Hi Arran, Unfortunately I am not much of a programmer . Therefore if you can put some examples / pointers based on my requirement, it will be a headstart for me . I had also read somewhere that if we can strip the last 3 octet then atleast 4TB of traffic can be managed in replying back .
However, there are a lot of solutions but no examples or a working config which can be tweaked. Regards Suman On Mon, Aug 8, 2011 at 3:02 PM, Arran Cudbard-Bell <[email protected]> wrote: > > On 8 Aug 2011, at 11:09, Suman Dash wrote: > >> What i mean to say is that i am not using an integer to store the >> value as integer is limited to 32bit, Instead i am directly comparing >> output from sql query in Unlanf but it doesn't seems to work either. > > Then no. AFAIK FreeRADIUS doesn't support arbitrary precision mathematics. In > general performance is valued over completeness when it comes to things like > unlang. > > Here are some workarounds: > > * You could store the result as a string and use an external utility to do > the comparison. > * You could also try expr xlat, but i'm not sure if it supports arbitrary > precision either. > * If you're just doing an equality check, then just write the value to a > string and do a straight string comparison. > * You could do the comparison in SQL and return a boolean value (i've used > this as a workaround in the past). > * You could write an xlat wrapper around one of the arbitrary precision > libraries. > > -Arran > > >> >> It returns false where it should be returning true. >> >> Regards >> >> On Mon, Aug 8, 2011 at 2:27 PM, Arran Cudbard-Bell >> <[email protected]> wrote: >>> >>> On 8 Aug 2011, at 09:32, Suman Dash wrote: >>> >>>> So it is not possible to store values more than 32 bit in Tmp-Integer. >>>> How about direct sql statements in Unlang not involving the >>>> Tmp-Integer. It is also not working in my scenario. >>>> >>> >>> You mean a comparison of two integers from two SQL statements? >>> >>>> Attached is the logs. >>> >>> More useful would be the config... >>> >>> -Arran >>> >>>> >>>> >>>> Going to the next request >>>> Ready to process requests. >>>> rad_recv: Access-Request packet from host xxx.xx.xx.xx port 60642, >>>> id=55, length=132 >>>> Service-Type = Framed-User >>>> Framed-Protocol = PPP >>>> NAS-Port = 60 >>>> NAS-Port-Type = Ethernet >>>> User-Name = "10021" >>>> Calling-Station-Id = "F4:EC:38:BA:8A:3B" >>>> Called-Station-Id = "Internet" >>>> NAS-Port-Id = "LAN" >>>> User-Password = "10021" >>>> NAS-Identifier = "NTL.XXXXX" >>>> NAS-IP-Address = xxx.xx.xx.xx >>>> # Executing section authorize from file >>>> /etc/freeradius/sites-enabled/default >>>> +- entering group authorize {...} >>>> ++[preprocess] returns ok >>>> ++[chap] returns noop >>>> ++[mschap] returns noop >>>> ++[digest] returns noop >>>> [suffix] No '@' in User-Name = "10021", looking up realm NULL >>>> [suffix] No such realm "NULL" >>>> ++[suffix] returns noop >>>> [eap] No EAP-Message, not doing EAP >>>> ++[eap] returns noop >>>> [files] users: Matched entry DEFAULT at line 172 >>>> ++[files] returns ok >>>> [sql] expand: %{User-Name} -> 10021 >>>> [sql] sql_set_user escaped user --> '10021' >>>> rlm_sql (sql): Reserving sql socket id: 1 >>>> [sql] expand: SELECT id, username, attribute, value, op >>>> FROM tbl_check WHERE username = '%{SQL-User-Name}' >>>> ORDER BY id -> SELECT id, username, attribute, value, op >>>> FROM tbl_check WHERE username = '10021' ORDER BY >>>> id >>>> [sql] User found in radcheck table >>>> [sql] expand: SELECT id, username, attribute, value, op >>>> FROM tbl_reply WHERE username = '%{SQL-User-Name}' >>>> ORDER BY id -> SELECT id, username, attribute, value, op >>>> FROM tbl_reply WHERE username = '10021' ORDER BY >>>> id >>>> [sql] expand: SELECT groupname FROM tbl_usergroup >>>> WHERE username = '%{SQL-User-Name}' ORDER BY priority -> >>>> SELECT groupname FROM tbl_usergroup WHERE username >>>> = '10021' ORDER BY priority >>>> [sql] expand: SELECT id, groupname, attribute, Value, op >>>> FROM tbl_groupcheck WHERE groupname = '%{Sql-Group}' >>>> ORDER BY id -> SELECT id, groupname, attribute, >>>> Value, op FROM tbl_groupcheck WHERE groupname = >>>> 'TEST-10G' ORDER BY id >>>> [sql] User found in group TEST-10G >>>> [sql] expand: SELECT id, groupname, attribute, value, op >>>> FROM tbl_groupreply WHERE groupname = '%{Sql-Group}' >>>> ORDER BY id -> SELECT id, groupname, attribute, >>>> value, op FROM tbl_groupreply WHERE groupname = >>>> 'TEST-10G' ORDER BY id >>>> rlm_sql (sql): Released sql socket id: 1 >>>> ++[sql] returns ok >>>> rlm_checkval: Item Name: Calling-Station-Id, Value: F4:EC:38:BA:8A:3B >>>> rlm_checkval: Value Name: Calling-Station-Id, Value: F4:EC:38:BA:8A:3B >>>> ++[checkval] returns ok >>>> [expiration] Checking Expiration time: '1 Sep 2011' >>>> ++[expiration] returns ok >>>> ++[logintime] returns noop >>>> ++[pap] returns updated >>>> Found Auth-Type = PAP >>>> # Executing group from file /etc/freeradius/sites-enabled/default >>>> +- entering group PAP {...} >>>> [pap] login attempt with password "xxxxx" >>>> [pap] Using CRYPT password "Wh1vvjSX72NI6" >>>> [pap] User authenticated successfully >>>> ++[pap] returns ok >>>> # Executing section session from file /etc/freeradius/sites-enabled/default >>>> +- entering group session {...} >>>> [radutmp] expand: /var/log/freeradius/radutmp -> >>>> /var/log/freeradius/radutmp >>>> [radutmp] expand: %{User-Name} -> 10021 >>>> ++[radutmp] returns ok >>>> # Executing section post-auth from file >>>> /etc/freeradius/sites-enabled/default >>>> +- entering group post-auth {...} >>>> [sql] expand: %{User-Name} -> 10021 >>>> [sql] sql_set_user escaped user --> '10021' >>>> [sql] expand: %{User-Password} -> xxxxx >>>> [sql] expand: INSERT INTO tbl_postauth >>>> (username, pass, reply, authdate) VALUES ( >>>> '%{User-Name}', >>>> '%{%{User-Password}:-%{Chap-Password}}', >>>> '%{reply:Packet-Type}', '%S') -> INSERT INTO tbl_postauth >>>> (username, pass, reply, authdate) >>>> VALUES ( '10021', >>>> '10021', 'Access-Accept', '2011-08-08 >>>> 01:31:49') >>>> rlm_sql (sql) in sql_postauth: query is INSERT INTO tbl_postauth >>>> (username, pass, reply, authdate) >>>> VALUES ( '10021', >>>> '10021', 'Access-Accept', >>>> '2011-08-08 01:31:49') >>>> rlm_sql (sql): Reserving sql socket id: 0 >>>> rlm_sql (sql): Released sql socket id: 0 >>>> ++[sql] returns ok >>>> ++? if ("%{sql:SELECT tbl_groupcheck.value from tbl_groupcheck JOIN >>>> tbl_usergroup on tbl_groupcheck.groupname = tbl_usergroup.groupname >>>> WHERE tbl_usergroup.username = '%{User-Name}'}" > "%{sql:SELECT >>>> IFNULL(SUM(AcctInputOctets)+SUM(AcctOutputOctets),0) >>>> FROM tbl_acct WHERE UserName='%{User-Name}' AND MONTH(acctstoptime) = >>>> MONTH(NOW()) AND YEAR(acctstoptime) = YEAR(NOW())}") >>>> sql_xlat >>>> expand: %{User-Name} -> 10021 >>>> sql_set_user escaped user --> '10021' >>>> expand: SELECT tbl_groupcheck.value from tbl_groupcheck JOIN >>>> tbl_usergroup on tbl_groupcheck.groupname = tbl_usergroup.groupname >>>> WHERE tbl_usergroup.username = '%{User-Name}' -> SELECT >>>> tbl_groupcheck.value from tbl_groupcheck >>>> JOIN