[RADIATOR] simultaneous logins
Hugh Irvine
hugh at open.com.au
Wed Apr 1 21:50:29 CST 2009
Hello Tim -
Thanks for the additional information.
There appear to be a number of problems:
1. your dictionary is not correct - what dictionary file are you
using? (you should be using the standard Radiator "dictionary").
2. you have a "select ...." in your ClientListSQL clause - you should
be using "GetClientQuery select ....."
3. your CountQuery in the SessionDatabase clause is incorrect - it
should look like this (note the quotes):
CountQuery select NASIDENTIFIER, NASPORT, ACCTSESSIONID,
FRAMEDIPADDRESS from RADONLINE where USERNAME='%u'
See the relevant sections in the Radiator reference manual ("doc/
ref.pdf").
regards
Hugh
On 1 Apr 2009, at 23:16, Tim Wolgemuth wrote:
> Here is the logs:
>
>
> # perl radiusd -foreground -log_stdout -trace 4 -config_file /etc/
> radiator/radius.cfg
>
> Tue Mar 31 07:34:50 2009: ERR: Unknown keyword 'select' in /etc/
> radiator/radius.
> cfg line 54
> Tue Mar 31 07:34:50 2009: DEBUG: Adding Clients from SQL database
> Tue Mar 31 07:34:50 2009: DEBUG: Query is: 'select
> NASIDENTIFIER,
> SECRET,
> IGNOREACCTSIGNATURE,
> DUPINTERVAL,
> DEFAULTREALM,
> NASTYPE,
> SNMPCOMMUNITY,
> LIVINGSTONOFFS,
> LIVINGSTONHOLE,
> FRAMEDGROUPBASEADDRESS,
> FRAMEDGROUPMAXPORTSPERCLASSC,
> REWRITEUSERNAME,
> NOIGNOREDUPLICATES,
> PREHANDLERHOOK from RADCLIENTLIST':
> Tue Mar 31 07:34:50 2009: DEBUG: ClientListSQL adds Client
> ephnas91.jazzd.com
> Tue Mar 31 07:34:50 2009: DEBUG: ClientListSQL adds Client
> 66.109.238.133
> Tue Mar 31 07:34:50 2009: DEBUG: Finished reading configuration file
> '/etc/radia
> tor/radius.cfg'
> This Radiator license will expire on 2009-11-30
> This Radiator license will stop operating after 1000 requests
> To purchase an unlimited full source version of Radiator, see
> http://www.open.com.au/ordering.html
> To extend your license period, contact admin at open.com.au
>
> Tue Mar 31 07:34:50 2009: DEBUG: Reading dictionary file '/etc/
> radiator/dictiona
> ry'
> Tue Mar 31 07:34:50 2009: DEBUG: Creating authentication port
> 0.0.0.0:1645
> Tue Mar 31 07:34:50 2009: DEBUG: Creating accounting port 0.0.0.0:1646
> Tue Mar 31 07:34:50 2009: NOTICE: Server started: Radiator 4.4 on
> radiator-01.de
> jazzd.com (LOCKED)
>
>
>
> Tue Mar 31 08:25:13 2009: ERR: Unknown keyword 'select' in /etc/
> radiator/radius.cfg line 54
> Tue Mar 31 08:25:13 2009: DEBUG: Adding Clients from SQL database
> Tue Mar 31 08:25:13 2009: DEBUG: Query is: 'select
> NASIDENTIFIER,
> SECRET,
> IGNOREACCTSIGNATURE,
> DUPINTERVAL,
> DEFAULTREALM,
> NASTYPE,
> SNMPCOMMUNITY,
> LIVINGSTONOFFS,
> LIVINGSTONHOLE,
> FRAMEDGROUPBASEADDRESS,
> FRAMEDGROUPMAXPORTSPERCLASSC,
> REWRITEUSERNAME,
> NOIGNOREDUPLICATES,
> PREHANDLERHOOK from RADCLIENTLIST':
> Tue Mar 31 08:25:13 2009: DEBUG: ClientListSQL adds Client
> ephnas91.jazzd.com
> Tue Mar 31 08:25:13 2009: DEBUG: ClientListSQL adds Client
> 66.109.238.133
> Tue Mar 31 08:25:13 2009: DEBUG: Finished reading configuration file
> '/etc/radiator/radius.cfg'
> This Radiator license will expire on 2009-11-30
> This Radiator license will stop operating after 1000 requests
> To purchase an unlimited full source version of Radiator, see
> http://www.open.com.au/ordering.html
> To extend your license period, contact admin at open.com.au
>
> Tue Mar 31 08:25:13 2009: DEBUG: Reading dictionary file '/etc/
> radiator/dictionary'
> Tue Mar 31 08:25:13 2009: DEBUG: Creating authentication port
> 0.0.0.0:1645
> Tue Mar 31 08:25:13 2009: DEBUG: Creating accounting port 0.0.0.0:1646
> Tue Mar 31 08:25:13 2009: NOTICE: Server started: Radiator 4.4 on
> radiator-01.dejazzd.com (LOCKED)
> Tue Mar 31 08:25:52 2009: ERR: Attribute number 255 is not defined
> in your dictionary
> Tue Mar 31 08:25:52 2009: ERR: Attribute number 87 is not defined in
> your dictionary
> Tue Mar 31 08:25:52 2009: DEBUG: Packet dump:
> *** Received from 66.109.238.133 port 1646 ....
> Code: Accounting-Request
> Identifier: 146
> Authentic: #<224><1><222><183><232>.aw<184><237>%--<252>9
> Attributes:
> Acct-Session-Id = "000034A3"
> Framed-Protocol = PPP
> Framed-IP-Address = 66.216.191.62
> User-Name = "test1"
> Acct-Authentic = RADIUS
> Ascend-Connect-Progress = 60
> Ascend-PreSession-Time = 2
> Ascend-Data-Rate = 100000000
> Acct-Session-Time = 72
> Acct-Input-Octets = 244
> Acct-Output-Octets = 250
> Ascend-Pre-Input-Octets = 62
> Ascend-Pre-Output-Octets = 79
> Acct-Input-Packets = 18
> Acct-Output-Packets = 18
> Ascend-Pre-Input-Packets = 4
> Ascend-Pre-Output-Packets = 5
> Acct-Terminate-Cause = Admin-Reset
> Ascend-Disconnect-Cause = 151
> Acct-Status-Type = Stop
> NAS-Port-Type = 32
> NAS-Port = 2097152
> Service-Type = Framed
> NAS-IP-Address = 66.109.238.133
> Acct-Delay-Time = 0
>
> Tue Mar 31 08:25:52 2009: DEBUG: Handling request with Handler
> 'Realm=DEFAULT'
> Tue Mar 31 08:25:52 2009: DEBUG: Deleting session for test1,
> 66.109.238.133, 2097152
> Tue Mar 31 08:25:52 2009: DEBUG: do query is: 'delete from RADONLINE
> where NASIDENTIFIER='66.109.238.133' and NASPORT=02097152':
> Tue Mar 31 08:25:52 2009: DEBUG: Handling with Radius::AuthRADMIN:
> Tue Mar 31 08:25:52 2009: DEBUG: Handling accounting with
> Radius::AuthRADMIN
> Tue Mar 31 08:25:52 2009: DEBUG: do query is: 'update RADUSERS set
> TIMELEFT=TIMELEFT-072, OCTETSINLEFT=OCTETSINLEFT-0244,
> OCTETSOUTLEFT=OCTETSOUTLEFT-0250 where USERNAME='test1'':
> Tue Mar 31 08:25:52 2009: DEBUG: do query is: 'insert into RADUSAGE
> (ACCTDELAYTIME
> ,ACCTINPUTOCTETS
> ,ACCTOUTPUTOCTETS
> ,ACCTSESSIONID
> ,ACCTSESSIONTIME
> ,ACCTSTATUSTYPE
> ,ACCTTERMINATECAUSE
> ,FRAMEDIPADDRESS,NASIDENTIFIER,NASPORT,TIME_STAMP,USER
> Tue Mar 31 08:25:52 2009: DEBUG: AuthBy RADMIN result: ACCEPT,
> Tue Mar 31 08:25:52 2009: DEBUG: Accounting accepted
> Tue Mar 31 08:25:52 2009: DEBUG: Packet dump:
> *** Sending to 66.109.238.133 port 1646 ....
> Code: Accounting-Response
> Identifier: 146
> Authentic: <217>g0<20>Z<]<246><224><11><222> !W<2><213>
> Attributes:
>
> Tue Mar 31 08:25:54 2009: ERR: Attribute number 255 is not defined
> in your dictionary
> Tue Mar 31 08:25:54 2009: ERR: Attribute number 87 is not defined in
> your dictionary
> Tue Mar 31 08:25:54 2009: DEBUG: Packet dump:
> *** Received from 66.109.238.133 port 1646 ....
