Hello Guilherme -

On Wed, 24 Nov 1999, Guilherme Maranh�o wrote:
> Hi,
> 
> I'm using the following radius.cfg.
> When a user request an authentication, the radiator make this
> authentication properly and write the accounting information on  a SQL
> Server located in another machine. If SQL Server is down, the radiator
> try to authenticate the user by SQL and do nothing. But I'm use auth by
> sql only for accounting and auth by file for authentication.
> I think radiator would try with sql and if the server is down, try the
> file.
> After the radius.cfg i send the log file to show my problem.
> 

Yes. The problem is that AuthSQL.pm verifies its connection to the database
before it does anything else, so it gets stuck at that point. 

I think it might be useful to rewrite your configuration file along these lines:

# radius.cfg
#
# Configuration file for radius server
#
# Author: Mike McCauley ([EMAIL PROTECTED])
# Copyright (C) 1997 Open System Consultants
# $Id: radius2.cfg,v 1.4 1998/03/06 04:43:37 mikem Exp $
#
#Foreground
#LogStdout

# I'm not sure about Trace 9....

Trace 9

AuthPort         1645
AcctPort         1646
LogDir           /var/log/radius
DbDir            /etc/radiator
LogFile          %L/logfile
DictionaryFile   %D/dictionary

<Client muda.rio.com.br>
 Secret **OMITTED**
 DefaultRealm rio.com.br
 IdenticalClients ilha.rio.com.br
 IdenticalClients alto.rio.com.br
</Client>

<AuthBy UNIX>
         Identifier System
         Filename %D/www.passwd
         GroupFilename /etc/group
</AuthBy>

<Handler Request-Type = Accounting-Request>
 RewriteUsername s/^([^@]+).*/$1/
 <AuthBy SQL>
         DBSource              dbi:ODBC:SQL_RECREIO
         DBUsername      radiator
         DBAuth          radiator
         AuthSelect
         AccountingTable accounting
         AcctColumnDef
stoptime,Timestamp,formatted-date,'%m/%e/%Y %H:%M:%S'
         AcctColumnDef username,User-Name
         AcctColumnDef acctsessionid,Acct-Session-Id
         AcctColumnDef
acctstatustype,Acct-Status-Type,integer
         AcctColumnDef nasipaddress,NAS-IP-Address
         AcctColumnDef nasport,NAS-Port,integer
         AcctColumnDef servicetype,Service-Type,integer
         AcctColumnDef nasporttype,NAS-Port-Type,integer
         AcctColumnDef
framedprotocol,Framed-Protocol,integer
          AcctColumnDef framedipaddress,Framed-IP-Address
          AcctColumnDef timestamp,Timestamp,integer
          AcctColumnDef
acctsessiontime,Acct-Session-Time,integer
           AcctColumnDef
callingstationid,Calling-Station-Id
           AcctColumnDef
acctterminatcause,Acct-Terminat-Cause,integer
           AcctColumnDef
usrmodulationtype,USR-Modulation-Type,integer
           AcctColumnDef
usrconnectspeed,USR-Connect-Speed,integer
           AcctColumnDef
usrsimplifiedmnplevels,USR-Simplified-MNP-Levels,integer
           AcctColumnDef
acctinputoctets,Acct-Input-Octets,integer
           AcctColumnDef
acctoutputoctets,Acct-Output-Octets,integer
           AcctColumnDef
acctinputpackets,Acct-Input-Packets,integer
           AcctColumnDef
acctoutputpackets,Acct-Output-Packets,integer
           Timeout 10
 </AuthBy>
</Handler>

<Handler Realm = mlppp>
 RewriteUsername s/^([^@]+).*/$1/
 <AuthBy FILE>
         Filename %D/users
 </AuthBy>
 MaxSessions 2
</Handler>

<Handler Realm = DEFAULT>
 RewriteUsername s/^([^@]+).*/$1/
 <AuthBy FILE>
         Filename %D/users
 </AuthBy>
 MaxSessions 1
 AcctLogFileName %L/%Y%m/detail-%d
</Handler>

I have moved the logging of accounting packets to a separate Handler, so as not
to affect the authentication process.

Note that the support for the Request-Type check item is in the Radiator 2.14.1
patches (http://www.open.com.au/radiator/downloads/patches-2.14.1/) in
AuthGeneric.pm.

If you have any questions I'll be happy to help.

hth

Hugh

--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8,
NT, Rhapsody

===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Reply via email to