Re: [RADIATOR] Hooks and Persistent Database connections
On 09/11/2012 07:07 PM, Johnson, Neil M wrote:
> Is there another way to maintain a persistent connection to a database
> between calls to hooks ?
You could consider this: Add e.g, AuthBy SQL, AuthLogSQL or some other
SQL based clause in the configuration file. Make sure the clause has
Identifier. Then do this in the hook (using AuthBy as an example):
my $identifier = 'authby-for-hook';
my $db = Radius::Configurable::find('AuthBy', $identifier);
my $query = "SELECT ...";
my $sth = $db->prepareAndExecute($query); # Can also use bind variables
...
Since prepareAndExecute (see SqlDb.pm) does connect and reconnect when
needed you can let it take care of connection management. You can also
easily set Timeout and other parameters. Just add them in the clause you
have chosen.
> The issue is that the DBI->connect_cached() statement I'm using makes a
> DBD->ping call to the database to check the connection and Our database
> server people our complaining that the statement is causing a high CPU
> load on their SQL Server cluster.
SqlDb already caches connections so the above could be the easiest and
quickest way to maintain persistent connections from hooks. It can also
make hooks shorter since they do not have to do connection, timeout and
other stuff SqlDb already does.
Thanks,
Heikki
--
Heikki Vatiainen
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.
___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator
[RADIATOR] Hooks and Persistent Database connections
Is there another way to maintain a persistent connection to a database between calls to hooks ? The issue is that the DBI->connect_cached() statement I'm using makes a DBD->ping call to the database to check the connection and Our database server people our complaining that the statement is causing a high CPU load on their SQL Server cluster. Thanks. -Neil -- Neil Johnson Network Engineer The University of Iowa Phone: 319 384-0938 Fax: 319 335-2951 Mobile: 319 540-2081 E-Mail: neil-john...@uiowa.edu ___ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
(RADIATOR) hooks and ldap
Hi, I'm trying to send back to our NAS a different Framed-IP-Address based on the contents of an LDAP attribute. EG. A user has an entry in ldap that contains everything required to auth and get an IP addres etc etc along with an accountstatus field. What i'm trying to do is write a hook that will check the accountstatus field of each user as they auth and then, if it finds that it is set to 0 (disabled) it would strip the users current Framed-IP-Address and assign them a different one. I can strip and re-assign addresses reasonably well but i have difficulties deciding how best to get the attribute out of LDAP. ANy help would be appreciated. Gordon. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Hooks in Accounting only servers?
Hello Cassidy - I have just noticed that you have the PostAuthHook inside an AuthBy clause, which will not work. The PostAuthHook is a Handler parameter - it should be outside any AuthBy clause. regards Hugh On Fri, 11 Jan 2002 15:39, Cassidy B. Larson wrote: > Hi Hugh, > > > I suspect the problem is because the file:"..." is on a separate line. > > > > > > > > AuthByPolicy ContinueWhileReject > > > > AuthByPolicy ContinueWhileAccept > > AuthBy DefaultAuth > > > > Filename /data/radiator/raddb/users > > > > PostAuthHook > > file:"/data/radiator/raddb/datatransmit.hook" > > > > You should use a "\" to continue the line: > > > > > > PostAuthHook \ > > file:"/data/radiator/raddb/datatransmit.hook" > > Actually it is on the same line in my config, I believe my email client > tried to be a bit too helpful and wrapped the text down to the next line. > > I tried this in on another backup server that doesn't have the > accounting/authentication > split, and it gave the same error as before. > > ERR: Unknown keyword '/data/radiator/raddb/datatransmit.hook' in > /usr/local/etc/radius-accounting.cfg line 0 > > Now if I replace the "/data/radiator/raddb" with the variable '%D' as > defined > in the config to be such the directory for my users and dictionary files, I > get the same error.. > but like this: > > ERR: Unknown keyword '%D/datatransmit.hook' in > /usr/local/etc/radius-accounting.cfg line 0 > > The line 0 blows my mind.. a level 4 trace doesn't give any other detail > than the above line. > > Any other possible ideas? > > Cassidy > > > > Cassidy B. Larson -- Network Operations Manager > InfoWest, Inc. * 596 E. Tabernacle * St. George, UT 84770 > Voice: 435-674-0165 * FAX: 435-674-9654 > [EMAIL PROTECTED] > -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Hooks in Accounting only servers?
