RE: (RADIATOR) Session Timeout Until xx:xx

Ferhat DILMAN Mon, 6 Dec 1999 06:49:02 -0800

Title: RE: (RADIATOR) Session Timeout Until xx:xx

Hi,

I have tested Session-Timeout="until 1800" parameter and does not work.

The config is: Ascend TNT, Radiator 2.14.1 with new AuthGeneric.pm module on Debian Linux and here is the user file and the config file and the logfile.

I have radiator main server and i have created a proxy. Main server sends the requests to this server. By the way, main server is still in 2.13 version. Does it matter?

Anybody tested this new parameter?

P.S. I have added the Ascend attribute into the dictionary:
ATTRIBUTE Session-Timeout 27 integer

radius.cfg sample test file:

Foreground
LogStdout
LogDir          /var/radius
DbDir           /usr/local/etc
LogFile         %L/logfile
DictionaryFile %D/dictionary.ascend
Trace   5
<Client DEFAULT>
        Secret XXXXXXX
        DupInterval 300
        IgnoreAcctSignature
</Client>
<Realm DEFAULT>
<AuthBy FILE>
        Filename %D/users
        DefaultReply    User-Service = Framed-User,\
                        Framed-Protocol = PPP,\
                        Framed-Netmask = 255.255.255.0,\
                        Framed-Routing = None,\
                        Framed-MTU = 1500,\
                        Framed-Compression = Van-Jacobson-TCP-IP
AddToReply Session-Timeout = "until 1555"
        </AuthBy>
        AcctLogFileName %L/detail
</Realm>

users file:

fred User-Password = "xxxxxxxx",
Time = "Al0800-1555"

logfile:

Mon Dec 6 15:50:15 1999: DEBUG: Reading users file /usr/local/etc/users
Mon Dec 6 15:50:15 1999: INFO: Server started
Mon Dec 6 15:50:50 1999: DEBUG: Packet dump:
*** Received from 212.133.133.5 port 49464 ....

Packet length = 114
01 13 00 72 b7 43 50 8b 91 90 8e 7d 42 b2 3b 6e
b6 95 c1 76 01 06 66 72 65 64 02 12 0d 3b 5a 3d
83 ba bf 8d c5 2e c9 73 1e fb 02 6f 20 11 32 31
32 2e 31 33 33 2e 31 33 33 2e 32 30 32 05 06 00
00 00 c1 3d 06 00 00 00 00 06 06 00 00 00 02 07
06 00 00 00 01 18 02 1f 10 30 30 39 30 32 31 36
34 35 39 32 34 35 33 2c 0b 32 38 31 35 38 38 31
39 33
Code:       Access-Request
Identifier: 19
Authentic: <183>CP<139><145><144><142>}B<178>;n<182><149><193>v
Attributes:
        User-Name = "fred"
        Password = "<13>;Z=<131><186><191><141><197>.<201>s<30><251><2>o"
        NAS-Identifier = "212.133.133.202"
        NAS-Port = 193
NAS-Port-Type = Async
        User-Service = Framed-User
        Framed-Protocol = PPP
        State = ""
        Caller-Id = "00902164592453"
        Acct-Session-Id = "281588193"

Mon Dec 6 15:50:50 1999: DEBUG: Handling request with Handler 'Realm=DEFAULT'
Mon Dec 6 15:50:50 1999: DEBUG: Deleting session for fred, 212.133.133.202, 193
Mon Dec 6 15:50:50 1999: DEBUG: Handling with Radius::AuthFILE
Mon Dec 6 15:50:50 1999: DEBUG: Radius::AuthFILE looks for match with fred
Mon Dec 6 15:50:50 1999: DEBUG: Radius::AuthFILE ACCEPT:
Mon Dec 6 15:50:50 1999: DEBUG: Access accepted for fred
Mon Dec 6 15:50:50 1999: DEBUG: Packet dump:
*** Sending to 212.133.133.5 port 49464 ....
Code:       Access-Accept
Identifier: 19
Authentic: <183>CP<139><145><144><142>}B<178>;n<182><149><193>v
Attributes:
        User-Service = Framed-User
        Framed-Protocol = PPP
        Framed-Netmask = 255.255.255.0
        Framed-Routing = None
        Framed-MTU = 1500
        Framed-Compression = Van-Jacobson-TCP-IP
        Session-Timeout = until 1555

Mon Dec 6 15:50:51 1999: DEBUG: Packet dump:
*** Received from 212.133.133.5 port 49464 ....

