(RADIATOR) AcctSQLStatement in v.2.19

Toomas Kärner tomkar at estpak.ee
Wed Mar 13 00:14:41 CST 2002


Hi Mike.

Here is a working example for you.

<AuthBy SQL>
 Identifier AcctStartOnlyLight
 DBSource
 DBUsername
 DBAuth
IgnoreAuthentication
AccountingStartsOnly
AcctSQLStatement UPDATE users SET LOCKED_TO_PVC=%{NAS-Real-Port} \
    WHERE username='%n' and ACTIV = 'Enabled'
</AuthBy>

<AuthBy SQL>
 Identifier Auth
 DBSource
 DBUsername
 DBAuth

AuthSelect select PASSWORD,CHECKATTR,LOCKED_TO_PVC,REPLYATTR,RATE,BURST from
users \
   where USERNAME ='%n' and ACTIV = 'Enabled'

 AuthColumnDef 0, User-Password, check
 AuthColumnDef 1, GENERIC, check
 AuthColumnDef 2, RB-NAS-Real-Port, check
 AuthColumnDef 3, GENERIC, reply
 AuthColumnDef 4, RB-Rate-Limit-Rate, reply
 AuthColumnDef 5, RB-Rate-Limit-Burst, reply

 DefaultSimultaneousUse 1

NoDefault

RejectEmptyPassword

AddToReplyIfNotExist Rate-Limit-Rate=100,Rate-Limit-Burst=10000

 AccountingTable log
 AcctColumnDef USERNAME,User-Name
 AcctColumnDef DATE,Timestamp,formatted-date,'%Y-%m-%d'
 AcctColumnDef TIME,Timestamp,formatted-date,'%H:%M:%S'
 AcctColumnDef TYPE,Acct-Status-Type
 AcctColumnDef FRAMED_IP,Framed-IP-Address
 AcctColumnDef IN_OCTETS,Acct-Input-Octets,integer
 AcctColumnDef OUT_OCTETS,Acct-Output-Octets,integer
 AcctColumnDef SESSION_ID,Acct-Session-Id
 AcctColumnDef RATE,Rate-Limit-Rate
 AcctColumnDef BURST,Rate-Limit-Burst
 AcctColumnDef DURATION,Acct-Session-Time,integer
 AcctColumnDef BRAS,NAS-Identifier
 AcctColumnDef VPI_VCI,NAS-Real-Port
 AcctFailedLogFileName %L/SQLacct-failed-mudapingviin-%Y-%m-%d

</AuthBy>

Rgds.
Toomas Kärner


----- Original Message -----
From: "Mike McCauley" <mikem at open.com.au>
To: <radiator at open.com.au>
Sent: Wednesday, March 13, 2002 4:24 AM
Subject: Re: (RADIATOR) AcctSQLStatement in v.2.19


