Re: (RADIATOR) radiator stops ...
Hello Mushtaque - I have copied Mike on this mail, but as far as I can see this is a problem caused by either DBD-ODBC or OpenLink. The latest version of Radiator is 3.5, which is the version you should be using if you are upgrading, as I think there is an SQL fix to prevent this sort of looping from occuring. regards Hugh On Thursday, Jan 30, 2003, at 18:20 Australia/Melbourne, Muhammad Mushtaque wrote: Hi All, I hve upgraded to Radiator version 3.0 from 2.17. Radius is running on Solaris and we r using openlink for database access.Every thing was working fine ... but suddenly radiator stops and kills its process with the following error --- [OpenLink][ODBC][SQL Server]Violation of PRIMARY KEY constraint 'pk_RadLogs'. Ca nnot insert duplicate key in object 'RadLogs'. (SQL-S1000)(DBD: st_execute/SQLEx ecute err=-1) at Radius/SqlDb.pm line 218. DBD::ODBC::db do failed: (Unable to fetch information about the error) (DBD: st_p repare/SQLAllocStmt err=-1) at Radius/SqlDb.pm line 218. DBD::ODBC::db do failed: (Unable to fetch information about the error) (DBD: st_p repare/SQLAllocStmt err=-1) at Radius/SqlDb.pm line 218. DBD::ODBC::db do failed: (Unable to fetch information about the error) (DBD: st_p repare/SQLAllocStmt err=-1) at Radius/SqlDb.pm line 218. DBD::ODBC::db do failed: (Unable to fetch information about the error) (DBD: st_p repare/SQLAllocStmt err=-1) at Radius/SqlDb.pm line 218. DBD::ODBC::db do failed: (Unable to fetch information about the error) (DBD: st_p repare/SQLAllocStmt err=-1) at Radius/SqlDb.pm line 218. DBD::ODBC::db do failed: (Unable to fetch information about the error) (DBD: st_p repare/SQLAllocStmt err=-1) at Radius/SqlDb.pm line 218. DBD::ODBC::db do failed: (Unable to fetch information about the error) (DBD: st_p repare/SQLAllocStmt err=-1) at Radius/SqlDb.pm line 218. DBD::ODBC::db do failed: (Unable to fetch information about the error) (DBD: st_p repare/SQLAllocStmt err=-1) at Radius/SqlDb.pm line 218. Out of memory during large request for 16781312 bytes at /usr/local/lib/perl5/ site_perl/5.6.0/sun4-solaris/DBI.pm line 903. Attempt to free unreferenced scalar during global destruction. waiting for replies regards Mushtaque. ___ This email and any files transmitted with it are confidential and are intended solely for the use of the individual or entity to which they are addressed. This communication represents the originator's personal views and opinions, which do not necessarily reflect those of eWorld (Pvt) Ltd. If you are not the original / intended recipient or the person responsible for delivering the email to the intended recipient, be advised that you have received this email in error, and that any use, dissemination, forwarding, printing, or copying of this email is strictly prohibited. If you have received this email in error, we regret the inconvenience and request you to please immediately notify at [EMAIL PROTECTED] === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) radiator stops ...
Hello Mushtaque , On Thu, 30 Jan 2003 07:00 pm, Hugh Irvine wrote: Hello Mushtaque - I have copied Mike on this mail, but as far as I can see this is a problem caused by either DBD-ODBC or OpenLink. I agreee: I think the forst step is to upgrade to the altest version of Radiator, and also the latest version of your DBD-ODBC software. Cheers. The latest version of Radiator is 3.5, which is the version you should be using if you are upgrading, as I think there is an SQL fix to prevent this sort of looping from occuring. regards Hugh On Thursday, Jan 30, 2003, at 18:20 Australia/Melbourne, Muhammad Mushtaque wrote: Hi All, I hve upgraded to Radiator version 3.0 from 2.17. Radius is running on Solaris and we r using openlink for database access.Every thing was working fine ... but suddenly radiator stops and kills its process with the following error --- [OpenLink][ODBC][SQL Server]Violation of PRIMARY KEY constraint 'pk_RadLogs'. Ca nnot insert duplicate key in object 'RadLogs'. (SQL-S1000)(DBD: st_execute/SQLEx ecute err=-1) at Radius/SqlDb.pm line 218. DBD::ODBC::db do failed: (Unable to fetch information about the error) (DBD: st_p repare/SQLAllocStmt err=-1) at Radius/SqlDb.pm line 218. DBD::ODBC::db do failed: (Unable to fetch information about the error) (DBD: st_p repare/SQLAllocStmt err=-1) at Radius/SqlDb.pm line 218. DBD::ODBC::db do failed: (Unable to fetch information about the error) (DBD: st_p repare/SQLAllocStmt err=-1) at Radius/SqlDb.pm line 218. DBD::ODBC::db do failed: (Unable to fetch information about the error) (DBD: st_p repare/SQLAllocStmt err=-1) at Radius/SqlDb.pm line 218. DBD::ODBC::db do failed: (Unable to fetch information about the error) (DBD: st_p repare/SQLAllocStmt err=-1) at Radius/SqlDb.pm line 218. DBD::ODBC::db do failed: (Unable to fetch information about the error) (DBD: st_p repare/SQLAllocStmt err=-1) at Radius/SqlDb.pm line 218. DBD::ODBC::db do failed: (Unable to fetch information about the error) (DBD: st_p repare/SQLAllocStmt err=-1) at Radius/SqlDb.pm line 218. DBD::ODBC::db do failed: (Unable to fetch information about the error) (DBD: st_p repare/SQLAllocStmt err=-1) at Radius/SqlDb.pm line 218. Out of memory during large request for 16781312 bytes at /usr/local/lib/perl5/ site_perl/5.6.0/sun4-solaris/DBI.pm line 903. Attempt to free unreferenced scalar during global destruction. waiting for replies regards Mushtaque. ___ This