tbl_usergroup on tbl_groupcheck.groupname = >>>> tbl_usergroup.groupname WHERE tbl_usergroup.username = '10021' >>>> rlm_sql (sql): Reserving sql socket id: 4 >>>> sql_xlat finished >>>> rlm_sql (sql): Released sql socket id: 4 >>>> expand: %{sql:SELECT tbl_groupcheck.value from tbl_groupcheck >>>> JOIN tbl_usergroup on tbl_groupcheck.groupname = >>>> tbl_usergroup.groupname >>>> WHERE tbl_usergroup.username = '%{User-Name}'} -> 23737418240 >>>> sql_xlat >>>> expand: %{User-Name} -> 10021 >>>> sql_set_user escaped user --> '10021' >>>> expand: SELECT >>>> IFNULL(SUM(AcctInputOctets)+SUM(AcctOutputOctets),0) FROM tbl_acct >>>> WHERE UserName='%{User-Name}' AND MONTH(acctstoptime) = >>>> MONTH(NOW()) >>>> AND YEAR(acctstoptime) = YEAR(NOW()) >>>> -> SELECT >>>> IFNULL(SUM(AcctInputOctets)+SUM(AcctOutputOctets),0) FROM >>>> tbl_acct WHERE UserName='10021' >>>> AND MONTH(acctstoptime) = MONTH(NOW()) AND >>>> YEAR(acctstoptime) = YEAR(NOW()) >>>> rlm_sql (sql): Reserving sql socket id: 3 >>>> sql_xlat finished >>>> rlm_sql (sql): Released sql socket id: 3 >>>> expand: %{sql:SELECT >>>> IFNULL(SUM(AcctInputOctets)+SUM(AcctOutputOctets),0) FROM tbl_acct >>>> WHERE UserName='%{User-Name}' >>>> AND MONTH(acctstoptime) = MONTH(NOW()) AND >>>> YEAR(acctstoptime) = >>>> YEAR(NOW())} -> 21093361889 >>>> ? Evaluating ("%{sql:SELECT tbl_groupcheck.value from tbl_groupcheck >>>> JOIN tbl_usergroup on tbl_groupcheck.groupname = >>>> tbl_usergroup.groupname >>>> WHERE tbl_usergroup.username = '%{User-Name}'}" > >>>> "%{sql:SELECT >>>> IFNULL(SUM(AcctInputOctets)+SUM(AcctOutputOctets),0) >>>> FROM tbl_acct WHERE UserName='%{User-Name}' AND >>>> MONTH(acctstoptime) >>>> = MONTH(NOW()) AND YEAR(acctstoptime) = YEAR(NOW())}") -> FALSE >>>> ++? if ("%{sql:SELECT tbl_groupcheck.value from tbl_groupcheck JOIN >>>> tbl_usergroup on tbl_groupcheck.groupname = tbl_usergroup.groupname >>>> WHERE tbl_usergroup.username = '%{User-Name}'}" > >>>> "%{sql:SELECT >>>> IFNULL(SUM(AcctInputOctets)+SUM(AcctOutputOctets),0) >>>> FROM tbl_acct WHERE UserName='%{User-Name}' AND >>>> MONTH(acctstoptime) >>>> = MONTH(NOW()) AND YEAR(acctstoptime) = YEAR(NOW())}") -> FALSE >>>> ++[exec] returns noop >>>> Sending Access-Accept of id 55 to xxx.xx.xx.xx port 60642 >>>> Framed-Protocol := PPP >>>> Framed-Compression := Van-Jacobson-TCP-IP >>>> Framed-MTU := 1472 >>>> Idle-Timeout := 300 >>>> Reply-Message := "Welcome to Internet Services" >>>> Mikrotik-Rate-Limit := "512K/2048K 512K/2048K 512K/2048K 180/180 8" >>>> Framed-Netmask := 255.255.255.0 >>>> Session-Timeout = 2068091 >>>> Finished request 2. >>>> Going to the next request >>>> Waking up in 4.9 seconds. >>>> rad_recv: Accounting-Request packet from host xxx.xx.xx.xx port 40276, >>>> id=56, length=154 >>>> Service-Type = Framed-User >>>> Framed-Protocol = PPP >>>> NAS-Port = 60 >>>> NAS-Port-Type = Ethernet >>>> User-Name = "10021" >>>> Calling-Station-Id = "F4:EC:38:BA:8A:3B" >>>> Called-Station-Id = "iBroadNet Internet" >>>> NAS-Port-Id = "LAN" >>>> Acct-Session-Id = "81800038" >>>> Framed-IP-Address = 172.16.11.250 >>>> Acct-Authentic = RADIUS >>>> Event-Timestamp = "Aug 8 2011 01:31:47 IST" >>>> Acct-Status-Type = Start >>>> NAS-Identifier = "NTL.xxxxx" >>>> NAS-IP-Address = xxx.xx.xx.xx >>>> Acct-Delay-Time = 0 >>>> # Executing section preacct from file /etc/freeradius/sites-enabled/default >>>> +- entering group preacct {...