(RADIATOR) Ignore Acct_session_time{00 secs}

Hugh Irvine hugh at open.com.au
Mon Nov 18 18:30:06 CST 2002


Hello James -

Acct-Session-Time is an integer, so try this:


<Handler Acct-Session-Time = 0>
	<AuthBy INTERNAL>
		AcctResult ACCEPT
	</AuthBy>
</Handler>


regards

Hugh


On Tuesday, Nov 19, 2002, at 11:03 Australia/Melbourne, James M. Luedke 
wrote:

> Hello:
>     I have a small problem between Radiator - Qwest - Ic Radius and
> proxy radius. It seems that qwest sends a 0 length Stop record every
> time there is a Authentication failure. Since we do proxy radius
> services for our clients we simply proxy these packets forward to them.
>
> However it seems that IC Radius looks at the Stop record and reports it
> as an invalid stop record. There for discarding it and never sending us
> a response. This causes us to retry over and over. This creates a lot 
> of
> unwanted traffic.
>
> What I would like to do is set up a handeler for the Stop records that
> have a Acct-session-time of 00 secs.
>
> Here is a tcpdump of a packet I receive from qwest.
>
> --------------------------
> -req 368 [id 166] Attr[
> NAS_ipaddr{nas5.saint-louis1.mo.us.da.qwest.net}
>     NAS_port{3600}
>     Service_type{Framed}
>     Framed_proto{PPP}
>     Login_iphost{0.0.0.0}
>     Login_service{PortMaster(proprietary)}
>     Login_TCP_port{0}
>     Vendor_specific{...M..0100}
>     Vendor_specific{...M..V.90}
>     Vendor_specific{...M......}
>     Vendor_specific{...M......}
>     Vendor_specific{...M.....&}
>     Vendor_specific{...M......}
>     Vendor_specific{...M......}
>     Vendor_specific{...M......}
>     Vendor_specific{...M......}
>     Vendor_specific{...M......}
>     Called_station{5736530005}
>     Calling_station{5737177297}
>     Acct_status{Stop}
>     Acct_delay{00 secs}
>     Acct_in_octets{158}
>     Acct_out_octets{161}
>     Acct_session_id{C14E5D71:00056CBF}
>     Acct_authentic{(null)}
>     Acct_session_time{00 secs}
>     Acct_in_packets{6}
>     Acct_out_packets{6}
>     Acct_term_cause{NAS Error}
>     Acct_multi_session_id{FFFFFFFF}
>     Acct_link_count{1}
> --------------------------
>
> Notice the Acct_session_time{00 secs} ???
> Now how can I write a handler to catch this....
>
> I have tried this...
>
> <Handler Acct-Session-Time = "00 secs">
>     <AuthBy INTERNAL>
>         AcctResult ACCEPT
>     </AuthBy>
> </Handler>
>
> But this seems to do nothing... How can I simply discard these
> packets???
>
>
> Thanks for your help.
>
> -James.
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list