> Code: Accounting-Request
> Identifier: 147
> Authentic:
> Y<245><181><235><220><221><28><235><136><202>,v<13><201><211><215>
> Attributes:
> Acct-Session-Id = "0000349D"
> Framed-Protocol = PPP
> Framed-IP-Address = 66.216.191.61
> User-Name = "test1"
> Acct-Authentic = RADIUS
> Ascend-Connect-Progress = 60
> Ascend-PreSession-Time = 2
> Ascend-Data-Rate = 100000000
> Acct-Session-Time = 80
> Acct-Input-Octets = 754
> Acct-Output-Octets = 656
> Ascend-Pre-Input-Octets = 56
> Ascend-Pre-Output-Octets = 63
> Acct-Input-Packets = 20
> Acct-Output-Packets = 19
> Ascend-Pre-Input-Packets = 3
> Ascend-Pre-Output-Packets = 4
> Acct-Terminate-Cause = Admin-Reset
> Ascend-Disconnect-Cause = 151
> Acct-Status-Type = Stop
> NAS-Port-Type = 32
> NAS-Port = 2097152
> Service-Type = Framed
> NAS-IP-Address = 66.109.238.133
> Acct-Delay-Time = 0
>
> Tue Mar 31 08:25:54 2009: DEBUG: Handling request with Handler
> 'Realm=DEFAULT'
> Tue Mar 31 08:25:54 2009: DEBUG: Deleting session for test1,
> 66.109.238.133, 2097152
> Tue Mar 31 08:25:54 2009: DEBUG: do query is: 'delete from RADONLINE
> where NASIDENTIFIER='66.109.238.133' and NASPORT=02097152':
> Tue Mar 31 08:25:54 2009: DEBUG: Handling with Radius::AuthRADMIN:
> Tue Mar 31 08:25:54 2009: DEBUG: Handling accounting with
> Radius::AuthRADMIN
> Tue Mar 31 08:25:54 2009: DEBUG: do query is: 'update RADUSERS set
> TIMELEFT=TIMELEFT-080, OCTETSINLEFT=OCTETSINLEFT-0754,
> OCTETSOUTLEFT=OCTETSOUTLEFT-0656 where USERNAME='test1'':
> Tue Mar 31 08:25:54 2009: DEBUG: do query is: 'insert into RADUSAGE
> (ACCTDELAYTIME
> ,ACCTINPUTOCTETS
> ,ACCTOUTPUTOCTETS
> ,ACCTSESSIONID
> ,ACCTSESSIONTIME
> ,ACCTSTATUSTYPE
> ,ACCTTERMINATECAUSE
> ,FRAMEDIPADDRESS,NASIDENTIFIER,NASPORT,TIME_STAMP,USER
> Tue Mar 31 08:25:54 2009: DEBUG: AuthBy RADMIN result: ACCEPT,
> Tue Mar 31 08:25:54 2009: DEBUG: Accounting accepted
> Tue Mar 31 08:25:54 2009: DEBUG: Packet dump:
> *** Sending to 66.109.238.133 port 1646 ....
> Code: Accounting-Response
> Identifier: 147
> Authentic: <4><8>8cn<190>L+&<127><149><27>-<228><137>#
> Attributes:
>
> Tue Mar 31 08:25:59 2009: ERR: Attribute number 87 is not defined in
> your dictionary
> Tue Mar 31 08:25:59 2009: DEBUG: Packet dump:
> *** Received from 66.109.238.133 port 1645 ....
> Code: Access-Request
> Identifier: 243
> Authentic: <130>!<182>-
> <221><146><2><183><161><182><22><132><241><11><27><151>
> Attributes:
> Framed-Protocol = PPP
> User-Name = "test1"
> User-Password = "<127>iv<148>i<223><252><211>2<145><137>]
> (<162><193><10>"
> NAS-Port-Type = 32
> NAS-Port = 2097152
> Service-Type = Framed
> NAS-IP-Address = 66.109.238.133
>
> Tue Mar 31 08:25:59 2009: DEBUG: Handling request with Handler
> 'Realm=DEFAULT'
> Tue Mar 31 08:25:59 2009: DEBUG: Deleting session for test1,
> 66.109.238.133, 2097152
> Tue Mar 31 08:25:59 2009: DEBUG: do query is: 'delete from RADONLINE
> where NASIDENTIFIER='66.109.238.133' and NASPORT=02097152':
> Tue Mar 31 08:25:59 2009: DEBUG: Handling with Radius::AuthRADMIN:
> Tue Mar 31 08:25:59 2009: DEBUG: Handling with Radius::AuthRADMIN:
> Tue Mar 31 08:25:59 2009: ERR: Attribute number 79 is not defined in
> your dictionary
> Tue Mar 31 08:25:59 2009: DEBUG: Query is: 'select PASS_WORD,
> STATICADDRESS, TIMELEFT, MAXLOGINS, SERVICENAME, BADLOGINS,
> VALIDFROM, VALIDTO from RADUSERS where USERNAME='test1'':
> Tue Mar 31 08:25:59 2009: DEBUG: Query is: 'select ATTR_ID,
> VENDOR_ID, IVALUE, SVALUE, ITEM_TYPE from RADSTCONFIG where
> NAME='dynamic-1' order by ITEM_TYPE':
> Tue Mar 31 08:25:59 2009: ERR: Attribute number 90480000 is not
> defined in your dictionary
> Tue Mar 31 08:25:59 2009: DEBUG: Query is: 'select ATTR_ID,
> VENDOR_ID, IVALUE, SVALUE, ITEM_TYPE from RADCONFIG where
> NAME='test1' order by ITEM_TYPE':
> Tue Mar 31 08:25:59 2009: DEBUG: Radius::AuthRADMIN looks for match
> with test1 [test1]
> Tue Mar 31 08:25:59 2009: DEBUG: Query is: 'select NASIDENTIFIER,
> NASPORT, ACCTSESSIONID, FRAMEDIPADDRESS from RADONLINE where
> USERNAME=test1':
> Tue Mar 31 08:25:59 2009: ERR: Execute failed for 'select
> NASIDENTIFIER, NASPORT, ACCTSESSIONID, FRAMEDIPADDRESS from
> RADONLINE where USERNAME=test1': Unknown column 'test1' in 'where
> clause'
> Tue Mar 31 08:25:59 2009: ERR: Execute failed for 'select
> NASIDENTIFIER, NASPORT, ACCTSESSIONID, FRAMEDIPADDRESS from
> RADONLINE where USERNAME=test1': Unknown column 'test1' in 'where
> clause'
> Tue Mar 31 08:25:59 2009: DEBUG: ValidFrom date converted to:
> 1238156940
> Tue Mar 31 08:25:59 2009: DEBUG: Expiration date converted to:
> 1269662400
> Tue Mar 31 08:25:59 2009: DEBUG: do query is: 'update RADUSERS set
> BADLOGINS=0 where USERNAME='test1'':
> Tue Mar 31 08:25:59 2009: DEBUG: AuthBy RADMIN result: ACCEPT,
> Tue Mar 31 08:25:59 2009: DEBUG: Access accepted for test1
> Tue Mar 31 08:25:59 2009: DEBUG: do query is: 'insert into
> RADAUTHLOG (TIME_STAMP, USERNAME, TYPE) values (1238502359, 'test1',
> 1)':
> Tue Mar 31 08:25:59 2009: DEBUG: Packet dump:
> *** Sending to 66.109.238.133 port 1645 ....
> Code: Access-Accept
> Identifier: 243
> Authentic: <244><138><0><255>&<214><229><167><190><242>J<231>%<253>
> %<155>
> Attributes:
> Framed-IP-Address = 255.255.255.254
> Framed-Protocol = PPP
> Framed-MTU = 1500
> Framed-Compression = Van-Jacobson-TCP-IP
> Service-Type = Framed
> Framed-Protocol = PPP
> Framed-IP-Netmask = 255.255.255.255
> Framed-Routing = None
> Framed-MTU = 1500
> Framed-Compression = Van-Jacobson-TCP-IP
>
> Tue Mar 31 08:25:59 2009: ERR: Attribute number 87 is not defined in
> your dictionary
> Tue Mar 31 08:25:59 2009: DEBUG: Packet dump:
> *** Received from 66.109.238.133 port 1646 ....
