(RADIATOR) AcctSQLStatement in v.2.19
Toomas Kärner
tomkar at estpak.ee
Wed Mar 13 00:14:41 CST 2002
Hi Mike.
Here is a working example for you.
<AuthBy SQL>
Identifier AcctStartOnlyLight
DBSource
DBUsername
DBAuth
IgnoreAuthentication
AccountingStartsOnly
AcctSQLStatement UPDATE users SET LOCKED_TO_PVC=%{NAS-Real-Port} \
WHERE username='%n' and ACTIV = 'Enabled'
</AuthBy>
<AuthBy SQL>
Identifier Auth
DBSource
DBUsername
DBAuth
AuthSelect select PASSWORD,CHECKATTR,LOCKED_TO_PVC,REPLYATTR,RATE,BURST from
users \
where USERNAME ='%n' and ACTIV = 'Enabled'
AuthColumnDef 0, User-Password, check
AuthColumnDef 1, GENERIC, check
AuthColumnDef 2, RB-NAS-Real-Port, check
AuthColumnDef 3, GENERIC, reply
AuthColumnDef 4, RB-Rate-Limit-Rate, reply
AuthColumnDef 5, RB-Rate-Limit-Burst, reply
DefaultSimultaneousUse 1
NoDefault
RejectEmptyPassword
AddToReplyIfNotExist Rate-Limit-Rate=100,Rate-Limit-Burst=10000
AccountingTable log
AcctColumnDef USERNAME,User-Name
AcctColumnDef DATE,Timestamp,formatted-date,'%Y-%m-%d'
AcctColumnDef TIME,Timestamp,formatted-date,'%H:%M:%S'
AcctColumnDef TYPE,Acct-Status-Type
AcctColumnDef FRAMED_IP,Framed-IP-Address
AcctColumnDef IN_OCTETS,Acct-Input-Octets,integer
AcctColumnDef OUT_OCTETS,Acct-Output-Octets,integer
AcctColumnDef SESSION_ID,Acct-Session-Id
AcctColumnDef RATE,Rate-Limit-Rate
AcctColumnDef BURST,Rate-Limit-Burst
AcctColumnDef DURATION,Acct-Session-Time,integer
AcctColumnDef BRAS,NAS-Identifier
AcctColumnDef VPI_VCI,NAS-Real-Port
AcctFailedLogFileName %L/SQLacct-failed-mudapingviin-%Y-%m-%d
</AuthBy>
Rgds.
Toomas Kärner
----- Original Message -----
From: "Mike McCauley" <mikem at open.com.au>
To: <radiator at open.com.au>
Sent: Wednesday, March 13, 2002 4:24 AM
Subject: Re: (RADIATOR) AcctSQLStatement in v.2.19
>
>
> ---------- Forwarded Message ----------
>
> Subject: BOUNCE radiator at open.com.au: Non-member submission from
> ["Quintin" <wtlam at macau.ctm.net>]
> Date: Tue, 12 Mar 2002 17:48:30 -0600
> From: owner-radiator at open.com.au
> To: radiator-approval at open.com.au
>
> >From mikem at server1.open.com.au Tue Mar 12 17:48:30 2002
> Received: from ctmsun4.macau.ctm.net (ctmsun4.macau.ctm.net
[202.175.36.44])
> by server1.open.com.au (8.11.0/8.11.0) with ESMTP id g2CNmS308583;
> Tue, 12 Mar 2002 17:48:29 -0600
> Received: from C2035 (quintin.office.ctm.net [202.175.4.50])
> by ctmsun4.macau.ctm.net (8.12.2/8.12.2) with SMTP id g2D1JsRb021759;
> Wed, 13 Mar 2002 09:19:54 +0800 (CST)
> Message-ID: <156e01c1ca2e$8077b640$cc65010a at C2035>
> From: "Quintin" <wtlam at macau.ctm.net>
> To: <hugh at open.com.au>, <radiator at open.com.au>
> References: <200203121151.g2CBprl28291 at oscar.open.com.au>
> <20020312232304.ABB4BE397C at entoo.connect.com.au> Subject: Re: (RADIATOR)
> AcctSQLStatement in v.2.19
> Date: Wed, 13 Mar 2002 09:29:21 +0800
> MIME-Version: 1.0
> Content-Type: text/plain;
> charset="iso-8859-1"
> Content-Transfer-Encoding: 7bit
> X-Priority: 3
> X-MSMail-Priority: Normal
> X-Mailer: Microsoft Outlook Express 6.00.2600.0000
> X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
>
> Dear Hugh,
>
> Thanks for ur quick response. Actually, I just want to add some
information
> into another table (it's not required to authenticate here) after the
> SessionDatabase and before any LDAP/UNIX authentication.
