(RADIATOR) Hook in different language other than Perl
Ganbold
ganbold at micom.mng.net
Tue Aug 19 22:22:04 CDT 2003
Hi Hugh,
So it means that I can use external program instead of hooks?
I attached 2 config files, one uses hooks and another on supposed to use
external program.
Is the new config that uses external program suppose to do same thing as
previous config with hooks?
Below is new config file that suppose to use external program:
--------------------------------------------------------------------------------------------------------------------------
Foreground
Trace 4
AuthPort 1645
AcctPort 1646
LogDir /var/log/radius
LogFile %L/logfilevoice
DictionaryFile /usr/home/tsgan/Radiator-3.6/dictionary
<Client xxx.xxx.xxx.xxx>
Secret xxx
NasType Cisco
SNMPCommunity xxx
StatusServerShowClientDetails
</Client>
# authby clause for ACCOUNTING
<AuthBy SQL>
DBSource dbi:mysql:db:localhost
DBUsername dbuser
DBAuth dbpass
Identifier VoipSQLAcctOnly
AuthSelect
AccountingTable voip_accounting
AccountingStopsOnly
AcctColumnDef nasipaddress,NAS-IP-Address
AcctColumnDef cisco_nas_port,Cisco-NAS-Port
AcctColumnDef card_number,User-Name
</AuthBy>
# authby clause for credit_time
<AuthBy SQL>
DBSource dbi:mysql:db:localhost
DBUsername dbuser
DBAuth dbpass
Identifier CreditTime
AuthSelect select
pin,concat('h323-credit-amount=',creditamount),'h323-return-code=0','h323-preferred-lang=en','h323-billing-model=1'
from cards where cardnumber='%n' and status='Active' and pin is not null
AuthColumnDef 0, Password, check
AuthColumnDef 2, cisco-h323-return-code, reply
AccountingTable
DefaultSimultaneousUse 1
RejectEmptyPassword
</AuthBy>
# authby clause for first second authorizarion
<AuthBy SQL>
DBSource dbi:mysql:db:localhost
DBUsername dbuser
DBAuth dbpass
Identifier CreditAmount
AuthSelect select
pin,concat('h323-credit-amount=',creditamount),'h323-return-code=0','h323-preferred-lang=en','h323-billing-model=1'
from cards where cardnumber='%n' and status='Active' and pin is not null
AuthColumnDef 0, Password, check
AuthColumnDef 1, cisco-h323-credit-amount, reply
AuthColumnDef 2, cisco-h323-return-code, reply
AuthColumnDef 3, cisco-h323-preferred-lang, reply
AuthColumnDef 4, cisco-h323-billing-model, reply
AccountingTable
DefaultSimultaneousUse 1
RejectEmptyPassword
</AuthBy>
# authby clause for transfer balance
<AuthBy SQL>
DBSource dbi:mysql:db:localhost
DBUsername dbuser
DBAuth dbpass
Identifier SqlTransferBal
AuthSelect select
concat('h323-credit-amount=',creditamount),'h323-return-code=0' from cards
where locate(cardnumber,'%n')=1 and creditamount >=
trim(substring('%{cisco-h323-credit-amount}',locate('=','%{cisco-h323-credit-amount}')+1))
and status='Active'
AuthColumnDef 0, cisco-h323-credit-amount, reply
AuthColumnDef 1, cisco-h323-return-code, reply
AccountingTable
DefaultSimultaneousUse 1
RejectEmptyPassword
</AuthBy>
<AuthBy EXTERNAL>
Identifier CalculateCreditAmountUsed
Command /usr/local/bin/CalculateCreditAmountUsed
</AuthBy>
<AuthBy EXTERNAL>
Identifier CalculateCreditTime
Command /usr/local/bin/CalculateCreditTime
</AuthBy>
<AuthBy EXTERNAL>
Identifier TransferBalance
Command /usr/local/bin/TransferBalance
</AuthBy>
<AuthBy EXTERNAL>
Identifier ChangePin
Command /usr/local/bin/ChangePin
</AuthBy>
<AuthBy EXTERNAL>
Identifier CheckPrepaidVoip
Command /usr/local/bin/CheckPrepaidVoip
</AuthBy>
<Handler Request-Type = Accounting-Request, User-Name = /^([0-9])+$/>
AuthBy CalculateCreditAmountUsed
AuthBy VoipSQLAcctOnly
</Handler>
<Handler User-Name = /^([0-9])+%([0-9])+$/>
RejectHasReason
AccountingHandled
AuthBy SqlTransferBal
AuthBy TransferBalance
</Handler>
<Handler Called-Station-Id = /^([0-9])+$/>
RejectHasReason
AccountingHandled
AuthBy CreditTime
AuthBy CalculateCreditTime
</Handler>
<Handler>
AuthBy ChangePin
RejectHasReason
AccountingHandled
SessionDatabase SQL1
AuthBy CreditAmount
AuthBy CheckPrepaidVoip
</Handler>
<SessionDatabase SQL>
DBSource dbi:mysql:db:localhost
DBUsername dbuser
DBAuth dbpass
Identifier SQL1
AddQuery
DeleteQuery
ClearNasQuery delete from voip_online where NASIDENTIFIER='%N'
CountQuery
</SessionDatabase>
--------------------------------------------------------------------------------------------------------------------------
Below is the original config file with hooks
---------------------------------------------------------------------------------------------------------------------------
Foreground
Trace 4
AuthPort 1645
AcctPort 1646
LogDir /var/log/radius
LogFile %L/logfilevoice