} >>>> ++[preprocess] returns ok >>>> [acct_unique] Hashing 'NAS-Port = 60,Client-IP-Address = >>>> xxx.xx.xx.xx,NAS-IP-Address = xxx.xx.xx.xx,Acct-Session-Id = >>>> "81800038",User-Name = "10021"' >>>> [acct_unique] Acct-Unique-Session-ID = "840514b78a2e0def". >>>> ++[acct_unique] returns ok >>>> [suffix] No '@' in User-Name = "10021", looking up realm NULL >>>> [suffix] No such realm "NULL" >>>> ++[suffix] returns noop >>>> ++[files] returns noop >>>> # Executing section accounting from file >>>> /etc/freeradius/sites-enabled/default >>>> +- entering group accounting {...} >>>> [detail] expand: >>>> /var/log/freeradius/radacct/%{Client-IP-Address}/detail-%Y%m%d -> >>>> /var/log/freeradius/radacct/xxx.xx.xx.xx/detail-20110808 >>>> [detail] /var/log/freeradius/radacct/%{Client-IP-Address}/detail-%Y%m%d >>>> expands to /var/log/freeradius/radacct/xxx.xx.xx.xx/detail-20110808 >>>> [detail] expand: %t -> Mon Aug 8 01:31:49 2011 >>>> ++[detail] returns ok >>>> ++[unix] returns ok >>>> [radutmp] expand: /var/log/freeradius/radutmp -> >>>> /var/log/freeradius/radutmp >>>> [radutmp] expand: %{User-Name} -> 10021 >>>> ++[radutmp] returns ok >>>> [sql] expand: %{User-Name} -> 10021 >>>> [sql] sql_set_user escaped user --> '10021' >>>> [sql] expand: %{Acct-Delay-Time} -> 0 >>>> [sql] expand: INSERT INTO tbl_acct >>>> (acctsessionid, acctuniqueid, username, realm, >>>> nasipaddress, nasportid, nasporttype, >>>> acctstarttime, acctstoptime, acctsessiontime, >>>> acctauthentic, connectinfo_start, connectinfo_stop, >>>> acctinputoctets, acctoutputoctets, calledstationid, >>>> callingstationid, acctterminatecause, servicetype, >>>> framedprotocol, framedipaddress, acctstartdelay, >>>> acctstopdelay, xascendsessionsvrkey) VALUES >>>> ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', >>>> '%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}', >>>> '%{NAS-Port}', '%{NAS-Port-Type}', '%S', NULL, >>>> '0', '%{Acct-Authentic}', '%{Connect-Info}', '', '0', >>>> '0', '%{Called-Station-Id}', '%{Calling-Station-Id}', '', >>>> '%{Service-Type}', '%{Framed-Protocol}', >>>> '%{Framed-IP-Address}', >>>> rlm_sql (sql): Reserving sql socket id: 2 >>>> rlm_sql (sql): Released sql socket id: 2 >>>> ++[sql] returns ok >>>> ++[exec] returns noop >>>> [attr_filter.accounting_response] expand: %{User-Name} -> 10021 >>>> attr_filter: Matched entry DEFAULT at line 12 >>>> ++[attr_filter.accounting_response] returns updated >>>> Sending Accounting-Response of id 56 to xxx.xx.xx.xx port 40276 >>>> Finished request 3. >>>> Cleaning up request 3 ID 56 with timestamp +17 >>>> Going to the next request >>>> Waking up in 4.8 seconds. >>>> >>>> The condition outputs 23737418240 > 21093361889 RETURNS FALSE . >>>> >>>> On Mon, Aug 8, 2011 at 12:51 PM, Arran Cudbard-Bell >>>> <[email protected]> wrote: >>>>> RFC 2865: >>>>> >>>>> integer 32 bit unsigned value, most significant octet first. >>>>> >>>>> FreeRADIUS is just a RADIUS server, and the temporary integer attributes >>>>> are just RADIUS attributes. >>>>> >>>>> -Arran >>>>> >>>>> >>>>> >>>>> On 8 Aug 2011, at 09:11, Suman Dash wrote: >>>>> >>>>>> I am trying to replace sqlcounter with Unland expression in Post Auth >>>>>> Section. The values are successfully called but while storing in >>>>>> Tmp-Interger those are stripped. Below are the logs . >>>>>> As you can see from the logs that Mysql returns a value of 20989570594 >>>>>> But it's stored as 3557549056 for Tmp-Integer-0 >>>>>> >>>>>> The same happens to Tmp-Integer-1 due to which the expression output >>>>>> becomes FALSE instead of TRUE. >>>>>> >>>>>> Is this the limitation of Tmp-Integer as it is an 32bit int ? >>>>>> >>>>>> ##Post-Auth Section >>>>>> >>>>>> sql >>>>>> update