Hi Hugh, > I suspect the problem is because the file:"..." is on a separate line. > > > > AuthByPolicy ContinueWhileReject > > AuthByPolicy ContinueWhileAccept > AuthBy DefaultAuth > > Filename /data/radiator/raddb/users > > PostAuthHook > file:"/data/radiator/raddb/datatransmit.hook" > > You should use a "\" to continue the line: > > > PostAuthHook \ > file:"/data/radiator/raddb/datatransmit.hook" Actually it is on the same line in my config, I believe my email client tried to be a bit too helpful and wrapped the text down to the next line. I tried this in on another backup server that doesn't have the accounting/authentication split, and it gave the same error as before. ERR: Unknown keyword '/data/radiator/raddb/datatransmit.hook' in /usr/local/etc/radius-accounting.cfg line 0 Now if I replace the "/data/radiator/raddb" with the variable '%D' as defined in the config to be such the directory for my users and dictionary files, I get the same error.. but like this: ERR: Unknown keyword '%D/datatransmit.hook' in /usr/local/etc/radius-accounting.cfg line 0 The line 0 blows my mind.. a level 4 trace doesn't give any other detail than the above line. Any other possible ideas? Cassidy Cassidy B. Larson -- Network Operations Manager InfoWest, Inc. * 596 E. Tabernacle * St. George, UT 84770 Voice: 435-674-0165 * FAX: 435-674-9654 [EMAIL PROTECTED] === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Hooks in Accounting only servers?
Hello Cassidy -
On Fri, 11 Jan 2002 11:21, Cassidy B. Larson wrote:
> I'm working on a new little feature that takes the 'Account-Output-Octets'
> and 'Account-Input-Octets' within the Accounting Stop packet and
> increments a particular users monthly record in a table I have created. If
> there
> is not a record for the month with this username it creates one with the
> information.
>
> My current setup is that I have separated my Authentication and Accounting
> servers into two different config files while running two different
> Radiator processes
> each with its own config.
>
> Can PostAuthHooks work within an accounting only radiator?
>
Yes, hooks work for both authentication and accounting.
> I'm getting these errors in my accounting-logfile upon restarting my
> radius: ERR: Unknown keyword './raddb/datatransmit.hook' in
> /usr/local/etc/radius-accounting.cfg line 0
>
> Wierd I know...
> Here's a snipit from my radius-accounting.cfg file...
>
>
>
> AuthByPolicy ContinueWhileReject
>
> AuthByPolicy ContinueWhileAccept
> AuthBy DefaultAuth
>
> Filename /data/radiator/raddb/users
>
> PostAuthHook
> file:"/data/radiator/raddb/datatransmit.hook"
>
> The file above does exist. Here is is, if anybody cares.. It doesn't
> produce any errors when
> run directly with perl.
>
> sub {
> my $p = ${$_[0]};
> my $identifier;
> my $d;
>
> my($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) =
> localtime(time());
> $year += 1900;
> $mon += 1;
> my $DATE = "'".$year."-".$mon."'";
>
> my $username = $p->get_attr('Username');
> my $class = $p->get_attr('Class');
> my $IN = $p->get_attr('Acct-Input-Octets');
> my $OUT = $p->get_attr('Acct-Output-Octets');
>
> if (!$IN) { $IN = 0; }
> if (!$OUT) { $OUT = 0; }
>
> my $dbh =
> DBI->connect("DBI:mysql::**","radiusupdate","*");
>
> if (($d = $dbh->do("SELECT USERNAME from DATATRANSMIT where
> USERNAME=if('$class' LIKE '%#IW', '
> $username\@infowest.com',if('$class' LIKE
> '%#NU','$username\@netutah.com','$username')) AND DATE=$DATE")) > 0) {
> $dbh->do("UPDATE DATATRANSMIT SET
> IN_TRANSFER=IN_TRANSFER+$IN,OUT_TRANSFER+$OUT where USERNAME=if('$class'
> LIKE '%#IW', '$username\@infowest.com',if('$class' LIKE
> '%#NU','$username\@netutah.
