(RADIATOR) SQLRADIUS Failurepolicy

Keith Dornbusch keith at uschoice.net
Tue Apr 27 10:49:09 CDT 2004


I am having a problem getting FailurePolicy to work in my <AuthBy
SQLRADIUS>.
FailurePolicy is set to 0 for ACCEPT.
Any Ideas?

Here is a sample of the Trace
---- Trace Start -----------------------
Tue Apr 27 10:33:27 2004: DEBUG: Rewrote user name to quailch1 at airpad.net
Tue Apr 27 10:33:27 2004: DEBUG: Handling request with Handler
'Realm=airpad.net'
Tue Apr 27 10:33:27 2004: DEBUG:  Deleting session for quailch1 at airpad.net,
66.100.36.X, 20107
Tue Apr 27 10:33:27 2004: DEBUG: do query is: 'delete from RADONLINE where
NASIDENTIFIER='66.100.36.X' and NASPORT=020107':

Tue Apr 27 10:33:27 2004: DEBUG: Handling with Radius::AuthFILE:
Tue Apr 27 10:33:27 2004: DEBUG: Radius::AuthFILE looks for match with
quailch1 at airpad.net
Tue Apr 27 10:33:27 2004: DEBUG: Handling with Radius::AuthSQL
Tue Apr 27 10:33:27 2004: DEBUG: Handling with Radius::AuthSQL
Tue Apr 27 10:33:27 2004: DEBUG: Handling with Radius::AuthRADIUS
Tue Apr 27 10:33:27 2004: DEBUG: Query is: 'select HOST1, SECRET, AUTHPORT,
ACCTPORT, RETRIES, RETRYTIMEOUT, USEOLDASCENDPASSWORDS,
SERVERHASBROKENPORTNUMBERS, SERVERHASBROKENADDRESSES, IGNOREREPLYSIGNATURE,
FAILUREPOLICY from RADSQLRADIUS where TARGETNAME='airpad.net'':

Tue Apr 27 10:33:27 2004: INFO: AuthRADIUS could not find a working host to
forward to. Ignoring
Tue Apr 27 10:33:28 2004: DEBUG: Packet dump:
---------- Trace End ------------------------------------