email and any files transmitted with it are confidential and are intended solely for the use of the individual or entity to which they are addressed. This communication represents the originator's personal views and opinions, which do not necessarily reflect those of eWorld (Pvt) Ltd. If you are not the original / intended recipient or the person responsible for delivering the email to the intended recipient, be advised that you have received this email in error, and that any use, dissemination, forwarding, printing, or copying of this email is strictly prohibited. If you have received this email in error, we regret the inconvenience and request you to please immediately notify at [EMAIL PROTECTED] === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. -- Mike McCauley [EMAIL PROTECTED] Open System Consultants Pty. LtdUnix, Perl, Motif, C++, WWW 24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au Phone +61 3 9598-0985 Fax +61 3 9598-0955 Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP etc on Unix, Windows, MacOS etc. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
RE: (RADIATOR) radiator stops ...
Title: RE: (RADIATOR) radiator stops ... I'd suggest dumping openlink as well; it's overpriced and the windows side (last time I had to suffer it) was far from production-grade reliability. If you're trying to connect to an MS SQL Server from *n?x, I've found FreeTDS (www.freetds.org) to be far superior, and a lot faster since TDS has a lot less overhead than ODBC. DBD::Sybase will build quite happily against FreeTDS, at which point you could use it with Radiator quite happily. - Matt S Trout Internet Systems Developer Business Serve plc E-mail : [EMAIL PROTECTED] Tel : 0870 759 2041 -Original Message- From: Mike McCauley [mailto:[EMAIL PROTECTED]] Sent: Thursday, January 30, 2003 8:05 AM To: Hugh Irvine; Muhammad Mushtaque Cc: [EMAIL PROTECTED] Subject: Re: (RADIATOR) radiator stops ... Hello Mushtaque , On Thu, 30 Jan 2003 07:00 pm, Hugh Irvine wrote: Hello Mushtaque - I have copied Mike on this mail, but as far as I can see this is a problem caused by either DBD-ODBC or OpenLink. I agreee: I think the forst step is to upgrade to the altest version of Radiator, and also the latest version of your DBD-ODBC software. Cheers. The latest version of Radiator is 3.5, which is the version you should be using if you are upgrading, as I think there is an SQL fix to prevent this sort of looping from occuring. regards Hugh On Thursday, Jan 30, 2003, at 18:20 Australia/Melbourne, Muhammad Mushtaque wrote: Hi All, I hve upgraded to Radiator version 3.0 from 2.17. Radius is running on Solaris and we r using openlink for database access.Every thing was working fine ... but suddenly radiator stops and kills its process with the following error --- [OpenLink][ODBC][SQL Server]Violation of PRIMARY KEY constraint 'pk_RadLogs'. Ca nnot insert duplicate key in object 'RadLogs'. (SQL-S1000)(DBD: st_execute/SQLEx ecute err=-1) at Radius/SqlDb.pm line 218. DBD::ODBC::db do failed: (Unable to fetch information about the error) (DBD: st_p repare/SQLAllocStmt err=-1) at Radius/SqlDb.pm line 218. DBD::ODBC::db do failed: (Unable to fetch information about the error) (DBD: st_p repare/SQLAllocStmt err=-1) at Radius/SqlDb.pm line 218. DBD::ODBC::db do failed: (Unable to fetch information about the error) (DBD: st_p repare/SQLAllocStmt err=-1) at Radius/SqlDb.pm line 218. DBD::ODBC::db do failed: (Unable to fetch information about the error) (DBD: st_p repare/SQLAllocStmt err=-1) at Radius/SqlDb.pm line 218. DBD::ODBC::db do failed: (Unable to fetch information about the error) (DBD: st_p repare/SQLAllocStmt err=-1) at Radius/SqlDb.pm line 218. DBD::ODBC::db do failed: (Unable to fetch information about the error) (DBD: st_p repare/SQLAllocStmt err=-1) at Radius/SqlDb.pm line 218. DBD::ODBC::db do failed: (Unable to fetch information about the error) (DBD: st_p repare/SQLAllocStmt err=-1) at Radius/SqlDb.pm line 218. DBD::ODBC::db do failed: (Unable to fetch information about the error) (DBD: st_p repare/SQLAllocStmt err=-1) at Radius/SqlDb.pm line 218. Out of memory during large request for 16781312 bytes at /usr/local/lib/perl5/ site_perl/5.6.0/sun4-solaris/DBI.pm line 903. Attempt to free unreferenced scalar during global destruction. waiting for replies regards Mushtaque. ___ This email and any files transmitted with it are confidential and are intended solely for the use of the individual or entity to which they are addressed. This communication represents the originator's personal views and opinions, which do not necessarily reflect those of eWorld (Pvt) Ltd. If you are not the original / intended recipient or the person responsible for delivering the email to the intended recipient, be advised that you have received this email in error, and that any use, dissemination, forwarding, printing, or copying of this email is strictly prohibited. If you have received this email in error, we regret the inconvenience and request you to please immediately notify at [EMAIL PROTECTED] === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. -- Mike McCauley [EMAIL PROTECTED] Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW 24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au Phone +61 3 9598-0985 Fax +61 3 9598-0955 Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP etc on Unix, Windows, MacOS etc. === Archive
Re: (RADIATOR) radiator stops ...
