Hello Lisa -
At 10:49 +0100 18/12/00, Lisa Goulet wrote:
>Hi all,
>
>When I look in the RADONLINE table or use radwho.cgi I see only <=2 users.
>When I look in the trace 4 log file I see "start accounting" of many
>simultaneous users. I watched it over an hour or so and it's the same case.
>radwho.cgi(radonline) stop showing records even though many users still
>haven't received "stop accounting".
>
>In the trace file, I see the expected sequence of:
>
>- access-request -> delete from radonline
>- start accounting -> delete from and add to radonline
>- stop accounting -> delete from radonline
>
>I would appreciate any tips.
>Regards,
>Lisa
>
>Here's are config file and a part of the logfile:
>Config file:
>------------
>Client DEFAULT>
> Secret xxxxxxxxxx
> DupInterval 0
>
> # set attribute if dnis is a zon dnis
> PreHandlerHook sub { \
> my $dnis = ${$_[0]}->get_attr('Called-Station-Id');\
> if (${dnis} =~ /107500300|113750030/{\
> ${$_[0]}->add_attr('zon_dnis','true'); return; \
> }\
> }
></Client>
>
>
><ClientListSQL>
> DBSource dbi:Pg:dbname=radmin;host=xxx.xxx.xxx.xxx
> DBUsername radmin
> DBAuth radmin
></ClientListSQL>
>
><SessionDatabase SQL>
> # This database spec usually should be exactly the same
> # as in <AuthBy RADMIN> above
> DBSource dbi:Pg:dbname=radmin;host=xxx.xxx.xxx.xxx
> DBUsername radmin
> DBAuth radmin
>
> AddQuery insert into RADONLINE (USERNAME, NASIDENTIFIER, NASPORT,
>ACCTSESSIONID, TIME_STAMP, DNIS) \
> values ('%n', '%N', 0, '%{Acct-Session-Id}', %{Timestamp},
>'%{Called-Station-Id}')
></SessionDatabase>
>
><AuthBy PORTLIMITCHECK>
> Identifier PortLimitCheckZon
> SessionLimit 20
> LimitQuery select maxports from portlimits \
> where DNIS='zon_dnis'
> CountQuery select COUNT(*) from RADONLINE \
> where DNIS='107500300' or DNIS='113750030'
></AuthBy>
>
><AuthBy RADIUS>
> Identifier LocalCheck
> Host yyy.yyy.yyy.yyy
> Secret yyyyyyy
> CachePasswords
> CachePasswordExpiry
></AuthBy>
>
><AuthBy RADIUS>
> Identifier zonnetproxy
> Host zzz.zzz.zzz.zzz
> Secret zzzzzzzz
></AuthBy>
>
><Handler zon_dnis="true">
> AuthByPolicy ContinueWhileAccept
> AuthBy PortLimitCheckZon
> AuthBy zonnetproxy
></Handler>
>
><Handler>
> AuthByPolicy ContinueWhileAccept
> AuthBy LocalCheck
></Handler>
>------------------------------------------------------
>trace 4:
>*** Received from 213.35.248.143 port 1645 ....
>Code: Access-Request
>Identifier: 203
>Authentic: <217><227><228><6>Q<135>(4<175><197><236><166><152><194><239>W
>Attributes:
> NAS-IP-Address = 213.35.248.143
> Cisco-NAS-Port = "Async1/9/50*Serial1/1/11:2"
> NAS-Port-Type = Async
> User-Name = "mw_bakker"
> Called-Station-Id = "207500300"
> Calling-Station-Id = "299462099"
> User-Password =
>"<207><252>M<179><193>U.<3><212><149><160><<203>T<139>7"
> Service-Type = Framed-User
> Framed-Protocol = PPP
>
>Mon Dec 18 08:32:13 2000: DEBUG: Check if Handler zon_dnis="true" should be
>used to handle this request
>Mon Dec 18 08:32:13 2000: DEBUG: Handling request with Handler
>'zon_dnis="true"'
>Mon Dec 18 08:32:13 2000: DEBUG: Deleting session for mw_bakker,
>213.35.248.143,
>Mon Dec 18 08:32:13 2000: DEBUG: do query is: delete from RADONLINE where
>NASIDENTIFIER='213.35.248.143' and NASPORT=0
>
>Mon Dec 18 08:32:13 2000: DEBUG: Handling with PORTLIMITCHECK
>Mon Dec 18 08:32:13 2000: DEBUG: Query is: select COUNT(*) from RADONLINE
>where DNIS='107500300' or DNIS='113750030'
>Mon Dec 18 08:32:13 2000: DEBUG: PORTLIMITCHECK got a current session count
>of 0
>Mon Dec 18 08:32:13 2000: DEBUG: Query is: select maxports from portlimits
>where DNIS='zon_dnis'
>
>Mon Dec 18 08:32:13 2000: DEBUG: PORTLIMITCHECK got a limit of 20000
>Mon Dec 18 08:32:13 2000: DEBUG: Handling with Radius::AuthRADIUS
>Mon Dec 18 08:32:13 2000: DEBUG: Packet dump:
>*** Sending to zzz.zzz.zzz.zzz port 1645 ....
>Code: Access-Request
>Identifier: 5
>Authentic: <217><227><228><6>Q<135>(4<175><197><236><166><152><194><239>W
>Attributes:
> NAS-IP-Address = 213.35.248.143
> Cisco-NAS-Port = "Async1/9/50*Serial1/1/11:2"
> NAS-Port-Type = Async
> User-Name = "mw_bakker"
> Called-Station-Id = "207500300"
> Calling-Station-Id = "299462099"
> User-Password =
>"V<134><169><15>K<246><177>V<176>$<218><177><18><245><240><142>"
> Service-Type = Framed-User
> Framed-Protocol = PPP
> zon_dnis = "true"
>
A quick look at the trace shows that RADONLINE is using the attribute
"NASPORT" which I am guessing is always 0, because the radius
requests contain "Cisco-NAS-Port" instead (which is a string). I
would conclude that there are only two users shown because there are
two NAS's, and all the reqests for each one use "NAS-Port = 0".
I seem to remember this topic being discussed on the list some time ago.
hth
Hugh
--
NB: I am travelling this week, so there may be delays in our correspondence.
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