DictionaryFile /usr/home/tsgan/Radiator-3.6/dictionary
<Client xxx.xxx.xxx.xxx>
Secret xxx
NasType Cisco
SNMPCommunity xxx
StatusServerShowClientDetails
</Client>
# authby clause for ACCOUNTING
<AuthBy SQL>
DBSource dbi:mysql:db:localhost
DBUsername dbuser
DBAuth dbpass
Identifier VoipSQLAcctOnly
AuthSelect
AccountingTable voip_accounting
AccountingStopsOnly
AcctColumnDef nasipaddress,NAS-IP-Address
AcctColumnDef cisco_nas_port,Cisco-NAS-Port
AcctColumnDef card_number,User-Name
</AuthBy>
# authby clause for credit_time
<AuthBy SQL>
DBSource dbi:mysql:db:localhost
DBUsername dbuser
DBAuth dbpass
Identifier CreditTime
AuthSelect select
pin,concat('h323-credit-amount=',creditamount),'h323-return-code=0','h323-preferred-lang=en','h323-billing-model=1'
from cards where cardnumber='%n' and status='Active' and pin is not null
AuthColumnDef 0, Password, check
AuthColumnDef 2, cisco-h323-return-code, reply
AccountingTable
DefaultSimultaneousUse 1
RejectEmptyPassword
</AuthBy>
# authby clause for first second authorizarion
<AuthBy SQL>
DBSource dbi:mysql:db:localhost
DBUsername dbuser
DBAuth dbpass
Identifier CreditAmount
AuthSelect select
pin,concat('h323-credit-amount=',creditamount),'h323-return-code=0','h323-preferred-lang=en','h323-billing-model=1'
from cards where cardnumber='%n' and status='Active' and pin is not null
AuthColumnDef 0, Password, check
AuthColumnDef 1, cisco-h323-credit-amount, reply
AuthColumnDef 2, cisco-h323-return-code, reply
AuthColumnDef 3, cisco-h323-preferred-lang, reply
AuthColumnDef 4, cisco-h323-billing-model, reply
AccountingTable
DefaultSimultaneousUse 1
RejectEmptyPassword
</AuthBy>
# authby clause for transfer balance
<AuthBy SQL>
DBSource dbi:mysql:db:localhost
DBUsername dbuser
DBAuth dbpass
Identifier SqlTransferBal
AuthSelect select
concat('h323-credit-amount=',creditamount),'h323-return-code=0' from cards
where locate(cardnumber,'%n')=1 and creditamount >=
trim(substring('%{cisco-h323-credit-amount}',locate('=','%{cisco-h323-credit-amount}')+1))
and status='Active'
AuthColumnDef 0, cisco-h323-credit-amount, reply
AuthColumnDef 1, cisco-h323-return-code, reply
AccountingTable
DefaultSimultaneousUse 1
RejectEmptyPassword
</AuthBy>
<Handler Request-Type = Accounting-Request, User-Name = /^([0-9])+$/>
PreAuthHook
file:"/usr/home/tsgan/Radiator-3.6/hooks/CalculateCreditAmountUsed"
AuthBy VoipSQLAcctOnly
</Handler>
<Handler User-Name = /^([0-9])+%([0-9])+$/>
RejectHasReason
AccountingHandled
AuthBy SqlTransferBal
PostAuthHook file:"/usr/home/tsgan/Radiator-3.6/hooks/TransferBalance"
</Handler>
<Handler Called-Station-Id = /^([0-9])+$/>
RejectHasReason
AccountingHandled
AuthBy CreditTime
PostAuthHook
file:"/usr/home/tsgan/Radiator-3.6/hooks/CalculateCreditTime"
</Handler>
<Handler>
PreAuthHook file:"/usr/home/tsgan/Radiator-3.6/hooks/ChangePin"
RejectHasReason
AccountingHandled
SessionDatabase SQL1
AuthBy CreditAmount
PostAuthHook
file:"/usr/home/tsgan/Radiator-3.6/hooks/CheckPrepaidVoip"
</Handler>
<SessionDatabase SQL>
DBSource dbi:mysql:db:localhost
DBUsername dbuser
DBAuth dbpass
Identifier SQL1
AddQuery
DeleteQuery
ClearNasQuery delete from voip_online where NASIDENTIFIER='%N'
CountQuery
</SessionDatabase>
At 06:03 PM 8/19/2003 +1000, you wrote:
>Hello Ganbold -
>
>You can always use the AuthBy EXTERNAL clause to call an external program
>in whatever language you prefer.
>
>What do you mean by "compile or decrypt the hook codes"?
>
>Note that the hooks in Radiator *are* compiled at run time, as is the rest
>of Radiator.
>
>regards
>
>Hugh
>
>
>On Tuesday, Aug 19, 2003, at 16:00 Australia/Melbourne, Ganbold wrote:
>
>>Hi,
>>
>>Is it possible to write various hooks in language other than perl (for
>>example in C)?
>>Or is there anyway to compile or decrypt the hook codes?
>>
>>tia,
>>
>>Ganbold
>>Micom Co., Ltd
>>
>>===
>>Archive at http://www.open.com.au/archives/radiator/
>>Announcements on radiator-announce at open.com.au
>>To unsubscribe, email 'majordomo at open.com.au' with
>>'unsubscribe radiator' in the body of the message.
>>
>
>NB: have you included a copy of your configuration file (no secrets),
>together with a trace 4 debug showing what is happening?
>
>--
>Radiator: the most portable, flexible and configurable RADIUS server
>anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
>-
>Nets: internetwork inventory and management - graphical, extensible,
>flexible with hardware, software, platform and database independence.
>
>
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list