(RADIATOR) PreClientHook
Nathan 'Franko' Franklin
radiator_tsn at tsn.cc
Wed Apr 16 19:53:30 CDT 2003
Hello Hugh
I am using the PreClientHook to change the username of an incoming user, but it doesnt seem to be working properly, It is rejecting all my requests plus it isnt changing the username.
Below is all my stuff
Config File
LogStdout
Trace 4
AuthPort xxx
AcctPort xxx
LogFile wireless.log
DbDir c:\radiator
PreClientHook file:"c:\hooks\wireless_preClientHook.pl"
<Client 202.22.163.25>
Secret xxx
</client>
RewriteUsername s/-//g
<Handler Acct-Status-Type = Start,Identifier=dialup>
AuthByPolicy ContinueAlways
<AuthBy EMERALD>
CaseInsensitivePasswords
DBSource dbi:ODBC:RadiusSQL
DBUsername xxx
DBAuth xxx
# You can add to or change these if you want.
AccountingTable radCalls
AcctColumnDef UserName,User-Name
AcctColumnDef CallDate,Timestamp,integer-date
AcctColumnDef AcctStatusType,Acct-Status-Type,integer
AcctColumnDef AcctDelayTime,Acct-Delay-Time,integer
AcctColumnDef AcctInputOctets,Acct-Input-Octets,integer
AcctColumnDef AcctOutputOctets,Acct-Output-Octets,integer
AcctColumnDef AcctSessionId,Acct-Session-Id
AcctColumnDef AcctSessionTime,Acct-Session-Time,integer
AcctColumnDef AcctTerminateCause,Acct-Terminate-Cause,integer
AcctColumnDef NASIdentifier,NAS-IP-Address
AcctColumnDef FramedAddress,Framed-IP-Address
AcctColumnDef NASPort,NAS-Port,integer
AcctColumnDef AScendSessionKey,Ascend-Session-Svr-Key
AcctColumnDef CallerID,Calling-Station-Id
AcctColumnDef NASPortDNIS,Called-Station-Id
AcctColumnDef SignaltoNoise,Annex-Signal-to-Noise-Ratio,integer
AcctColumnDef Recievelevel,Annex-Begin-Receive-Line-Level,integer
AcctColumnDef ConnectSpeed,Connect-Info
AcctColumnDef Modulation,Annex-Begin-Modulation
</AuthBy>
</Handler>
<Handler Acct-Status-Type = Stop,Identifier=dialup>
AuthByPolicy ContinueAlways
<AuthBy SQL>
DBSource dbi:ODBC:RadiusRelay
DBUsername xxx
DBAuth xxx
AcctSQLStatement delete from mail_relay where ip_addr='%{Framed-IP-Address}'