> Code: Accounting-Request
> Identifier: 148
> Authentic: <16>y<229><238>]<12><230><204>)<132><205>[HC<28><154>
> Attributes:
> Acct-Session-Id = "000034A9"
> Framed-Protocol = PPP
> Framed-IP-Address = 66.216.191.63
> User-Name = "test1"
> Ascend-Connect-Progress = 60
> Acct-Authentic = RADIUS
> Acct-Status-Type = Start
> NAS-Port-Type = 32
> NAS-Port = 2097152
> Service-Type = Framed
> NAS-IP-Address = 66.109.238.133
> Acct-Delay-Time = 0
>
> Tue Mar 31 08:25:59 2009: DEBUG: Handling request with Handler
> 'Realm=DEFAULT'
> Tue Mar 31 08:25:59 2009: DEBUG: Adding session for test1,
> 66.109.238.133, 2097152
> Tue Mar 31 08:25:59 2009: DEBUG: do query is: 'delete from RADONLINE
> where NASIDENTIFIER='66.109.238.133' and NASPORT=02097152':
> Tue Mar 31 08:25:59 2009: DEBUG: do query is: 'insert into RADONLINE
> (USERNAME, NASIDENTIFIER, NASPORT, ACCTSESSIONID, TIME_STAMP,
> FRAMEDIPADDRESS, NASPORTTYPE, SERVICETYPE) values ('test1',
> '66.109.238.133', 2097152, '000034A9', 1238502359, '66.216.191.63',
> '32', 'Framed')':
> Tue Mar 31 08:25:59 2009: DEBUG: Handling with Radius::AuthRADMIN:
> Tue Mar 31 08:25:59 2009: DEBUG: Handling accounting with
> Radius::AuthRADMIN
> Tue Mar 31 08:25:59 2009: DEBUG: do query is: 'update RADUSERS set
> TIMELEFT=TIMELEFT-0, OCTETSINLEFT=OCTETSINLEFT-0,
> OCTETSOUTLEFT=OCTETSOUTLEFT-0 where USERNAME='test1'':
> Tue Mar 31 08:25:59 2009: DEBUG: do query is: 'insert into RADUSAGE
> (ACCTDELAYTIME
> ,ACCTSESSIONID
> ,ACCTSTATUSTYPE
> ,FRAMEDIPADDRESS,NASIDENTIFIER,NASPORT,TIME_STAMP,USERNAME) values
> (0,'000034A9',1,'66.216.191.63','66.109.238.133',209715
> Tue Mar 31 08:25:59 2009: DEBUG: AuthBy RADMIN result: ACCEPT,
> Tue Mar 31 08:25:59 2009: DEBUG: Accounting accepted
> Tue Mar 31 08:25:59 2009: DEBUG: Packet dump:
> *** Sending to 66.109.238.133 port 1646 ....
> Code: Accounting-Response
> Identifier: 148
> Authentic: <155><253><132>b<170>gQ<12>r<242>T<238>-<210>c<244>
> Attributes:
>
> Tue Mar 31 08:26:16 2009: ERR: Attribute number 87 is not defined in
> your dictionary
> Tue Mar 31 08:26:16 2009: DEBUG: Packet dump:
> *** Received from 66.109.238.133 port 1645 ....
> Code: Access-Request
> Identifier: 244
> Authentic: N<24>a<192><130>h<130><250>"<225>)<196><244><238>~<221>
> Attributes:
> Framed-Protocol = PPP
> User-Name = "test1"
> User-Password = "<154><145>UM<168>e<150><233>}
> <7><11><219><242><234>S"
> NAS-Port-Type = 32
> NAS-Port = 2097152
> Service-Type = Framed
> NAS-IP-Address = 66.109.238.133
>
> Tue Mar 31 08:26:16 2009: DEBUG: Handling request with Handler
> 'Realm=DEFAULT'
> Tue Mar 31 08:26:16 2009: DEBUG: Deleting session for test1,
> 66.109.238.133, 2097152
> Tue Mar 31 08:26:16 2009: DEBUG: do query is: 'delete from RADONLINE
> where NASIDENTIFIER='66.109.238.133' and NASPORT=02097152':
> Tue Mar 31 08:26:16 2009: DEBUG: Handling with Radius::AuthRADMIN:
> Tue Mar 31 08:26:16 2009: DEBUG: Handling with Radius::AuthRADMIN:
> Tue Mar 31 08:26:16 2009: ERR: Attribute number 79 is not defined in
> your dictionary
> Tue Mar 31 08:26:16 2009: DEBUG: Query is: 'select PASS_WORD,
> STATICADDRESS, TIMELEFT, MAXLOGINS, SERVICENAME, BADLOGINS,
> VALIDFROM, VALIDTO from RADUSERS where USERNAME='test1'':
> Tue Mar 31 08:26:16 2009: DEBUG: Query is: 'select ATTR_ID,
> VENDOR_ID, IVALUE, SVALUE, ITEM_TYPE from RADSTCONFIG where
> NAME='dynamic-1' order by ITEM_TYPE':
> Tue Mar 31 08:26:16 2009: ERR: Attribute number 90480000 is not
> defined in your dictionary
> Tue Mar 31 08:26:16 2009: DEBUG: Query is: 'select ATTR_ID,
> VENDOR_ID, IVALUE, SVALUE, ITEM_TYPE from RADCONFIG where
> NAME='test1' order by ITEM_TYPE':
> Tue Mar 31 08:26:16 2009: DEBUG: Radius::AuthRADMIN looks for match
> with test1 [test1]
> Tue Mar 31 08:26:16 2009: DEBUG: Query is: 'select NASIDENTIFIER,
> NASPORT, ACCTSESSIONID, FRAMEDIPADDRESS from RADONLINE where
> USERNAME=test1':
> Tue Mar 31 08:26:16 2009: ERR: Execute failed for 'select
> NASIDENTIFIER, NASPORT, ACCTSESSIONID, FRAMEDIPADDRESS from
> RADONLINE where USERNAME=test1': Unknown column 'test1' in 'where
> clause'
> Tue Mar 31 08:26:16 2009: ERR: Execute failed for 'select
> NASIDENTIFIER, NASPORT, ACCTSESSIONID, FRAMEDIPADDRESS from
> RADONLINE where USERNAME=test1': Unknown column 'test1' in 'where
> clause'
> Tue Mar 31 08:26:16 2009: DEBUG: ValidFrom date converted to:
> 1238156940
> Tue Mar 31 08:26:16 2009: DEBUG: Expiration date converted to:
> 1269662400
> Tue Mar 31 08:26:16 2009: DEBUG: do query is: 'update RADUSERS set
> BADLOGINS=0 where USERNAME='test1'':
> Tue Mar 31 08:26:16 2009: DEBUG: AuthBy RADMIN result: ACCEPT,
> Tue Mar 31 08:26:16 2009: DEBUG: Access accepted for test1
> Tue Mar 31 08:26:16 2009: DEBUG: do query is: 'insert into
> RADAUTHLOG (TIME_STAMP, USERNAME, TYPE) values (1238502376, 'test1',
> 1)':
> Tue Mar 31 08:26:16 2009: DEBUG: Packet dump:
> *** Sending to 66.109.238.133 port 1645 ....
> Code: Access-Accept
> Identifier: 244
> Authentic: <187>8<179><20><224>q<143><152><232><10>u<27><147>4G<135>
> Attributes:
> Framed-IP-Address = 255.255.255.254
> Framed-Protocol = PPP
> Framed-MTU = 1500
> Framed-Compression = Van-Jacobson-TCP-IP
> Service-Type = Framed
> Framed-Protocol = PPP
> Framed-IP-Netmask = 255.255.255.255
> Framed-Routing = None
> Framed-MTU = 1500
> Framed-Compression = Van-Jacobson-TCP-IP
>
> Tue Mar 31 08:26:16 2009: ERR: Attribute number 87 is not defined in
> your dictionary
> Tue Mar 31 08:26:16 2009: DEBUG: Packet dump:
> *** Received from 66.109.238.133 port 1646 ....
> Code: Accounting-Request
> Identifier: 149
> Authentic: '<195><245><224><247><170>}Y4<171><204>j}<178><4><5>
> Attributes:
> Acct-Session-Id = "000034AA"
> Framed-Protocol = PPP
> Framed-IP-Address = 66.216.191.64
> User-Name = "test1"
> Ascend-Connect-Progress = 60
> Acct-Authentic = RADIUS
> Acct-Status-Type = Start
> NAS-Port-Type = 32
> NAS-Port = 2097152
> Service-Type = Framed
> NAS-IP-Address = 66.109.238.133
> Acct-Delay-Time = 0
>
> Tue Mar 31 08:26:16 2009: DEBUG: Handling request with Handler
> 'Realm=DEFAULT'
> Tue Mar 31 08:26:16 2009: DEBUG: Adding session for test1,
> 66.109.238.133, 2097152
> Tue Mar 31 08:26:16 2009: DEBUG: do query is: 'delete from RADONLINE
> where NASIDENTIFIER='66.109.238.133' and NASPORT=02097152':
> Tue Mar 31 08:26:16 2009: DEBUG: do query is: 'insert into RADONLINE
> (USERNAME, NASIDENTIFIER, NASPORT, ACCTSESSIONID, TIME_STAMP,
> FRAMEDIPADDRESS, NASPORTTYPE, SERVICETYPE) values ('test1',
> '66.109.238.133', 2097152, '000034AA', 1238502376, '66.216.191.64',
> '32', 'Framed')':
> Tue Mar 31 08:26:16 2009: DEBUG: Handling with Radius::AuthRADMIN:
> Tue Mar 31 08:26:16 2009: DEBUG: Handling accounting with
> Radius::AuthRADMIN
> Tue Mar 31 08:26:16 2009: DEBUG: do query is: 'update RADUSERS set
> TIMELEFT=TIMELEFT-0, OCTETSINLEFT=OCTETSINLEFT-0,
> OCTETSOUTLEFT=OCTETSOUTLEFT-0 where USERNAME='test1'':
> Tue Mar 31 08:26:16 2009: DEBUG: do query is: 'insert into RADUSAGE
> (ACCTDELAYTIME
> ,ACCTSESSIONID
> ,ACCTSTATUSTYPE
> ,FRAMEDIPADDRESS,NASIDENTIFIER,NASPORT,TIME_STAMP,USERNAME) values
> (0,'000034AA',1,'66.216.191.64','66.109.238.133',209715
> Tue Mar 31 08:26:16 2009: DEBUG: AuthBy RADMIN result: ACCEPT,
> Tue Mar 31 08:26:16 2009: DEBUG: Accounting accepted
> Tue Mar 31 08:26:16 2009: DEBUG: Packet dump:
> *** Sending to 66.109.238.133 port 1646 ....
