(RADIATOR) Multiple Accounting DBs, Single Auth DB.
Kevin McKee
kevin at nw-tel.com
Tue Jul 8 16:17:59 CDT 2003
Hi,
I'm trying to create a handler that will authenticate a user by the first RADIUS proxy that responds, but then sends Accounting packets to that RADIUS proxy and an additional SQL server.
I have included the handler I am currently working with. My problem is that Accounting packets are being caught by the AuthBy SQL clause and are not passing to the AuthBy RADIUS clauses. If I change the AuthByPolicy to ContinueWhileAccept, then it will authenticate and send accounting to both of the AuthBy RADIUS clauses, and I want it to only go out to the first responding one.
Any ideas how to do this?
Thanks,
------------------------- _ _
Kevin McKee, Network Mgr _ __ | |_(_)
Northwest Telephone, Inc. | '_ \| __| |
Tel: +1 509 661 2000 x112 | | | | |_| |
Fax: +1 509 661 2020 |_| |_|\__|_|
------------------------------------------------------------------------
<Handler Called-Station-Id=/XXXXXX0095|XXXXXX0096/>
#
# Sample Handler
#
MaxSessions 1
AcctLogFileName %L/%Y%m%d-XXXXXX-detail
SessionDatabase XXXX
RejectHasReason
<AuthBy SQL>
# Accounting only Database
# Needs a copy of the Accounting packets
DateFormat %Y-%m-%d %H:%M:%S
DBSource dbi:mysql:XXXXXX:XX.XX.XX.XXX
DBUsername XXXX
DBAuth XXXX
IgnoreAuthentication
AccountingStopsOnly
AccountingTable ACCOUNTING%Y%m
AcctColumnDef USERNAME,User-Name
AcctColumnDef TIME_STAMP,Timestamp,integer-date
AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer
AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
AcctColumnDef ACCTSESSIONID,Acct-Session-Id
AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
AcctColumnDef NASPORT,NAS-Port,integer
AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
AcctColumnDef NASIPADDRESS,NAS-IP-Address
AcctColumnDef ASCENDDISCONNECTCAUSE,Ascend-Disconnect-Cause
AcctColumnDef ASCENDCONNECTPROGRESS,Ascend-Connect-Progress
AcctColumnDef ASCENDXMITRATE,Ascend-Xmit-Rate,Integer
AcctColumnDef ASCENDDATARATE,Ascend-Data-Rate,Integer
AcctColumnDef CALLINGSTATIONID,Calling-Station-Id
AcctColumnDef CALLEDSTATIONID,Called-Station-Id
AcctColumnDef ISP,"XXXXX",literal
AcctFailedLogFileName %L/detail.newdb
</AuthBy>
<AuthBy RADIUS>
# Customer's Primary RADIUS server
Host XXX.XXX.XXX.101
Secret sharedsecret
AuthPort 1645
AcctPort 1646
StripFromRequest NAS-Port-Id,NAS-Port-Type
ReplyHook sub { ${$_[1]}->delete_attr('Framed-IP-Address'); }
LocalAddress XX.XX.XX.XXX
</AuthBy>
<AuthBy RADIUS>
# Customer's Backup RADIUS server
Host XXX.XXX.XXX.102
Secret sharedsecret
AuthPort 1645
AcctPort 1646
StripFromRequest NAS-Port-Id,NAS-Port-Type
ReplyHook sub { ${$_[1]}->delete_attr('Framed-IP-Address'); }
LocalAddress XX.XX.XX.XXX
</AuthBy>
</Handler>
-------------------------------------------------------------
This email and the files transmitted with it are confidential
and intended solely for the use of the individual or entity to
which they are addressed. If you have received this email in
error, please notify the sender.
This footnote also confirms that this email message
and attachments have been scanned for the presence
of computer viruses.
-------------------------------------------------------------
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list