</AuthBy>
<AuthBy EMERALD>
CaseInsensitivePasswords
DBSource dbi:ODBC:RadiusSQL
DBUsername xxx
DBAuth xxx
# You can add to or change these if you want.
AccountingTable radCalls
AcctColumnDef UserName,User-Name
AcctColumnDef CallDate,Timestamp,integer-date
AcctColumnDef AcctStatusType,Acct-Status-Type,integer
AcctColumnDef AcctDelayTime,Acct-Delay-Time,integer
AcctColumnDef AcctInputOctets,Acct-Input-Octets,integer
AcctColumnDef AcctOutputOctets,Acct-Output-Octets,integer
AcctColumnDef AcctSessionId,Acct-Session-Id
AcctColumnDef AcctSessionTime,Acct-Session-Time,integer
AcctColumnDef AcctTerminateCause,Acct-Terminate-Cause,integer
AcctColumnDef NASIdentifier,NAS-IP-Address
AcctColumnDef FramedAddress,Framed-IP-Address
AcctColumnDef NASPort,NAS-Port,integer
AcctColumnDef AscendSessionKey,Ascend-Session-Svr-Key
AcctColumnDef CallerID,Calling-Station-Id
AcctColumnDef NASPortDNIS,Called-Station-Id
AcctColumnDef SignaltoNoise,Annex-Signal-to-Noise-Ratio,integer
AcctColumnDef Recievelevel,Annex-Begin-Receive-Line-Level,integer
AcctColumnDef ConnectSpeed,Connect-Info
AcctColumnDef Modulation,Annex-Begin-Modulation
</AuthBy>
</Handler>
<Handler Acct-Status-Type= Accounting-Request,Identifier=dialup>
<AuthBy EMERALD>
CaseInsensitivePasswords
DBSource dbi:ODBC:RadiusSQL
DBUsername xxx
DBAuth xxx
# You can add to or change these if you want.
AccountingTable radCalls
AcctColumnDef UserName,User-Name
AcctColumnDef CallDate,Timestamp,integer-date
AcctColumnDef AcctStatusType,Acct-Status-Type,integer
AcctColumnDef AcctDelayTime,Acct-Delay-Time,integer
AcctColumnDef AcctInputOctets,Acct-Input-Octets,integer
AcctColumnDef AcctOutputOctets,Acct-Output-Octets,integer
AcctColumnDef AcctSessionId,Acct-Session-Id
AcctColumnDef AcctSessionTime,Acct-Session-Time,integer
AcctColumnDef AcctTerminateCause,Acct-Terminate-Cause,integer
AcctColumnDef NASIdentifier,NAS-IP-Address
AcctColumnDef FramedAddress,Framed-IP-Address
AcctColumnDef NASPort,NAS-Port,integer
AcctColumnDef AscendSessionKey,Ascend-Session-Svr-Key
AcctColumnDef CallerID,Calling-Station-Id
AcctColumnDef NASPortDNIS,Called-Station-Id
AcctColumnDef SignaltoNoise,Annex-Signal-to-Noise-Ratio,integer
AcctColumnDef Recievelevel,Annex-Begin-Receive-Line-Level,integer
AcctColumnDef ConnectSpeed,Connect-Info
AcctColumnDef Modulation,Annex-Begin-Modulation
</AuthBy>
</Handler>
<Handler>
<AuthLog SQL>
DBSource dbi:ODBC:RadiusSQL
DBUsername xxx
DBAuth xxx
Table radlogs
FailureQuery INSERT into RadLogs (Username,Data,NASIdentifier,NASport,CallerID) values ('%n','%P','%N','%{NAS-Port}','%{Calling-Station-Id}')
</Authlog>
<AuthBy EMERALD>
CaseInsensitivePasswords
DBSource dbi:ODBC:RadiusSQL
DBUsername xxx
DBAuth xxx
# You can add to or change these if you want.
AccountingTable radCalls
AcctColumnDef UserName,User-Name
AcctColumnDef CallDate,Timestamp,integer-date
AcctColumnDef AcctStatusType,Acct-Status-Type,integer
AcctColumnDef AcctDelayTime,Acct-Delay-Time,integer