> Code: Accounting-Response
> Ide
>
> Hugh Irvine wrote:
>>
>> Hello Tim -
>>
>> I'm not sure what is happening in the debug shown below, so could
>> you try running Radiator by hand like this and send me the results:
>>
>> cd /your/Radiator/source/directory
>>
>> perl radiusd -foreground -log_stdout -trace 4 -config_file /your/
>> Radiator/configuration/file
>>
>> .....
>>
>> You should use your local pathnames of course, and I would like to
>> see the startup messages and a few requests showing all of the
>> processing.
>>
>> thanks and regards
>>
>> Hugh
>>
>>
>>
>> On 30 Mar 2009, at 23:09, Tim Wolgemuth wrote:
>>
>>> Here is the config file:
>>>
>>>
>>> # radmin.cfg
>>> #
>>> # Example Radiator configuration file to interface to the
>>> # Radmin user management package from Open System Consultants
>>> # (http://www.open.com.au/radmin)
>>> #
>>> # You can add extra items to your RADUSERS table and make
>>> # Radiator take note of them with, for example:
>>> # AuthSelect select PASS_WORD,STATICADDRESS,TIMELEFT,\
>>> # MAXLOGINS, SERVICENAME, BADLOGINS, VALIDFROM, VALIDTO,\
>>> # FRAMED_NETMASK,FRAMED_FILTER_ID,MAXIDLETIME \
>>> # from RADUSERS where \
>>> # USERNAME='%n' and BADLOGINS < 5 and \
>>> # VALIDFROM < %t and VALIDTO > %t
>>> # AuthColumnDef 0,Framed-IP-Netmask,reply
>>> # AuthColumnDef 1,Filter-Id,reply
>>> # AuthColumnDef 2,Idle-Timeout,reply
>>> # note that the numbering of AuthColumnDef starts with the
>>> # field following the first 4 minumum and required fields.
>>> #
>>> # You should consider this file to be a starting point only
>>> # $Id $
>>>
>>> #Foreground
>>> #LogStdout
>>> #LogDir .
>>> #DbDir .
>>> LogDir /var/log/radius
>>> DbDir /etc/radiator
>>>
>>> # Dont turn this up too high, since all log messages are logged
>>> # to the RADMESSAGES table in the database. 3 will give you
>>> everything
>>> # except debugging messages
>>> Trace 5
>>>
>>> # You will probably want to change this to suit your site.
>>> # You should list all the clients you have, and their secrets
>>> # If you are using the Radmin Clients table, you wil probably
>>> # want to disable this.
>>> <Client DEFAULT>
>>> Secret mysecret
>>> DupInterval 0
>>> </Client>
>>>
>>> # You can put additonal (or all) client details in your Radmin
>>> # database table
>>> # and get their details from there with something like this:
>>> # You can then use the Radmin 'Add Radius Client' to add new
>>> clients.
>>> <ClientListSQL>
>>> DBSource dbi:mysql:radmin:<dbserver>
>>> DBUsername radius
>>> DBAuth <dbpass>
>>>
>>> select
>>> NASIDENTIFIER
>>> ,SECRET
>>> ,IGNOREACCTSIGNATURE
>>> ,DUPINTERVAL
>>> ,DEFAULTREALM
>>> ,NASTYPE
>>> ,SNMPCOMMUNITY
>>> ,LIVINGSTONOFFS
>>> ,LIVINGSTONHOLE
>>> ,FRAMEDGROUPBASEADDRESS
>>> ,FRAMEDGROUPMAXPORTSPERCLASSC
>>> ,REWRITEUSERNAME,NOIGNOREDUPLICATES,PREHANDLERHOOK from
>>> RADCLIENTLIST
>>>
>>>
>>> # If RefreshPeriod is set to non-zero, it specifies the period in
>>> seconds that the client list will
>>> # be refreshed by rereading the database. Each RefreshPeriod,
>>> # any Clients previously created by this ClientList are cleared
>>> # and a new set of clients read from the database.
>>> # Clients defined in the configuration file will not be clobbered.
>>> # The same effect can be got by signalling the process with with
>>> SIGHUP
>>> #RefreshPeriod 600
>>> </ClientListSQL>
>>>
>>> <AuthLog FILE>
>>> Identifier myauthlogger
>>> Filename %L/authlog-%Y-%m-%d.log
>>> LogSuccess 1
>>> #SuccessFormat %l:%U:OK
>>> SuccessFormat %l:%U:%N:OK
>>> FailureFormat %l:%U:%P:%N:FAIL
>>> LogFailure 1
>>> </AuthLog>
>>>
>>> # Handle everyone with RADMIN
>>> <Realm DEFAULT>
>>> <AuthBy RADMIN>
>>> # Change DBSource, DBUsername, DBAuth for your database
>>> # See the reference manual. You will also have to
>>> # change the one in <SessionDatabse SQL> below
>>> # so its the same
>>> DBSource dbi:mysql:radmin:<dbserver>
>>> DBUsername radius
>>> DBAuth <dbpass>
>>>
>>> # Never look up the DEFAULT user
>>> NoDefault
>>>
>>> DefaultSimultaneousUse 1
>>>
>>>
>>> # You can add to or change these if you want, but you
>>> # will probably want to change the database schema first
>>> AccountingTable RADUSAGE
>>> AcctColumnDef USERNAME,User-Name
>>> AcctColumnDef TIME_STAMP,Timestamp,integer
>>> AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type,integer
>>> AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer
>>> AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
>>> AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
>>> AcctColumnDef ACCTSESSIONID,Acct-Session-Id
>>> AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
>>> AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-
>>> Cause,integer
>>> AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
>>> AcctColumnDef NASIDENTIFIER,NAS-IP-Address
>>> AcctColumnDef NASIDENTIFIER,NAS-Identifier
>>> AcctColumnDef NASPORT,NAS-Port,integer
>>> AcctColumnDef DNIS,Called-Station-Id
>>> # AcctColumnDef CALLINGSTATIONID,Calling-Station-Id
>>>
>>> # This updates the time and octets left
>>> # for this user
>>> AcctSQLStatement update RADUSERS set TIMELEFT=TIMELEFT-0%
>>> {Acct-Session-Time}, OCTETSINLEFT=OCTETSINLEFT-0%{Acct-Input-
>>> Octets}, OCTETSOUTLEFT=OCTETSOUTLEFT-0%{Acct-Output-Octets} where
>>> USERNAME='%n'
>>>
>>> # These are the classic things to add to each users
>>> # reply to allow a PPP dialup session. It may be
>>> # different for your NAS. This will add some
>>> # reply items to everyone's reply
>>> AddToReply Framed-Protocol = PPP,\
>>> Framed-IP-Netmask = 255.255.255.255,\
>>> Framed-Routing = None,\
>>> Framed-MTU = 1500,\
>>> Framed-Compression = Van-Jacobson-TCP-IP
>>>
>>> # If you intend to use rcrypt reversible encryption
>>> # for passwords in your Radmin database, you must
>>> # RcryptKey here to be the same secret key you
>>> # defined in your Radmin Site.pm, and also set
>>> # PasswordFormat in your Site.pm.
>>> # RcryptKey mysecret
>>>
>>> # If you intend to use Unix encryption in your database,
>>> # you will need to set EncryptedPasssword here,
>>> # as well as setting PasswordFormat in your Site.pm
>>> EncryptedPassword
>>>
>>> # You can change the max bad login count from the default
>>> # of 5 with something like
>>> MaxBadLogins 10
>>>
>>> # To improve user lookup performance on databases that support
>>> # placeholders, you can use AuthSelectParam and ? like this:
>>> # AuthSelect select PASS_WORD, STATICADDRESS,
>>> TIMELEFT,MAXLOGINS, SERVICENAME, BADLOGINS, VALIDFROM, VALIDTO
>>> from RADUSERS where USERNAME=?
