(RADIATOR) AcctSQLStatement
Ronan Eckelberry, Network/Systems Admin
radiator at gowebco.com
Sun Feb 24 21:48:32 CST 2002
Cool. thanx for the info Hugh. One other question though....would I
still get the same result if I changed the AuthByPolicy to
ContinueUntilAccept?
-Ronan
----- Original Message -----
From: "Hugh Irvine" <hugh at open.com.au>
To: "Ronan Eckelberry, Network/Systems Admin" <radiator at gowebco.com>;
<radiator at open.com.au>
Sent: Sunday, 24 February, 2002 20:05
Subject: Re: (RADIATOR) AcctSQLStatement
>
> Hello Ronan -
>
> The problem you have is due to the way you have set up your configuration
> file. You have an AuthByPolicy of ContinueWhileReject, so all accounting
> packets are are being processed by the first AuthBy SQL clause.
>
> In your situation you would be better off using Handlers like this:
>
> # define AuthBy clauses
>
> <AuthBy SQL>
> Identifier SUBSCRIBERS
> .....
> AddToReply Class = SUBSCRIBERS
> </AuthBy>
>
> <AuthBy SQL>
> Identifier LIMITED_20HRS
> .....
> AddToReply Class = LIMITED_20HRS
> </AuthBy>
>
> <AuthBy SQL>
> Identifier LIMITED_30HRS
> .....
> AddToReply Class = LIMITED_30HRS
> </AuthBy>
>
> # define Handlers
>
> <Handler Request-Type = Accounting-Request, Class = SUBSCRIBERS>
> ......
> AuthBy SUBSCRIBERS
> .....
> </Handler>
>
> <Handler Request-Type = Accounting-Request, Class = LIMITED_20HRS>
> ......
> AuthBy LIMITED_20HRS
> .....
> </Handler>
>
> <Handler Request-Type = Accounting-Request, Class = LIMITED_30HRS>
> ......
> AuthBy LIMITED_30HRS
> .....
> </Handler>
>
> <Handler>
> ......
> AuthByPolicy ContinueWhileReject
> AuthBy SUBSCRIBERS
> AuthBy LIMITED_20HRS
> AuthBy LIMITED_30HRS
> .....
> </Handler>
>
>
> regards
>
> Hugh
>
>
> On Mon, 25 Feb 2002 11:17, Ronan Eckelberry, Network/Systems Admin wrote:
> > I have it in the AuthBy SQL Clause. I don't see it executing in a
> > trace though. Maybe I am typing something wrong. Here is a snip from
the
> > config:
> >
> > <Realm DEFAULT>
> > Description Default Realm for authenticating users
> > RejectHasReason
> > RewriteUsername s/^([^@]+).*/$1/
> > SessionDatabase RADONLINE
> > AuthByPolicy ContinueWhileReject
> >
> > <AuthBy SQL>
> > Identifier SUBSCRIBERS
> > DBSource dbi:mysql:radius:xxx.xxx.xxx.xxx
> > DBUsername xxxxx
> > DBAuth xxxxx
> > DefaultSimultaneousUse 1
> > Description Database to use to authenticate users
> > FailureBackoffTime 5
> > Timeout 10
> > AuthSelect select PASSWORD,PORTLIMIT,STATICIP,SIMLOGIN
from
> > SUBSCRIBERS where USERNAME='%n' AND ACTIVE='Y'
> > # AuthSelect select PASSWORD from SUBSCRIBERS where USERNAME='%n'
> > AuthColumnDef 0,User-Password,check
> > AuthColumnDef 1,Port-Limit,reply
> > AuthColumnDef 2,Framed-IP-Address,reply
> > AuthColumnDef 3,Simultaneous-Use,check
> > AccountingTable ACCOUNTING
> > AcctColumnDef USERNAME,User-Name
> > AcctColumnDef TIME_STAMP,Timestamp,integer-date
> > AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
> > AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
> > AcctColumnDef
ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
> > AcctColumnDef ACCTSESSIONID,Acct-Session-Id
> > AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
> > AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause
> > AcctColumnDef NASIDENTIFIER,NAS-IP-Address
> > AcctColumnDef NASPORT,NAS-Port,integer
> > AcctColumnDef NASPORTTYPE,NAS-Port-Type,integer
> > AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
> > AcctColumnDef SERVICETYPE,Service-Type,integer
> > AcctColumnDef CALLINGSTATIONID,Calling-Station-Id
> > AcctColumnDef CALLEDSTATIONID,Called-Station-Id
> > AddToReply Service-Type="Framed-User", \
> > Framed-Protocol="PPP", \
> > Framed-IP-Netmask = 255.255.255.255
> >
> > </AuthBy>
> >
> > <AuthBy SQL>
> > Identifier LIMITED_20HRS
> > DBSource dbi:mysql:radius:xxx.xxx.xxx.xxx
> > DBUsername xxxxx
> > DBAuth xxxxx
> > DefaultSimultaneousUse 1
> > Description Database to use to authenticate 20 Hour
users
> > FailureBackoffTime 5
> > Timeout 10
> > AuthSelect select
> > PASSWORD,PORTLIMIT,STATICIP,SIMLOGIN,TIMELEFT from LIMITED_20HRS where
> > USERNAME='%n' AND ACTIVE='Y'
> > AuthColumnDef 0,User-Password,check
> > AuthColumnDef 1,Port-Limit,reply
> > AuthColumnDef 2,Framed-IP-Address,reply
> > AuthColumnDef 3,Simultaneous-Use,check
> > AuthColumnDef 4,Session-Timeout,reply