Here is my .cfg file (partial)
------------  Start .cfg -------------------------
<Realm xxxxxxx.xxx>
# MaxSessions 1
# Log accounting to a detail file. %D is replaced by DbDir above
 AcctLogFileName %L/detail
 AuthByPolicy ContinueUntilAccept
# Log for all authentication attemps
 PasswordLogFileName %L/%RPWLog
 <AuthLog SQL>
  DBSource dbi:mysql:Radiator:xx.xxx.xx.xx:xxxx
  DBUsername user
  DBAuth pass
  Table radauthlog
#     Identifier authlogger
  LogSuccess 1
  SuccessQuery insert into RADAUTHLOG (TIME_STAMP, USERNAME, TYPE) values
(%t, '%n', 1)
  LogFailure 1
  FailureQuery insert into RADAUTHLOG (TIME_STAMP, USERNAME, TYPE, REASON)
values (%t, '%n', 0, %1)
 </AuthLog>
 <StatsLog SQL>
#  You need to specify which database to connect to:
  DBSource dbi:mysql:Radiator:xx.xxx.xx.xx:xxxx
  DBUsername user
  DBAuth pass
#  The logging interval in seconds (Default 600 Seconds or 10 Mins)
#  Interval 2
#  You can configure the SQL query to be used for each log.
#  %0, %1 etc are replaced by each statistic, in alphabetical order
#  of their name.This example just logs the time, object type, id and
#  average responseTime
#  InsertQuery insert into MYTABLE (TIME_STAMP, TYPE, ID, RESPONSETIME)
values (%0, %1, %2, %23)
 </StatsLog>
 <AuthBy FILE>
#  Look up user details in a flat file
#  %D is replaced by DbDir above
  Filename %D/users
 </AuthBy>
 <AuthBy SQL>
#  SQLRecoveryFile is Version 3.8 or higher
  SQLRecoveryFile %L/missedaccounting
  DBSource dbi:mysql:Radiator:xx.xxx.xx.xx:xxxx
  DBUsername user
  DBAuth pass
  DateFormat '%b $d,%Y %H:%M:%S'
  HandleAcctStatusTypes Start
  AcctInsertQuery insert into %0(%1) values (%2)
  AuthSelect
  AccountingTable accounting
     AcctColumnDef User_Name,User-Name
     AcctColumnDef Start_Time,Timestamp
     AcctColumnDef Stop_Time,Timestamp
     AcctColumnDef State,State
     AcctColumnDef Password,Password
     AcctColumnDef Expiration,Expiration
     AcctColumnDef Service_Type,Service-Type
     AcctColumnDef Framed_Protocol,Framed-Protocol
     AcctColumnDef Ascend_Assign_IP_Pool,Ascend-Assign-IP-Pool
     AcctColumnDef Ascend_Idle_Limit,Ascend-Idle-Limit
     AcctColumnDef Ascend_Maximum_Channels,Ascend-Maximum-Channels
     AcctColumnDef Ascend_Minimum_Channels,Ascend-Minimum-Channels
     AcctColumnDef Framed_IP_Address,Framed-IP-Address
     AcctColumnDef Framed_IP_Netmask,Framed-IP-Netmask
     AcctColumnDef NAS_IP_Address,NAS-IP-Address
     AcctColumnDef NAS_Port,NAS-Port
     AcctColumnDef NAS_Port_Type,NAS-Port-Type
     AcctColumnDef Acct_Status_Type,Acct-Status-Type
     AcctColumnDef Acct_Delay_Time,Acct-Delay-Time
     AcctColumnDef Acct_Session_Id,Acct-Session-Id
     AcctColumnDef Acct_Authentic,Acct-Authentic
     AcctColumnDef Acct_Session_Time,Acct-Session-Time
     AcctColumnDef Acct_Input_Octets,Acct-Input-Octets
     AcctColumnDef Acct_Output_Octets,Acct-Output-Octets
     AcctColumnDef Acct_Input_Packets,Acct-Input-Packets
     AcctColumnDef Acct_Output_Packets,Acct-Output-Packets
     AcctColumnDef Ascend_Disconnect_Cause,Ascend-Disconnect-Cause
     AcctColumnDef Ascend_Connect_Progress,Ascend-Connect-Progress
     AcctColumnDef Ascend_Xmit_Rate,Ascend-Xmit-Rate
     AcctColumnDef Ascend_Data_Rate,Ascend-Data-Rate
     AcctColumnDef Ascend_PreSession_Time,Ascend-PreSession-Time
     AcctColumnDef Ascend_Pre_Input_Octets,Ascend-Pre-Input-Octets
     AcctColumnDef Ascend_Pre_Output_Octets,Ascend-Pre-Output-Octets
