(RADIATOR) Help getting MySQL Accounting working
Hugh Irvine
hugh at open.com.au
Tue Jul 30 18:47:02 CDT 2002
Hello Steve -
You should do it this way:
# define Realm
# Note the AuthByPolicy with the accounting first and authentication
second
<Realm DEFAULT>
AuthByPolicy ContinueAlways
<AuthBy SQL>
DBSource dbi:mysql:radiuslogs
DBUsername removed
DBAuth removed
AuthSelect
AccountingTable ACCOUNTING
AcctColumnDef USERNAME,username
AcctColumnDef TIME_STAMP,Timestamp,integer
AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer
AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
AcctColumnDef ACCTINPUTPACKETS,Acct-Input-Packets,integer
AcctColumnDef ACCTOUTPUTPACKETS,Acct-Output-Packets,integer
AcctColumnDef ACCTSESSIONID,Acct-Session-Id
AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause,integer
AcctColumnDef NASIPADDRESS,NAS-IP-Address,
AcctColumnDef NASIDENTIFIER,NAS-Identifier
AcctColumnDef NASPORT,NAS-Port,integer
AcctColumnDef NASPORTTYPE,NAS-Port-Type
AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
AcctColumnDef CALLEDSTATIONID,Called-Station-Id
AcctColumnDef CALLINGSTATIONID,Calling-Station-Id
AcctColumnDef ACCTAUTHENTIC,Acct-Authentic
AcctColumnDef FRAMEDPROTOCOL,Framed-Protocol
AcctColumnDef ACCTLINKCNT,Acct-Link-Count
AcctColumnDef ACCTMULTISESSID,Acct-Multi-Session-Id
AcctColumnDef CLASS,Class
AcctColumnDef ACCOUNTSESSIONTIME,Acct-Session-Time,integer
AcctColumnDef TUNNELCLIENTENDPOINT,Tunnel-Client-Endpoint
# AcctFailedLogFileName %D/missedaccounting
</AuthBy>
<AuthBy UNIX>
Filename /etc/shadow
</AuthBy>
# Log accounting to a detail file
AcctLogFileName %L/%{Client:Identifier}/%m%d%y.log
</Realm>
regards
Hugh
On Tuesday, July 30, 2002, at 10:02 PM, Steve Caporossi wrote:
> Can anyone give me any hints as to why I cannot get any accounting
> entries in my database? Below is my radius config and the output from
> a Trace 4. I am authenticating from the system password file OK but no
> accounting is being put into the database. I am running RH7.2 and
> Radiator 3.0.
>
> Thanks, Steve
>
> *************************** Config ***************************
> # radius.cfg
> #
> # Radiator configuration file.
> #
> #
>
> #Foreground
> #LogStdout
> LogDir /var/log/radius
> DbDir /etc/radiator
> # Use a low trace level in production systems. Increase
> # it to 4 or 5 for debugging, or use the -trace flag to radiusd
> Trace 4
>
> # Add other Clients below...
> <Client xxx.xxx.xxx.xxx>
> Identifier ppp
> Secret removed
> DupInterval 0
> </Client>
>
> <Client xxx.xxx.xxx.xxx>
> Identifier ppp
> Secret removed
> DupInterval 0
> </Client>
>
> <Client xxx.xxx.xxx.xxx>
> Identifier vpn
> Secret removed
> DupInterval 0
> </Client>
>
>
> <Realm DEFAULT>
> <AuthBy UNIX>
> Filename /etc/shadow
> </AuthBy>
> # Log accounting to a detail file
> AcctLogFileName %L/%{Client:Identifier}/%m%d%y.log
>
> <AuthBy SQL>
> DBSource dbi:mysql:radiuslogs
> DBUsername removed
> DBAuth removed
> AuthSelect
>
> AccountingTable ACCOUNTING
> AcctColumnDef USERNAME,username
> AcctColumnDef TIME_STAMP,Timestamp,integer
> AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
> AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer
> AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
> AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
> AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
> AcctColumnDef ACCTINPUTPACKETS,Acct-Input-Packets,integer
> AcctColumnDef ACCTOUTPUTPACKETS,Acct-Output-Packets,integer
> AcctColumnDef ACCTSESSIONID,Acct-Session-Id
> AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
> AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause,integer
> AcctColumnDef NASIPADDRESS,NAS-IP-Address,
> AcctColumnDef NASIDENTIFIER,NAS-Identifier
> AcctColumnDef NASPORT,NAS-Port,integer
> AcctColumnDef NASPORTTYPE,NAS-Port-Type
> AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
> AcctColumnDef CALLEDSTATIONID,Called-Station-Id
> AcctColumnDef CALLINGSTATIONID,Calling-Station-Id
> AcctColumnDef ACCTAUTHENTIC,Acct-Authentic
> AcctColumnDef FRAMEDPROTOCOL,Framed-Protocol
> AcctColumnDef ACCTLINKCNT,Acct-Link-Count
> AcctColumnDef ACCTMULTISESSID,Acct-Multi-Session-Id
> AcctColumnDef CLASS,Class
> AcctColumnDef ACCOUNTSESSIONTIME,Acct-Session-Time,integer
> AcctColumnDef TUNNELCLIENTENDPOINT,Tunnel-Client-Endpoint
>
> # AcctFailedLogFileName %D/missedaccounting
> </AuthBy>
> </Realm>
>
>
> *************************** TRACE 4 ***************************
> Mon Jul 29 15:37:22 2002: DEBUG: Packet dump:
> *** Received from x.x.x.x port 1645 ....