control { >>>>>> Tmp-Integer-0 := "%{sql:SELECT >>>>>> IFNULL(SUM(AcctInputOctets)+SUM(AcctOutputOctets),0) \ >>>>>> FROM tbl_acct WHERE >>>>>> UserName='%{User-Name}' \ >>>>>> AND >>>>>> MONTH(acctstoptime) = MONTH(NOW()) \ >>>>>> AND YEAR(acctstoptime) >>>>>> = YEAR(NOW())}" >>>>>> Tmp-Integer-1 := "%{sql:SELECT >>>>>> tbl_groupcheck.value from tbl_groupcheck \ >>>>>> JOIN tbl_usergroup on >>>>>> tbl_groupcheck.groupname = tbl_usergroup.groupname \ >>>>>> where >>>>>> tbl_usergroup.username = '%{User-Name}'}" >>>>>> } >>>>>> if ("%{control:Tmp-Integer-1}" > >>>>>> "%{control:Tmp-Integer-0}") { >>>>>> update reply { >>>>>> Mikrotik-Recv-Limit := >>>>>> "%{control:Tmp-Integer-1}" - "%{control:Tmp-Integer-0}" >>>>>> } >>>>>> >>>>>> } >>>>>> if ("%{control:Tmp-Integer-1}" <= >>>>>> "%{control:Tmp-Integer-0}") { >>>>>> update reply { >>>>>> Reply-Message := "Fair Usage >>>>>> Policy Enforced, Bandwidth Limited" >>>>>> Mikrotik-Rate-Limit := >>>>>> "128K/256K 128K/256K 128K/256K 180/180 8" >>>>>> } >>>>>> >>>>>> } >>>>>> ##MySQL Table >>>>>> >>>>>> mysql> SELECT IFNULL(SUM(AcctInputOctets)+SUM(AcctOutputOctets),0) >>>>>> -> FROM tbl_acct WHERE UserName='10021' >>>>>> -> AND MONTH(acctstoptime) = MONTH(NOW()) >>>>>> -> AND YEAR(acctstoptime) = YEAR(NOW()); >>>>>> >>>>>> +------------------------------------------------------+ >>>>>> | IFNULL(SUM(AcctInputOctets)+SUM(AcctOutputOctets),0) | >>>>>> +------------------------------------------------------+ >>>>>> | 20989570594 | >>>>>> +------------------------------------------------------+ >>>>>> 1 row in set (0.00 sec) >>>>>> >>>>>> mysql> SELECT tbl_groupcheck.value from tbl_groupcheck >>>>>> -> JOIN tbl_usergroup on tbl_groupcheck.groupname = >>>>>> tbl_usergroup.groupname >>>>>> -> where tbl_usergroup.username = '10021'; >>>>>> >>>>>> +-------------+ >>>>>> | value | >>>>>> +-------------+ >>>>>> | 20737418240 | >>>>>> +-------------+ >>>>>> 1 row in set (0.00 sec) >>>>>> >>>>>> >>>>>> ##RADIUS DEBUG LOG >>>>>> >>>>>> >>>>>> Finished request 4. >>>>>> Cleaning up request 4 ID 176 with timestamp +15 >>>>>> Going to the next request >>>>>> Ready to process requests. >>>>>> rad_recv: Access-Request packet from host XXX.XX.XX.86 port 44198, >>>>>> id=236, length=132 >>>>>> Service-Type = Framed-User >>>>>> Framed-Protocol = PPP >>>>>> NAS-Port = 56 >>>>>> NAS-Port-Type = Ethernet >>>>>> User-Name = "10021" >>>>>> Calling-Station-Id = "XX:XX:XX:XX:XX:XX" >>>>>> Called-Station-Id = "Internet" >>>>>> NAS-Port-Id = "LAN" >>>>>> User-Password = "10021" >>>>>> NAS-Identifier = "XXX.XXXXXXX" >>>>>> NAS-IP-Address = XXX.XX.XX.86 >>>>>> # Executing section authorize from file >>>>>> /etc/freeradius/sites-enabled/default >>>>>> +- entering group authorize {...} >>>>>> ++[preprocess] returns ok >>>>>> ++[chap] returns noop >>>>>> ++[mschap] returns noop >>>>>> ++[digest] returns noop >>>>>> [suffix] No '@' in User-Name = "10021", looking up realm NULL >>>>>> [suffix] No such realm "NULL" >>>>>> ++[suffix] returns noop >>>>>> [eap] No EAP-Message, not doing EAP >>>>>> ++[eap] returns noop >>>>>> [files] users: Matched entry DEFAULT at line 172 >>>>>> ++[files] returns ok >>>>>> [sql] expand: %{User-Name} -> 10021 >>>>>> [sql] sql_set_user escaped user --> '10021' >>>>>> rlm_sql (sql): Reserving sql socket id: 3 >>>>>> [sql] expand: SELECT id, username, attribute, value, op >>>>>> FROM tbl_check WHERE username = '%{SQL-User-Name}' >>>>>> ORDER BY id -> SELECT id, username, attribute, value, op >>>>>> FROM tbl_check WHERE username = '10021' ORDER BY >>>>>> id >>>>>> [sql] User