>>> # AuthSelectParam %0
>>> # ServiceAttrQuery select ATTR_ID, VENDOR_ID, IVALUE,
>>> SVALUE, ITEM_TYPE from RADSTCONFIG where NAME=? order by ITEM_TYPE
>>> # UserAttrQuery select ATTR_ID, VENDOR_ID, IVALUE, SVALUE,
>>> ITEM_TYPE from RADCONFIG where NAME=? order by ITEM_TYPE
>>> # AttrQueryParam %0
>>>
>>> <Log FILE>
>>> Filename /var/log/radius/radius-%Y-%m-%d.log
>>> Trace 5
>>> LogFormat %l: %1: %2
>>> </Log FILE>
>>> </AuthBy>
>>>
>>> # This clause logs all authentication successes and failures to
>>> the RADAUTHLOG table
>>> # Suitable for use with RAdmin version 1.6 or later
>>> <AuthLog SQL>
>>> # This database spec usually should be exactly the same
>>> # as in <AuthBy RADMIN> above
>>> DBSource dbi:mysql:radmin:<dbserver>
>>> DBUsername radius
>>> DBAuth <dbpass>
>>>
>>> LogSuccess
>>> SuccessQuery insert into RADAUTHLOG (TIME_STAMP, USERNAME,
>>> TYPE) values (%t, '%n', 1)
>>> LogFailure
>>> FailureQuery insert into RADAUTHLOG (TIME_STAMP, USERNAME,
>>> TYPE, REASON) values (%t, '%n', 0, %1)
>>> </AuthLog>
>>>
>>> <AuthLog FILE>
>>> Identifier myauthlogger
>>> Filename %L/authlog-%Y-%m-%d.log
>>> LogSuccess 1
>>> SuccessFormat %l:%U:%N:OK
>>> FailureFormat %l:%U:%P:%N:FAIL
>>> LogFailure 1
>>> </AuthLog>
>>>
>>>
>>> </Realm>
>>>
>>> <SessionDatabase SQL>
>>> # This database spec usually should be exactly the same
>>> # as in <AuthBy RADMIN> above
>>> DBSource dbi:mysql:radmin:<dbserver>
>>> DBUsername radius
>>> DBAuth <dbpass>
>>> CountQuery select NASIDENTIFIER, NASPORT, ACCTSESSIONID,
>>> FRAMEDIPADDRESS from RADONLINE where USERNAME=%u
>>>
>>> </SessionDatabase>
>>>
>>> # You can also set up an address pool for Radiator to manage.
>>> # The standard Radmin tables include a RADPOOL address pool table.
>>> # see the example in addressallocator.cfg
>>>
>>>
>>> One log entry:
>>>
>>> Fri Mar 27 16:04:18 2009: DEBUG: Handling with Radius::AuthRADMIN:
>>> Fri Mar 27 16:04:18 2009: DEBUG: Handling accounting with
>>> Radius::AuthRADMIN
>>> Fri Mar 27 16:04:18 2009: DEBUG: do query is: 'update RADUSERS set
>>> TIMELEFT=TIME
>>> LEFT-06784, OCTETSINLEFT=OCTETSINLEFT-019922,
>>> OCTETSOUTLEFT=OCTETSOUTLEFT-022007
>>> where USERNAME='test1'':
>>> Fri Mar 27 16:04:18 2009: DEBUG: do query is: 'insert into
>>> RADUSAGE (ACCTDELAYTI
>>> ME
>>> ,ACCTINPUTOCTETS
>>> ,ACCTOUTPUTOCTETS,ACCTSESSIONID,ACCTSESSIONTIME,ACCTSTATUSTYPE
>>> ,ACCTTERMINATECAUSE
>>> ,FRAMEDIPADDRESS,NASIDENTIFIER,NASPORT,TIME_STAMP,USER
>>> Fri Mar 27 16:04:20 2009: DEBUG: Handling with Radius::AuthRADMIN:
>>> Fri Mar 27 16:04:20 2009: DEBUG: Handling accounting with
>>> Radius::AuthRADMIN
>>> Fri Mar 27 16:04:20 2009: DEBUG: do query is: 'update RADUSERS set
>>> TIMELEFT=TIME
>>> LEFT-06733, OCTETSINLEFT=OCTETSINLEFT-016200,
>>> OCTETSOUTLEFT=OCTETSOUTLEFT-020619
>>> where USERNAME='test1'':
>>> Fri Mar 27 16:04:20 2009: DEBUG: do query is: 'insert into
>>> RADUSAGE (ACCTDELAYTI
>>> ME
>>> ,ACCTINPUTOCTETS
>>> ,ACCTOUTPUTOCTETS,ACCTSESSIONID,ACCTSESSIONTIME,ACCTSTATUSTYPE
>>> ,ACCTTERMINATECAUSE
>>> ,FRAMEDIPADDRESS,NASIDENTIFIER,NASPORT,TIME_STAMP,USER
>>> Fri Mar 27 16:04:42 2009: DEBUG: Handling with Radius::AuthRADMIN:
>>> Fri Mar 27 16:04:42 2009: DEBUG: Handling with Radius::AuthRADMIN:
>>> Fri Mar 27 16:04:42 2009: DEBUG: Query is: 'select PASS_WORD,
>>> STATICADDRESS, TIM
>>> ELEFT, MAXLOGINS, SERVICENAME, BADLOGINS, VALIDFROM, VALIDTO from
>>> RADUSERS where
>>> USERNAME='test1'':
>>> Fri Mar 27 16:04:42 2009: DEBUG: Query is: 'select ATTR_ID,
>>> VENDOR_ID, IVALUE, S
>>> VALUE, ITEM_TYPE from RADSTCONFIG where NAME='dynamic-1' order by
>>> ITEM_TYPE':
>>> Fri Mar 27 16:04:42 2009: DEBUG: Query is: 'select ATTR_ID,
>>> VENDOR_ID, IVALUE, S
>>> VALUE, ITEM_TYPE from RADCONFIG where NAME='test1' order by
>>> ITEM_TYPE':
>>> Fri Mar 27 16:04:42 2009: DEBUG: Radius::AuthRADMIN looks for
>>> match with test1 [
>>> test1]
>>> Fri Mar 27 16:04:42 2009: DEBUG: ValidFrom date converted to:
>>> 1238156940
>>> Fri Mar 27 16:04:42 2009: DEBUG: Expiration date converted to:
>>> 1269662400
>>> Fri Mar 27 16:04:42 2009: DEBUG: do query is: 'update RADUSERS set
>>> BADLOGINS=0 w
>>> here USERNAME='test1'':
>>> Fri Mar 27 16:04:42 2009: DEBUG: Handling with Radius::AuthRADMIN:
>>> Fri Mar 27 16:04:42 2009: DEBUG: Handling accounting with
>>> Radius::AuthRADMIN
>>> Fri Mar 27 16:04:42 2009: DEBUG: do query is: 'update RADUSERS set
>>> TIMELEFT=TIME
>>> LEFT-0, OCTETSINLEFT=OCTETSINLEFT-0, OCTETSOUTLEFT=OCTETSOUTLEFT-0
>>> where USERNAM
>>> E='test1'':
>>> Fri Mar 27 16:04:42 2009: DEBUG: do query is: 'insert into
>>> RADUSAGE (ACCTDELAYTI
>>> ME
>>> ,ACCTSESSIONID
>>> ,ACCTSTATUSTYPE,FRAMEDIPADDRESS,NASIDENTIFIER,NASPORT,TIME_STAMP
>>> ,USERNAME) values (0,'00003477',1,'66.216.191.54','66.109.238.133',
>>> 209715
>>>
>>>
>>> Second log entry:
>>>
>>> Fri Mar 27 16:05:32 2009: DEBUG: Handling with Radius::AuthRADMIN:
>>> Fri Mar 27 16:05:32 2009: DEBUG: Handling with Radius::AuthRADMIN:
>>> Fri Mar 27 16:05:32 2009: DEBUG: Query is: 'select PASS_WORD,
>>> STATICADDRESS, TIM
>>> ELEFT, MAXLOGINS, SERVICENAME, BADLOGINS, VALIDFROM, VALIDTO from
>>> RADUSERS where
>>> USERNAME='test1'':
>>> Fri Mar 27 16:05:32 2009: DEBUG: Query is: 'select ATTR_ID,
>>> VENDOR_ID, IVALUE, S
>>> VALUE, ITEM_TYPE from RADSTCONFIG where NAME='dynamic-1' order by
>>> ITEM_TYPE':
>>> Fri Mar 27 16:05:32 2009: DEBUG: Query is: 'select ATTR_ID,
>>> VENDOR_ID, IVALUE, S
>>> VALUE, ITEM_TYPE from RADCONFIG where NAME='test1' order by
>>> ITEM_TYPE':
>>> Fri Mar 27 16:05:32 2009: DEBUG: Radius::AuthRADMIN looks for
>>> match with test1 [
>>> test1]
>>> Fri Mar 27 16:05:32 2009: DEBUG: ValidFrom date converted to:
>>> 1238156940
>>> Fri Mar 27 16:05:32 2009: DEBUG: Expiration date converted to:
>>> 1269662400
>>> Fri Mar 27 16:05:32 2009: DEBUG: do query is: 'update RADUSERS set
>>> BADLOGINS=0 w
>>> here USERNAME='test1'':
>>> Fri Mar 27 16:05:32 2009: DEBUG: Handling with Radius::AuthRADMIN:
>>> Fri Mar 27 16:05:32 2009: DEBUG: Handling accounting with
>>> Radius::AuthRADMIN
>>> Fri Mar 27 16:05:32 2009: DEBUG: do query is: 'update RADUSERS set
>>> TIMELEFT=TIME
>>> LEFT-0, OCTETSINLEFT=OCTETSINLEFT-0, OCTETSOUTLEFT=OCTETSOUTLEFT-0
>>> where USERNAM
>>> E='test1'':
>>> Fri Mar 27 16:05:32 2009: DEBUG: do query is: 'insert into
>>> RADUSAGE (ACCTDELAYTI
>>> ME
>>> ,ACCTSESSIONID
>>> ,ACCTSTATUSTYPE,FRAMEDIPADDRESS,NASIDENTIFIER,NASPORT,TIME_STAMP
>>> ,USERNAME) values (0,'00003479',1,'66.216.191.55','66.109.238.133',
>>> 161080
>>>
>>>
>>> Hugh Irvine wrote:
>>>>
>>>> Hello Tim -
>>>>
>>>> I will need to see a copy of your configuration file and a trace
>>>> 4 debug from Radiator showing what is happening.
