(RADIATOR) SessionDatabase
Hugh Irvine
hugh at open.com.au
Sat Feb 10 04:13:50 CST 2007
Hello Fred -
You can use a PostAuthHook that runs after the corresponding AuthBy
clause(s) return an Access-Accept. The hook code can call an AuthBy
SQL clause, or it can run whatever accounting query you require.
There are numerous examples in "goodies/hooks.txt". You can use this
technique for simulating an accounting start, but I don't see what
you could do for the accounting stop (other than periodic SNMP
polling or something equally distasteful).
My preferred approach would be to acquire AP's that do sensible
accounting.
regards
Hugh
On 10 Feb 2007, at 20:57, Fred Leeflang wrote:
> For UserTracking I'm currently using a SessionDatabase config block
> so that Radius sessions will be logged into the database. From the
> documentation:
>
> 5.8.3 AddQuery This SQL statement is executed whenever a new user
> session starts (i.e. when an Accounting-Request Start message is
> received).
>
> A lot of consumer AP's do not seem to support 802.1x accounting
> however, so I'd
> like to create an alternative for it. I tried:
>
> <Handler TunnelledByTTLS=1>
> SessionDatabase SessionSQL
> ...
>
> which obviously doesn't work.
>
> Is there a way through which I can make Radiator fake an Accounting-
> Request Start
> somehow when an Authentication is Accepted?
>
> The other challenge would be to somehow get Accounting-Request Stop
> simulated
> somehow. It doesn't look like Radiator sees when a supplicant is
> deauthenticated
> unless by an Accounting-Request Stop. Is there a way to detect that
> a user has
> logged off besides the acct. ?
NB:
Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/
radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list