found in radcheck table >>>>>> [sql] expand: SELECT id, username, attribute, value, op >>>>>> FROM tbl_reply WHERE username = '%{SQL-User-Name}' >>>>>> ORDER BY id -> SELECT id, username, attribute, value, op >>>>>> FROM tbl_reply WHERE username = '10021' ORDER BY >>>>>> id >>>>>> [sql] expand: SELECT groupname FROM tbl_usergroup >>>>>> WHERE username = '%{SQL-User-Name}' ORDER BY priority -> >>>>>> SELECT groupname FROM tbl_usergroup WHERE username >>>>>> = '10021' ORDER BY priority >>>>>> [sql] expand: SELECT id, groupname, attribute, Value, op >>>>>> FROM tbl_groupcheck WHERE groupname = '%{Sql-Group}' >>>>>> ORDER BY id -> SELECT id, groupname, attribute, >>>>>> Value, op FROM tbl_groupcheck WHERE groupname = >>>>>> 'TEST-10G' ORDER BY id >>>>>> [sql] User found in group TEST-10G >>>>>> [sql] expand: SELECT id, groupname, attribute, value, op >>>>>> FROM tbl_groupreply WHERE groupname = '%{Sql-Group}' >>>>>> ORDER BY id -> SELECT id, groupname, attribute, >>>>>> value, op FROM tbl_groupreply WHERE groupname = >>>>>> 'TEST-10G' ORDER BY id >>>>>> rlm_sql (sql): Released sql socket id: 3 >>>>>> ++[sql] returns ok >>>>>> rlm_checkval: Item Name: Calling-Station-Id, Value: XX:XX:XX:BA:8A:3B >>>>>> rlm_checkval: Value Name: Calling-Station-Id, Value: XX:XX:XX:BA:8A:3B >>>>>> ++[checkval] returns ok >>>>>> [expiration] Checking Expiration time: '1 Sep 2011' >>>>>> ++[expiration] returns ok >>>>>> ++[logintime] returns noop >>>>>> ++[pap] returns updated >>>>>> Found Auth-Type = PAP >>>>>> # Executing group from file /etc/freeradius/sites-enabled/default >>>>>> +- entering group PAP {...} >>>>>> [pap] login attempt with password "XXXXX" >>>>>> [pap] Using CRYPT password "XXXXXXXXXXXXXX" >>>>>> [pap] User authenticated successfully >>>>>> ++[pap] returns ok >>>>>> # Executing section session from file >>>>>> /etc/freeradius/sites-enabled/default >>>>>> +- entering group session {...} >>>>>> [radutmp] expand: /var/log/freeradius/radutmp -> >>>>>> /var/log/freeradius/radutmp >>>>>> [radutmp] expand: %{User-Name} -> 10021 >>>>>> ++[radutmp] returns ok >>>>>> # Executing section post-auth from file >>>>>> /etc/freeradius/sites-enabled/default >>>>>> +- entering group post-auth {...} >>>>>> [sql] expand: %{User-Name} -> 10021 >>>>>> [sql] sql_set_user escaped user --> '10021' >>>>>> [sql] expand: %{User-Password} -> XXXXX >>>>>> [sql] expand: INSERT INTO tbl_postauth >>>>>> (username, pass, reply, authdate) VALUES ( >>>>>> '%{User-Name}', >>>>>> '%{%{User-Password}:-%{Chap-Password}}', >>>>>> '%{reply:Packet-Type}', '%S') -> INSERT INTO tbl_postauth >>>>>> (username, pass, reply, authdate) >>>>>> VALUES ( '10021', >>>>>> '10021', 'Access-Accept', '2011-08-08 >>>>>> 00:27:25') >>>>>> rlm_sql (sql) in sql_postauth: query is INSERT INTO tbl_postauth >>>>>> (username, pass, reply, authdate) >>>>>> VALUES ( '10021', >>>>>> '10021', 'Access-Accept', >>>>>> '2011-08-08 00:27:25') >>>>>> rlm_sql (sql): Reserving sql socket id: 2 >>>>>> rlm_sql (sql): Released sql socket id: 2 >>>>>> ++[sql] returns ok >>>>>> sql_xlat >>>>>> expand: %{User-Name} -> 10021 >>>>>> sql_set_user escaped user --> '10021' >>>>>> expand: SELECT >>>>>> IFNULL(SUM(AcctInputOctets)+SUM(AcctOutputOctets),0) >>>>>> FROM tbl_acct WHERE UserName='%{User-Name}' >>>>>> AND MONTH(acctstoptime) = MONTH(NOW()) >>>>>> AND YEAR(acctstoptime) = YEAR(NOW()) -> SELECT >>>>>> IFNULL(SUM(AcctInputOctets)+SUM(AcctOutputOctets),0) >>>>>> FROM tbl_acct WHERE UserName='10021' >>>>>> AND MONTH(acctstoptime) = MONTH(NOW()) >>>>>> AND YEAR(acctstoptime) = YEAR(NOW()) >>>>>> rlm_sql (sql): Reserving sql socket id: 1 >>>>>> sql_xlat finished >>>>>> rlm_sql (sql): Released sql socket id: 1 >>>>>> expand: %{sql:SELECT >>>>>> IFNULL(SUM(AcctInputOctets)+SUM(AcctOutputOctets),0) >>>>>> FROM tbl_acct WHERE UserName='%{User-Name}' >>>>>> AND MONTH(acctstoptime) = MONTH(NOW()) >>>>>> AND YEAR(acctstoptime) = YEAR(NOW())} -> 20989570594 >>>>>> sql_xlat >>>>>> expand: %{User-Name} -> 10021 >>>>>> sql_set_user escaped user --> '10021' >>>>>> expand: SELECT tbl_groupcheck.value from tbl_groupcheck >>>>>> JOIN tbl_usergroup on tbl_groupcheck.groupname = >>>>>> tbl_usergroup.groupname >>>>>> where tbl_usergroup.username = '%{User-Name}' -> SELECT >>>>>> tbl_groupcheck.value from tbl_groupcheck >>>>>> JOIN tbl_usergroup on tbl_groupcheck.groupname = >>>>>> tbl_usergroup.groupname >>>>>> where tbl_usergroup.username = '10021' >>>>>> rlm_sql (sql): Reserving sql socket id: 0 >>>>>> sql_xlat finished >>>>>> rlm_sql (sql): Released sql socket id: 0 >>>>>> expand: %{sql:SELECT tbl_groupcheck.value from tbl_groupcheck >>>>>> JOIN tbl_usergroup on tbl_groupcheck.groupname = >>>>>> tbl_usergroup.groupname >>>>>> where tbl_usergroup.username = '%{User-Name}'} -> >>>>>> 20737418240 >>>>>> ++[control] returns ok >>>>>> ++? if ("%{control:Tmp-Integer-1}" > "%{control:Tmp-Integer-0}") >>>>>> expand: %{control:Tmp-Integer-1} -> 3557549056 >>>>>> expand: %{control:Tmp-Integer-0} -> 3809701410 >>>>>> ? Evaluating ("%{control:Tmp-Integer-1}" > "%{control:Tmp-Integer-0}") >>>>>> -> FALSE >>>>>> ++? if ("%{control:Tmp-Integer-1}" > "%{control:Tmp-Integer-0}") -> FALSE >>>>>> ++? if ("%{control:Tmp-Integer-1}" <= "%{control:Tmp-Integer-0}") >>>>>> expand: %{control:Tmp-Integer-1} -> 3557549056 >>>>>> expand: %{control:Tmp-Integer-0} -> 3809701410 >>>>>> ? Evaluating ("%{control:Tmp-Integer-1}" <= "%{control:Tmp-Integer-0}") >>>>>> -> TRUE >>>>>> ++? if ("%{control:Tmp-Integer-1}" <= "%{control:Tmp-Integer-0}") -> TRUE >>>>>> ++- entering if ("%{control:Tmp-Integer-1}" <= >>>>>> "%{control:Tmp-Integer-0}") {...} >>>>>> +++[reply] returns ok >>>>>> ++- if ("%{control:Tmp-Integer-1}" <= "%{control:Tmp-Integer-0}") >>>>>> returns ok >>>>>> ++[exec] returns noop >>>>>> Sending Access-Accept of id 236 to XXX.XX.XX.86 port 44198 >>>>>> Framed-Protocol = PPP >>>>>> Framed-Compression = Van-Jacobson-TCP-IP >>>>>> Framed-MTU = 1472 >>>>>> Idle-Timeout = 300 >>>>>> Reply-Message = "Fair Usage Policy Enforced, Bandwidth Limited" >>>>>> Mikrotik-Rate-Limit = "128K/256K 128K/256K 128K/256K 180/180 8" >>>>>> Framed-Netmask = 255.255.255.0 >>>>>> Session-Timeout = 2071955 >>>>>> Finished request 5. >>>>>> Going to the next request >>>>>> Waking up in 4.9 seconds. >>>>>> rad_recv: Accounting-Request packet from host XXX.XX.XX.86 port 45096, >>>>>> id=237, length=154 >>>>>> Service-Type = Framed-User >>>>>> Framed-Protocol = PPP >>>>>> NAS-Port = 56 >>>>>> NAS-Port-Type = Ethernet >>>>>> User-Name = "10021" >>>>>> Calling-Station-Id = "XX:XX:XX:BA:8A:3B" >>>>>> Called-Station-Id = " Internet" >>>>>> NAS-Port-Id = "LAN" >>>>>> Acct-Session-Id = "81800034" >>>>>> Framed-IP-Address = XXX.XX.XX.250 >>>>>> Acct-Authentic = RADIUS >>>>>> Event-Timestamp = "Aug 8 2011 00:27:23 IST" >>>>>> Acct-Status-Type = Start >>>>>> NAS-Identifier = "XXX.XXXXXXX" >>>>>> NAS-IP-Address = XXX:XX:XX.86 >>>>>> Acct-Delay-Time = 0 >>>>>> # Executing section preacct from file >>>>>> /etc/freeradius/sites-enabled/default >>>>>> +- entering group preacct {...