In my case it may be as much as 6 times now :(
Initially we had 2 AuthBy SQL, one for checking non encrypted passwords, one for encrypted passwords. Both of these entered data into the ACCOUNTING table.
Now we have 6 AuthBy SQL clauses.
- one for non encrypted passwords with no ACCOUNTING table (used for
authethication only)
- one for non encrypted passwords with ACCOUNTING table
- one for non encrypted passwords with MONTHLY table (secondary mysql
table)
- one for encrypted passwords with no ACOUNTING table (used for authethication
only)
- one for encrypted passwords with ACOUNTING table
- one for encrypted passwords with MONTH table (secondary mysql table)
However, doing this does not work properly as it produces duplicate
entries.
Please advise on how to correct this. Thanks.
Below is an excerpt from my current radius.cfg file.
#define this AuthBy to check
the clear text password
<AuthBy SQL>
Identifier CheckClearTextPassword
# Adjust DBSource, DBUsername, DBAuth to suit your DB
DBSource dbi:mysql:freeside:xxx.xxx.xxx.xxx
DBUsername xxxx
DBAuth xxxxx
AuthSelect select _password from svc_acct where username='%n'
DefaultReply Service-Type
= Framed-User, Framed-Protocol = PPP, Framed-MTU = 1524, Framed-Routing
= None, Framed-Compression = Van-Jacobson-TCP-IP, Framed-IP-Netmask = 255.255.255.255
</AuthBy>
# define this AuthBy to check
the encrypted password
<AuthBy SQL>
Identifier CheckEncryptedPassword
# Adjust DBSource, DBUsername, DBAuth to suit your DB
DBSource dbi:mysql:freeside:xxx.xxx.xxx.xxx
DBUsername xxxxx
DBAuth xxxxx
AuthSelect select ENCRYPTEDPASSWORD from svc_acct where USERNAME='%n'
EncryptedPassword
DefaultReply Service-Type
= Framed-User, Framed-Protocol = PPP, Framed-MTU = 1524, Framed-Routing
= None, Framed-Compression = Van-Jacobson-TCP-IP, Framed-IP-Netmask = 255.255.255.255
</AuthBy>
# Insert accounting details
into Mysql table MONTH after checking encrypted password
<AuthBy SQL>
Identifier AccountingMonth
# Adjust DBSource, DBUsername,
DBAuth to suit your DB
DBSource dbi:mysql:freeside:xxx.xxx.xxx.xxx
DBUsername xxxxx
DBAuth xxxxx
AuthSelect select ENCRYPTEDPASSWORD from svc_acct where USERNAME='%n'
EncryptedPassword
# You may want to tailor
these for your ACCOUNTING table
AccountingTable MONTH
AcctColumnDef USERNAME,User-Name
AcctColumnDef TIME_STAMP,Timestamp,integer
AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer
AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
AcctColumnDef ACCTSESSIONID,Acct-Session-Id
AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause
AcctColumnDef NASIDENTIFIER,NAS-Identifier
AcctColumnDef NASPORT,NAS-Port,integer
AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
AcctColumnDef CALLEDSTATIONID,Called-Station-Id
AcctColumnDef CALLINGSTATIONID,Calling-Station-Id
AcctColumnDef CONNECTRATE,Ascend-Data-Rate
AcctColumnDef XMITRATE,Ascend-Xmit-Rate
</AuthBy>
# Insert accounting details
into Mysql table ACCOUNTING after checking encrypted password
<AuthBy SQL>
Identifier AccountingArchive
# Adjust DBSource, DBUsername,
DBAuth to suit your DB
DBSource dbi:mysql:freeside:xxx.xxx.xxx.xxx
DBUsername xxxxx
DBAuth xxxxx
AuthSelect select ENCRYPTEDPASSWORD from svc_acct where USERNAME='%n'
EncryptedPassword
# You may want to tailor
these for your ACCOUNTING table
AccountingTable ACCOUNTING
AcctColumnDef USERNAME,User-Name
AcctColumnDef TIME_STAMP,Timestamp,integer
AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer
AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
AcctColumnDef ACCTSESSIONID,Acct-Session-Id
AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause
AcctColumnDef NASIDENTIFIER,NAS-Identifier
AcctColumnDef NASPORT,NAS-Port,integer
AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
AcctColumnDef CALLEDSTATIONID,Called-Station-Id
AcctColumnDef CALLINGSTATIONID,Calling-Station-Id
AcctColumnDef CONNECTRATE,Ascend-Data-Rate
AcctColumnDef XMITRATE,Ascend-Xmit-Rate
</AuthBy>
# Insert accounting details
into Mysql table ACCOUNTING after checking non-encrypted password
<AuthBy SQL>
Identifier AccountingArchive1
# Adjust DBSource, DBUsername,
DBAuth to suit your DB
DBSource dbi:mysql:freeside:xxx.xxx.xxx.xxx
DBUsername xxxxx
DBAuth xxxxx
AuthSelect select _password from svc_acct where username='%n'
