Hi;
Our system is working just fine (authentication wise), but I need to be able to send
accounting packets to two seperate locations for a particular realm.
For example:
Authentication packets for a certain realm are proxied (AuthBy Realm) to another
Radius server which works fine.
Accounting packets should be sent there too, this seems to be happening as well (it is
not our radius server so I don't know for sure).
I also want to be able to stuff the contents of the accounting packets into an SQL
database, which I am currently doing for realms that authenticate of the same database.
Here is my current config for the realm in question:
<Realm regional.com>
AuthByPolicy ContinueWhileAccept #I was just guesing on this one
RewriteUsername tr/A-Za-z0-9\-\_\&\.\@/ /cs
RewriteUsername s/^([^@]+).*/$1/
<AuthBy RADIUS>
Host <Hidden>
Secret <Hidden>
</AuthBy>
<AuthBy SQL>
DBSource dbi:mysql:<Hidden>
DBUsername <Hidden>
DBAuth <Hidden>
AuthSelect SELECT DialupUsers.password FROM DialupUsers, DialupService
WHERE DialupService.my_key = DialupUsers.my_key AND user_name = '%U' AND
DialupService.realm = 'not_real' AND type='region' AND status='ACTIVE'
DefaultReply User-Service-Type = Framed-User, Framed-Protocol = PPP,
Framed-IP-Address = 255.255.255.254, Framed-IP-Netmask = 255.255.255.255,
Framed-Routing = NoneFramed-MTU = 1500, Framed-Compression = Van-Jacobson-TCP-IP,
Session-Timeout = 28800, Idle-Timeout = 1800
AuthColumnDef 0, User-Password, check
AccountingStopsOnly
AccountingTable ACCOUNTING_NATIONAL
AcctColumnDef USERNAME,User-Name
AcctColumnDef TIME_STAMP,Timestamp,integer
AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer
AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
AcctColumnDef ACCTSESSIONID,Acct-Session-Id
AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
AcctColumnDef ACCTTERMINATECAUSE,Acct_Terminate-Cause
AcctColumnDef NASIDENTIFIER,NAS-Identifier
AcctColumnDef NASPORT,NAS-Port,integer
AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address,ipaddr
</AuthBy>
# Log accounting to the detail file in LogDir
MaxSessions 1
AcctLogFileName %L/detail-%m%d%Y
SessionDatabase SDB2
</Realm>
John D
[EMAIL PROTECTED]
PS Something else, with the sessiondatabase like it is, somethime the re-written
user-name is inserted into the database sometimes the origional username is inserted
this is just strange.
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.