Packet length = 158
04 14 00 9e 69 ad fb ae 68 de f7 c4 8e 53 b0 d9
61 76 a0 10 01 06 66 72 65 64 20 11 32 31 32 2e
31 33 33 2e 31 33 33 2e 32 30 32 05 06 00 00 00
c1 3d 06 00 00 00 00 28 06 00 00 00 01 29 06 00
00 00 00 2c 0b 32 38 31 35 38 38 31 39 33 2d 06
00 00 00 01 bb 06 00 00 05 c3 bc 06 00 00 00 00
33 06 00 00 00 01 32 0a 30 30 30 30 30 35 63 33
78 06 00 00 00 0d 79 06 00 00 00 05 7a 06 00 00
00 01 1f 10 30 30 39 30 32 31 36 34 35 39 32 34
35 33 07 06 00 00 01 06 08 06 d4 85 88 14
Code:       Accounting-Request
Identifier: 20
Authentic: i<173><251><174>h<222><247><196><142>S<176><217>av<160><16>
Attributes:
        User-Name = "fred"
        NAS-Identifier = "212.133.133.202"
        NAS-Port = 193
        NAS-Port-Type = Async
        Acct-Status-Type = Start

Acct-Delay-Time = 0
        Acct-Session-Id = "281588193"
        Acct-Authentic = RADIUS
        Ascend-Multilink-ID = 1475
        Ascend-Num-In-Multilink = 0
        Acct-Link-Count = "<0><0><0><1>"
        Acct-Multi-Session-Id = "000005c3"
        Ascend-Modem-PortNo = 13
        Ascend-Modem-SlotNo = 5
        Ascend-Modem-ShelfNo = 1
        Caller-Id = "00902164592453"
        Framed-Protocol = MP
        Framed-Address = 212.133.136.20

Mon Dec 6 15:50:51 1999: DEBUG: Handling request with Handler 'Realm=DEFAULT'
Mon Dec 6 15:50:51 1999: DEBUG: Adding session for fred, 212.133.133.202, 193
Mon Dec 6 15:50:51 1999: DEBUG: Handling with Radius::AuthFILE
Mon Dec 6 15:50:51 1999: DEBUG: Accounting accepted
Mon Dec 6 15:50:51 1999: DEBUG: Packet dump:
*** Sending to 212.133.133.5 port 49464 ....
Code: Accounting-Response

Identifier: 20
Authentic: i<173><251><174>h<222><247><196><142>S<176><217>av<160><16>
Attributes:

Mon Dec 6 15:56:16 1999: DEBUG: Packet dump:
*** Received from 212.133.133.5 port 49464 ....

Packet length = 248
04 15 00 f8 0e 34 26 04 85 66 a8 0f ef 33 69 ce
4b 62 bb b5 01 06 66 72 65 64 20 11 32 31 32 2e
31 33 33 2e 31 33 33 2e 32 30 32 05 06 00 00 00
c1 3d 06 00 00 00 00 28 06 00 00 00 02 29 06 00
00 00 00 2c 0b 32 38 31 35 38 38 31 39 33 2d 06
00 00 00 01 2e 06 00 00 01 46 2a 06 00 00 50 19
2b 06 00 01 55 56 2f 06 00 00 04 05 30 06 00 00
02 44 c3 06 00 00 00 2d c4 06 00 00 00 3c ff 06
00 00 83 40 c5 06 00 00 79 e0 c6 06 00 00 00 12
be 06 00 00 01 a1 bf 06 00 00 01 49 c0 06 00 00
00 0d c1 06 00 00 00 0c bd 06 ff ff ff ff bb 06
00 00 05 c3 bc 06 00 00 00 00 33 06 00 00 00 01
32 0a 30 30 30 30 30 35 63 33 78 06 00 00 00 0d