> Code: Access-Request
> Identifier: 57
> Authentic: ?R<210><13>r<<135><132>R<192><4><28><207>9<183><134>
> Attributes:
> NAS-IP-Address = x.x.x.x
> NAS-Port = 114
> NAS-Port-Type = Async
> User-Name = "username"
> Called-Station-Id = "3238732"
> Calling-Station-Id = "5551212"
> User-Password =
> "<202><2>]L><195><197>u<184><248><130><198><128>.<30>9"
> Service-Type = Framed-User
> Framed-Protocol = PPP
>
> Mon Jul 29 15:37:22 2002: DEBUG: Handling request with Handler
> 'Realm=DEFAULT'
> Mon Jul 29 15:37:22 2002: DEBUG: Deleting session for username,
> x.x.x.x, 114
> Mon Jul 29 15:37:22 2002: DEBUG: Handling with Radius::AuthUNIX:
> Mon Jul 29 15:37:22 2002: DEBUG: Radius::AuthUNIX looks for match with
> username
> Mon Jul 29 15:37:22 2002: DEBUG: Radius::AuthUNIX ACCEPT:
> Mon Jul 29 15:37:22 2002: DEBUG: Access accepted for username
> Mon Jul 29 15:37:22 2002: DEBUG: Packet dump:
> *** Sending to x.x.x.x port 1645 ....
> Code: Access-Accept
> Identifier: 57
> Authentic: ?R<210><13>r<<135><132>R<192><4><28><207>9<183><134>
> Attributes:
>
> Mon Jul 29 15:37:22 2002: DEBUG: Packet dump:
> *** Received from x.x.x.x port 1646 ....
> Code: Accounting-Request
> Identifier: 58
> Authentic: Q<29>:<144>-A<198><199>z<154>*}<<145>Q<171>
> Attributes:
> NAS-IP-Address = x.x.x.x
> NAS-Port = 114
> NAS-Port-Type = Async
> User-Name = "username"
> Called-Station-Id = "3238732"
> Calling-Station-Id = "5551212"
> Acct-Status-Type = Start
> Acct-Authentic = RADIUS
> Service-Type = Framed-User
> Acct-Session-Id = "000001D4"
> Framed-Protocol = PPP
> Acct-Link-Count = 1
> Acct-Multi-Session-Id = "44"
> Framed-IP-Address = x.x.x.49
> Acct-Delay-Time = 0
>
> Mon Jul 29 15:37:22 2002: DEBUG: Handling request with Handler
> 'Realm=DEFAULT'
> Mon Jul 29 15:37:22 2002: DEBUG: Adding session for username, x.x.x.x,
> 114
> Mon Jul 29 15:37:22 2002: DEBUG: Handling with Radius::AuthUNIX:
> Mon Jul 29 15:37:22 2002: DEBUG: Accounting accepted
> Mon Jul 29 15:37:22 2002: DEBUG: Packet dump:
> *** Sending to x.x.x.x port 1646 ....
> Code: Accounting-Response
> Identifier: 58
> Authentic: Q<29>:<144>-A<198><199>z<154>*}<<145>Q<171>
> Attributes:
>
> Mon Jul 29 15:38:18 2002: DEBUG: Packet dump:
> *** Received from x.x.x.x port 1646 ....
> Code: Accounting-Request
> Identifier: 59
> Authentic: <2>j!<3><165><174><239><227>X<242>0neH[)
> Attributes:
> NAS-IP-Address = x.x.x.x
> NAS-Port = 114
> NAS-Port-Type = Async
> User-Name = "username"
> Called-Station-Id = "3238732"
> Calling-Station-Id = "5551212"
> Acct-Status-Type = Stop
> Acct-Authentic = RADIUS
> Service-Type = Framed-User
> Acct-Session-Id = "000001D4"
> Framed-Protocol = PPP
> Acct-Link-Count = 1
> Acct-Multi-Session-Id = "44"
> Framed-IP-Address = x.x.x.49
> Acct-Terminate-Cause = User-Request
> Acct-Input-Octets = 1363
> Acct-Output-Octets = 721
> Acct-Input-Packets = 37
> Acct-Output-Packets = 15
> Acct-Session-Time = 54
> Acct-Delay-Time = 0
>
> Mon Jul 29 15:38:18 2002: DEBUG: Handling request with Handler
> 'Realm=DEFAULT'
> Mon Jul 29 15:38:18 2002: DEBUG: Deleting session for username,
> x.x.x.x, 114
> Mon Jul 29 15:38:18 2002: DEBUG: Handling with Radius::AuthUNIX:
> Mon Jul 29 15:38:18 2002: DEBUG: Accounting accepted
> Mon Jul 29 15:38:18 2002: DEBUG: Packet dump:
> *** Sending to x.x.x.x port 1646 ....
> Code: Accounting-Response
> Identifier: 59
> Authentic: <2>j!<3><165><174><239><227>X<242>0neH[)
> Attributes:
>
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc
on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X etc etc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/enriched
Size: 10313 bytes
Desc: not available
URL: <http://www.open.com.au/pipermail/radiator/attachments/20020731/859983a6/attachment.bin>
More information about the radiator
mailing list