
but with users that are supposed to have more than one simultaneous login,
as denoted by the Check item in the user flat file. It always uses the
DefaultSimultaneoususe of 1, even when I configure the default user in the
flat file for 2 it still uses 1. Is there something wrong with my syntax?
Thanks in advance for the help. All the info in the world you could want
follows.
Gib Salisbury
Technician
Quantum Connections, LLC
211 Hilltop Ave
St. Joseph, MI 49085
http://www.qtm.net
Phone (616) or (888) 926-4242 x 215
Config File :
Radiator Configuration
Top File: /usr/local/etc/raddb/radius.cfg
------------------------------------------------------------------------
--------
# Radiator configuration file.
# Produced by /~kenreicj/radconfig.cgi Thu Jun 13 12:54:42 2002
#REMOTE_USER: , REMOTE_ADDR: 216.163.33.250
DbDir /raddb
DictionaryFile /raddb/dictionary
LogDir /raddb
LogFile %L\radius
PidFile radius.pid
SnmpgetProg /usr/local/bin/snmpget
RewriteUsername s/^([^@]+).*/$1/
RewriteUsername tr/[A-Z]/[a-z]/
RewriteUsername s/\s+//g
Trace 4
LogStdout
<AuthLog FILE>
Identifier logfile
Filename %L/authlog
LogSuccess 1
LogFailure 1
</AuthLog>
<AuthLog SQL>
Identifier logsql
DBSource dbi:mysql:radius
DBUsername radius
DBAuth XXXXXX
LogSuccess 1
LogFailure 1
</AuthLog>
<AuthBy UNIX>
DefaultSimultaneousUse 1
Description unix pw auth
Filename /etc/master.passwd
GroupFilename /etc/group
Identifier password
</AuthBy>
<AuthBy FILE>
DefaultSimultaneousUse 1
Description users std
Filename %D/users
Identifier users
</AuthBy>
<AuthBy FILE>
DefaultSimultaneousUse 1
Description tc8 users
Filename %D/tc8.users
Identifier tc8users
</AuthBy>
<AuthBy FILE>
DefaultSimultaneousUse 1
Description dsl
Filename %D/dsl.users
Identifier dslusers
</AuthBy>
<AuthBy FILE>
DefaultSimultaneousUse 1
Description x2 user auth
Filename %D/x2.users
Identifier x2users
</AuthBy>
<AuthBy FILE>
DefaultSimultaneousUse 1
Description wireless
Filename %D/wireless.users
Identifier wireless
</AuthBy>
<AuthBy SQL>
DBSource dbi:mysql:radius
DBUsername radius
DBAuth XXXXX
AuthSelect
Identifier sqlacct
AcctColumnDef USERNAME,User-Name
AcctColumnDef TIME_STAMP,Timestamp,integer
AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer
AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
AcctColumnDef ACCTSESSIONID,Acct-Session-Id
AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause
AcctColumnDef NASIDENTIFIER,NAS-Identifier
AcctColumnDef NASPORT,NAS-Port,integer
AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
AcctColumnDef CALLINGSTATION,Calling-Station-Id
AcctColumnDef CALLEDSTATION,Called-Station-Id
</AuthBy>
<ClientListSQL>
DBSource dbi:mysql:radius
DBUsername radius
DBAuth radiateme
</ClientListSQL>
<Log SQL>
DBSource dbi:mysql:radius
DBUsername radius
DBAuth radiateme
</Log>
<StatsLog SQL>
DBSource dbi:mysql:radius
DBUsername radius
DBAuth XXXXX
Interval 86400
</StatsLogSQL>
<Handler User-Name=/manager/>
<AuthBy INTERNAL>
DefaultResult ACCEPT
</AuthBy>
</Handler>
<Handler Realm = realmusers>
RewriteUsername s/^([^@]+).*/$1/
AuthByPolicy null
AuthLog logfile
AuthLog logsql
AuthBy sqlacct
AuthBy users
PasswordLogFileName %L/pwd.log
AcctLogFileName %L/details
SessionDatabase
</Handler>
<Handler Realm = x2realm>
RewriteUsername s/^([^@]+).*/$1/
AuthByPolicy Null
AuthLog logsql
AuthLog logfile
AuthBy sqlacct
AuthBy x2users
AcctLogFileName %L/details
PasswordLogFileName %L/pwd.log
SessionDatabase
</Handler>
<Handler Realm = dslrealm>
RewriteUsername s/^([^@]+).*/$1/
AuthByPolicy Null
AuthLog logsql
AuthLog logfile
AuthBy sqlacct
AuthBy dslusers
AcctLogFileName %L/details
PasswordLogFileName %L/pwd.log
SessionDatabase
</Handler>
<Handler Realm = tc8realm>
RewriteUsername s/^([^@]+).*/$1/
AuthByPolicy Null
AuthLog logsql
AuthLog logfile
AuthBy sqlacct
AuthBy tc8users
AcctLogFileName %L/details
PasswordLogFileName %L/pwd.log
SessionDatabase
</Handler>
<Handler Realm = wirelessrealm>
RewriteUsername s/^([^@]+).*/$1/
AuthByPolicy Null
AuthBy sqlacct
AuthBy wireless
AuthLog logfile
AcctLogFileName %L/details
PasswordLogFileName %L/pwd.log
SessionDatabase
</Handler>
<SessionDatabase SQL>
AddQuery insert into RADONLINE (USERNAME, NASIDENTIFIER, NASPORT,
ACCTSESSIONID, TIME_STAMP, FRAMEDIPADDRESS, NASPORTTYPE, SERVICETYPE)
values ('%u', '%N', 0%{NAS-Port}, '%{Acct-Session-Id}', %{Timestamp},
'%{Framed-IP-Address}', '%{NAS-Port-Type}', '%{Service-Type}')
ClearNasQuery delete from RADONLINE where NASIDENTIFIER='%N'
CountNasSessionsQuery select ACCTSESSIONID from RADONLINE where
NASIDENTIFIER='%N'
CountQuery select NASIDENTIFIER, NASPORT, ACCTSESSIONID from RADONLINE
where USERNAME='%u'
DBAuth XXXXX
DBSource dbi:mysql:radius
DBUsername radius
DeleteQuery delete from RADONLINE where NASIDENTIFIER='%N' and
NASPORT=0%{NAS-Port}
Description Current Session database
Identifier SessionSQL
</SessionDatabase>
Flat file entry :
tester Auth-Type = password, Simultaneous-Use = 2
Trace 4 debug :