     AcctColumnDef Ascend_Pre_Input_Packets,Ascend-Pre-Input-Packets
     AcctColumnDef Ascend_Pre_Output_Packets,Ascend-Pre-Output-Packets
     AcctColumnDef Ascend_First_Dest,Ascend-First-Dest
     AcctColumnDef Ascend_Multilink_ID,Ascend-Multilink-ID
     AcctColumnDef Ascend_Num_In_Multilink,Ascend-Num-In-Multilink
     AcctColumnDef Acct_Link_Count,Acct-Link-Count
     AcctColumnDef Acct_Multi_Session_Id,Acct-Multi-Session-Id
     AcctColumnDef Ascend_Modem_PortNo,Ascend-Modem-PortNo
     AcctColumnDef Ascend_Modem_SlotNo,Ascend-Modem-SlotNo
     AcctColumnDef Calling_Station_Id,Calling-Station-Id
     AcctColumnDef Called_Station_Id,Called-Station-Id
     AcctColumnDef CHAP_Password,CHAP-Password
     AcctColumnDef Connect_Info,Connect-Info
     AcctColumnDef Ascend_Handle_IPX,Ascend-Handle-IPX
     AcctColumnDef NAS_Identifier,NAS-Identifier
     AcctColumnDef CHAP_Challenge,CHAP-Challenge
     AcctColumnDef Ascend_Netware_timeout,Ascend-Netware-timeout
     AcctColumnDef Proxy_State,Proxy-State
     AcctColumnDef Class,Class
     AcctColumnDef Framed_Compression,Framed-Compression
     AcctColumnDef Port_Limit,Port-Limit
     AcctColumnDef Acct_Terminate_Cause,Acct-Terminate-Cause
     AcctColumnDef CVX_SS7_Session_ID_Type,CVX-SS7-Session-ID-Type
     AcctColumnDef CVX_Terminate_Cause,CVX-Terminate-Cause
     AcctColumnDef Login_IP_Host,Login-IP-Host
     AcctColumnDef User_Password,User-Password
     AcctColumnDef Framed_Routing,Framed-Routing
     AcctColumnDef Filter_Id,Filter-Id
     AcctColumnDef Framed_MTU,Framed-MTU
     AcctColumnDef Login_Service,Login-Service
     AcctColumnDef Login_TCP_Port,Login-TCP-Port
     AcctColumnDef Framed_Route,Framed-Route
     AcctColumnDef Framed_IPX_Network,Framed-IPX-Network
     AcctColumnDef Termination_Action,Termination-Action
     AcctColumnDef Vendor_specific,Vendor-specific
     AcctColumnDef Acct_Input_Gigawords,Acct-Input-Gigawords
     AcctColumnDef Acct_Output_Gigawords,Acct-Output-Gigawords
     AcctColumnDef Old_Password,Old-Password
     AcctColumnDef Reply_Message,Reply-Message
     AcctColumnDef Callback_Number,Callback-Number
     AcctColumnDef Callback_ID,Callback-ID
     AcctColumnDef User_Realm,User-Realm
     AcctColumnDef CVX_Identification,CVX-Identification
     AcctColumnDef Ascend_Source_Auth,Ascend-Source-Auth
     AcctColumnDef Session_Authentic,Session-Authentic
     AcctColumnDef Event_Timestamp,Event-Timestamp
     AcctColumnDef cvx_ppp_inactivity_limit,CVX-PPP-Inactivity-Limit
     AcctColumnDef GRIC_Timestamp,GRIC-Timestamp
     AcctColumnDef Ascend_Modem_ShelfNo,Ascend-Modem-ShelfNo
     AcctColumnDef Ascend_Owner_IP_Addr,Ascend-Owner-IP-Addr
     AcctColumnDef Tunnel_Client_Endpoint,Tunnel-Client-Endpoint
     AcctColumnDef Tunnel_Server_Endpoint,Tunnel-Server-Endpoint
     AcctColumnDef Idle_Timeout,Idle-Timeout
     AcctColumnDef Tunnel_Type,Tunnel-Type
     AcctColumnDef Class_1,Class-1
     AcctColumnDef Tunnel_ID,Tunnel-ID
     AcctColumnDef Ascend_FR_Direct,Ascend-FR-Direct
     AcctColumnDef CVX_VPOP_ID,CVX-VPOP-ID
     AcctColumnDef CVX_Terminate_Component,CVX-Terminate-Component
     AcctColumnDef Timestamp,Timestamp
  DefaultSimultaneousUse 2
  RejectEmptyPassword
 </AuthBy>
 <AuthBy SQL>
#  SQLRecoveryFile is Version 3.8 or higher
  SQLRecoveryFile %L/missedaccounting
  DBSource dbi:mysql:Radiator:xx.xxx.xx.xx:xxxx
  DBUsername user
  DBAuth pass
  DateFormat '%b $d,%Y %H:%M:%S'
  HandleAcctStatusTypes Stop