79 06 00 00 00 05 7a 06 00 00 00 01 1f 10 30 30
39 30 32 31 36 34 35 39 32 34 35 33 07 06 00 00
01 06 08 06 d4 85 88 14
Code:       Accounting-Request
Identifier: 21
Authentic: <14>4&<4><133>f<168><15><239>3i<206>Kb<187><181>
Attributes:
        User-Name = "fred"
        NAS-Identifier = "212.133.133.202"
        NAS-Port = 193
        NAS-Port-Type = Async
        Acct-Status-Type = Stop
        Acct-Delay-Time = 0
        Acct-Session-Id = "281588193"
        Acct-Authentic = RADIUS
        Acct-Session-Time = 326
        Acct-Input-Octets = 20505
        Acct-Output-Octets = 87382
        Acct-Input-Packets = 1029
        Acct-Output-Packets = 580
        Ascend-Disconnect-Cause = 45

Ascend-Connect-Progress = 60
        Ascend-Xmit-Rate = 33600
        Ascend-Data-Rate = 31200
        Ascend-PreSession-Time = 18
        Ascend-Pre-Input-Octets = 417
        Ascend-Pre-Output-Octets = 329
        Ascend-Pre-Input-Packets = 13
        Ascend-Pre-Output-Packets = 12
        Ascend-First-Dest = 255.255.255.255
        Ascend-Multilink-ID = 1475
        Ascend-Num-In-Multilink = 0
        Acct-Link-Count = "<0><0><0><1>"
        Acct-Multi-Session-Id = "000005c3"
        Ascend-Modem-PortNo = 13
        Ascend-Modem-SlotNo = 5
        Ascend-Modem-ShelfNo = 1
        Caller-Id = "00902164592453"
        Framed-Protocol = MP
        Framed-Address = 212.133.136.20

Mon Dec 6 15:56:16 1999: DEBUG: Handling request with Handler 'Realm=DEFAULT'
Mon Dec 6 15:56:16 1999: DEBUG: Deleting session for fred, 212.133.133.202, 193
Mon Dec 6 15:56:16 1999: DEBUG: Handling with Radius::AuthFILE
Mon Dec 6 15:56:16 1999: DEBUG: Accounting accepted
Mon Dec 6 15:56:16 1999: DEBUG: Packet dump:
*** Sending to 212.133.133.5 port 49464 ....
Code: Accounting-Response
Identifier: 21
Authentic: <14>4&<4><133>f<168><15><239>3i<206>Kb<187><181>
Attributes:

> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On
> Behalf Of Hugh Irvine
> Sent: Wednesday, December 01, 1999 12:26 AM
> To: Fe
rhat DILMAN; [EMAIL PROTECTED]
> Subject: Re: (RADIATOR) Session Timeout Until xx:xx
>
>
>
> Hello Ferhat -
>
> On Tue, 30 Nov 1999, Ferhat DILMAN wrote:
> > >%_Hi,
> > The module AuthGeneric in 2.1.14 patch area states that:
> > 28/9/99 New version of AuthGeneric supports a new format
> for Session-Timeout
> > reply items:.
> > If you have for example: Session-Timeout="until 1800" Then the
> > Session-Timeout in the reply will be calculated as the
> number of seconds up
> > until the time of day specified
> >
> > However, I am puzzled since I don't understand how to use
> this extra string
> > in AuthBy SQL module. Is it possible to use a parameter in
> AuthGeneric
> > inside AuthSQL ?
>
> AuthSQL (and all other Authxxx modules) inherits from (is built on)
> AuthGeneric, so anything in AuthGeneric is also usable in AuthSQL.
>
> Keep in mind also that Session-Timeout is a standard reply
> item and as such can
> be sent in any Access-Accept packet. You should have a look
> at Section 13 in
> the manual - Check and Reply Items. These can be used in a
> variety of places in
> Radiator: as Handler check items, as AuthBy reply items, and
> as check and reply
> items in user definitions.
>
> You could use Session-Timeout in an AuthBy SQL like this:
>
> <Handler ...>
>       <AuthBy SQL>
>               DBSource ...
>               DBAuth ...
>               DBUsername ...
>               ...
>               AddToReply Session-Timeout = "until 1800"
>               ...
>       </AuthBy>
> </Handler>
>
> and of course there are lots of other possibilities...
>
> hth
>
> Hugh
>
>
> --
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8,
> NT, Rhapsody
>
> ===
> Archive at http://www.thesite.com.au/~radiator/
> To unsubscribe, email '[EMAIL PROTECTED]' with
> 'unsubscribe radiator' in the body of the message.

RE: (RADIATOR) Session Timeout Until xx:xx

Reply via email to