AcctColumnDef AcctInputOctets,Acct-Input-Octets,integer
AcctColumnDef AcctOutputOctets,Acct-Output-Octets,integer
AcctColumnDef AcctSessionId,Acct-Session-Id
AcctColumnDef AcctSessionTime,Acct-Session-Time,integer
AcctColumnDef AcctTerminateCause,Acct-Terminate-Cause,integer
AcctColumnDef NASIdentifier,NAS-IP-Address
AcctColumnDef FramedAddress,Framed-IP-Address
AcctColumnDef NASPort,NAS-Port,integer
AcctColumnDef AscendSessionKey,Ascend-Session-Svr-Key
AcctColumnDef CallerID,Calling-Station-Id
AcctColumnDef NASPortDNIS,Called-Station-Id
AcctColumnDef SignaltoNoise,Annex-Signal-to-Noise-Ratio,integer
AcctColumnDef Recievelevel,Annex-Begin-Receive-Line-Level,integer
AcctColumnDef ConnectSpeed,Connect-Info
AcctColumnDef Modulation,Annex-Begin-Modulation
</AuthBy>
</Handler>
<SessionDatabase SQL>
Identifier TSN
DBSource dbi:ODBC:RadiusSQL
#DBSource dbi:ODBC:RadiusSQL
DBUsername xxx
DBAuth xxx
AddQuery insert into RADONLINE (USERNAME, NASIDENTIFIER, NASPORT, \
ACCTSESSIONID, FRAMEDADDRESS, AccInputOctets, AccOutputOctets, \
SERVICETYPE,NASPortDNIS,callerid,AscendKey) values ('%n', '%N', %{NAS-Port}, '%{Acct-Session-Id}', \
'%{Framed-IP-Address}',0%{Acct-Input-Octets},0%{Acct-Output-Octets}, \
'%{Service-Type}','%{Called-Station-Id}','%{Calling-Station-Id}','%{Ascend-Session-Svr-Key}')
DeleteQuery delete from RADONLINE where USERNAME='%n' and \
NASIDENTIFIER='%N' and NASPORT='%{NAS-Port}'
ClearNasQuery delete from RADONLINE where NASIDENTIFIER='%N'
CountQuery select NASIDENTIFIER, NASPORT, ACCTSESSIONID from RADONLINE \
where USERNAME='%n'
</SessionDatabase>
Wireeless_PreClientHook.pl
# this PreClientHook will change the incoming wireless macaddress
# into a proper username from the usermanager
# eg... rwireless14
# it will also set there incoming password so when we need
# the password attribute if we need it
# it will be the password under there account
# instead of the password from the accesspoint
use DBI;
use strict;
sub {
&main::log($main::LOG_INFO,"CALLED HOOK");
my $request = ${$_[0]};
#my $reply = ${$_[1]};
my $username = Radius::Util::format_special('%{User-Name}',$request);
&main::log($main::LOG_INFO,"Username is $username");
my $dsn = "dbi:ODBC:RadiusSQL";
my $dbh = DBI->connect($dsn,"xx","xxx") || die "DB open error";
my $sql = "Select SA.Login,SA.Password From SubAccounts SA,UserInfo UI Where UI.Auto = SA.CustomerID And SA.Shell = '$username'";
my $sth = $dbh->prepare($sql);
$sth->execute;
if(my $row = $sth->fetchrow_hashref)
{
my $login = $row->{'Login'};
my $password = $row->{'Password'};
$request->change_attr('User-Name',$login);
#$reply->change_attr('User-Name',$login);
$request->change_attr('User-Password',$password);
#$reply->change_attr('User-Password',$password);
&main::log($main::LOG_INFO,"NEW Username is $login");
&main::log($main::LOG_INFO,"NEW Password is $password");
}
$sth->finish;
$dbh->disconnect();
}
Here is an extraxt of my trace 4 log
Thu Apr 17 10:30:23 2003: DEBUG: Packet dump:
*** Received from 202.22.163.25 port 1027 ....
Code: Access-Request
Identifier: 113
Authentic: 1234567890123456
Attributes:
User-Name = "00-02-2D-31-2E-82"
Service-Type = Framed-User
NAS-IP-Address = 203.63.154.1
NAS-Port = 1234
Called-Station-Id = "123456789"
Calling-Station-Id = "987654321"
NAS-Port-Type = Async
User-Password = " <231>Y}<252><193><18>N at lO<212><189><158>m<147>"
Thu Apr 17 10:30:23 2003: DEBUG: Rewrote user name to 00022D312E82
Thu Apr 17 10:30:23 2003: INFO: CALLED HOOK
Thu Apr 17 10:30:23 2003: INFO: Username is 00022D312E82
Thu Apr 17 10:30:23 2003: INFO: NEW Username is rwireless08
Thu Apr 17 10:30:23 2003: INFO: NEW Password is tsn
Thu Apr 17 10:30:23 2003: DEBUG: Handling request with Handler ''
Thu Apr 17 10:30:23 2003: DEBUG: TSN Deleting session for 00-02-2D-31-2E-82, 203.63.154.1, 1234
Thu Apr 17 10:30:23 2003: DEBUG: do query is: delete from RADONLINE where USERNAME='00022D312E82' and NASIDENTIFIER='203.63.154.1' and NASPORT='1234'
Thu Apr 17 10:30:23 2003: DEBUG: Handling with Radius::AuthEMERALD
Thu Apr 17 10:30:23 2003: DEBUG: Handling with Radius::AuthEMERALD:
Thu Apr 17 10:30:23 2003: DEBUG: Query is: select DateAdd(Day, 20, saExpireDate),
DateAdd(Day, 20, saExpireDate), sa.CustomerID as AccountID, sa.AccountType,
case AT.AccountType when 7 then sa.shellpassword when 8 then sa.shellpassword else sa.password end as password, sa.login, sa.shell, sa.TimeLeft
from subaccounts sa,userinfo ui, acctypes AT
where AT.AccName = UI.AccType
And UI.Auto = SA.CustomerID
and (sa.login = '00022D312E82' or sa.shell = '00022D312E82')
and sa.active =1
Thu Apr 17 10:30:23 2003: DEBUG: Select results: , , 38055, ppp, tsn, rwireless08, 00022D312E82, ,
Thu Apr 17 10:30:23 2003: DEBUG: Query is: select ra.RadAttributeID, ra.RadVendorID,
ra.RadVendorType,
Data, Value, Type, RadCheck
from RadConfigs rc, RadAttributes ra
where ra.RadAttributeID = rc.RadAttributeID
and ra.RadVendorID = rc.RadVendorID
and ra.RadVendorType = rc.RadVendorType
and rc.AccountID=38055
Thu Apr 17 10:30:23 2003: DEBUG: Radius::AuthEMERALD looks for match with 00022D312E82
Thu Apr 17 10:30:23 2003: DEBUG: Radius::AuthEMERALD REJECT: Bad Password
Thu Apr 17 10:30:23 2003: DEBUG: Query is: select DateAdd(Day, 20, saExpireDate),
DateAdd(Day, 20, saExpireDate), sa.CustomerID as AccountID, sa.AccountType,
case AT.AccountType when 7 then sa.shellpassword when 8 then sa.shellpassword else sa.password end as password, sa.login, sa.shell, sa.TimeLeft
from subaccounts sa,userinfo ui, acctypes AT
where AT.AccName = UI.AccType
And UI.Auto = SA.CustomerID
and (sa.login = 'DEFAULT' or sa.shell = 'DEFAULT')
and sa.active =1
Thu Apr 17 10:30:23 2003: INFO: Access rejected for 00022D312E82: Bad Password
Thu Apr 17 10:30:23 2003: DEBUG: do query is: INSERT into RadLogs (Username,Data,NASIdentifier,NASport,CallerID) values ('00022D312E82',' çY','203.63.154.1','1234','987654321')
Thu Apr 17 10:30:23 2003: DEBUG: Packet dump:
*** Sending to 202.22.163.25 port 1027 ....
Code: Access-Reject
Identifier: 113
Authentic: 1234567890123456
Attributes:
Reply-Message = "Request Denied"
I would like to know where the DEFAULT username is coming from becuase that is causing the rejection i think and i would also like to know why the username isnt changing..
thanks for your help Hugh
Kind Regards
Nathan Franklin
TSN Internet
nathan at tsn.cc
MSN: nathanfranko at hotmail.com
'If you keep your ears and eyes on your customer, You will keep your competitor's foot out of the door.'
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.open.com.au/pipermail/radiator/attachments/20030417/9f7fa0c8/attachment.html>
More information about the radiator
mailing list