Hi Mike,
Attached is my radius.cfg file with secrets removed, could you let me know
where to add in the AuthSelect and AuthColumDef lines.
Regards. Paul
Mike McCauley wrote:
>
> On Dec 15, 6:18am, Paul Black wrote:
> > Subject: Re: (RADIATOR) MAX IDLE TIME
> > My Tigris was using the Idle-Timeout attribute in the users file correctly
> > before I started using radmin. Could you please give me some more hints on
> how
> > to set the Idle-Timeout attribute (from the database field) in the reply?
>
> If you have a database column IDLETIMEOUT that you want to use for
> Idle-Timeout, you could have something like:
>
> AuthSelect select PASS_WORD, STATICADDRESS, TIMELEFT, MAXLOGINS, IDLETIMEOUT
> from RADUSERS where USERNAME='%n' and BADLOGINS < 5 and VALIDFROM < %t and
> VALIDTO > %t
>
> AuthColumnDef 4,Idle-Timeout,reply
>
> Hope that helps.
# livingCompat.cfg
#
# This is a simple Radiator config file that allows you
# to continue using a bog standard Livingston or
# similar users file with Radiator, It implements the
# Auth-Type="System" check item by using AuthBy UNIX
#
# You will probably want to change the definitions of
# DbDir, LogDir and the Filename parameters
#
# Author: Mike McCauley ([EMAIL PROTECTED])
# Copyright (C) 1997 Open System Consultants
# $Id: livingCompat.cfg,v 1.3 1999/07/12 02:01:35 mikem Exp $
#Foreground
#LogStdout
Trace 4
DbDir /etc/raddb
LogDir /var/log/radacct
DictionaryFile /etc/raddb/dictionary
RewriteUsername s/^.*\\|@.*$|^\s+|\s+$//g
# This clause defines a single client to listen to
# You will probably want to change localhost and mysecret
# to suit your site.
<Client iggy>
Secret XXXX
</Client>
<Client dm1>
Secret XXXX
</Client>
<Client pm1>
Secret XXXX
</Client>
# This clause means we will handle any real that arrives
<Realm DEFAULT>
AuthByPolicy ContinueWhileReject
<AuthBy RADMIN>
# Change DBSource, DBUsername, DBAuth for your database
# See the reference manual. You will also have to
# change the one in <SessionDatabse SQL> below
# so its the same
DBSource dbi:mysql:radmin
DBUsername radmin
DBAuth XXXX
# You can add to or change these if you want, but you
# will probably want to change the databse schema first
AccountingTable RADUSAGE
AcctColumnDef USERNAME,User-Name
AcctColumnDef TIME_STAMP,Timestamp,integer
AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type,integer
AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer
AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
AcctColumnDef ACCTSESSIONID,Acct-Session-Id
AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause,integer
AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
AcctColumnDef NASIDENTIFIER,NAS-Identifier
AcctColumnDef NASIDENTIFIER,NAS-IP-Address
AcctColumnDef NASPORT,NAS-Port,integer
AcctColumnDef DNIS,Called-Station-Id
#
# This updates the time and octets left for this user
#
AcctSQLStatement update RADUSERS set
TIMELEFT=TIMELEFT-0%{Acct-Session-Time},
OCTETSINLEFT=OCTETSINLEFT-0%{Acct-Input-Octets},
OCTETSOUTLEFT=OCTETSOUTLEFT-0%{Acct-Output-Octets} where USERNAME='%n'
#
# #
# # These are the classic things to add to each users
# # reply to allow a PPP dialup session. It may be
# # different for your NAS. This will add some
# # reply items to everyone's reply
# #
#
AddToReply Framed-Protocol = PPP,\
Framed-IP-Netmask = 255.255.255.255,\
Framed-Routing = None,\
Framed-MTU = 1500,\
Framed-Compression = Van-Jacobson-TCP-IP
</AuthBy>
<AuthBy FILE>
Filename /etc/raddb/users
</AuthBy>
<AuthBy UNIX>
Filename /etc/shadow
</AuthBy>
AcctLogFileName /var/log/radacct/dm1/detail
</Realm>
<SessionDatabase SQL>
# This database spec usually should be exactly the same
# as in <AuthBy RADMIN> above
DBSource dbi:mysql:radmin
DBUsername radmin
DBAuth XXXX
</SessionDatabase>
# This clause defines an authorisation method that will be used
# by any users in the database with Auth-Type="System". It will
# match the "Identifier System"
<AuthBy UNIX>
Identifier System
Filename /etc/shadow
</AuthBy>
