(RADIATOR) How do you log proxy auth packets in a SQL dB or file?

Mary Grace radiator at diskserv.com
Sat Aug 2 17:51:39 CDT 2003 

Hi everyone!

We have a standard proxy radius setup going that successfully stores 
accounting data received from an upstream radius server in our server using 
AuthBy SQL, while proxying using AuthBy RADIUS the Auth requests to a 
downstream RADIUS server.  The downstream then does the Auth, sends back up 
through us the ACCEPT and keeps its own copy of the Accounting info, and we 
proxy the ACCEPT packets back up to our upstream's radius.

The question has arisen as to how we can log or keep a copy also of the 
upstream's Auth REQUEST packet info that we proxy down to our downstream's 
radius server.  We would prefer to store it in a SQL table using something 
like AcctColumnDefs, or at least in a password log format and detail log 
format showing the actual Auth Req and Auth Response packets that flow up 
and down through us from the upstream radius to our downstream radius.

The reason to do this is of course to have a basis for using SQL to correct 
for false simultaneous login denials when a STOP packet gets lost and a 
user who calls in (from the same Calling-Station ID as the Calling-Station 
ID he is "currently" (due to the missed STOP packet) assumed to be logged 
in to) is desired to be authenticated anyway.  One could detect such a 
condition, delete the prior session, and then let him in directly with a hook.

But, I don't know how to tell if that user with a live current START record 
in our Accounting dB is asking to Auth again unless I can get and store a 
copy of that second Auth Req packet, not just a new start record that I 
will never see...... :-(

Thanks in advance,

Mary Grace

*****************************************************************
Foreground
LogStdout
Trace	5
PidFile	C:radius\radiusd.pid
BindAddress 1-2-3-4
AuthPort	1645
AcctPort	1646
LogDir C:\radius\radlogs
DbDir	C:\radius
LogFile		%L/logfile-1-2-3-4-%Y%m%d.log
DictionaryFile %D/dictionary
<Client 4.3.2.1>
	Secret shhh!
</Client>
<Client 4.3.2.2>
	Secret shhh!
</Client>
<Realm test.net>
RewriteUsername	tr/[A-Z]/[a-z]/
AcctLogFileName	%L/detail-4-test%Y%m%d.log
PasswordLogFileName %L/password-4-test%Y%m%d.log
AuthByPolicy ContinueAlways
<AuthBy SQL>
DBSource dbi:mysql:radius:1.2.3.4:3306
DBUsername foobar
DBAuth raboof
AuthSelect
#AuthSelect select PASSWORD, CHECKATTR, REPLYATTR from SUBSCRIBERS_TEST_NET
# where USERNAME=%0
#AuthColumnDef 0,Password,check
#AuthColumnDef 1,GENERIC,check
#AuthColumnDef 2,GENERIC,reply
AccountingTable accttestnet%Y%m
AcctColumnDef user_name,User-Name
AcctColumnDef nas_ip_address,NAS-IP-Address
AcctColumnDef nas_port,NAS-Port
AcctColumnDef service_type,Service-Type
AcctColumnDef framed_protocol,Framed-Protocol
AcctColumnDef framed_ip_address,Framed-IP-Address
AcctColumnDef class,Class
AcctColumnDef called_station_id,Called-Station-Id
AcctColumnDef calling_station_id,Calling-Station-Id
AcctColumnDef acct_status_type,Acct-Status-Type
AcctColumnDef acct_delay_time,Acct-Delay-Time
AcctColumnDef acct_input_octets,Acct-Input-Octets
AcctColumnDef acct_output_octets,Acct-Output-Octets
AcctColumnDef acct_session_id,Acct-Session-Id
AcctColumnDef acct_authentic,Acct-Authentic
AcctColumnDef acct_session_time,Acct-Session-Time,integer
#AcctColumnDef start_time,%b-%0{Acct-Session-Time},literal
AcctColumnDef acct_input_packets,Acct-Input-Packets
AcctColumnDef acct_output_packets,Acct-Output-Packets
AcctColumnDef acct_terminate_cause,Acct-Terminate-Cause
AcctColumnDef event_timestamp,Event-Timestamp,integer
AcctColumnDef nas_port_type,NAS-Port-Type
AcctColumnDef connect_info,Connect-Info
AcctColumnDef ascend_pre_input_octets,Ascend-Pre-Input-Octets
AcctColumnDef ascend_pre_output_octets,Ascend-Pre-Output-Octets
AcctColumnDef ascend_pre_input_packets,Ascend-Pre-Input-Packets
AcctColumnDef ascend_pre_output_packets,Ascend-Pre-Output-Packets
AcctColumnDef ascend_disconnect_cause,Ascend-Disconnect-Cause
AcctColumnDef ascend_connect_progress,Ascend-Connect-Progress
AcctColumnDef ascend_data_rate,Ascend-Data-Rate
AcctColumnDef ascend_presession_time,Ascend-PreSession-Time,integer
AcctColumnDef ascend_xmit_rate,Ascend-Xmit-Rate
AcctColumnDef timestamp,Timestamp,integer
</AuthBy>
<AuthBy RADIUS>
Host 4.3.2.3
Secret shhh!
AuthPort 1645
AcctPort 1646
</AuthBy>
</Realm>
<Log FILE>
Filename %L/backuplog4-3-2-1-%Y%m%d.log
Trace 5
</Log>

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list