Re: [RADIATOR] quota counter updates on "quotacounter" mysql table

Thu, 07 Feb 2013 14:27:24 -0800 

On 02/07/2013 01:54 PM, Thomas Kurian wrote:

> Can you check the configuration below and advice me.

Hello Thomas,

Trace 4 log should tell how (which Handlers and AuthBys) process the
requests and which SQL queries are run.

But the first thing you should do is to reorganise your configuration file:
1. Use just Handlers
2. Handlers can not be inside Realms
3. Order the Handlers correctly: first matching Handler is selected

Maybe something like this:

# Global options
# <Client ...> clauses

<Handler Acct-Status-Type = Stop>
  # Config to handle just the Stops
</Handler>

<Handler Request-Type = Accounting-Request>
  # Maybe the contents of <Realm DEFAULT> from below go here?
</Handler>

I think part of the problem is the requests are not processed by
Handlers and AuthBys as you are planning. The configuration
reorganisation should help with that.

Thanks,
Heikki




> 
> # radius.cfg
> 
> 
> #Foreground
> #LogStdout
> 
> AcctPort 1813
> AuthPort 1812
> 
> BindAddress 0.0.0.0
> 
> 
> LogDir          /var/log/radius
> DbDir           /etc/radiator
> # Use a low trace level in production systems. Increase
> # it to 4 or 5 for debugging, or use the -trace flag to radiusd
> Trace           4
> 
> # You will probably want to add other Clients to suit your work site,
> # one for each NAS you want to work with
> 
> 
> <Client DEFAULT>
>         Secret  xxxxxxxx
>         DupInterval 0
> </Client>
> 
> #<Client 94.187.135.175>
>  #       Secret  ciscowimd85
>   #      DupInterval 0
>    #     NasType Cisco
> #</Client>
> 
> #<Client 94.187.135.222>
> #       Secret  xxxxxxxx
> #       DupInterval 0
> #        NasType Cisco
> #</Client>
> 
> <Client 10.50.1.4>
>         Secret  xxxxxxxx
>         DupInterval 0
>         NasType Cisco
>         IgnoreAcctSignature
> </Client>
> 
> <Realm DEFAULT>
>         <AuthBy SQL>
> 
>                 DBSource dbi:mysql:radius
>                 DBUsername xxxxxxxx
>                 DBAuth xxxxxxxx
> 
> 
> 
>                 AccountingTable ACCOUNTING
>                 AcctColumnDef   USERNAME, User-Name
>                 AcctColumnDef   ACCTSTATUSTYPE,Acct-Status-Type
>                 AcctColumnDef   FRAMEDIPADDRESS,Framed-IP-Address
>                 AcctColumnDef   ACCTINPUTOCTETS,Acct-Input-Octets
>                 AcctColumnDef   ACCTOUTPUTOCTETS,Acct-Output-Octets
>                 AcctColumnDef   TIME_STAMP,Event-Timestamp
>                 AcctColumnDef   ACCTSESSIONTIME,Acct-Session-Time
>                 AcctColumnDef   ACCTDELAYTIME,Acct-Delay-Time
>                 AcctColumnDef   ACCTSESSIONID,Acct-Session-Id
>                 AcctColumnDef   ACCTTERMINATECAUSE,Acct-Terminate-Cause
>                 AcctColumnDef   NASIDENTIFIER,NAS-Identifier
>                 AcctColumnDef   NASPORT,NAS-Port
>                 AcctColumnDef   ACCTSESSIONID,Acct-Session-Id
> 
>         </AuthBy>
>         # Log accounting to a detail file
>         AcctLogFileName %L/detail
> 
> #For strictly operating at accounting start
> 
> <Handler Acct-Status-Type = Start>
> 
>         PostAuthHook file:"%D/thomas.pl";
> 
> </Handler>
> 
> 
> _#For strictly processing with Accounting Stop packets__
> __
> __<Handler Acct-Status-Type = Stop>__
> __
> __<AuthBy SQL>__
> __    Identifier Block-Quota-SQL__
> __
> __    DBSource        dbi:mysql:radius__
> __    DBUsername      _xxxxxxxx_
> __    DBAuth          _xxxxxxxx_
> __
> __  AccountingStopsOnly__
> __  AccountingTable   quotacouunter__
> __                AuthColumnDef   username,User-Name,check__
> __
> __
> __
> __
> __
> __
> __  AuthSelect select monthlycounter from quotacounter \__
> __        where username='%n' \__
> __        And type = 'Q'__
> __    #AuthColumnDef 0, Session-Timeout, reply__
> __
> __    AcctSQLStatement update quotacounter set \__
> __        monthlycounter=monthlycounter+0%{Acct-Input-Octets} \__
> __        where username='%n' \__
> __        And Type = 'Q'__
> __
> __ AuthSelect select totalcounter from quotacounter \__
> __        where username='%n' \__
> __        And Type = 'Q'__
> __
> __    AcctSQLStatement update quotacounter set \__
> __        totalcounter=totalcounter+0%{Acct-Input-Octets} \__
> __        where username='%n' \__
> __        And Type = 'Q'__
> __
> __</AuthBy>__
> __
> __</Handler>__
> _
> 
> 
> # Accept processing of other accounting requests of the genre start and
> interim
> 
>  <Handler Request-Type = Accounting-Request>
> 
>         <AuthBy INTERNAL>
>                 AcctResult ACCEPT
>         </AuthBy>
> 
>  </Handler>
> 
> 
> 
> </Realm>
> 
> -- 
> Best Regards,
> 
> Thomas Kurian
> IT Security Engineer (B.Tech. – Electrical)
> Kuwaiti Canadian Consulting Group (www.kccg.com)
> T: +965 22435566
> F: +965 22415149
> E: [email protected]
> 
> 
> 
> _______________________________________________
> radiator mailing list
> [email protected]
> http://www.open.com.au/mailman/listinfo/radiator
> 


-- 
Heikki Vatiainen <[email protected]>

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.
_______________________________________________
radiator mailing list
[email protected]
http://www.open.com.au/mailman/listinfo/radiator

Reply via email to