> com','$username')) AND DATE=$DATE");
> } else {
> $dbh->do("INSERT INTO DATATRANSMIT
> (USERNAME,DATE,IN_TRANSFER,OUT_TRANSFER) VALUES (if('$class' LIKE '%#IW',
> '$username\@infowest.com',if('$class' LIKE
> '%#NU','$username\@netutah.com','$username')),$DATE,$IN,$OUT)");
> }
> $dbh->disconnect || warn $dbh->errstr;
> return;
> }
>
> Within the goodies/hooks.txt file that Hugh always refers people to, I see
> this:
>
>
>
>
> PostAuthHook file:"%D/replaceProfiles"
>
>
> So I assume my syntax in my radius config is correct.. Problem being the
> error in the logfile.
>
> Ideas?
>
I suspect the problem is because the file:"..." is on a separate line.
AuthByPolicy ContinueWhileReject
AuthByPolicy ContinueWhileAccept
AuthBy DefaultAuth
Filename /data/radiator/raddb/users
PostAuthHook
file:"/data/radiator/raddb/datatransmit.hook"
You should use a "\" to continue the line:
PostAuthHook \
file:"/data/radiator/raddb/datatransmit.hook"
regards
Hugh
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
(RADIATOR) Hooks in Accounting only servers?
I'm working on a new little feature that takes the 'Account-Output-Octets'
and 'Account-Input-Octets' within the Accounting Stop packet and
increments a particular users monthly record in a table I have created. If
there
is not a record for the month with this username it creates one with the
information.
My current setup is that I have separated my Authentication and Accounting
servers into two different config files while running two different Radiator
processes
each with its own config.
Can PostAuthHooks work within an accounting only radiator?
I'm getting these errors in my accounting-logfile upon restarting my radius:
ERR: Unknown keyword './raddb/datatransmit.hook' in
/usr/local/etc/radius-accounting.cfg line 0
Wierd I know...
Here's a snipit from my radius-accounting.cfg file...
AuthByPolicy ContinueWhileReject
AuthByPolicy ContinueWhileAccept
AuthBy DefaultAuth
Filename /data/radiator/raddb/users
PostAuthHook
file:"/data/radiator/raddb/datatransmit.hook"
The file above does exist. Here is is, if anybody cares.. It doesn't produce
any errors when
run directly with perl.
sub {
my $p = ${$_[0]};
my $identifier;
my $d;
my($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) =
localtime(time());
$year += 1900;
$mon += 1;
my $DATE = "'".$year."-".$mon."'";
my $username = $p->get_attr('Username');
my $class = $p->get_attr('Class');
my $IN = $p->get_attr('Acct-Input-Octets');
my $OUT = $p->get_attr('Acct-Output-Octets');
if (!$IN) { $IN = 0; }
if (!$OUT) { $OUT = 0; }
my $dbh =
DBI->connect("DBI:mysql::**","radiusupdate","*");
if (($d = $dbh->do("SELECT USERNAME from DATATRANSMIT where
USERNAME=if('$class' LIKE '%#IW', '
$username\@infowest.com',if('$class' LIKE
'%#NU','$username\@netutah.com','$username')) AND DATE=$DATE")) > 0) {
$dbh->do("UPDATE DATATRANSMIT SET
IN_TRANSFER=IN_TRANSFER+$IN,OUT_TRANSFER+$OUT where USERNAME=if('$class'
LIKE '%#IW', '$username\@infowest.com',if('$class' LIKE
'%#NU','$username\@netutah.
com','$username')) AND DATE=$DATE");
} else {
$dbh->do("INSERT INTO DATATRANSMIT
(USERNAME,DATE,IN_TRANSFER,OUT_TRANSFER) VALUES (if('$class' LIKE '%#IW',
'$username\@infowest.com',if('$class' LIKE
'%#NU','$username\@netutah.com','$username')),$DATE,$IN,$OUT)");
}
$dbh->disconnect || warn $dbh->errstr;
return;
}
Within the goodies/hooks.txt file that Hugh always refers people to, I see
this:
PostAuthHook file:"%D/replaceProfiles"
So I assume my syntax in my radius config is correct.. Problem being the
error in the logfile.
