(RADIATOR) Re: IPASS accouting

Hugh Irvine hugh at open.com.au
Tue Jan 21 18:36:24 CST 2003 

Hello Tunde -

The radius accounting stop records should already contain an 
"Acct-Session-Time" attribute containing the duration of the session.

So you just need to add the corresponding column to your database and 
alter the AcctColumnDef's accordingly.

<AuthBy SQL>
         Identifier IPASSSQLAccounting
          DBSource dbi:Oracle:radius00
          DBUsername radiusgold
          DBAuth radiusgold
          HandleAcctStatusTypes Start, Stop
          AuthSelect
         AccountingTable IPASSACCOUNTING
         AcctColumnDef USERNAME, User-Name
         AcctColumnDef ACCTSTATUSTYPE, Acct-Status-Type
         AcctColumnDef TIME, Timestamp, integer-date
         AcctColumnDef NASIDENTIFIER, NAS-Identifier
         AcctColumnDef FRAMEDIPADDRESS, Framed-IP-Address
         AcctColumnDef TIMESTAMP, Timestamp
         AcctColumnDef SESSIONTIME, Acct-Session-Time
</AuthBy>


regards

Hugh


On Tuesday, Jan 21, 2003, at 19:57 Australia/Melbourne, Ayotunde 
Itayemi wrote:

> Hi Hugh,
>
> Thanks for your help.
> I have a table that looks like (below) now.
>
> USERNAME                                           ACCTSTYPE    TIME
> NAS-IDENTIFIER    FRAMED-IP-ADDRESS    TIMESTAMP
> IPASS/JOyedeji at eagle.org                     Start                    
> Jan
> 21, 2003 07:02     viruse1                        80.247.158.69
> 1043136137
> IPASS/JOyedeji at eagle.org                     Stop                    
> Jan 21,
> 2003 08:51     viruse1                        80.247.158.69
> 1043142670
> IPASS/PISG/eddie.soh at pacific.net.sg     Start                    Jan 
> 16,
> 2003 22:58     viruse1                        80.247.158.68
> 1042761506
> IPASS/PISG/eddie.soh at pacific.net.sg     Stop                    Jan 
> 16, 2003
> 23:12     viruse1                        80.247.158.68
> 1042762372
>
> Now, is there a way I can generate accounting records that show how 
> long the
> particular IPASS user was logged on? I guess such a
> record would have to be logged when the accounting stop packet is sent 
> to
> radiator. So that I have a table such as:
>
> USERNAME                                           ACCTSTYPE    TIME
> NAS-IDENTIFIER    FRAMED-IP-ADDRESS
> IPASS/JOyedeji at eagle.org                     Stop                    
> 30:00
> viruse1                        80.247.158.69
> IPASS/JOyedeji at eagle.org                     Stop                    
> 15:00
> viruse1                        80.247.158.69
> IPASS/PISG/eddie.soh at pacific.net.sg     Stop                    17:23
> viruse1                        80.247.158.68
> IPASS/PISG/eddie.soh at pacific.net.sg     Stop                    1:12:02
> viruse1                        80.247.158.68
>
> where the "TIME" column is the length of time the user spemt online. (I
> don't really need the ACCTSTYPE column)
>
> My config at the moment is as below:
>
> <AuthBy SQL>
>         Identifier IPASSSQLAccounting
>          DBSource dbi:Oracle:radius00
>          DBUsername radiusgold
>          DBAuth radiusgold
>          HandleAcctStatusTypes Start, Stop
>          AuthSelect
>         AccountingTable IPASSACCOUNTING
>         AcctColumnDef USERNAME, User-Name
>         AcctColumnDef ACCTSTATUSTYPE, Acct-Status-Type
>         AcctColumnDef TIME, Timestamp, integer-date
>         AcctColumnDef NASIDENTIFIER, NAS-Identifier
>         AcctColumnDef FRAMEDIPADDRESS, Framed-IP-Address
>         AcctColumnDef TIMESTAMP, Timestamp
> </AuthBy>
> <AuthBy DYNADDRESS>
>          Identifier myIPADDRESSauth
>          Allocator mySQLallocator
>          PoolHint %{Client:Identifier}
>          MapAttribute   yiaddr, Framed-IP-Address
>          MapAttribute   subnetmask, Framed-IP-Netmask
>          StripFromReply PoolHint
>          AddToReply MS-MPPE-Encryption-Policy = 1, 
> MS-MPPE-Encryption-Types
> = 6
>          AddToReply MS-MPPE-Send-Key, MS-MPPE-Recv-Key
>          DefaultSimultaneousUse 1
>  </AuthBy>
>  <AuthBy DYNADDRESS>
>          Identifier noIPADDRESSauth
>          Allocator mySQLallocator
>          MapAttribute   yiaddr, Framed-IP-Address
>          MapAttribute   subnetmask, Framed-IP-Netmask
>          StripFromReply PoolHint
>          AddToReply MS-MPPE-Encryption-Policy = 1, 
> MS-MPPE-Encryption-Types
> = 6
>          AddToReply MS-MPPE-Send-Key, MS-MPPE-Recv-Key
>          DefaultSimultaneousUse 1
>  </AuthBy>
> <AuthBy DYNADDRESS>
>          Identifier pattonIPADDRESSauth
>          Allocator mySQLallocator
>         MapAttribute   yiaddr, Framed-IP-Address
>         MapAttribute   subnetmask, Framed-IP-Netmask
>         StripFromReply PoolHint
>          DefaultSimultaneousUse 1
>  </AuthBy>
>  ###### proxy radius for IPASS
>  <AuthBy RADIUS>
>          Identifier      ipassNetserver
>          Host            63.10.24.21
>          Secret
>          AuthPort        11812
>          AcctPort        11813
>         AddToRequest Called-Station-Id=%{Called-Station-Id},
> NAS-IP-Address=%N
>         DefaultSimultaneousUse 1
>  </AuthBy>
>
>  #=================== HANDLERs   ================================
>  <Handler Realm=myipass>
>          RewriteUsername
> s/^IPASS\/([^#]+)\#([^@]+)\@myipass$/IPASS\/$1\@$2/
>          AuthByPolicy ContinueAlways
>          AuthBy IPASSSQLAccounting
>          AuthBy ipassNetserver
>  </Handler>
>
>
>
>

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list