>
>
> ----------  Forwarded Message  ----------
>
> Subject: BOUNCE radiator at open.com.au:    Non-member submission from
> ["Quintin" <wtlam at macau.ctm.net>]
> Date: Tue, 12 Mar 2002 17:48:30 -0600
> From: owner-radiator at open.com.au
> To: radiator-approval at open.com.au
>
> >From mikem at server1.open.com.au Tue Mar 12 17:48:30 2002
> Received: from ctmsun4.macau.ctm.net (ctmsun4.macau.ctm.net
[202.175.36.44])
> by server1.open.com.au (8.11.0/8.11.0) with ESMTP id g2CNmS308583;
> Tue, 12 Mar 2002 17:48:29 -0600
> Received: from C2035 (quintin.office.ctm.net [202.175.4.50])
> by ctmsun4.macau.ctm.net (8.12.2/8.12.2) with SMTP id g2D1JsRb021759;
> Wed, 13 Mar 2002 09:19:54 +0800 (CST)
> Message-ID: <156e01c1ca2e$8077b640$cc65010a at C2035>
> From: "Quintin" <wtlam at macau.ctm.net>
> To: <hugh at open.com.au>, <radiator at open.com.au>
> References: <200203121151.g2CBprl28291 at oscar.open.com.au>
>  <20020312232304.ABB4BE397C at entoo.connect.com.au> Subject: Re: (RADIATOR)
>  AcctSQLStatement in v.2.19
> Date: Wed, 13 Mar 2002 09:29:21 +0800
> MIME-Version: 1.0
> Content-Type: text/plain;
> charset="iso-8859-1"
> Content-Transfer-Encoding: 7bit
> X-Priority: 3
> X-MSMail-Priority: Normal
> X-Mailer: Microsoft Outlook Express 6.00.2600.0000
> X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
>
> Dear Hugh,
>
> Thanks for ur quick response.  Actually, I just want to add some
information
> into another table (it's not required to authenticate here) after the
> SessionDatabase and before any LDAP/UNIX authentication.
>
> I have tried many configuration even with two Auth Groups,  do you have
any
> ideas?
>
> Thanks & Rgds,
>
> Quintin
>
> ----- Original Message -----
> From: "Hugh Irvine" <hugh at open.com.au>
> To: "Quintin" <wtlam at macau.ctm.net>; <radiator at open.com.au>
> Sent: Wednesday, March 13, 2002 7:28 AM
> Subject: Re: (RADIATOR) AcctSQLStatement in v.2.19
>
> > Hello Quintin -
> >
> > > Dear Hughes,
> > >
> > > Actually, I like to insert some information into the database when my
=
> > > customer login. The following config is from Hughes long time ago and
it
>
> =
>
> > > is still working in 2.18.2 . However, if the same config running in =
> > > 2.19, it rejects and will show "Authentication disabled" in the log =
> > > file. Could you please help??
> > >
> > >
> > > <AuthBy SQL>
> > >     Identifier debitinfo
> > >     DBSource    DBI:mysql:ewallet:192.168.1.239:3306
> > >     DBUsername radius
> > >     DBAuth      radius
> > >     FailureBackoffTime 60
> > >     AccountingStartsOnly
> > >     AuthSelect
> > >     AcctSQLStatement delete from DEBITINFO where USERNAME=3D'%U'
> > >     AcctSQLStatement insert into DEBITINFO (USERNAME, NASIDENTIFIER, =
> > > NASPORT, \
> > >          TIME_STAMP, DEBIT_TIMESTAMP, DEBIT_AMOUNT) values ('%U',
'%N',
>
> =
>
> > > \
> > >          0%{NAS-Port}, %{Timestamp}, %{Timestamp}, 1000)
> > > </AuthBy>
> > >
> > > <Handler>
> > >         RewriteUsername     s/^([^@]+).*/$1/
> > >         SessionDatabase MarkStart
> > >         MaxSessions 1
> > >         <AuthBy GROUP>
> > >           AuthByPolicy ContinueUntilReject
> > >            <AuthBy GROUP>
> > >              AuthByPolicy ContinueWhileAccept
> > >                 AuthBy debitinfo
> > >                 AuthBy authen-ewallet
> > >                 AuthBy debitwhenauth-ewallet
> > >            </AuthBy>
> > >         </AuthBy>
> > >          AuthLog authlog
> > >          AcctLogFileName /var/adm/radacct/%C/detail
> > > </Handler>
> >
> > I don't quite understand what your <Handler> is meant to do.
> >
> > The AuthBy SQL with Identifier debitinfo has authentication turned off
>
> with
>
> > the empty AuthSelect, so it will reject any authentication requests.
Your
> > AuthByPolicy is set to ContinueWhileAccept, so it will always fail
> > authentication.
> >
> > And why do you have two AuthBy GROUP's?
> >
> > Perhaps if you describe your requirements in some detail, I will be able
>
> to
>
> > make some suggestions.
> >
> > regards
> >
> > Hugh
> >
> >
> > --
> > Radiator: the most portable, flexible and configurable RADIUS server
> > anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
> > -
> > Nets: internetwork inventory and management - graphical, extensible,
> > flexible with hardware, software, platform and database independence.
>
> -------------------------------------------------------
>
> --
> Mike McCauley                               mikem at open.com.au
> Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
> 24 Bateman St Hampton, VIC 3188 Australia   http://www.open.com.au
> Phone +61 3 9598-0985                       Fax   +61 3 9598-0955
>
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc
> on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list