>>>>
>>>> regards
>>>>
>>>> Hugh
>>>>
>>>>
>>>>
>>>> On 28 Mar 2009, at 06:14, Tim Wolgemuth wrote:
>>>>
>>>>> I am trying to do setup simultaneous logins. I am using
>>>>> Radmin. Here is what I have for the user:
>>>>>
>>>>> mysql> SELECT MAXLOGINS FROM RADUSERS where username = "test1";
>>>>> +-----------+
>>>>> | MAXLOGINS |
>>>>> +-----------+
>>>>> | 1 |
>>>>> +-----------+
>>>>>
>>>>>
>>>>> But I can have more connections then that.
>>>>>
>>>>> mysql> SELECT * FROM RADONLINE R;
>>>>> +---------------+------+-----------------+----------------
>>>>> +------------+--------
>>>>> -----+--------------+-------------+-------+------------
>>>>> +----------+
>>>>> | ACCTSESSIONID | DNIS | FRAMEDIPADDRESS | NASIDENTIFIER |
>>>>> NASPORT | NASPORT
>>>>> TYPE | ORIGUSERNAME | SERVICETYPE | STATE | TIME_STAMP |
>>>>> USERNAME |
>>>>> +---------------+------+-----------------+----------------
>>>>> +------------+--------
>>>>> -----+--------------+-------------+-------+------------
>>>>> +----------+
>>>>> | 0000344B | NULL | 66.216.191.49 | 66.109.238.133
>>>>> | 0 | Virtual
>>>>> | NULL | Framed | NULL | 1238176730 | test1 |
>>>>> | 0000346F | NULL | 66.216.191.53 | 66.109.238.133 |
>>>>> 1610809444 | 31
>>>>> | NULL | Framed | NULL | 1238177527 | test1 |
>>>>> | 0000346E | NULL | 66.216.191.52 | 66.109.238.133 |
>>>>> 2097152 | 32
>>>>> | NULL | Framed | NULL | 1238177474 | test1 |
>>>>> +---------------+------+-----------------+----------------
>>>>> +------------+--------
>>>>> -----+--------------+-------------+-------+------------
>>>>> +----------+
>>>>> 3 rows in set (0.00 sec)
>>>>>
>>>>>
>>>>> I am demoing radiator.
>>>>>
>>>>> If you need more info let me know.
>>>>>
>>>>> Tim
>>>>>
>>>>> _______________________________________________
>>>>> radiator mailing list
>>>>> radiator at open.com.au
>>>>> http://www.open.com.au/mailman/listinfo/radiator
>>>>
>>>>
>>>>
>>>> NB:
>>>>
>>>> Have you read the reference manual ("doc/ref.html")?
>>>> Have you searched the mailing list archive (www.open.com.au/archives/radiator)?
>>>> Have you had a quick look on Google (www.google.com)?
>>>> Have you included a copy of your configuration file (no secrets),
>>>> together with a trace 4 debug showing what is happening?
>>>> Have you checked the RadiusExpert wiki:
>>>> http://www.open.com.au/wiki/index.php/Main_Page
>>>>
>>
>>
>>
>> NB:
>>
>> Have you read the reference manual ("doc/ref.html")?
>> Have you searched the mailing list archive (www.open.com.au/archives/radiator)?
>> Have you had a quick look on Google (www.google.com)?
>> Have you included a copy of your configuration file (no secrets),
>> together with a trace 4 debug showing what is happening?
>> Have you checked the RadiusExpert wiki:
>> http://www.open.com.au/wiki/index.php/Main_Page
>>
>
>
>
>
> Hugh Irvine wrote:
>>
>> Hello Tim -
>>
>> I'm not sure what is happening in the debug shown below, so could
>> you try running Radiator by hand like this and send me the results:
>>
>> cd /your/Radiator/source/directory
>>
>> perl radiusd -foreground -log_stdout -trace 4 -config_file /your/
>> Radiator/configuration/file
>>
>> .....
>>
>> You should use your local pathnames of course, and I would like to
>> see the startup messages and a few requests showing all of the
>> processing.
>>
>> thanks and regards
>>
>> Hugh
>>
>>
>>
>> On 30 Mar 2009, at 23:09, Tim Wolgemuth wrote:
>>
>>> Here is the config file:
>>>
>>>
>>> # radmin.cfg
>>> #
>>> # Example Radiator configuration file to interface to the
>>> # Radmin user management package from Open System Consultants
>>> # (http://www.open.com.au/radmin)
>>> #
>>> # You can add extra items to your RADUSERS table and make
>>> # Radiator take note of them with, for example:
>>> # AuthSelect select PASS_WORD,STATICADDRESS,TIMELEFT,\
>>> # MAXLOGINS, SERVICENAME, BADLOGINS, VALIDFROM, VALIDTO,\
>>> # FRAMED_NETMASK,FRAMED_FILTER_ID,MAXIDLETIME \
>>> # from RADUSERS where \
>>> # USERNAME='%n' and BADLOGINS < 5 and \
>>> # VALIDFROM < %t and VALIDTO > %t
>>> # AuthColumnDef 0,Framed-IP-Netmask,reply
>>> # AuthColumnDef 1,Filter-Id,reply
>>> # AuthColumnDef 2,Idle-Timeout,reply
>>> # note that the numbering of AuthColumnDef starts with the
>>> # field following the first 4 minumum and required fields.
>>> #
>>> # You should consider this file to be a starting point only
>>> # $Id $
>>>
>>> #Foreground
>>> #LogStdout
>>> #LogDir .
>>> #DbDir .
>>> LogDir /var/log/radius
>>> DbDir /etc/radiator
>>>
>>> # Dont turn this up too high, since all log messages are logged
>>> # to the RADMESSAGES table in the database. 3 will give you
>>> everything
>>> # except debugging messages
>>> Trace 5
>>>
>>> # You will probably want to change this to suit your site.
>>> # You should list all the clients you have, and their secrets
>>> # If you are using the Radmin Clients table, you wil probably
>>> # want to disable this.
>>> <Client DEFAULT>
>>> Secret mysecret
>>> DupInterval 0
>>> </Client>
>>>
>>> # You can put additonal (or all) client details in your Radmin
>>> # database table
>>> # and get their details from there with something like this:
>>> # You can then use the Radmin 'Add Radius Client' to add new
>>> clients.
>>> <ClientListSQL>
>>> DBSource dbi:mysql:radmin:<dbserver>
>>> DBUsername radius
>>> DBAuth <dbpass>
>>>
>>> select
>>> NASIDENTIFIER
>>> ,SECRET
>>> ,IGNOREACCTSIGNATURE
>>> ,DUPINTERVAL
>>> ,DEFAULTREALM
>>> ,NASTYPE
>>> ,SNMPCOMMUNITY
>>> ,LIVINGSTONOFFS
>>> ,LIVINGSTONHOLE
>>> ,FRAMEDGROUPBASEADDRESS
>>> ,FRAMEDGROUPMAXPORTSPERCLASSC
>>> ,REWRITEUSERNAME,NOIGNOREDUPLICATES,PREHANDLERHOOK from
>>> RADCLIENTLIST
>>>
>>>
>>> # If RefreshPeriod is set to non-zero, it specifies the period in
>>> seconds that the client list will
>>> # be refreshed by rereading the database. Each RefreshPeriod,
>>> # any Clients previously created by this ClientList are cleared
>>> # and a new set of clients read from the database.
>>> # Clients defined in the configuration file will not be clobbered.