> > AccountingTable ACCOUNTING
> > AcctColumnDef USERNAME,User-Name
> > AcctColumnDef TIME_STAMP,Timestamp,integer-date
> > AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
> > AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
> > AcctColumnDef
ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
> > AcctColumnDef ACCTSESSIONID,Acct-Session-Id
> > AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
> > AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause
> > AcctColumnDef NASIDENTIFIER,NAS-IP-Address
> > AcctColumnDef NASPORT,NAS-Port,integer
> > AcctColumnDef NASPORTTYPE,NAS-Port-Type,integer
> > AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
> > AcctColumnDef SERVICETYPE,Service-Type,integer
> > AcctColumnDef CALLINGSTATIONID,Calling-Station-Id
> > AcctColumnDef CALLEDSTATIONID,Called-Station-Id
> > AcctSQLStatement update LIMITED_20HRS set
> > TIMELEFT=TIMELEFT-'%{Acct-Session-Time}' where USERNAME='%n'
> > AddToReply Service-Type="Framed-User", \
> > Framed-Protocol="PPP", \
> > Framed-IP-Netmask = 255.255.255.255
> >
> > </AuthBy>
> >
> > <AuthBy SQL>
> > Identifier LIMITED_30HRS
> > DBSource dbi:mysql:radius:xxx.xxx.xxx.xxx
> > DBUsername xxxxx
> > DBAuth xxxxx
> > DefaultSimultaneousUse 1
> > Description Database to use to authenticate 30 Hour
users
> > FailureBackoffTime 5
> > Timeout 10
> > AuthSelect select
> > PASSWORD,PORTLIMIT,STATICIP,SIMLOGIN,TIMELEFT from LIMITED_30HRS where
> > USERNAME='%n' AND ACTIVE='Y'
> > AuthColumnDef 0,User-Password,check
> > AuthColumnDef 1,Port-Limit,reply
> > AuthColumnDef 2,Framed-IP-Address,reply
> > AuthColumnDef 3,Simultaneous-Use,check
> > AuthColumnDef 4,Session-Timeout,reply
> > AccountingTable ACCOUNTING
> > AcctColumnDef USERNAME,User-Name
> > AcctColumnDef TIME_STAMP,Timestamp,integer-date
> > AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
> > AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
> > AcctColumnDef
ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
> > AcctColumnDef ACCTSESSIONID,Acct-Session-Id
> > AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
> > AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause
> > AcctColumnDef NASIDENTIFIER,NAS-IP-Address
> > AcctColumnDef NASPORT,NAS-Port,integer
> > AcctColumnDef NASPORTTYPE,NAS-Port-Type,integer
> > AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
> > AcctColumnDef SERVICETYPE,Service-Type,integer
> > AcctColumnDef CALLINGSTATIONID,Calling-Station-Id
> > AcctColumnDef CALLEDSTATIONID,Called-Station-Id
> > AcctSQLStatement update LIMITED_20HRS set
> > TIMELEFT=TIMELEFT-'%{Acct-Session-Time}' where USERNAME='%n'
> > AddToReply Service-Type="Framed-User", \
> > Framed-Protocol="PPP", \
> > Framed-IP-Netmask = 255.255.255.255
> >
> > </AuthBy>
> >
> > ----- Original Message -----
> > From: "Hugh Irvine" <hugh at open.com.au>
> > To: "Ronan Eckelberry" <radiator at gowebco.com>; <radiator at open.com.au>
> > Sent: Sunday, 24 February, 2002 18:08
> > Subject: Re: (RADIATOR) AcctSQLStatement
> >
> > > Hello Ronan -
> > >
> > > On Sun, 24 Feb 2002 06:19, Ronan Eckelberry wrote:
> > > > Got a quick question. I have my AcctSQLStatement in my config,
> > > > but it seems not to execute it.... This is what I have:
> > > >
> > > > AcctSQLStatement update LIMITED_20HRS set TIMELEFT=TIMELEFT-0%{A
> > > > cct-Session-Time} where USERNAME='%n'
> > > >
> > > > Looking in a Trace 6 I don't seem to see it executing the statement.
> > > > Is there any specific place that I should put it in the config?
> > >
> > > The AcctSQLStatement goes in the AuthBy SQL clause.
> > >
> > > If you still have a problem, please send me a copy of the
configuration
> >
> > file
> >
> > > and a trace 4 debug showing what is happening.
> > >
> > > regards
> > >
> > > Hugh
> > >
> > >
> > > --
> > > Radiator: the most portable, flexible and configurable RADIUS server
> > > anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
> > > -
> > > Nets: internetwork inventory and management - graphical, extensible,
> > > flexible with hardware, software, platform and database independence.
>
> --
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
> -
> Nets: internetwork inventory and management - graphical, extensible,
> flexible with hardware, software, platform and database independence.
>
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list