Matthew Trout wrote: I'd suggest dumping openlink as well; it's overpriced and the windows side (last time I had to suffer it) was far from production-grade reliability. If you're trying to connect to an MS SQL Server from *n?x, I've found FreeTDS (www.freetds.org) to be far superior, and a lot faster since TDS has a lot less overhead than ODBC. DBD::Sybase will build quite happily against FreeTDS, at which point you could use it with Radiator quite happily. Of course Easysoft OOB is even better as far as compatibility/reliability are concerned, albeit at a higher cost. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Retrieving a hook by filename from inside ClientListSQL
Hi, Any comments? ... I have the same issue. Rgds. Toomas Kärner - Original Message - From: Claudio Lapidus [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, August 07, 2002 12:01 AM Subject: (RADIATOR) Retrieving a hook by filename from inside ClientListSQL Hello, I need to get the PreHandlerHook for certain clients from our standard RADCLIENTLIST SQL table. The problem is that I'd prefer to store the hook code in a file and not directly inside the table, for various reasons. I've setup this config and it works fine: Client x.x.x.x Secret s PreHandlerHook file:%D/preauth.pl /Client As expected, the hook gets executed for this particular client. However, this one doesn't work: ClientListSQL DBSource dbi:mysql:radiator DBUsername sqluser DBAuth donttellya /ClientListSQL from the table we get: mysql select NASIDENTIFIER, SECRET, PREHANDLERHOOK from RADCLIENTLIST; +---+-+--+ | NASIDENTIFIER | SECRET | PREHANDLERHOOK | +---+-+--+ | x.x.x.x | s | file:%D/preauth.pl | +---+-+--+ 1 row in set (0.00 sec) By seeing further action it is apparent that the hook doesn't get executed this time. However, even at level 4 trace doesn't show anything regarding this step. I also tried changing double quotes to single quotes in the field contents, to no avail. So: 1. Is it legal to store the hook's filename into the table instead of the code itself? (I hope so :-) 2. Is there a way to increase debug verbosity for ClientListSQL operations? TIA, cl. _ Chat with friends online, try MSN Messenger: http://messenger.msn.com === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) How to detect used AuthBy while processing Accounting
Hello, I need to authenticate users from different databases without using a realm, or anything else that could differenciate when a user exists in two databases... So I use threeAuthBy sentencesfor authentication expecting thata user will authenticate ifhis pair username/password matches one of the databases (the first one taht matches). This works Ok for authentication, and users with the same username can login no matter what database are coming from, however, I need a similar behavior for accounting processing,I mean, if user was authenticated using identifier auth2, its accounting records must go to acct2, but it doesn't workthat fine, It seems like accounting handler can`t differenciate what authentication mehtod was used to authenticate, son depending on the authpolicy used in the accounting handlers, it will store record in the first database or in they all, and that's pretty far from what I want... Any idea? This is the escenario # Authentications AuthBy SQL Identifier auth1 /AuthBy AuthBy SQL Identifier auth2 /AuthBy AuthBy SQL Identifier auth3 /AuthBy # Accounting AuthBy SQL Identifier acct1 /AuthBy AuthBy SQL Identifier acct2/AuthBy AuthBy SQL Identifier acct3/AuthBy # Handlers Handler Request-Type = Accounting-RequestAuthByPolicy ContinueAlways AuthBy acct1AuthBy acct2AuthBy acct3/Handler HandlerAuthByPolicy ContinueUntilAcceptAuthBy auth1AuthBy auth2AuthBy auth3/Handler - OSCAR LEONARDO GARZON. [ [EMAIL PROTECTED]] Andinet on Line - División de Proyectos Especiales Tel. +57(1)6004330. Fax. +57(1)6004370 http://www.andinet.com. Bogotá, Colombia
RE: (RADIATOR) How to detect used AuthBy while processing Accounting
You could return a value in the Class attribute during the AuthBy and then have a Handler use that value to do the Accounting. Something like this: # Authentications AuthBy SQL Identifier auth1 AddToReply Class="auth1" /AuthBy AuthBy SQL Identifier auth2 AddToReply Class="auth2" /AuthBy AuthBy SQL Identifier auth3 AddToReply Class="auth2" /AuthBy # Accounting AuthBy SQL Identifier acct1 /AuthBy AuthBy SQL Identifier acct2/AuthBy AuthBy SQL Identifier acct3/AuthBy # Handlers Handler Request-Type = Accounting-Request, Class = auth1 AuthBy acct1/Handler Handler Request-Type = Accounting-Request, Class = auth1 AuthBy acct1/Handler HandlerAuthByPolicy ContinueUntilAcceptAuthBy auth1AuthBy auth2AuthBy auth3/Handler Frank Danielson [Infrastructure Architect] wireless: 407.467.7832 wireline: 407.515.8633 Data On Air 301 E. Pine St. Suite 450 Orlando, Fl 32801 http://www.dataonair.com -Original Message-From: Oscar L. Garzón [mailto:[EMAIL PROTECTED]]Sent: Thursday, January 