[RADIATOR] Handler type Stop/Alive distinguished processing

Michael ringo at vianet.ca
Wed Mar 27 15:40:28 CDT 2013 


AuthByPolicy is only for what to do when you have multiple authby's.  
you only have 1 per handler here so it's irrelevant.

Best to show some debug log of this in action with a start packet to 
figure out what's going on.  the config looks like it should at least 
handle the start packet.



On 27/03/13 03:32 PM, Thomas Kurian wrote:
> Hi Mike,
> Thanks for your email. Can you please tell me where exactly i have to 
> add "AuthByPolicy ContinueWhileIgnore"? Should it go under each 
> handler clause inside Authby sql?
>
> _My old config (which didnt work ,Start packets were never getting 
> processed) (this was the config i had problem a long time ago.. which 
> lead me to ask this question)_
>
> AcctPort 1813
>
> AuthPort 1812
>
>
>
>
> BindAddress 0.0.0.0
>
>
> LogDir /var/log/radius
>
> DbDir /etc/radiator
>
> # Use a low trace level in production systems. Increase
>
> # it to 4 or 5 for debugging, or use the -trace flag to radiusd
>
> Trace 4
>
> # You will probably want to add other Clients to suit your work site,
>
> # one for each NAS you want to work with
>
>
>
>
>
> <Client DEFAULT>
>
> Secret xxxx
>
> DupInterval 0
>
> </Client>
>
>
>
>
>
>
>
>
>
>
> <Client 10.50.1.4>
>
> Secret xxx
>
> DupInterval 0
>
> NasType Cisco
>
> IgnoreAcctSignature
>
> </Client>
>
>
>
>
> #For strictly processing with Accounting Stop packets
>
>
>
>
> <Handler Acct-Status-Type = Stop>
>
>
>
>
> <AuthBy SQL>
>
> Identifier Block-Quota-SQL
>
>
>
>
> DBSource dbi:mysql:radius
>
> DBUsername xxxx
>
> DBAuth xxxxx
>
>
>
>
> AccountingStopsOnly
>
> AccountingTable quotacouunter
>
> AuthColumnDef username,User-Name,check
>
>
>
>
>
>
>
> AuthSelect select monthlycounter from quotacounter \
>
> where username='%n' \
>
> And type = 'Q'
>
> #AuthColumnDef 0, Session-Timeout, reply
>
>
>
>
> AcctSQLStatement update quotacounter set \
>
> monthlycounter=monthlycounter+%{Acct-Input-Octets} \
>
> where username='%n' \
>
> And Type = 'Q'
>
>
>
>
> AuthSelect select totalcounter from quotacounter \
>
> where username='%n' \
>
> And Type = 'Q'
>
>
>
>
> AcctSQLStatement update quotacounter set \
>
> totalcounter=totalcounter+%{Acct-Input-Octets} \
>
> where username='%n' \
>
> And Type = 'Q'
>
>
>
>
> PostAuthHook file:"%D/thomas.pl";
>
>
>
>
> </AuthBy>
>
>
>
>
> </Handler>
>
>
>
>
>
>
>
>
>
>
> # Accept processing of other accounting requests of the genre start 
> and interim
>
>
>
>
> <Handler Request-Type = Accounting-Request>
>
>
>
> <Realm DEFAULT>
>
> <AuthBy SQL>
>
>
>
>
> DBSource dbi:mysql:radius
>
> DBUsername xxxx
>
> DBAuth xxxx
>
>
>
>
>
>
>
>
>
>
> AccountingTable ACCOUNTING
>
> AcctColumnDef USERNAME, User-Name
>
> AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
>
> AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
>
> AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets
>
> AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets
>
> AcctColumnDef TIME_STAMP,Event-Timestamp
>
> AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time
>
> AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time
>
> AcctColumnDef ACCTSESSIONID,Acct-Session-Id
>
> AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause
>
> AcctColumnDef NASIDENTIFIER,NAS-Identifier
>
> AcctColumnDef NASPORT,NAS-Port
>
> AcctColumnDef ACCTSESSIONID,Acct-Session-Id
>
>
>
>
> </AuthBy>
>
> # Log accounting to a detail file
>
> AcctLogFileName %L/detail
>
>
>
>
>
>
>
> </Realm>
>
> </Handler>
>
>
>
>
>
> Requesting your kind help, Thomas Kurian IT Security Engineer (B.Tech. 
> -- Electrical) Kuwaiti Canadian Consulting Group (www.kccg.com) T: 
> +965 22435566 F: +965 22415149 E: thomas at kccg.com
> On 3/27/2013 8:00 PM, radiator-request at open.com.au wrote:
>> Send radiator mailing list submissions to radiator at open.com.au To 
>> subscribe or unsubscribe via the World Wide Web, visit 
>> http://www.open.com.au/mailman/listinfo/radiator or, via email, send 
>> a message with subject or body 'help' to radiator-request at open.com.au 
>> You can reach the person managing the list at 
>> radiator-owner at open.com.au When replying, please edit your Subject 
>> line so it is more specific than "Re: Contents of radiator digest..." 
>> Today's Topics: 1. Re: Handler type Stop/Alive distinguished 
>> processing (Michael Newton) 
>> ---------------------------------------------------------------------- Message: 
>> 1 Date: Wed, 27 Mar 2013 09:41:40 -0700 From: Michael Newton 
>> <mnewton at pofp.com> Subject: Re: [RADIATOR] Handler type Stop/Alive 
>> distinguished processing To: radiator at open.com.au Message-ID: 
>> <CADEoLhCoJHu0vQChsC5-czmG24k+kwsSnw=FzyDoVJi-bH-DCw at mail.gmail.com> 
>> Content-Type: text/plain; charset="utf-8" On 27 March 2013 09:29, 
>> <radiator-request at open.com.au> wrote:
>>> My requirement is to process and handle ,Alive and Stop packet 
>>> separately and the configuration must be called/processed separately 
>>> ,each time the radiator receives it based on the Acct Status type as 
>>> described above. Please help me out , i could not find an 
>>> explanation for this anywhere and i am confused. Please let me know, 
>>> if you need any more specifics to help me out. 
>> There shouldn't be any problem with using <Handler 
>> Acct-Status-Type=Start>, <Handler Acct-Status-Type=Alive>, or 
>> <Handler Acct-Status-Type=Stop>, it is how we do accounting on our 
>> server. Maybe make sure you you are using "AuthByPolicy 
>> ContinueWhileIgnore" if you have problems with subsequent handlers 
>> not getting called? If that doesn't help, I'd suggest posting the 
>> config that doesn't work instead of the one that does; other people 
>> may be able to provide more suggestions. Mike -------------- next 
>> part -------------- An HTML attachment was scrubbed... URL: 
>> http://www.open.com.au/pipermail/radiator/attachments/20130327/ab98603b/attachment-0001.html 
>> ------------------------------ 
>> _______________________________________________ radiator mailing list 
>> radiator at open.com.au http://www.open.com.au/mailman/listinfo/radiator 
>> End of radiator Digest, Vol 46, Issue 24 
>> **************************************** 
>
> _______________________________________________ radiator mailing list 
> radiator at open.com.au http://www.open.com.au/mailman/listinfo/radiator 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.open.com.au/pipermail/radiator/attachments/20130327/a8ac2212/attachment.html

More information about the radiator mailing list