#  Start Record Fields Removed from stop Record Update
#  set user_name = '%{User-Name}', nas_ip_address = '%{NAS-IP-Address}', \
#  nas_port = '%{NAS-Port}', service_type = '%{Service-Type}',
framed_protocol = '%{Framed-Protocol}', \
#  framed_ip_address = '%{Framed-IP-Address}', class = '%{Class}',
called_station_id = '%{Called-Station-Id}', \
#  calling_station_id = '%{Calling-Station-Id}', nas_port_type =
'%{NAS-Port-Type}', connect_info = '%{Connect-Info}', \




  AcctInsertQuery update %0 set Acct_Status_Type = '%{Acct-Status-Type}', \
  Acct_Delay_Time = '%{Acct-Delay-Time}', Acct_Input_Octets =
'%{Acct-Input-Octets}', \
  Acct_Output_Octets = '%{Acct-Output-Octets}', Acct_Authentic =
'%{Acct-Authentic}', \
  Acct_Session_Time = '%{Acct-Session-Time}', Stop_Time = '%{Timestamp}', \
  Acct_Input_Packets = '%{Acct-Input-Packets}', Acct_Output_Packets =
'%{Acct-Output-Packets}', \
  Acct_Terminate_Cause = '%{Acct-Terminate-Cause}',  \
  Ascend_Pre_Input_Octets = '%{Ascend-Pre-Input-Octets}', \
  Ascend_Pre_Output_Octets = '%{Ascend-Pre-Output-Octets}',
Ascend_Pre_Input_Packets = '%{Ascend-Pre-Input-Packets}', \
  Ascend_Pre_Output_Packets = '%{Ascend-Pre-Output-Packets}',
Ascend_Disconnect_Cause = '%{Ascend-Disconnect-Cause}', \
  Ascend_Connect_Progress = '%{Ascend-Connect-Progress}', Ascend_Data_Rate =
'%{Ascend-Data-Rate}', \
  Ascend_PreSession_Time = '%{Ascend-PreSession-Time}', Ascend_Xmit_Rate =
'%{Ascend-Xmit-Rate}' \
  where Acct_Session_Id = '%{Acct-Session-Id}'