} >>>>>> ++[preprocess] returns ok >>>>>> [acct_unique] Hashing 'NAS-Port = 56,Client-IP-Address = >>>>>> XXX.XX.XX.86,NAS-IP-Address = XXX.XX.XX.86,Acct-Session-Id = >>>>>> "81800034",User-Name = "10021"' >>>>>> [acct_unique] Acct-Unique-Session-ID = "e99f1594c7c50876". >>>>>> ++[acct_unique] returns ok >>>>>> [suffix] No '@' in User-Name = "10021", looking up realm NULL >>>>>> [suffix] No such realm "NULL" >>>>>> ++[suffix] returns noop >>>>>> ++[files] returns noop >>>>>> # Executing section accounting from file >>>>>> /etc/freeradius/sites-enabled/default >>>>>> +- entering group accounting {...} >>>>>> [detail] expand: >>>>>> /var/log/freeradius/radacct/%{Client-IP-Address}/detail-%Y%m%d -> >>>>>> /var/log/freeradius/radacct/125.20.80.86/detail-20110808 >>>>>> [detail] /var/log/freeradius/radacct/%{Client-IP-Address}/detail-%Y%m%d >>>>>> expands to /var/log/freeradius/radacct/125.20.80.86/detail-20110808 >>>>>> [detail] expand: %t -> Mon Aug 8 00:27:25 2011 >>>>>> ++[detail] returns ok >>>>>> ++[unix] returns ok >>>>>> [radutmp] expand: /var/log/freeradius/radutmp -> >>>>>> /var/log/freeradius/radutmp >>>>>> [radutmp] expand: %{User-Name} -> 10021 >>>>>> ++[radutmp] returns ok >>>>>> [sql] expand: %{User-Name} -> 10021 >>>>>> [sql] sql_set_user escaped user --> '10021' >>>>>> [sql] expand: %{Acct-Delay-Time} -> 0 >>>>>> [sql] expand: INSERT INTO tbl_acct >>>>>> (acctsessionid, acctuniqueid, username, realm, >>>>>> nasipaddress, nasportid, nasporttype, >>>>>> acctstarttime, acctstoptime, acctsessiontime, >>>>>> acctauthentic, connectinfo_start, connectinfo_stop, >>>>>> acctinputoctets, acctoutputoctets, calledstationid, >>>>>> callingstationid, acctterminatecause, servicetype, >>>>>> framedprotocol, framedipaddress, acctstartdelay, >>>>>> acctstopdelay, xascendsessionsvrkey) VALUES >>>>>> ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', >>>>>> '%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}', >>>>>> '%{NAS-Port}', '%{NAS-Port-Type}', '%S', NULL, >>>>>> '0', '%{Acct-Authentic}', '%{Connect-Info}', '', '0', >>>>>> '0', '%{Called-Station-Id}', '%{Calling-Station-Id}', '', >>>>>> '%{Service-Type}', '%{Framed-Protocol}', >>>>>> '%{Framed-IP-Address}', >>>>>> rlm_sql (sql): Reserving sql socket id: 4 >>>>>> rlm_sql (sql): Released sql socket id: 4 >>>>>> ++[sql] returns ok >>>>>> ++[exec] returns noop >>>>>> [attr_filter.accounting_response] expand: %{User-Name} -> 10021 >>>>>> attr_filter: Matched entry DEFAULT at line 12 >>>>>> ++[attr_filter.accounting_response] returns updated >>>>>> Sending Accounting-Response of id 237 to XXX.XX.XX.86 port 45096 >>>>>> Finished request 6. >>>>>> Cleaning up request 6 ID 237 with timestamp +18 >>>>>> Going to the next request >>>>>> Waking up in 4.8 seconds. >>>>>> - >>>>>> List info/subscribe/unsubscribe? See >>>>>> http://www.freeradius.org/list/users.html >>>>>> >>>>> >>>>> Arran Cudbard-Bell >>>>> [email protected] >>>>> >>>>> RADIUS - Half the complexity of Diameter >>>>> >>>>> >>>>> - >>>>> List info/subscribe/unsubscribe? See >>>>> http://www.freeradius.org/list/users.html >>>>> >>>> >>>> - >>>> List info/subscribe/unsubscribe? See >>>> http://www.freeradius.org/list/users.html >>>> >>> >>> Arran Cudbard-Bell >>> [email protected] >>> >>> RADIUS - Half the complexity of Diameter >>> >>> >>> - >>> List info/subscribe/unsubscribe? See >>> http://www.freeradius.org/list/users.html >>> >> >> - >> List info/subscribe/unsubscribe? See >> http://www.freeradius.org/list/users.html >> > > Arran Cudbard-Bell > [email protected] > > RADIUS - Half the complexity of Diameter > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