>>> # The same effect can be got by signalling the process with with
>>> SIGHUP
>>> #RefreshPeriod 600
>>> </ClientListSQL>
>>>
>>> <AuthLog FILE>
>>> Identifier myauthlogger
>>> Filename %L/authlog-%Y-%m-%d.log
>>> LogSuccess 1
>>> #SuccessFormat %l:%U:OK
>>> SuccessFormat %l:%U:%N:OK
>>> FailureFormat %l:%U:%P:%N:FAIL
>>> LogFailure 1
>>> </AuthLog>
>>>
>>> # Handle everyone with RADMIN
>>> <Realm DEFAULT>
>>> <AuthBy RADMIN>
>>> # Change DBSource, DBUsername, DBAuth for your database
>>> # See the reference manual. You will also have to
>>> # change the one in <SessionDatabse SQL> below
>>> # so its the same
>>> DBSource dbi:mysql:radmin:<dbserver>
>>> DBUsername radius
>>> DBAuth <dbpass>
>>>
>>> # Never look up the DEFAULT user
>>> NoDefault
>>>
>>> DefaultSimultaneousUse 1
>>>
>>>
>>> # You can add to or change these if you want, but you
>>> # will probably want to change the database schema first
>>> AccountingTable RADUSAGE
>>> AcctColumnDef USERNAME,User-Name
>>> AcctColumnDef TIME_STAMP,Timestamp,integer
>>> AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type,integer
>>> AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer
>>> AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
>>> AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
>>> AcctColumnDef ACCTSESSIONID,Acct-Session-Id
>>> AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
>>> AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-
>>> Cause,integer
>>> AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
>>> AcctColumnDef NASIDENTIFIER,NAS-IP-Address
>>> AcctColumnDef NASIDENTIFIER,NAS-Identifier
>>> AcctColumnDef NASPORT,NAS-Port,integer
>>> AcctColumnDef DNIS,Called-Station-Id
>>> # AcctColumnDef CALLINGSTATIONID,Calling-Station-Id
>>>
>>> # This updates the time and octets left
>>> # for this user
>>> AcctSQLStatement update RADUSERS set TIMELEFT=TIMELEFT-0%
>>> {Acct-Session-Time}, OCTETSINLEFT=OCTETSINLEFT-0%{Acct-Input-
>>> Octets}, OCTETSOUTLEFT=OCTETSOUTLEFT-0%{Acct-Output-Octets} where
>>> USERNAME='%n'
>>>
>>> # These are the classic things to add to each users
>>> # reply to allow a PPP dialup session. It may be
>>> # different for your NAS. This will add some
>>> # reply items to everyone's reply
>>> AddToReply Framed-Protocol = PPP,\
>>> Framed-IP-Netmask = 255.255.255.255,\
>>> Framed-Routing = None,\
>>> Framed-MTU = 1500,\
>>> Framed-Compression = Van-Jacobson-TCP-IP
>>>
>>> # If you intend to use rcrypt reversible encryption
>>> # for passwords in your Radmin database, you must
>>> # RcryptKey here to be the same secret key you
>>> # defined in your Radmin Site.pm, and also set
>>> # PasswordFormat in your Site.pm.
>>> # RcryptKey mysecret
>>>
>>> # If you intend to use Unix encryption in your database,
>>> # you will need to set EncryptedPasssword here,
>>> # as well as setting PasswordFormat in your Site.pm
>>> EncryptedPassword
>>>
>>> # You can change the max bad login count from the default
>>> # of 5 with something like
>>> MaxBadLogins 10
>>>
>>> # To improve user lookup performance on databases that support
>>> # placeholders, you can use AuthSelectParam and ? like this:
>>> # AuthSelect select PASS_WORD, STATICADDRESS,
>>> TIMELEFT,MAXLOGINS, SERVICENAME, BADLOGINS, VALIDFROM, VALIDTO
>>> from RADUSERS where USERNAME=?
>>> # AuthSelectParam %0
>>> # ServiceAttrQuery select ATTR_ID, VENDOR_ID, IVALUE,
>>> SVALUE, ITEM_TYPE from RADSTCONFIG where NAME=? order by ITEM_TYPE
>>> # UserAttrQuery select ATTR_ID, VENDOR_ID, IVALUE, SVALUE,
>>> ITEM_TYPE from RADCONFIG where NAME=? order by ITEM_TYPE
>>> # AttrQueryParam %0
>>>
>>> <Log FILE>
>>> Filename /var/log/radius/radius-%Y-%m-%d.log
>>> Trace 5
>>> LogFormat %l: %1: %2
>>> </Log FILE>
>>> </AuthBy>
>>>
>>> # This clause logs all authentication successes and failures to
>>> the RADAUTHLOG table
>>> # Suitable for use with RAdmin version 1.6 or later
>>> <AuthLog SQL>
>>> # This database spec usually should be exactly the same
>>> # as in <AuthBy RADMIN> above
>>> DBSource dbi:mysql:radmin:<dbserver>
>>> DBUsername radius
>>> DBAuth <dbpass>
>>>
>>> LogSuccess
>>> SuccessQuery insert into RADAUTHLOG (TIME_STAMP, USERNAME,
>>> TYPE) values (%t, '%n', 1)
>>> LogFailure
>>> FailureQuery insert into RADAUTHLOG (TIME_STAMP, USERNAME,
>>> TYPE, REASON) values (%t, '%n', 0, %1)
>>> </AuthLog>
>>>
>>> <AuthLog FILE>
>>> Identifier myauthlogger
>>> Filename %L/authlog-%Y-%m-%d.log
>>> LogSuccess 1
>>> SuccessFormat %l:%U:%N:OK
>>> FailureFormat %l:%U:%P:%N:FAIL
>>> LogFailure 1
>>> </AuthLog>
>>>
>>>
>>> </Realm>
>>>
>>> <SessionDatabase SQL>
>>> # This database spec usually should be exactly the same
>>> # as in <AuthBy RADMIN> above
>>> DBSource dbi:mysql:radmin:<dbserver>
>>> DBUsername radius
>>> DBAuth <dbpass>
>>> CountQuery select NASIDENTIFIER, NASPORT, ACCTSESSIONID,
>>> FRAMEDIPADDRESS from RADONLINE where USERNAME=%u
>>>
>>> </SessionDatabase>
>>>
>>> # You can also set up an address pool for Radiator to manage.
>>> # The standard Radmin tables include a RADPOOL address pool table.
>>> # see the example in addressallocator.cfg
>>>
>>>
>>> One log entry:
>>>
>>> Fri Mar 27 16:04:18 2009: DEBUG: Handling with Radius::AuthRADMIN:
>>> Fri Mar 27 16:04:18 2009: DEBUG: Handling accounting with
>>> Radius::AuthRADMIN
>>> Fri Mar 27 16:04:18 2009: DEBUG: do query is: 'update RADUSERS set
>>> TIMELEFT=TIME
>>> LEFT-06784, OCTETSINLEFT=OCTETSINLEFT-019922,
>>> OCTETSOUTLEFT=OCTETSOUTLEFT-022007
>>> where USERNAME='test1'':
>>> Fri Mar 27 16:04:18 2009: DEBUG: do query is: 'insert into
>>> RADUSAGE (ACCTDELAYTI
>>> ME
>>> ,ACCTINPUTOCTETS
>>> ,ACCTOUTPUTOCTETS,ACCTSESSIONID,ACCTSESSIONTIME,ACCTSTATUSTYPE
>>> ,ACCTTERMINATECAUSE
>>> ,FRAMEDIPADDRESS,NASIDENTIFIER,NASPORT,TIME_STAMP,USER
>>> Fri Mar 27 16:04:20 2009: DEBUG: Handling with Radius::AuthRADMIN:
>>> Fri Mar 27 16:04:20 2009: DEBUG: Handling accounting with
>>> Radius::AuthRADMIN
>>> Fri Mar 27 16:04:20 2009: DEBUG: do query is: 'update RADUSERS set
>>> TIMELEFT=TIME
>>> LEFT-06733, OCTETSINLEFT=OCTETSINLEFT-016200,
>>> OCTETSOUTLEFT=OCTETSOUTLEFT-020619
>>> where USERNAME='test1'':
>>> Fri Mar 27 16:04:20 2009: DEBUG: do query is: 'insert into
>>> RADUSAGE (ACCTDELAYTI
>>> ME
>>> ,ACCTINPUTOCTETS
>>> ,ACCTOUTPUTOCTETS,ACCTSESSIONID,ACCTSESSIONTIME,ACCTSTATUSTYPE
>>> ,ACCTTERMINATECAUSE
>>> ,FRAMEDIPADDRESS,NASIDENTIFIER,NASPORT,TIME_STAMP,USER
>>> Fri Mar 27 16:04:42 2009: DEBUG: Handling with Radius::AuthRADMIN:
>>> Fri Mar 27 16:04:42 2009: DEBUG: Handling with Radius::AuthRADMIN:
