(RADIATOR) AcctSQLStatement

Ronan Eckelberry, Network/Systems Admin radiator at gowebco.com
Sun Feb 24 21:48:32 CST 2002


    Cool.  thanx for the info Hugh.  One other question though....would I
still get the same result if I changed the AuthByPolicy to
ContinueUntilAccept?

-Ronan

----- Original Message -----
From: "Hugh Irvine" <hugh at open.com.au>
To: "Ronan Eckelberry, Network/Systems Admin" <radiator at gowebco.com>;
<radiator at open.com.au>
Sent: Sunday, 24 February, 2002 20:05
Subject: Re: (RADIATOR) AcctSQLStatement


>
> Hello Ronan -
>
> The problem you have is due to the way you have set up your configuration
> file. You have an AuthByPolicy of ContinueWhileReject, so all accounting
> packets are are being processed by the first AuthBy SQL clause.
>
> In your situation you would be better off using Handlers like this:
>
> # define AuthBy clauses
>
> <AuthBy SQL>
> Identifier SUBSCRIBERS
> .....
> AddToReply Class = SUBSCRIBERS
> </AuthBy>
>
> <AuthBy SQL>
> Identifier LIMITED_20HRS
> .....
> AddToReply Class = LIMITED_20HRS
> </AuthBy>
>
> <AuthBy SQL>
> Identifier LIMITED_30HRS
> .....
> AddToReply Class = LIMITED_30HRS
> </AuthBy>
>
> # define Handlers
>
> <Handler Request-Type = Accounting-Request, Class = SUBSCRIBERS>
> ......
> AuthBy SUBSCRIBERS
> .....
> </Handler>
>
> <Handler Request-Type = Accounting-Request, Class = LIMITED_20HRS>
> ......
> AuthBy LIMITED_20HRS
> .....
> </Handler>
>
> <Handler Request-Type = Accounting-Request, Class = LIMITED_30HRS>
> ......
> AuthBy LIMITED_30HRS
> .....
> </Handler>
>
> <Handler>
> ......
> AuthByPolicy ContinueWhileReject
> AuthBy SUBSCRIBERS
> AuthBy LIMITED_20HRS
> AuthBy LIMITED_30HRS
> .....
> </Handler>
>
>
> regards
>
> Hugh
>
>
> On Mon, 25 Feb 2002 11:17, Ronan Eckelberry, Network/Systems Admin wrote:
> >     I have it in the AuthBy SQL Clause.  I don't see it executing in a
> > trace though.  Maybe I am typing something wrong.  Here is a snip from
the
> > config:
> >
> > <Realm DEFAULT>
> >   Description Default Realm for authenticating users
> >   RejectHasReason
> >   RewriteUsername s/^([^@]+).*/$1/
> >   SessionDatabase RADONLINE
> >   AuthByPolicy ContinueWhileReject
> >
> >         <AuthBy SQL>
> >                 Identifier SUBSCRIBERS
> >                 DBSource dbi:mysql:radius:xxx.xxx.xxx.xxx
> >                 DBUsername xxxxx
> >                 DBAuth xxxxx
> >                 DefaultSimultaneousUse 1
> >                 Description Database to use to authenticate users
> >                 FailureBackoffTime 5
> >                 Timeout 10
> >                 AuthSelect select PASSWORD,PORTLIMIT,STATICIP,SIMLOGIN
from
> > SUBSCRIBERS where USERNAME='%n' AND ACTIVE='Y'
> > # AuthSelect select PASSWORD from SUBSCRIBERS where USERNAME='%n'
> >                 AuthColumnDef 0,User-Password,check
> >                 AuthColumnDef 1,Port-Limit,reply
> >                 AuthColumnDef 2,Framed-IP-Address,reply
> >                 AuthColumnDef 3,Simultaneous-Use,check
> >                 AccountingTable ACCOUNTING
> >                 AcctColumnDef USERNAME,User-Name
> >                 AcctColumnDef TIME_STAMP,Timestamp,integer-date
> >                 AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
> >                 AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
> >                 AcctColumnDef
ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
> >                 AcctColumnDef ACCTSESSIONID,Acct-Session-Id
> >                 AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
> >                 AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause
> >                 AcctColumnDef NASIDENTIFIER,NAS-IP-Address
> >                 AcctColumnDef NASPORT,NAS-Port,integer
> >                 AcctColumnDef NASPORTTYPE,NAS-Port-Type,integer
> >                 AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
> >                 AcctColumnDef SERVICETYPE,Service-Type,integer
> >                 AcctColumnDef CALLINGSTATIONID,Calling-Station-Id
> >                 AcctColumnDef CALLEDSTATIONID,Called-Station-Id
> >                 AddToReply Service-Type="Framed-User", \
> >                 Framed-Protocol="PPP", \
> >                 Framed-IP-Netmask = 255.255.255.255
> >
> >         </AuthBy>
> >
> >         <AuthBy SQL>
> >                 Identifier LIMITED_20HRS
> >                 DBSource dbi:mysql:radius:xxx.xxx.xxx.xxx
> >                 DBUsername xxxxx
> >                 DBAuth xxxxx
> >                 DefaultSimultaneousUse 1
> >                 Description Database to use to authenticate 20 Hour
users
> >                 FailureBackoffTime 5
> >                 Timeout 10
> >                 AuthSelect select
> > PASSWORD,PORTLIMIT,STATICIP,SIMLOGIN,TIMELEFT from LIMITED_20HRS where
> > USERNAME='%n' AND ACTIVE='Y'
> >                 AuthColumnDef 0,User-Password,check
> >                 AuthColumnDef 1,Port-Limit,reply
> >                 AuthColumnDef 2,Framed-IP-Address,reply
> >                 AuthColumnDef 3,Simultaneous-Use,check
> >                 AuthColumnDef 4,Session-Timeout,reply
> >                 AccountingTable ACCOUNTING