*** Received from 216.163.38.2 port 1645 ....
Code: Access-Request
Identifier: 140
Authentic:
o<196>K<185><132><163><129><196><202><148><162>S<152><195>C<150>
Attributes:
User-Name = "tester"
User-Password =
"<135>8<166><31><214><184><11><153><159><234><21>]<214>z<229><140>"
NAS-IP-Address = 216.163.38.2
NAS-Identifier = "216.163.38.2"
NAS-Port = 10
Acct-Session-Id = "589831"
Service-Type = Framed-User
Framed-Protocol = PPP
Calling-Station-Id = "2699266099"
Called-Station-Id = "9701600"
NAS-Port-Type = Async
Fri Aug 16 14:15:46 2002: DEBUG: Rewrote user name to tester
Fri Aug 16 14:15:46 2002: DEBUG: Rewrote user name to tester
Fri Aug 16 14:15:46 2002: DEBUG: Rewrote user name to tester
Fri Aug 16 14:15:46 2002: DEBUG: Handling request with Handler 'Realm =
realmusers'
Fri Aug 16 14:15:46 2002: DEBUG: Rewrote user name to tester
Fri Aug 16 14:15:46 2002: DEBUG: SessionSQL Deleting session for tester,
216.163.38.2, 10
Fri Aug 16 14:15:46 2002: DEBUG: do query is: delete from RADONLINE where
NASIDENTIFIER='216.163.38.2' and NASPORT=010
Fri Aug 16 14:15:46 2002: DEBUG: Handling with Radius::AuthSQL
Fri Aug 16 14:15:46 2002: DEBUG: Handling with Radius::AuthFILE: users
Fri Aug 16 14:15:46 2002: DEBUG: Radius::AuthFILE looks for match with
tester
Fri Aug 16 14:15:46 2002: DEBUG: Handling with Radius::AuthUNIX: password
Fri Aug 16 14:15:46 2002: DEBUG: Radius::AuthUNIX looks for match with
tester
Fri Aug 16 14:15:46 2002: DEBUG: Query is: select NASIDENTIFIER, NASPORT,
ACCTSESSIONID from RADONLINE where USERNAME='tester'
Fri Aug 16 14:15:46 2002: DEBUG: Query is: select NASIDENTIFIER, NASPORT,
ACCTSESSIONID from RADONLINE where USERNAME='tester'
Fri Aug 16 14:15:46 2002: DEBUG: Checking if user is still online: Hiper,
tester, 216.163.38.2, 9, 524295
Fri Aug 16 14:15:46 2002: DEBUG: Running command `/usr/local/bin/snmpget -c
'public' 216.163.38.2 .iso.org.dod.internet.private.ent$
Fri Aug 16 14:15:46 2002: DEBUG: Radius::AuthUNIX REJECT:
DefaultSimultaneousUse of 1 exceeded
Fri Aug 16 14:15:46 2002: DEBUG: Radius::AuthFILE REJECT: DefaultSimulta
neousUse of 1 exceeded
Fri Aug 16 14:15:46 2002: DEBUG: Radius::AuthFILE looks for match with
DEFAULT
Fri Aug 16 14:15:46 2002: DEBUG: Handling with Radius::AuthUNIX: password
Fri Aug 16 14:15:46 2002: DEBUG: Radius::AuthUNIX looks for match with
tester
Fri Aug 16 14:15:46 2002: DEBUG: Query is: select NASIDENTIFIER, NASPORT,
ACCTSESSIONID from RADONLINE where USERNAME='tester'
Fri Aug 16 14:15:46 2002: DEBUG: Checking if user is still online: Hiper,
tester, 216.163.38.2, 9, 524295
Fri Aug 16 14:15:46 2002: DEBUG: Running command `/usr/local/bin/snmpget -c
'public' 216.163.38.2 .iso.org.dod.internet.private.ent$
Fri Aug 16 14:15:46 2002: DEBUG: Radius::AuthUNIX REJECT: Simultaneous-Use
of 1 exceeded
Fri Aug 16 14:15:46 2002: DEBUG: Radius::AuthFILE REJECT: Simultaneous-Use
of 1 exceeded
Fri Aug 16 14:15:46 2002: INFO: Access rejected for tester:
Simultaneous-Use of 1 exceeded
Fri Aug 16 14:15:46 2002: DEBUG: Packet dump:
*** Sending to 216.163.38.2 port 1645 ....
Code: Access-Reject
Identifier: 140
Authentic:
o<196>K<185><132><163><129><196><202><148><162>S<152><195>C<150>
Attributes:
Reply-Message = "Request Denied"
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list