>>> Fri Mar 27 16:04:42 2009: DEBUG: Query is: 'select PASS_WORD,
>>> STATICADDRESS, TIM
>>> ELEFT, MAXLOGINS, SERVICENAME, BADLOGINS, VALIDFROM, VALIDTO from
>>> RADUSERS where
>>> USERNAME='test1'':
>>> Fri Mar 27 16:04:42 2009: DEBUG: Query is: 'select ATTR_ID,
>>> VENDOR_ID, IVALUE, S
>>> VALUE, ITEM_TYPE from RADSTCONFIG where NAME='dynamic-1' order by
>>> ITEM_TYPE':
>>> Fri Mar 27 16:04:42 2009: DEBUG: Query is: 'select ATTR_ID,
>>> VENDOR_ID, IVALUE, S
>>> VALUE, ITEM_TYPE from RADCONFIG where NAME='test1' order by
>>> ITEM_TYPE':
>>> Fri Mar 27 16:04:42 2009: DEBUG: Radius::AuthRADMIN looks for
>>> match with test1 [
>>> test1]
>>> Fri Mar 27 16:04:42 2009: DEBUG: ValidFrom date converted to:
>>> 1238156940
>>> Fri Mar 27 16:04:42 2009: DEBUG: Expiration date converted to:
>>> 1269662400
>>> Fri Mar 27 16:04:42 2009: DEBUG: do query is: 'update RADUSERS set
>>> BADLOGINS=0 w
>>> here USERNAME='test1'':
>>> Fri Mar 27 16:04:42 2009: DEBUG: Handling with Radius::AuthRADMIN:
>>> Fri Mar 27 16:04:42 2009: DEBUG: Handling accounting with
>>> Radius::AuthRADMIN
>>> Fri Mar 27 16:04:42 2009: DEBUG: do query is: 'update RADUSERS set
>>> TIMELEFT=TIME
>>> LEFT-0, OCTETSINLEFT=OCTETSINLEFT-0, OCTETSOUTLEFT=OCTETSOUTLEFT-0
>>> where USERNAM
>>> E='test1'':
>>> Fri Mar 27 16:04:42 2009: DEBUG: do query is: 'insert into
>>> RADUSAGE (ACCTDELAYTI
>>> ME
>>> ,ACCTSESSIONID
>>> ,ACCTSTATUSTYPE,FRAMEDIPADDRESS,NASIDENTIFIER,NASPORT,TIME_STAMP
>>> ,USERNAME) values (0,'00003477',1,'66.216.191.54','66.109.238.133',
>>> 209715
>>>
>>>
>>> Second log entry:
>>>
>>> Fri Mar 27 16:05:32 2009: DEBUG: Handling with Radius::AuthRADMIN:
>>> Fri Mar 27 16:05:32 2009: DEBUG: Handling with Radius::AuthRADMIN:
>>> Fri Mar 27 16:05:32 2009: DEBUG: Query is: 'select PASS_WORD,
>>> STATICADDRESS, TIM
>>> ELEFT, MAXLOGINS, SERVICENAME, BADLOGINS, VALIDFROM, VALIDTO from
>>> RADUSERS where
>>> USERNAME='test1'':
>>> Fri Mar 27 16:05:32 2009: DEBUG: Query is: 'select ATTR_ID,
>>> VENDOR_ID, IVALUE, S
>>> VALUE, ITEM_TYPE from RADSTCONFIG where NAME='dynamic-1' order by
>>> ITEM_TYPE':
>>> Fri Mar 27 16:05:32 2009: DEBUG: Query is: 'select ATTR_ID,
>>> VENDOR_ID, IVALUE, S
>>> VALUE, ITEM_TYPE from RADCONFIG where NAME='test1' order by
>>> ITEM_TYPE':
>>> Fri Mar 27 16:05:32 2009: DEBUG: Radius::AuthRADMIN looks for
>>> match with test1 [
>>> test1]
>>> Fri Mar 27 16:05:32 2009: DEBUG: ValidFrom date converted to:
>>> 1238156940
>>> Fri Mar 27 16:05:32 2009: DEBUG: Expiration date converted to:
>>> 1269662400
>>> Fri Mar 27 16:05:32 2009: DEBUG: do query is: 'update RADUSERS set
>>> BADLOGINS=0 w
>>> here USERNAME='test1'':
>>> Fri Mar 27 16:05:32 2009: DEBUG: Handling with Radius::AuthRADMIN:
>>> Fri Mar 27 16:05:32 2009: DEBUG: Handling accounting with
>>> Radius::AuthRADMIN
>>> Fri Mar 27 16:05:32 2009: DEBUG: do query is: 'update RADUSERS set
>>> TIMELEFT=TIME
>>> LEFT-0, OCTETSINLEFT=OCTETSINLEFT-0, OCTETSOUTLEFT=OCTETSOUTLEFT-0
>>> where USERNAM
>>> E='test1'':
>>> Fri Mar 27 16:05:32 2009: DEBUG: do query is: 'insert into
>>> RADUSAGE (ACCTDELAYTI
>>> ME
>>> ,ACCTSESSIONID
>>> ,ACCTSTATUSTYPE,FRAMEDIPADDRESS,NASIDENTIFIER,NASPORT,TIME_STAMP
>>> ,USERNAME) values (0,'00003479',1,'66.216.191.55','66.109.238.133',
>>> 161080
>>>
>>>
>>> Hugh Irvine wrote:
>>>>
>>>> Hello Tim -
>>>>
>>>> I will need to see a copy of your configuration file and a trace
>>>> 4 debug from Radiator showing what is happening.
>>>>
>>>> regards
>>>>
>>>> Hugh
>>>>
>>>>
>>>>
>>>> On 28 Mar 2009, at 06:14, Tim Wolgemuth wrote:
>>>>
>>>>> I am trying to do setup simultaneous logins. I am using
>>>>> Radmin. Here is what I have for the user:
>>>>>
>>>>> mysql> SELECT MAXLOGINS FROM RADUSERS where username = "test1";
>>>>> +-----------+
>>>>> | MAXLOGINS |
>>>>> +-----------+
>>>>> | 1 |
>>>>> +-----------+
>>>>>
>>>>>
>>>>> But I can have more connections then that.
>>>>>
>>>>> mysql> SELECT * FROM RADONLINE R;
>>>>> +---------------+------+-----------------+----------------
>>>>> +------------+--------
>>>>> -----+--------------+-------------+-------+------------
>>>>> +----------+
>>>>> | ACCTSESSIONID | DNIS | FRAMEDIPADDRESS | NASIDENTIFIER |
>>>>> NASPORT | NASPORT
>>>>> TYPE | ORIGUSERNAME | SERVICETYPE | STATE | TIME_STAMP |
>>>>> USERNAME |
>>>>> +---------------+------+-----------------+----------------
>>>>> +------------+--------
>>>>> -----+--------------+-------------+-------+------------
>>>>> +----------+
>>>>> | 0000344B | NULL | 66.216.191.49 | 66.109.238.133
>>>>> | 0 | Virtual
>>>>> | NULL | Framed | NULL | 1238176730 | test1 |
>>>>> | 0000346F | NULL | 66.216.191.53 | 66.109.238.133 |
>>>>> 1610809444 | 31
>>>>> | NULL | Framed | NULL | 1238177527 | test1 |
>>>>> | 0000346E | NULL | 66.216.191.52 | 66.109.238.133 |
>>>>> 2097152 | 32
>>>>> | NULL | Framed | NULL | 1238177474 | test1 |
>>>>> +---------------+------+-----------------+----------------
>>>>> +------------+--------
>>>>> -----+--------------+-------------+-------+------------
>>>>> +----------+
>>>>> 3 rows in set (0.00 sec)
>>>>>
>>>>>
>>>>> I am demoing radiator.
>>>>>
>>>>> If you need more info let me know.
>>>>>
>>>>> Tim
>>>>>
>>>>> _______________________________________________
>>>>> radiator mailing list
>>>>> radiator at open.com.au
>>>>> http://www.open.com.au/mailman/listinfo/radiator
>>>>
>>>>
>>>>
>>>> NB:
>>>>
>>>> Have you read the reference manual ("doc/ref.html")?
>>>> Have you searched the mailing list archive (www.open.com.au/archives/radiator)?
>>>> Have you had a quick look on Google (www.google.com)?
>>>> Have you included a copy of your configuration file (no secrets),
>>>> together with a trace 4 debug showing what is happening?
>>>> Have you checked the RadiusExpert wiki:
>>>> http://www.open.com.au/wiki/index.php/Main_Page
>>>>
>>
>>
>>
>> NB:
>>
>> Have you read the reference manual ("doc/ref.html")?
>> Have you searched the mailing list archive (www.open.com.au/archives/radiator)?
>> Have you had a quick look on Google (www.google.com)?
>> Have you included a copy of your configuration file (no secrets),
>> together with a trace 4 debug showing what is happening?
>> Have you checked the RadiusExpert wiki:
>> http://www.open.com.au/wiki/index.php/Main_Page
>>
NB:
Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
Have you checked the RadiusExpert wiki:
http://www.open.com.au/wiki/index.php/Main_Page
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.
More information about the radiator
mailing list