(RADIATOR) Logging athentication and accounting
Hugh Irvine
hugh at open.com.au
Thu Feb 3 04:11:44 CST 2005
Hello Kadir -
Try something like this:
<Realm xxxx>
<AuthLog SQL>
DBSource dbi:mysql:RADIUS
DBUsername test
DBAuth test
LogSuccess 1
SuccessQuery insert into RADAUTHLOG
(TIME_STAMP,TIME,USERNAME,PASSWORD,TYPE,CALLEDSTATION,CALLINGSTATION) \
values (%t, '%Y.%d.%m %H:%M:%S', '%n', '%P', 1,
'%{Called-Station-Id}','%{Calling-Station-Id}')
LogFailure 1
FailureQuery insert into RADAUTHLOG
(TIME_STAMP,TIME,USERNAME,PASSWORD,TYPE,REASON,CALLEDSTATION,CALLINGSTAT
ION) \
LogFailure 1
FailureQuery insert into RADAUTHLOG
(TIME_STAMP,TIME,USERNAME,PASSWORD,TYPE,REASON,CALLEDSTATION,CALLINGSTAT
ION) \
values (%t, '%Y.%d.%m %H:%M:%S', '%n', '%P', 0, %1,
'%{Called-Station-Id}','%{Calling-Station-Id}')
</AuthLog>
AuthByPolicy ContinueAlways
<AuthBy SQL>
# disable authentication
AuthSelect
AccountingStopsOnly
DBSource dbi:mysql:RADIUS
DBUsername test
DBAuth test
AccountingTable ACCOUNTING
AcctColumnDef TIME_STAMP,Timestamp,integer-date,%Y.%m.%d
%H:%M:%S
AcctColumnDef USERNAME,User-Name
AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
</AuthBy>
<AuthBy FILE>
Filename ./users.txt
</AuthBy>
</Realm>
You must use an AuthByPolicy ContinueAlways and the AuthBy SQL must be
before the AuthBy FILE.
regards
Hugh
On 3 Feb 2005, at 12:58, Kadir Saruhan wrote:
> Hi, there
>
> I have radius service that authenticate users from file with <AuthBy
> File> statement.
>
> And i’m logging authentication logs to mysql with <AuthLog SQL>
> statement.
>
> At the same time i want to log accounting logs to mysql with <AuthBy
> SQL> statement.
>
> But there is a problem that it doesn’t log accounting logs.
>
> You can see below Accounting-Stop request debugging.
>
> How can i log both of authenticaiton and accounting logs to mysql?
>
>
>
> My radius service’s conf:
>
> <Realm xxxx>
>
>
>
> <AuthLog SQL>
>
> DBSource dbi:mysql:RADIUS
>
> DBUsername test
>
> DBAuth test
>
>
>
> LogSuccess 1
>
> SuccessQuery insert into RADAUTHLOG
> (TIME_STAMP,TIME,USERNAME,PASSWORD,TYPE,CALLEDSTATION,CALLINGSTATION)
> \
>
> values (%t, '%Y.%d.%m %H:%M:%S', '%n', '%P', 1,
> '%{Called-Station-Id}','%{Calling-Station-Id}')
>
> LogFailure 1
>
> FailureQuery insert into RADAUTHLOG
> (TIME_STAMP,TIME,USERNAME,PASSWORD,TYPE,REASON,CALLEDSTATION,CALLINGSTA
> TION) \
>
> LogFailure 1
>
> FailureQuery insert into RADAUTHLOG
> (TIME_STAMP,TIME,USERNAME,PASSWORD,TYPE,REASON,CALLEDSTATION,CALLINGSTA
> TION) \
>
> values (%t, '%Y.%d.%m %H:%M:%S', '%n', '%P', 0, %1,
> '%{Called-Station-Id}','%{Calling-Station-Id}')
>
> </AuthLog>
>
>
>
> <AuthBy FILE>
>
> Filename ./users.txt
>
> </AuthBy>
>
>
>
> <AuthBy SQL>
>
> AccountingStopsOnly
>
> DBSource dbi:mysql:RADIUS
>
> DBUsername test
>
> DBAuth test
>
> AccountingTable ACCOUNTING
>
> AcctColumnDef TIME_STAMP,Timestamp,integer-date,%Y.%m.%d
> %H:%M:%S
>
> AcctColumnDef USERNAME,User-Name
>
> AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
>
> AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
>
> </AuthBy>
>
>
>
> Accounting Stop-Request Trace 4:
>
> *** Received from 172.19.0.50 port 1839 ....
>
> Code: Accounting-Request
>
> Identifier: 3
>
> Authentic:
> <164><142><237><228><211><171><206><189>m(u<137><213><214><5><248>
>
> Attributes:
>
> User-Name = "kadirs at xxxx"
>
> Acct-Status-Type = Stop
>
> Acct-Input-Octets = 1000
>
> Acct-Delay-Time = 100
>
> Acct-Output-Octets = 5000
>
> Acct-Session-Id = "1234"
>
> Acct-Session-Time = 45678
>
> Ascend-Disconnect-Cause = 0
>
> NAS-IP-Address = 10.10.10.10
>
> NAS-Port = 1500
>
> Framed-IP-Address = 62.29.29.1
>
> Thu Feb 3 11:23:47 2005: DEBUG: Handling request with Handler
> 'Realm=e-kolay'
>
> Thu Feb 3 11:23:47 2005: DEBUG: Deleting session for kadirs at e-kolay,
> 10.10.10.10, 1500
>
> Thu Feb 3 11:23:47 2005: DEBUG: Handling with Radius::AuthFILE:
>
> Thu Feb 3 11:23:47 2005: DEBUG: Accounting accepted
>
> Thu Feb 3 11:23:47 2005: DEBUG: Packet dump:
>
> *** Sending to 172.19.0.50 port 1839 ....
>
> Code: Accounting-Response
>
> Identifier: 3
>
> Authentic:
> <164><142><237><228><211><171><206><189>m(u<137><213><214><5><248>
>
>
>
> Kadir Saruhan
>
> DOL System Administrator
>
> ksaruhan at e-kolay.com
>
> Tel: +90 212 498 35 16
>
> Fax:+90 212 677 05 92
> www.e-kolay.net
>
>
>
>
>
>
>
> <image.tiff>
NB:
Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive
(www.open.com.au/archives/radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list