> >                 AcctColumnDef USERNAME,User-Name
> >                 AcctColumnDef TIME_STAMP,Timestamp,integer-date
> >                 AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
> >                 AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
> >                 AcctColumnDef
ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
> >                 AcctColumnDef ACCTSESSIONID,Acct-Session-Id
> >                 AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
> >                 AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause
> >                 AcctColumnDef NASIDENTIFIER,NAS-IP-Address
> >                 AcctColumnDef NASPORT,NAS-Port,integer
> >                 AcctColumnDef NASPORTTYPE,NAS-Port-Type,integer
> >                 AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
> >                 AcctColumnDef SERVICETYPE,Service-Type,integer
> >                 AcctColumnDef CALLINGSTATIONID,Calling-Station-Id
> >                 AcctColumnDef CALLEDSTATIONID,Called-Station-Id
> >                 AcctSQLStatement update LIMITED_20HRS set
> > TIMELEFT=TIMELEFT-'%{Acct-Session-Time}' where USERNAME='%n'
> >                 AddToReply Service-Type="Framed-User", \
> >                 Framed-Protocol="PPP", \
> >                 Framed-IP-Netmask = 255.255.255.255
> >
> >         </AuthBy>
> >
> >         <AuthBy SQL>
> >                 Identifier LIMITED_30HRS
> >                 DBSource dbi:mysql:radius:xxx.xxx.xxx.xxx
> >                 DBUsername xxxxx
> >                 DBAuth xxxxx
> >                 DefaultSimultaneousUse 1
> >                 Description Database to use to authenticate 30 Hour
users
> >                 FailureBackoffTime 5
> >                 Timeout 10
> >                 AuthSelect select
> > PASSWORD,PORTLIMIT,STATICIP,SIMLOGIN,TIMELEFT from LIMITED_30HRS where
> > USERNAME='%n' AND ACTIVE='Y'
> >                 AuthColumnDef 0,User-Password,check
> >                 AuthColumnDef 1,Port-Limit,reply
> >                 AuthColumnDef 2,Framed-IP-Address,reply
> >                 AuthColumnDef 3,Simultaneous-Use,check
> >                 AuthColumnDef 4,Session-Timeout,reply
> >                 AccountingTable ACCOUNTING
> >                 AcctColumnDef USERNAME,User-Name
> >                 AcctColumnDef TIME_STAMP,Timestamp,integer-date
> >                 AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
> >                 AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
> >                 AcctColumnDef
ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
> >                 AcctColumnDef ACCTSESSIONID,Acct-Session-Id
> >                 AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
> >                 AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause
> >                 AcctColumnDef NASIDENTIFIER,NAS-IP-Address
> >                 AcctColumnDef NASPORT,NAS-Port,integer
> >                 AcctColumnDef NASPORTTYPE,NAS-Port-Type,integer
> >                 AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
> >                 AcctColumnDef SERVICETYPE,Service-Type,integer
> >                 AcctColumnDef CALLINGSTATIONID,Calling-Station-Id
> >                 AcctColumnDef CALLEDSTATIONID,Called-Station-Id
> >                 AcctSQLStatement update LIMITED_20HRS set
> > TIMELEFT=TIMELEFT-'%{Acct-Session-Time}' where USERNAME='%n'
> >                 AddToReply Service-Type="Framed-User", \
> >                 Framed-Protocol="PPP", \
> >                 Framed-IP-Netmask = 255.255.255.255
> >
> >         </AuthBy>
> >
> > ----- Original Message -----
> > From: "Hugh Irvine" <hugh at open.com.au>
> > To: "Ronan Eckelberry" <radiator at gowebco.com>; <radiator at open.com.au>
> > Sent: Sunday, 24 February, 2002 18:08
> > Subject: Re: (RADIATOR) AcctSQLStatement
> >
> > > Hello Ronan -
> > >
> > > On Sun, 24 Feb 2002 06:19, Ronan Eckelberry wrote:
> > > > Got a quick question.  I have my AcctSQLStatement in my config,
> > > > but it seems not to execute it.... This is what I have:
> > > >
> > > > AcctSQLStatement update LIMITED_20HRS set TIMELEFT=TIMELEFT-0%{A
> > > > cct-Session-Time} where USERNAME='%n'
> > > >
> > > > Looking in a Trace 6 I don't seem to see it executing the statement.
> > > > Is there any specific place that I should put it in the config?
> > >
> > > The AcctSQLStatement goes in the AuthBy SQL clause.
> > >
> > > If you still have a problem, please send me a copy of the
configuration
> >
> > file
> >
> > > and a trace 4 debug showing what is happening.
> > >
> > > regards
> > >
> > > Hugh
> > >
> > >
> > > --
> > > Radiator: the most portable, flexible and configurable RADIUS server
> > > anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
> > > -
> > > Nets: internetwork inventory and management - graphical, extensible,
> > > flexible with hardware, software, platform and database independence.
>
> --
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
> -
> Nets: internetwork inventory and management - graphical, extensible,
> flexible with hardware, software, platform and database independence.
>

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list