>
> I have tried many configuration even with two Auth Groups, do you have
any
> ideas?
>
> Thanks & Rgds,
>
> Quintin
>
> ----- Original Message -----
> From: "Hugh Irvine" <hugh at open.com.au>
> To: "Quintin" <wtlam at macau.ctm.net>; <radiator at open.com.au>
> Sent: Wednesday, March 13, 2002 7:28 AM
> Subject: Re: (RADIATOR) AcctSQLStatement in v.2.19
>
> > Hello Quintin -
> >
> > > Dear Hughes,
> > >
> > > Actually, I like to insert some information into the database when my
=
> > > customer login. The following config is from Hughes long time ago and
it
>
> =
>
> > > is still working in 2.18.2 . However, if the same config running in =
> > > 2.19, it rejects and will show "Authentication disabled" in the log =
> > > file. Could you please help??
> > >
> > >
> > > <AuthBy SQL>
> > > Identifier debitinfo
> > > DBSource DBI:mysql:ewallet:192.168.1.239:3306
> > > DBUsername radius
> > > DBAuth radius
> > > FailureBackoffTime 60
> > > AccountingStartsOnly
> > > AuthSelect
> > > AcctSQLStatement delete from DEBITINFO where USERNAME=3D'%U'
> > > AcctSQLStatement insert into DEBITINFO (USERNAME, NASIDENTIFIER, =
> > > NASPORT, \
> > > TIME_STAMP, DEBIT_TIMESTAMP, DEBIT_AMOUNT) values ('%U',
'%N',
>
> =
>
> > > \
> > > 0%{NAS-Port}, %{Timestamp}, %{Timestamp}, 1000)
> > > </AuthBy>
> > >
> > > <Handler>
> > > RewriteUsername s/^([^@]+).*/$1/
> > > SessionDatabase MarkStart
> > > MaxSessions 1
> > > <AuthBy GROUP>
> > > AuthByPolicy ContinueUntilReject
> > > <AuthBy GROUP>
> > > AuthByPolicy ContinueWhileAccept
> > > AuthBy debitinfo
> > > AuthBy authen-ewallet
> > > AuthBy debitwhenauth-ewallet
> > > </AuthBy>
> > > </AuthBy>
> > > AuthLog authlog
> > > AcctLogFileName /var/adm/radacct/%C/detail
> > > </Handler>
> >
> > I don't quite understand what your <Handler> is meant to do.
> >
> > The AuthBy SQL with Identifier debitinfo has authentication turned off
>
> with
>
> > the empty AuthSelect, so it will reject any authentication requests.
Your
> > AuthByPolicy is set to ContinueWhileAccept, so it will always fail
> > authentication.
> >
> > And why do you have two AuthBy GROUP's?
> >
> > Perhaps if you describe your requirements in some detail, I will be able
>
> to
>
> > make some suggestions.
> >
> > regards
> >
> > Hugh
> >
> >
> > --
> > Radiator: the most portable, flexible and configurable RADIUS server
> > anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
> > -
> > Nets: internetwork inventory and management - graphical, extensible,
> > flexible with hardware, software, platform and database independence.
>
> -------------------------------------------------------
>
> --
> Mike McCauley mikem at open.com.au
> Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW
> 24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au
> Phone +61 3 9598-0985 Fax +61 3 9598-0955
>
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc
> on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list