# You may want to tailor
these for your ACCOUNTING table
AccountingTable ACCOUNTING
AcctColumnDef USERNAME,User-Name
AcctColumnDef TIME_STAMP,Timestamp,integer
AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer
AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
AcctColumnDef ACCTSESSIONID,Acct-Session-Id
AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause
AcctColumnDef NASIDENTIFIER,NAS-Identifier
AcctColumnDef NASPORT,NAS-Port,integer
AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
AcctColumnDef CALLEDSTATIONID,Called-Station-Id
AcctColumnDef CALLINGSTATIONID,Calling-Station-Id
AcctColumnDef CONNECTRATE,Ascend-Data-Rate
AcctColumnDef XMITRATE,Ascend-Xmit-Rate
</AuthBy>
# Insert accounting details
into Mysql table MONTH after checking non-encrypted password
<AuthBy SQL>
Identifier AccountingMonth1
# Adjust DBSource, DBUsername, DBAuth to suit your DB
DBSource dbi:mysql:freeside:xxx.xxx.xxx.xxx
DBUsername xxxxx
DBAuth xxxxx
AuthSelect select _password from svc_acct where username='%n'
# You may want to tailor
these for your ACCOUNTING table
AccountingTable MONTH
AcctColumnDef USERNAME,User-Name
AcctColumnDef TIME_STAMP,Timestamp,integer
AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer
AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
AcctColumnDef ACCTSESSIONID,Acct-Session-Id
AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause
AcctColumnDef NASIDENTIFIER,NAS-Identifier
AcctColumnDef NASPORT,NAS-Port,integer
AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
AcctColumnDef CALLEDSTATIONID,Called-Station-Id
AcctColumnDef CALLINGSTATIONID,Calling-Station-Id
AcctColumnDef CONNECTRATE,Ascend-Data-Rate
AcctColumnDef XMITRATE,Ascend-Xmit-Rate
</AuthBy>
# define an AuthBy GROUP
to do both checks of non-encrypted and encrypted passwords
<AuthBy GROUP>
Identifier CheckPassword
AuthByPolicy ContinueUntilAccept
AuthBy CheckClearTextPassword
AuthBy CheckEncryptedPassword
</AuthBy>
# Used for handling requests
with realms (sec 6.12)
<Handler Realm = /(nobbys.net.au|nobbys.net|nobbys)/i>
#Strip the realm from all
requests for nobbys.net.au realms
RewriteUsername s/^([^@]+).*/$1/
RewriteUsername tr/A-Z/a-z/
# Log accounting for this
realm to the following file in LogDir (sec 6.13.4)
AcctLogFileName %L/account.%Y%m%d
# Set the number of simultaneous
sessions allowed for users in this realm
# (sec 6.13.3)
MaxSessions 1
# File that records all
authentication attempts for this realm (sec 6.13.7)
PasswordLogFileName %L/password.%Y%m%d
AuthByPolicy ContinueAlways
AuthBy CheckPassword
AuthBy AccountingArchive
AuthBy AccountingMonth
AuthBy AccountingArchive1
AuthBy AccountingMonth1
</Handler>
Hugh Irvine wrote:
Hello Colin -On Fri, 15 Dec 2000, Colin wrote:
>
> Hi,
>
> We currently have radiator storing the accounting records into the Mysql
> Accounting table.
>
> Is it possible by using the radius.cfg file to insert the same
> accounting data into another table as well as the accounting table
> during authentication.
>
> I added another 'AccountingTable tablename' together with the same
> AcctColumnDefs in the <AuthBy SQL>. Essentially i had two blocks for
> storing data into Mysql but into separate tables, however this does not
> seem to work as its producing errors and not logging any data.
>
> I have also attempted to use the AcctSQLStatement syntax but this also
> produces errors as the number of columns do not match the number of
> attributes that radius picks up which seems to vary from time to time.
>
> Is there a proper way to acheive this?
>Yes - use two AuthBy SQL clauses.
# configuration with two SQL clauses
<AuthBy SQL>
Identifier SQLAccounting1
DBSource ....
DBUsername ....
DBAuth ....
.....
</AuthBy><AuthBy SQL>
Identifier SQLAccounting2
DBSource ....
DBUsername ....
DBAuth ....
.....
</AuthBy># your normal Realms or Handlers
<Handler>
AuthByPolicy ContinueAlways
AuthBy SQLAccounting1
AuthBy SQLAccounting2
AuthBy .....
</Handler>Have a look at section 6.26 in the Radiator 2.17.1 reference manual.
There are also examples in the "goodies" directory and there are many examples
and discussions on the archive site:http://www.starport.net/~radiator
hth
Hugh
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
