LogDir /var/log/radius DbDir /etc/radiator AuthPort 1645,1812 AcctPort 1646,1813 Trace 4 ##################################################### ## NAS Client IPs ## ##################################################### ##Test NAS for Wireless Secret xxxxx Identifier AP DupInterval 0 ##################################################### ## Authorization ## ##################################################### #Authorization Using Flat File Identifier WifiClients Filename /etc/radiator/WifiClients #Authorization using Radius Application Identifier CheckPLATYPUS DBSource dbi:Sybase:Platypus DBUsername xxxxxxx DBAuth xxxxxxx AuthCheck SELECT id,UserName,case Attribute when 'Cleartext-Password' then 'User-Password' else Attribute end,Value,op FROM freeradius_service_radcheck WHERE Username = ? ORDER BY id AuthReply SELECT id,UserName,Attribute,Value,op FROM freeradius_service_radreply WHERE Username = ? ORDER BY id AuthGroupCheck SELECT freeradius_service_radgroupcheck.id,freeradius_service_radgroupcheck.GroupName,freeradius_service_radgroupcheck.Attribute,freeradius_service_radgroupcheck.Value,freeradius_service_radgroupcheck.op FROM freeradius_service_radgroupcheck,freeradius_service_radusergroup WHERE freeradius_service_radusergroup.Username = ? AND freeradius_service_radusergroup.GroupName = freeradius_service_radgroupcheck.GroupName ORDER BY freeradius_service_radgroupcheck.id AuthGroupReply SELECT freeradius_service_radgroupreply.id,freeradius_service_radgroupreply.GroupName,freeradius_service_radgroupreply.Attribute,freeradius_service_radgroupreply.Value,freeradius_service_radgroupreply.op FROM freeradius_service_radgroupreply,freeradius_service_radusergroup WHERE freeradius_service_radusergroup.Username = ? AND freeradius_service_radusergroup.GroupName = freeradius_service_radgroupreply.GroupName ORDER BY freeradius_service_radgroupreply.id AcctStartQuery INSERT into freeradius_service_radacct (AcctSessionId, AcctUniqueId, UserName, GroupName, Realm, NASIPAddress, NASPort, NASPortType, AcctStartTime, AcctStopTime,AcctSessionTime, AcctAuthentic, ConnectInfo_start, ConnectInfo_stop, AcctInputOctets, AcctOutputOctets, CalledStationId, CallingStationId, AcctTerminateCause, ServiceType, FramedProtocol, FramedIPAddress, AcctStartDelay, AcctStopDelay, XAscendSessionSvrKey) VALUES('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', %0, null, '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port-Type}', '%J', '1900-01-01 00:00:00', '0', '%{Acct-Authentic}', '%{Connect-Info}', '', '0', '0', '%{Called-Station-Id}', '', '', '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}', '%{Acct-Delay-Time}', '0', null) AcctUpdateQuery UPDATE freeradius_service_radacct SET FramedIPAddress = '%{Framed-IP-Address}', AcctSessionTime = '%{Acct-Session-Time}', AcctInputOctets = cast(((0%{Acct-Input-Gigawords} * 4294967296) + %{Acct-Input-Octets}) as numeric(18,0)), AcctOutputOctets = cast(((0%{Acct-Output-Gigawords} * 4294967296) + %{Acct-Output-Octets}) as numeric(18,0)) WHERE AcctSessionId = '%{Acct-Session-Id}' AND UserName = %0 AND NASIPAddress= '%{NAS-IP-Address}' AcctStopQuery UPDATE freeradius_service_radacct SET AcctStopTime = '%J', AcctSessionTime = '%{Acct-Session-Time}', AcctInputOctets = cast(((0%{Acct-Input-Gigawords} * 4294967296) + %{Acct-Input-Octets}) as numeric(18,0)), AcctOutputOctets = cast(((0%{Acct-Output-Gigawords} * 4294967296) + %{Acct-Output-Octets}) as numeric(18,0)), AcctTerminateCause = '%{Acct-Terminate-Cause}', AcctStopDelay = '%{Acct-Delay-Time}', ConnectInfo_stop = '%{Connect-Info}' WHERE AcctSessionId = '%{Acct-Session-Id}' AND UserName = %0 AND NASIPAddress = '%{NAS-IP-Address}' ##################################################### ## Access-Request - Handler Requests ## ##################################################### #Authorize Clients by Billing System - Platypus - Wireless RewriteUsername s/^(.*)\\(.*)/$2\@$1/ RewriteUsername s/^(.*)\/(.*)/$2\@$1/ RewriteUsername s/^([^@]+).*/$1/ RewriteUsername s/(.*)/$1\@dsl.myisp.ca/ RewriteUsername tr/A-Z/a-z/ RewriteUsername s/\s+//g PreProcessingHook sub { my $p = ${$_[0]};\ if ($p->code() eq 'Accounting-Request'){\ my $key = $p->get_attr('User-Name') . ',' \ . $p->get_attr('Acct-Session-Id') . ',' \ . $p->get_attr('NAS-IP-Address') . ',' \ . $p->get_attr('NAS-Port');\ my $hash = Digest::MD5::md5_hex($key);\ $p->add_attr('Acct-Unique-Session-Id', $hash);\ }} AuthByPolicy ContinueUntilAccept AuthBy CheckPLATYPUS AuthLog Logger Authlog Syslog AuthLog AuthSyslog #Authorize Clients by Flat File - ClientFile AuthByPolicy ContinueUntilAccept AuthBy WifiClients AuthLog Logger AuthLog Syslog AuthLog AuthSyslog ## Outter Handler ## Filename /etc/radius/anuser EAPType TTLS, TLS, MSCHAP-V2, PEAP EAPTLS_CAFile /usr/share/doc/packages/Radiator/certificates/demoCA/cacert.pem EAPTLS_CertificateFile /usr/share/doc/packages/Radiator/certificates/cert-srv.pem EAPTLS_CertificateType PEM EAPTLS_PrivateKeyFile /usr/share/doc/packages/Radiator/certificates/cert-srv.pem EAPTLS_PrivateKeyPassword whatever EAPTLS_MaxFragmentSize 1000 AutoMPPEKeys EAPAnonymous anonymous@some.other.realm