30, 2003 12:08 PMTo: [EMAIL PROTECTED]Subject: (RADIATOR) How to detect used AuthBy while processing Accounting Hello, I need to authenticate users from different databases without using a realm, or anything else that could differenciate when a user exists in two databases... So I use threeAuthBy sentencesfor authentication expecting thata user will authenticate ifhis pair username/password matches one of the databases (the first one taht matches). This works Ok for authentication, and users with the same username can login no matter what database are coming from, however, I need a similar behavior for accounting processing,I mean, if user was authenticated using identifier auth2, its accounting records must go to acct2, but it doesn't workthat fine, It seems like accounting handler can`t differenciate what authentication mehtod was used to authenticate, son depending on the authpolicy used in the accounting handlers, it will store record in the first database or in they all, and that's pretty far from what I want... Any idea? This is the escenario # Authentications AuthBy SQL Identifier auth1 /AuthBy AuthBy SQL Identifier auth2 /AuthBy AuthBy SQL Identifier auth3 /AuthBy # Accounting AuthBy SQL Identifier acct1 /AuthBy AuthBy SQL Identifier acct2/AuthBy AuthBy SQL Identifier acct3/AuthBy # Handlers Handler Request-Type = Accounting-RequestAuthByPolicy ContinueAlways AuthBy acct1AuthBy acct2AuthBy acct3/Handler HandlerAuthByPolicy ContinueUntilAcceptAuthBy auth1AuthBy auth2AuthBy auth3/Handler - OSCAR LEONARDO GARZON. [ [EMAIL PROTECTED]] Andinet on Line - División de Proyectos Especiales Tel. +57(1)6004330. Fax. +57(1)6004370 http://www.andinet.com. Bogotá, Colombia
RE: (RADIATOR) How to detect used AuthBy while processing Accounting
I hit the send button on the first message too soon, try something like this- # Authentications AuthBy SQL Identifier auth1 AddToReply Class=auth1 /AuthBy AuthBy SQL Identifier auth2 AddToReply Class=auth2 /AuthBy AuthBy SQL Identifier auth3 AddToReply Class=auth2 /AuthBy # Accounting AuthBy SQL Identifier acct1 /AuthBy AuthBy SQL Identifier acct2 /AuthBy AuthBy SQL Identifier acct3 /AuthBy # Handlers Handler Request-Type = Accounting-Request, Class = auth1 AuthBy acct1 /Handler Handler Request-Type = Accounting-Request, Class = auth2 AuthBy acct2 /Handler Handler Request-Type = Accounting-Request, Class = auth3 AuthBy acct3 /Handler Handler AuthByPolicy ContinueUntilAccept AuthBy auth1 AuthBy auth2 AuthBy auth3 /Handler Frank Danielson [Infrastructure Architect] wireless: 407.467.7832 wireline: 407.515.8633 Data On Air 301 E. Pine St. Suite 450 Orlando, Fl 32801 http://www.dataonair.com -Original Message- From: Oscar L. Garzón [mailto:[EMAIL PROTECTED]] Sent: Thursday, January 30, 2003 12:08 PM To: [EMAIL PROTECTED] Subject: (RADIATOR) How to detect used AuthBy while processing Accounting Hello, I need to authenticate users from different databases without using a realm, or anything else that could differenciate when a user exists in two databases... So I use three AuthBy sentences for authentication expecting that a user will authenticate if his pair username/password matches one of the databases (the first one taht matches). This works Ok for authentication, and users with the same username can login no matter what database are coming from, however, I need a similar behavior for accounting processing, I mean, if user was authenticated using identifier auth2, its accounting records must go to acct2, but it doesn't work that fine, It seems like accounting handler can`t differenciate what authentication mehtod was used to authenticate, son depending on the authpolicy used in the accounting handlers, it will store record in the first database or in they all, and that's pretty far from what I want... Any idea? This is the escenario # Authentications AuthBy SQL Identifier auth1 /AuthBy AuthBy SQL Identifier auth2 /AuthBy AuthBy SQL Identifier auth3 /AuthBy # Accounting AuthBy SQL Identifier acct1 /AuthBy AuthBy SQL Identifier acct2 /AuthBy AuthBy SQL Identifier acct3 /AuthBy # Handlers Handler Request-Type = Accounting-Request AuthByPolicy ContinueAlways AuthBy acct1 AuthBy acct2 AuthBy acct3 /Handler Handler AuthByPolicy ContinueUntilAccept AuthBy auth1 AuthBy auth2 AuthBy auth3 /Handler - OSCAR LEONARDO GARZON. [ [EMAIL PROTECTED] ] Andinet on Line - División de Proyectos Especiales Tel. +57(1)6004330. Fax. +57(1)6004370 http://www.andinet.com. Bogotá, Colombia === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Billing Downloads