#  AcctInserQuery update %0 set nas_ip_address = '%{NAS-IP-Address}' where
acct_session_id = '%{Acct-Session-Id}'
  AuthSelect
  AccountingTable accounting
     AcctColumnDef User_Name,User-Name
     AcctColumnDef Start_Time,Timestamp
     AcctColumnDef Stop_Time,Timestamp
     AcctColumnDef State,State
     AcctColumnDef Password,Password
     AcctColumnDef Expiration,Expiration
     AcctColumnDef Service_Type,Service-Type
     AcctColumnDef Framed_Protocol,Framed-Protocol
     AcctColumnDef Ascend_Assign_IP_Pool,Ascend-Assign-IP-Pool
     AcctColumnDef Ascend_Idle_Limit,Ascend-Idle-Limit
     AcctColumnDef Ascend_Maximum_Channels,Ascend-Maximum-Channels
     AcctColumnDef Ascend_Minimum_Channels,Ascend-Minimum-Channels
     AcctColumnDef Framed_IP_Address,Framed-IP-Address
     AcctColumnDef Framed_IP_Netmask,Framed-IP-Netmask
     AcctColumnDef NAS_IP_Address,NAS-IP-Address
     AcctColumnDef NAS_Port,NAS-Port
     AcctColumnDef NAS_Port_Type,NAS-Port-Type
     AcctColumnDef Acct_Status_Type,Acct-Status-Type
     AcctColumnDef Acct_Delay_Time,Acct-Delay-Time
     AcctColumnDef Acct_Session_Id,Acct-Session-Id
     AcctColumnDef Acct_Authentic,Acct-Authentic
     AcctColumnDef Acct_Session_Time,Acct-Session-Time
     AcctColumnDef Acct_Input_Octets,Acct-Input-Octets
     AcctColumnDef Acct_Output_Octets,Acct-Output-Octets
     AcctColumnDef Acct_Input_Packets,Acct-Input-Packets
     AcctColumnDef Acct_Output_Packets,Acct-Output-Packets
     AcctColumnDef Ascend_Disconnect_Cause,Ascend-Disconnect-Cause
     AcctColumnDef Ascend_Connect_Progress,Ascend-Connect-Progress
     AcctColumnDef Ascend_Xmit_Rate,Ascend-Xmit-Rate
     AcctColumnDef Ascend_Data_Rate,Ascend-Data-Rate
     AcctColumnDef Ascend_PreSession_Time,Ascend-PreSession-Time
     AcctColumnDef Ascend_Pre_Input_Octets,Ascend-Pre-Input-Octets
     AcctColumnDef Ascend_Pre_Output_Octets,Ascend-Pre-Output-Octets
     AcctColumnDef Ascend_Pre_Input_Packets,Ascend-Pre-Input-Packets
     AcctColumnDef Ascend_Pre_Output_Packets,Ascend-Pre-Output-Packets
     AcctColumnDef Ascend_First_Dest,Ascend-First-Dest
     AcctColumnDef Ascend_Multilink_ID,Ascend-Multilink-ID
     AcctColumnDef Ascend_Num_In_Multilink,Ascend-Num-In-Multilink
     AcctColumnDef Acct_Link_Count,Acct-Link-Count
     AcctColumnDef Acct_Multi_Session_Id,Acct-Multi-Session-Id
     AcctColumnDef Ascend_Modem_PortNo,Ascend-Modem-PortNo
     AcctColumnDef Ascend_Modem_SlotNo,Ascend-Modem-SlotNo
     AcctColumnDef Calling_Station_Id,Calling-Station-Id
     AcctColumnDef Called_Station_Id,Called-Station-Id
     AcctColumnDef CHAP_Password,CHAP-Password
     AcctColumnDef Connect_Info,Connect-Info
     AcctColumnDef Ascend_Handle_IPX,Ascend-Handle-IPX
     AcctColumnDef NAS_Identifier,NAS-Identifier
     AcctColumnDef CHAP_Challenge,CHAP-Challenge
     AcctColumnDef Ascend_Netware_timeout,Ascend-Netware-timeout
     AcctColumnDef Proxy_State,Proxy-State
     AcctColumnDef Class,Class
     AcctColumnDef Framed_Compression,Framed-Compression
     AcctColumnDef Port_Limit,Port-Limit
     AcctColumnDef Acct_Terminate_Cause,Acct-Terminate-Cause
     AcctColumnDef CVX_SS7_Session_ID_Type,CVX-SS7-Session-ID-Type
     AcctColumnDef CVX_Terminate_Cause,CVX-Terminate-Cause
     AcctColumnDef Login_IP_Host,Login-IP-Host
     AcctColumnDef User_Password,User-Password
     AcctColumnDef Framed_Routing,Framed-Routing
     AcctColumnDef Filter_Id,Filter-Id
     AcctColumnDef Framed_MTU,Framed-MTU
     AcctColumnDef Login_Service,Login-Service
     AcctColumnDef Login_TCP_Port,Login-TCP-Port
     AcctColumnDef Framed_Route,Framed-Route
     AcctColumnDef Framed_IPX_Network,Framed-IPX-Network
     AcctColumnDef Termination_Action,Termination-Action
     AcctColumnDef Vendor_specific,Vendor-specific
     AcctColumnDef Acct_Input_Gigawords,Acct-Input-Gigawords
     AcctColumnDef Acct_Output_Gigawords,Acct-Output-Gigawords
     AcctColumnDef Old_Password,Old-Password
     AcctColumnDef Reply_Message,Reply-Message
     AcctColumnDef Callback_Number,Callback-Number
     AcctColumnDef Callback_ID,Callback-ID
     AcctColumnDef User_Realm,User-Realm
     AcctColumnDef CVX_Identification,CVX-Identification
     AcctColumnDef Ascend_Source_Auth,Ascend-Source-Auth
     AcctColumnDef Session_Authentic,Session-Authentic
     AcctColumnDef Event_Timestamp,Event-Timestamp
     AcctColumnDef cvx_ppp_inactivity_limit,CVX-PPP-Inactivity-Limit
     AcctColumnDef GRIC_Timestamp,GRIC-Timestamp
     AcctColumnDef Ascend_Modem_ShelfNo,Ascend-Modem-ShelfNo
     AcctColumnDef Ascend_Owner_IP_Addr,Ascend-Owner-IP-Addr
     AcctColumnDef Tunnel_Client_Endpoint,Tunnel-Client-Endpoint
     AcctColumnDef Tunnel_Server_Endpoint,Tunnel-Server-Endpoint
     AcctColumnDef Idle_Timeout,Idle-Timeout
     AcctColumnDef Tunnel_Type,Tunnel-Type
     AcctColumnDef Class_1,Class-1
     AcctColumnDef Tunnel_ID,Tunnel-ID
     AcctColumnDef Ascend_FR_Direct,Ascend-FR-Direct
     AcctColumnDef CVX_VPOP_ID,CVX-VPOP-ID
     AcctColumnDef CVX_Terminate_Component,CVX-Terminate-Component
     AcctColumnDef Timestamp,Timestamp
  DefaultSimultaneousUse 2
  RejectEmptyPassword
 </AuthBy>
 <AuthBy SQLRADIUS>
#  For downstream (PROXY) Radius use
#  This uses the users realm to look up the target
#  radius server in an SQL database
  DBSource dbi:mysql:Radiator:xx.xxx.xx.xx:xxxx
  DBUsername user
  DBAuth pass
#  NumHosts 2
  HostSelect select HOST%0, SECRET, AUTHPORT, ACCTPORT, RETRIES,
RETRYTIMEOUT, \
  USEOLDASCENDPASSWORDS, SERVERHASBROKENPORTNUMBERS,
SERVERHASBROKENADDRESSES, \
  IGNOREREPLYSIGNATURE, FAILUREPOLICY from RADSQLRADIUS \
  where TARGETNAME='%R'
  HostColumnDef 0,TARGETNAME
  HostColumnDef 1,HOST1
  HostColumnDef 2,HOST2
  HostColumnDef 3,SECRET
  HostColumnDef 4,AUTHPORT
  HostColumnDef 5.ACCTPORT
  HostColumnDef 6,RETRIES
  HostColumnDef 7,RETRYTIMEOUT
  HostColumnDef 8,USEOLDASCENDPASSWORDS
  HostColumnDef 9,SERVERHASBROKENPORTNUMBERS
  HostColumnDef 10,SERVERHASBROKENADDRESSES
  HostColumnDef 11,IGNOREREPLYSIGNATURE
  HostColumnDef 12,FAILUREPOLICY
 </AuthBy>
</Realm>
---- End of <Realm>

Thanks;
Keith Dornbusch

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list