(RADIATOR) duplicating accounting requests
Jesse Guardiani
jesse at wingnet.net
Fri May 7 09:31:54 CDT 2004
On Tuesday 04 May 2004 18:28, Hugh Irvine wrote:
> Hello Jesse -
>
> Yes it is very easy to do what you describe with Radiator.
>
> The exact details will depend on what else you are doing in your
> configuration file, but you will need to use an AuthBy RADIUS clause to
> proxy the accounting requests to the billing server.
>
> Something like this would work:
>
> <Realm ....>
> AuthByPolicy ContinueAlways
> # proxy to billing server
> <AuthBy RADIUS>
> Host ....
> Secret ....
> AcctPort ....
> IgnoreAuthentication
> IgnoreAccountingResponse
> </AuthBy>
> # your normal AuthBy
> <AuthBy ....>
> .....
> </AuthBy>
> .....
> </Realm>
OK. I see what you are doing above. I'm just a little confused by the AuthByPolicy.
We currently use this:
<Handler Realm=wingnet.net>
# Grab just the user portion
RewriteUsername s/^([^@]+).*/$1/
PasswordLogFileName %L/pw.%Y.%m
AcctLogFileName %L/detail.wingnet
AuthByPolicy ContinueWhileAccept
<AuthBy FILE>
Filename %D/users.filter
</AuthBy>
<AuthBy FILE>
# don't fall through to DEFAULT if a users check item failed
NoDefaultIfFound
Filename %D/users
</AuthBy>
</Handler>
We MUST check the 'users.filter' file so we can block certain users. The 'users.filter'
file contains a blank DEFAULT for when the user doesn't exist in users.filter. Then
Radiator moves on to the real authentication clause where it checks the 'users' file.
And I am unsure if placing this:
<AuthBy RADIUS>
Host ....
Secret ....
AcctPort ....
IgnoreAuthentication
IgnoreAccountingResponse
</AuthBy>
Before my first AuthBy FILE would prevent Radiator from checking the
AuthBy FILE because the AuthBy RADIUS is returning an Ignore instead
of an Accept. The documentation is a little unclear about that.
Any ideas? (Thanks for the help, BTW!)
> This topic has been discussed previously on the mailing list:
>
> www.open.com.au/archives/radiator
Do you normally use google to search that or what? That's the most unfriendly
mail archive I've seen in a while.
> BTW - the most recent version is Radiator 3.9 (plus some patches).
>
> regards
>
> Hugh
>
> On 5 May 2004, at 04:45, Jesse Guardiani wrote:
> > Howdy list,
> >
> > Please forgive me if this question shows me lack of understanding
> > regarding the RADIUS protocol. If that is the case, then if someone
> > could point me to a good website that explains the protocol I would
> > appreciate it. RADIUS is still a bit of black magic to me,
> > unfortunately.
> >
> > We have just installed a new billing server. This server includes its
> > own RADIUS daemon (merit) and requires that accounting packets
> > be sent to this RADIUS daemon in order for hourly dialup accounts
> > to be properly billed.
> >
> > However, currently, all of our accounting packets are being sent to
> > Radiator server. Would it be possible to have Radiator forward those
> > accounting packets to this new merit daemon (on a different machine)
> > but still log the packets?
> >
> > Basically, we bought Radiator a long time ago, and we'd like to keep
> > using it as our main RADIUS server, but we need accounting packets
> > to be sent to the billing machine...
> >
> > Currently we've configured our terminal server to send packets to
> > BOTH daemons. This is working, but it isn't a good long term solution.
> >
> > Any ideas?
> >
> > Thanks!
> >
> > --
> > Jesse Guardiani, Systems Administrator
> > WingNET Internet Services,
> > P.O. Box 2605 // Cleveland, TN 37320-2605
> > 423-559-LINK (v) 423-559-5145 (f)
> > http://www.wingnet.net
> >
> >
> > --
> > Archive at http://www.open.com.au/archives/radiator/
> > Announcements on radiator-announce at open.com.au
> > To unsubscribe, email 'majordomo at open.com.au' with
> > 'unsubscribe radiator' in the body of the message.
>
> NB: have you included a copy of your configuration file (no secrets),
> together with a trace 4 debug showing what is happening?
--
Jesse Guardiani, Systems Administrator
WingNET Internet Services,
P.O. Box 2605 // Cleveland, TN 37320-2605
423-559-LINK (v) 423-559-5145 (f)
http://www.wingnet.net
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list