Hello Jose - Thanks for the information. My understanding is that Acct-Input-Octets is the number of octets received by the NAS from the client PC, and that Acct-Output-Octets is the number of octets sent by the NAS to the client PC. I would suggest you set up a test bed and do some experiments just to be sure. regards Hugh PS - Here is the relevant extract from rfc2866.txt (found in the doc directory of the Radiator distribution): 5.3. Acct-Input-Octets Description This attribute indicates how many octets have been received from the port over the course of this service being provided, and can only be present in Accounting-Request records where the Acct- Status-Type is set to Stop. A summary of the Acct-Input-Octets attribute format is shown below. The fields are transmitted from left to right. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type |Length | Value +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Value (cont) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Type 42 for Acct-Input-Octets. Length 6 Value The Value field is four octets. Rigney Informational [Page 14] RFC 2866 RADIUS Accounting June 2000 5.4. Acct-Output-Octets Description This attribute indicates how many octets have been sent to the port in the course of delivering this service, and can only be present in Accounting-Request records where the Acct-Status-Type is set to Stop. A summary of the Acct-Output-Octets attribute format is shown below. The fields are transmitted from left to right. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type |Length | Value +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Value (cont) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Type 43 for Acct-Output-Octets. Length 6 Value The Value field is four octets. On Friday, Jan 31, 2003, at 05:44 Australia/Melbourne, José Costa Preto wrote: Hello Hugh, The registered company is COMNEXO (taken by ONITELECOM a couple years ago). In fact I checked the RFC's but the description elave with some doubts. I would like to receive a clear answer. The question is: Which field has the volume of bytes downloaded to the Client PC? Acct-input-octets or Acct-output-octets? Best regards, JoséPreto ONISI / MIB -Original Message- From: Hugh Irvine [mailto:[EMAIL PROTECTED]] Sent: sábado, 25 de Janeiro de 2003 7:24 To: José Costa Preto Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: (RADIATOR) Billing Downloads Hello Jose - I am still trying to ascertain the name of the registered company that has purchased this copy of Radiator. Could you please send me the username that you use to access the software on the web site? In answer to your question, you should check the Radius RFC's to understand the meanings of the various attributes. You will find the RFC's in the doc directory of the Radiator distribution. regards Hugh On Friday, Jan 24, 2003, at 21:12 Australia/Melbourne, José Costa Preto wrote: Hello, My name is José Preto and I'm responsible for Mediation Device in ONI Telecom (Portuguese Telco Company). We have a usage sensible billing based on Megabytes downloaded by our ADSL Radiator customers. I'm almost sure that the field that I should use to do that is Acct-Output-Octets, but I would like to receive your confirmation, on the following sentences: Acct-Input-Octets = bytes uploaded by the client Acct-Output-Octets = bytes downloaded by the client Is that true? Best regards, JoséPreto ONISI / MIB -Original Message- From: Hugh Irvine [mailto:[EMAIL PROTECTED]] Sent: sexta-feira, 24 de Janeiro de 2003 5:23 To: José Costa Preto; [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: (RADIATOR) Billing Downloads Hello Jose - I don't understand your question, sorry. Could you explain the problem in more detail please? BTW - could you please send me the name of the registered company that has purchased this copy of Radiator? regards Hugh Hi, I would like to obtain a confirmation on fields Acct-Input-Octets and = Acct-Input-Octets. Which one shall be billed to our customers as = downloads. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware,
Re: (RADIATOR) How to detect used AuthBy while processing Account ing
Hello Frank, Hello Oscar - Frank is quite correct (again) - this is the way I would deal with the problem too. Thanks Frank. :-) regards Hugh On Friday, Jan 31, 2003, at 05:03 Australia/Melbourne, Frank Danielson wrote: I hit the send button on the first message too soon, try something like this- # Authentications AuthBy SQL Identifier auth1 AddToReply Class=auth1 /AuthBy AuthBy SQL Identifier auth2 AddToReply Class=auth2 /AuthBy AuthBy SQL Identifier auth3 AddToReply Class=auth2 /AuthBy # Accounting AuthBy SQL Identifier acct1 /AuthBy AuthBy SQL Identifier acct2 /AuthBy AuthBy SQL Identifier acct3 /AuthBy # Handlers Handler Request-Type = Accounting-Request, Class = auth1 AuthBy acct1 /Handler Handler Request-Type = Accounting-Request, Class = auth2 AuthBy acct2 /Handler Handler Request-Type = Accounting-Request, Class = auth3 AuthBy acct3 /Handler Handler AuthByPolicy ContinueUntilAccept AuthBy auth1 AuthBy auth2 AuthBy auth3 /Handler Frank Danielson [Infrastructure Architect] wireless: 407.467.7832 wireline: 407.515.8633 Data On Air 301 E. Pine St. Suite 450 Orlando, Fl 32801 http://www.dataonair.com -Original Message- From: Oscar L. Garzón [mailto:[EMAIL PROTECTED]] Sent: Thursday, January 