Ideas?
Cassidy
Cassidy B. Larson -- Network Operations Manager
InfoWest, Inc. * 596 E. Tabernacle * St. George, UT 84770
Voice: 435-674-0165 * FAX: 435-674-9654
[EMAIL PROTECTED]
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Hooks
Hello SJ -
On Thu, 15 Jun 2000, [EMAIL PROTECTED] wrote:
> I tried the PreAuthHook, but I've got a problem
>
> Details from the config file:
> -
>
>
> PreAuthHook file:"/d1/rad/data/hook1.pl"
>
>
>
>
>
> The Perl test file:
> ---
>
> #!/usr/local/bin/perl
> #
>
> use DBI;
> use strict;
>
> sub{
>
> $dsn = "DBI:mysql:radius";
> my $dbh = DBI->connect($dsn,"","x") || die "DB open error";
> $sth = $dbh->prepare("update SUBSCRIBERS set MINUTES=MINUTES-1 where
> USERNAME='jim'");
> $sth->execute;
> $sth->finish;
> $dbh->disconnect();
>
> }
>
>
> When I tried to run the script from the command line, it decremented the
> MINUTES column by 1. When I used the radpwtst utility, it decremented by 3, I think
>the
> script has run 3 times.
>
> Can someone tell me what's wrong ?
>
There is nothing wrong. The radpwtst utility sends three requests by default:
an Access-Request, an Accounting Start and an Accounting Stop. Hence your Hook
is being called 3 times.
regards
Hugh
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
(RADIATOR) Hooks
I tried the PreAuthHook, but I've got a problem
Details from the config file:
-
PreAuthHook file:"/d1/rad/data/hook1.pl"
The Perl test file:
---
#!/usr/local/bin/perl
#
use DBI;
use strict;
sub{
$dsn = "DBI:mysql:radius";
my $dbh = DBI->connect($dsn,"","x") || die "DB open error";
$sth = $dbh->prepare("update SUBSCRIBERS set MINUTES=MINUTES-1 where
USERNAME='jim'");
$sth->execute;
$sth->finish;
$dbh->disconnect();
}
When I tried to run the script from the command line, it decremented the
MINUTES column by 1. When I used the radpwtst utility, it decremented by 3, I think the
script has run 3 times.
Can someone tell me what's wrong ?
SJ.
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
(RADIATOR) Hooks
A small number of people have experienced problems with hooks in 2.13. We have fixed all the known problems, and you can find details about how to get the fixes at http://www.open.com.au/radiator/downloads/patches-2.13/README We apologise for those problems, and thank the people who reported them to us. Cheers. -- Mike McCauley [EMAIL PROTECTED] Open System Consultants Pty. LtdUnix, Perl, Motif, C++, WWW 24 Bateman St Hampton, VIC 3188 Australia Consulting and development Phone, Fax: +61 3 9598-0985 http://www.open.com.au Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, external, etc etc on Unix, Win95/8, NT, Rhapsody === To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Hooks don't work!!!
-BEGIN PGP SIGNED MESSAGE- Hi, Is anyone using some kind of hook to authenticate? I've tried to do the most simple kinds of hooks (PreAuth, PreClient, PostAuth)... Just simple prints to a file... but they don't work I'm using Radiator 2.13.1 with all the patches. Can someone help? Thanks a lot - --- Arturo Pina - [EMAIL PROTECTED] CTV Internet [http://www.ctv.es/] +34 902 444557 -BEGIN PGP SIGNATURE- Version: 2.6.3i Charset: noconv iQCVAwUBNuPGy9+A5jTOp/8tAQEU9AP8CYGtDCtl/dzccF9bRrKFX267FHKHHUj2 FjulXtILFNYbyekQHIkMSC4CjnPEEBRlnKj5QeA2/6wXzxPYXamTjfpKveDXOD3m DA9Na+4deYdaeUh4U4iPXdn6KTi8yL4rRNDquID7i5ELT8pZmorI/6CPMc4bBZGm lqbgw238SPQ= =Bq3B -END PGP SIGNATURE- === To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
