[RADIATOR] How to implement Copy mode
Carlos Parada
carlos-f-parada at ptinovacao.pt
Wed Mar 10 06:27:01 CST 2010
Hi all,
Thanks for the answer, but I have a little additional problem (in the previous mail my answer was too quick ;) )
A have the requirement that I will only forward the response to the NAS, IF the auth/acc plug-in (FREERADIUSSQL) has a response - the response could not exist under some circumstances (I will change the original code).
For this reason, I need to go to the auth/acc first in the SQL, and then forward in case of Acc response.
The problem is that using the IgnoreAccountingResponse in the RAdIUS authby, the Radiator does not respond to the NAS (is there any way of responding the result of the previous AuthBy?)
To overtake this, I've tries the use of the AccountingHandled flag at the handler level, but it is not clear for me what are the implications. When I use features such as StripFromReply or AddToReply, what are the base packet that is considered? Any clues?
Regards,
Carlos Parada
-----Original Message-----
From: Hugh Irvine [mailto:hugh at open.com.au]
Sent: terça-feira, 9 de Março de 2010 23:01
To: Carlos Parada
Cc: radiator at open.com.au
Subject: Re: [RADIATOR] How to implement Copy mode
Hello Carlos -
Try somehting like this:
# process accounting requests
<Handler Request-Type = Accounting-Request>
AuthByPolicy ContinueAlways
<AuthBy RADIUS>
IgnoreAccountingResponse
.....
</AuthBy>
<AuthBy SQL>
.....
</AuthBy>
</Handler>
# process authentication requests
<Handler>
<AuthBy SQL>
.....
</AuthBy>
</Handler>
See section 5.30.27 in the Radiator 4.6 reference manual ("doc/ref.pdf").
regards
Hugh
On 9 Mar 2010, at 23:36, Carlos Parada wrote:
> Hi all,
>
> I would like to implement a handler for authentication/accounting based on an SQL database.
> Additionally, I would like to forward requests to another server in copy mode (copy mode means
> I should not expect any response - I will not have one). However, I nevertheless would like that my
> Radiator respond to requets back (to the NAS). I want to authentication/accounting first and only
> then forward to the server in copy mode.
>
> However, it is not clear for me how to do this, because there seems no way to say radiator to
> not expect any response (only forward it). Expecting that response would result probably in a large
> memory comsuption, because of the proxy state storages.
>
> Any tips about how to implement this?
>
> Carlos Parada
>
>
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator
NB:
Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.
More information about the radiator
mailing list