30, 2003 12:08 PM To: [EMAIL PROTECTED] Subject: (RADIATOR) How to detect used AuthBy while processing Accounting Hello, I need to authenticate users from different databases without using a realm, or anything else that could differenciate when a user exists in two databases... So I use three AuthBy sentences for authentication expecting that a user will authenticate if his pair username/password matches one of the databases (the first one taht matches). This works Ok for authentication, and users with the same username can login no matter what database are coming from, however, I need a similar behavior for accounting processing, I mean, if user was authenticated using identifier auth2, its accounting records must go to acct2, but it doesn't work that fine, It seems like accounting handler can`t differenciate what authentication mehtod was used to authenticate, son depending on the authpolicy used in the accounting handlers, it will store record in the first database or in they all, and that's pretty far from what I want... Any idea? This is the escenario # Authentications AuthBy SQL Identifier auth1 /AuthBy AuthBy SQL Identifier auth2 /AuthBy AuthBy SQL Identifier auth3 /AuthBy # Accounting AuthBy SQL Identifier acct1 /AuthBy AuthBy SQL Identifier acct2 /AuthBy AuthBy SQL Identifier acct3 /AuthBy # Handlers Handler Request-Type = Accounting-Request AuthByPolicy ContinueAlways AuthBy acct1 AuthBy acct2 AuthBy acct3 /Handler Handler AuthByPolicy ContinueUntilAccept AuthBy auth1 AuthBy auth2 AuthBy auth3 /Handler - OSCAR LEONARDO GARZON. [ [EMAIL PROTECTED] ] Andinet on Line - División de Proyectos Especiales Tel. +57(1)6004330. Fax. +57(1)6004370 http://www.andinet.com. Bogotá, Colombia === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Auth only on same realm
Hello Tom - You should not mix Realms and Handlers in the same configuration file for exactly this reason - Realms are always evaluated first. Change your Realms to Handlers like this: Realm foo.bar . /Realm becomes Handler Realm = foo.bar . /Handler Note that Handlers are evaluated in the order they appear in the configuration file, so the more specific must appear before the more general, keeping in mind that you want the most hit Handlers as close to the top of the list as possible. regards Hugh On Friday, Jan 31, 2003, at 04:55 Australia/Melbourne, Tom Swenson wrote: I have a newsgroup server that I have told to authenticate with the same realm as my dial in customers. I created special client for this server and then put in an identifier. I thought it would then go to the handler I created to just authenticate only. No accounting or sessions. I'm finding that it is instead of going to the handler, it is going to the realm. The manual says it this is how it will do this. I don't know what to do now. Here is what I have, but I don't think it ever goes to the handler. Is there anything I can specify in the client section to make it go to a specific realm or handler? Client xx.xx.xx.xx DupInterval 0 IgnoreAcctSignature Secret xxx Identifier newsauth /Client # news group authentication Handler Client-Identifier=newsauth AuthBy ID_0 AuthByPolicy ContinueWhileIgnore RewriteUsername s/^([^@]+).*/$1/ /Handler Tom Swenson - CTO NetConX - Internet Access - Client Managed Web Database Applications Wireless - Virus Blocking - Spam Blocking [EMAIL PROTECTED] http://www.netconx.net (641) 421-4170 - Voice (641) 423-3351 - FAX Your imagination is your preview of life's coming attractions - Albert Einstein === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: Fwd: (RADIATOR) Retrieving a hook by filename from inside ClientListSQL
Hello Claudio and Toomas, On Fri, 31 Jan 2003 09:27 am, Hugh Irvine wrote: Mikey - Could you answer this please? ta Hugh Begin forwarded message: From: Toomas Kärner [EMAIL PROTECTED] Date: Fri Jan 31, 2003 02:36:44 Australia/Melbourne To: Claudio Lapidus [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: (RADIATOR) Retrieving a hook by filename from inside ClientListSQL Hi, Any comments? ... I have the same issue. Rgds. Toomas Kärner - Original Message - From: Claudio Lapidus [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, August 07, 2002 12:01 AM Subject: (RADIATOR) Retrieving a hook by filename from inside ClientListSQL Hello, I need to get the PreHandlerHook for certain clients from our standard RADCLIENTLIST SQL table. The problem is that I'd prefer to store the hook code in a file and not directly inside the table, for various reasons. I've setup this config and it works fine: Client x.x.x.x Secret s PreHandlerHook file:%D/preauth.pl /Client As expected, the hook gets executed for this particular client. However, this one doesn't work: ClientListSQL DBSource dbi:mysql:radiator DBUsername sqluser DBAuth donttellya /ClientListSQL from the table we get: mysql select NASIDENTIFIER, SECRET, PREHANDLERHOOK from RADCLIENTLIST; +---+-+--+ | NASIDENTIFIER | SECRET | PREHANDLERHOOK | +---+-+--+ | x.x.x.x | s | file:%D/preauth.pl | +---+-+--+ 1 row in set (0.00 sec) By seeing further action it is apparent that the hook doesn't get executed this time. However, even at level 4 trace doesn't show anything regarding this step. I also tried changing double quotes to single quotes in the field contents, to no avail. So: 1. Is it legal to store the hook's filename into the table instead of the code itself? (I hope so :-) No. The file:..syntax is recognised by the config file parser, so it only works in the config file. 2. Is there a way to increase debug verbosity for ClientListSQL operations? Only by adding more $self-log($main::LOG_DEBUG, ...); lines. If you have a particular need for more debug, let me know where, and I will see if we can add it. Cheers. TIA, cl. _ Chat with friends online, try MSN Messenger: http://messenger.msn.com === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. -- Mike McCauley [EMAIL PROTECTED] Open System Consultants Pty. LtdUnix, Perl, Motif, C++, WWW 24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au Phone +61 3 9598-0985 Fax +61 3 9598-0955 Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP etc on Unix, Windows, MacOS etc. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Auth only on same realm
I tried this and I think it will work, but I have to figure out a way to get the default domain in there. Is there an easier way than to put in an identifier for every client and then a handler at the end of my domains to catch all the ones without domains? Thanks again. Tom Swenson - CTO NetConX - Internet Access - Client Managed Web Database Applications Wireless - Virus Blocking - Spam Blocking [EMAIL PROTECTED] http://www.netconx.net (641) 421-4170 - Voice (641) 423-3351 - FAX Your imagination is your preview of life's coming attractions - Albert Einstein *** REPLY SEPARATOR *** On 1/31/2003 at 9:24 AM Hugh Irvine wrote: Hello Tom - You should not mix Realms and Handlers in the same configuration file for exactly this reason - Realms are always evaluated first. Change your Realms to Handlers like this: Realm foo.bar . /Realm becomes Handler Realm = foo.bar . /Handler Note that Handlers are evaluated in the order they appear in the configuration file, so the more specific must appear before the more general, keeping in mind that you want the most hit Handlers as close to the top of the list as possible. regards Hugh On Friday, Jan 31, 2003, at 04:55 Australia/Melbourne, Tom Swenson wrote: I have a newsgroup server that I have told to authenticate with the same realm as my dial in customers. I created special client for this server and then put in an identifier. I thought it would then go to the handler I created to just authenticate only. No accounting or sessions. I'm finding that it is instead of going to the handler, it is going to the realm. The manual says it this is how it will do this. I don't know what to do now. Here is what I have, but I don't think it ever goes to the handler. Is there anything I can specify in the client section to make it go to a specific realm or handler? Client xx.xx.xx.xx DupInterval 0 IgnoreAcctSignature Secret xxx Identifier newsauth /Client # news group authentication Handler Client-Identifier=newsauth AuthBy ID_0 AuthByPolicy ContinueWhileIgnore RewriteUsername s/^([^@]+).*/$1/ /Handler Tom Swenson - CTO NetConX - Internet Access - Client Managed Web Database Applications Wireless - Virus Blocking - Spam Blocking [EMAIL PROTECTED] http://www.netconx.net (641) 421-4170 - Voice (641) 423-3351 - FAX Your imagination is your preview of life's coming attractions - Albert Einstein === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Retrieving a hook by filename from inside ClientListSQL
Hello Toomas, Hello Claudio - I have been thinking about this a bit more, and there are alternative approaches that you could consider. The first would be a StartupHook that compiles code with multiple entry points and then patches those entry points into the Client structures that have been built from the database (probably using the Identifier tags). The second would be a generic PreClientHook that checks to see for which Client clause the current request is destined for, then does the processing for that Client. Both of these approaches are a bit more complicated than using PreHandlerHooks in the Client clauses directly, but at least its possible. regards Hugh On Friday, Jan 31, 2003, at 09:38 Australia/Melbourne, Mike McCauley wrote: Hello Claudio and Toomas, On Fri, 31 Jan 2003 09:27 am, Hugh Irvine wrote: Mikey - Could you answer this please? ta Hugh Begin forwarded message: From: Toomas Kärner [EMAIL PROTECTED] Date: Fri Jan 31, 2003 02:36:44 Australia/Melbourne To: Claudio Lapidus [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: (RADIATOR) Retrieving a hook by filename from inside ClientListSQL Hi, Any comments? ... I have the same issue. Rgds. Toomas Kärner - Original Message - From: Claudio Lapidus [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, August 07, 2002 12:01 AM Subject: (RADIATOR) Retrieving a hook by filename from inside ClientListSQL Hello, I need to get the PreHandlerHook for certain clients from our standard RADCLIENTLIST SQL table. The problem is that I'd prefer to store the hook code in a file and not directly inside the table, for various reasons. I've setup this config and it works fine: Client x.x.x.x Secret s PreHandlerHook file:%D/preauth.pl /Client As expected, the hook gets executed for this particular client. However, this one doesn't work: ClientListSQL DBSource dbi:mysql:radiator DBUsername sqluser DBAuth donttellya /ClientListSQL from the table we get: mysql select NASIDENTIFIER, SECRET, PREHANDLERHOOK from RADCLIENTLIST; +---+-+--+ | NASIDENTIFIER | SECRET | PREHANDLERHOOK | +---+-+--+ | x.x.x.x | s | file:%D/preauth.pl | +---+-+--+ 1 row in set (0.00 sec) By seeing further action it is apparent that the hook doesn't get executed this time. However, even at level 4 trace doesn't show anything regarding this step. I also tried changing double quotes to single quotes in the field contents, to no avail. So: 1. Is it legal to store the hook's filename into the table instead of the code itself? (I hope so :-) No. The file:..syntax is recognised by the config file parser, so it only works in the config file. 2. Is there a way to increase debug verbosity for ClientListSQL operations? Only by adding more $self-log($main::LOG_DEBUG, ...); lines. If you have a particular need for more debug, let me know where, and I will see if we can add it. Cheers. TIA, cl. _ Chat with friends online, try MSN Messenger: http://messenger.msn.com === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. -- Mike McCauley [EMAIL PROTECTED] Open System Consultants Pty. LtdUnix, Perl, Motif, C++, WWW 24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au Phone +61 3 9598-0985 Fax +61 3 9598-0955 Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP etc on Unix, Windows, MacOS etc. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Auth only on same realm
Hello Tom - I don't quite understand your question sorry. Could you give me a bit more detail please? If you want usernames without realms to be treated the same way as those with realms, you can add a DefaultRealm parameter to your Client clauses: # define Client clauses Client . DefaultRealm foo.bar /Client . regards Hugh On Friday, Jan 31, 2003, at 10:04 Australia/Melbourne, Tom Swenson wrote: I tried this and I think it will work, but I have to figure out a way to get the default domain in there. Is there an easier way than to put in an identifier for every client and then a handler at the end of my domains to catch all the ones without domains? Thanks again. Tom Swenson - CTO NetConX - Internet Access - Client Managed Web Database Applications Wireless - Virus Blocking - Spam Blocking [EMAIL PROTECTED] http://www.netconx.net (641) 421-4170 - Voice (641) 423-3351 - FAX Your imagination is your preview of life's coming attractions - Albert Einstein *** REPLY SEPARATOR *** On 1/31/2003 at 9:24 AM Hugh Irvine wrote: Hello Tom - You should not mix Realms and Handlers in the same configuration file for exactly this reason - Realms are always evaluated first. Change your Realms to Handlers like this: Realm foo.bar . /Realm becomes Handler Realm = foo.bar . /Handler Note that Handlers are evaluated in the order they appear in the configuration file, so the more specific must appear before the more general, keeping in mind that you want the most hit Handlers as close to the top of the list as possible. regards Hugh On Friday, Jan 31, 2003, at 04:55 Australia/Melbourne, Tom Swenson wrote: I have a newsgroup server that I have told to authenticate with the same realm as my dial in customers. I created special client for this server and then put in an identifier. I thought it would then go to the handler I created to just authenticate only. No accounting or sessions. I'm finding that it is instead of going to the handler, it is going to the realm. The manual says it this is how it will do this. I don't know what to do now. Here is what I have, but I don't think it ever goes to the handler. Is there anything I can specify in the client section to make it go to a specific realm or handler? Client xx.xx.xx.xx DupInterval 0 IgnoreAcctSignature Secret xxx Identifier newsauth /Client # news group authentication Handler Client-Identifier=newsauth AuthBy ID_0 AuthByPolicy ContinueWhileIgnore RewriteUsername s/^([^@]+).*/$1/ /Handler Tom Swenson - CTO NetConX - Internet Access - Client Managed Web Database Applications Wireless - Virus Blocking - Spam Blocking [EMAIL PROTECTED] http://www.netconx.net (641) 421-4170 - Voice (641) 423-3351 - FAX Your imagination is your preview of life's coming attractions - Albert Einstein === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
