Гм.... нме всетаки интересно, как организовать полноценную работу FreeRadius.
Мне лично очень критичны данные о старте сессии и ее окончании, общей длительности, и прогнаном трафике. (с трафиком ладно), но вот как организовать остальное?
а то utm_radius бесит, зачем мне авторизовывать юзера - если он блокирован. :-\
FreeRadius + UTM5
Возникла непонятная проблема с FreeRADIUS'ом , заведомо верные запросы не для акаунтинга не выполняются . Создал в базе стандартную таблицу radacct , из базы радиуса . Запросы на акаунтинг также взял стандартные . Увы , результат тотоже - в таблице пусто .
-------sql.conf---------------------------
sql {
# Database type
driver = "rlm_sql_mysql"
# Connect info
server = "localhost"
login = "root"
password = ""
# Database table configuration
radius_db = "base_v06"
# Print all SQL statements when in debug mode (-x)
sqltrace = yes
sqltracefile = /var/log/freeradius/sqltrace.sql
# number of sql connections to make to server
num_sql_socks = 5
# number of seconds to dely retrying on a failed database
# connection (per_socket)
connect_failure_retry_delay = 60
sql_user_name = "%{User-Name}"
authorize_check_query = "SELECT users.id, users.login, 'Password', users.password, ':=' FROM users WHERE users.login = '%{SQL-User-Name}' AND users.block = '0
'"
authorize_reply_query = "SELECT users.id, users.login, 'Framed-IP-Address', users.ip, ':=' FROM users WHERE users.login = '%{SQL-User-Name}' AND users.block =
'0'"
accounting_onoff_query = "UPDATE radacct SET AcctStopTime='%S', AcctSessionTime=unix_timestamp('%S') - unix_timestamp(AcctStartTime), AcctTerminateCause='%{Ac
ct-Terminate-Cause}', AcctStopDelay = %{Acct-Delay-Time} WHERE AcctSessionTime=0 AND AcctStopTime=0 AND NASIPAddress= '%{NAS-IP-Address}' AND AcctStartTime <= '%S'"
accounting_update_query = "UPDATE radacct SET FramedIPAddress = '%{Framed-IP-Address}' WHERE AcctSessionId = '%{Acct-Session-Id}' AND UserName = '%{SQL-User-
Name}' AND NASIPAddress= '%{NAS-IP-Address}' AND AcctStopTime = 0"
accounting_start_query = "INSERT into radacct (RadAcctId, AcctSessionId, AcctUniqueId, UserName, Realm, NASIPAddress, NASPortId, NASPortType, AcctStartTime, A
cctStopTime, AcctSessionTime, AcctAuthentic, ConnectInfo_start, ConnectInfo_stop, AcctInputOctets, AcctOutputOctets, CalledStationId, CallingStationId, AcctTerminateC
ause, ServiceType, FramedProtocol, FramedIPAddress, AcctStartDelay, AcctStopDelay) values('', '%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '
%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port-Type}', '%S', '0', '0', '%{Acct-Authentic}', '%{Connect-Info}', '', '0', '0', '%{Called-Station-Id}', '%{Ca
lling-Station-Id}', '', '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}', '%{Acct-Delay-Time}', '0')
accounting_stop_query = "UPDATE radacct SET AcctStopTime = '%S', AcctSessionTime = '%{Acct-Session-Time}', AcctInputOctets = '%{Acct-Input-Octets}', AcctOutpu
tOctets = '%{Acct-Output-Octets}', AcctTerminateCause = '%{Acct-Terminate-Cause}', AcctStopDelay = '%{Acct-Delay-Time}', ConnectInfo_stop = '%{Connect-Info}' WHERE Ac
ctSessionId = '%{Acct-Session-Id}' AND UserName = '%{SQL-User-Name}' AND NASIPAddress = '%{NAS-IP-Address}' AND AcctStopTime = 0"
----------
Ошибок в конфигах и логах нет .
Все эти эксперементы не связаны на прямую с базой UTM , так что извеняюсь за оффтоп .
-------sql.conf---------------------------
sql {
# Database type
driver = "rlm_sql_mysql"
# Connect info
server = "localhost"
login = "root"
password = ""
# Database table configuration
radius_db = "base_v06"
# Print all SQL statements when in debug mode (-x)
sqltrace = yes
sqltracefile = /var/log/freeradius/sqltrace.sql
# number of sql connections to make to server
num_sql_socks = 5
# number of seconds to dely retrying on a failed database
# connection (per_socket)
connect_failure_retry_delay = 60
sql_user_name = "%{User-Name}"
authorize_check_query = "SELECT users.id, users.login, 'Password', users.password, ':=' FROM users WHERE users.login = '%{SQL-User-Name}' AND users.block = '0
'"
authorize_reply_query = "SELECT users.id, users.login, 'Framed-IP-Address', users.ip, ':=' FROM users WHERE users.login = '%{SQL-User-Name}' AND users.block =
'0'"
accounting_onoff_query = "UPDATE radacct SET AcctStopTime='%S', AcctSessionTime=unix_timestamp('%S') - unix_timestamp(AcctStartTime), AcctTerminateCause='%{Ac
ct-Terminate-Cause}', AcctStopDelay = %{Acct-Delay-Time} WHERE AcctSessionTime=0 AND AcctStopTime=0 AND NASIPAddress= '%{NAS-IP-Address}' AND AcctStartTime <= '%S'"
accounting_update_query = "UPDATE radacct SET FramedIPAddress = '%{Framed-IP-Address}' WHERE AcctSessionId = '%{Acct-Session-Id}' AND UserName = '%{SQL-User-
Name}' AND NASIPAddress= '%{NAS-IP-Address}' AND AcctStopTime = 0"
accounting_start_query = "INSERT into radacct (RadAcctId, AcctSessionId, AcctUniqueId, UserName, Realm, NASIPAddress, NASPortId, NASPortType, AcctStartTime, A
cctStopTime, AcctSessionTime, AcctAuthentic, ConnectInfo_start, ConnectInfo_stop, AcctInputOctets, AcctOutputOctets, CalledStationId, CallingStationId, AcctTerminateC
ause, ServiceType, FramedProtocol, FramedIPAddress, AcctStartDelay, AcctStopDelay) values('', '%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '
%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port-Type}', '%S', '0', '0', '%{Acct-Authentic}', '%{Connect-Info}', '', '0', '0', '%{Called-Station-Id}', '%{Ca
lling-Station-Id}', '', '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}', '%{Acct-Delay-Time}', '0')
accounting_stop_query = "UPDATE radacct SET AcctStopTime = '%S', AcctSessionTime = '%{Acct-Session-Time}', AcctInputOctets = '%{Acct-Input-Octets}', AcctOutpu
tOctets = '%{Acct-Output-Octets}', AcctTerminateCause = '%{Acct-Terminate-Cause}', AcctStopDelay = '%{Acct-Delay-Time}', ConnectInfo_stop = '%{Connect-Info}' WHERE Ac
ctSessionId = '%{Acct-Session-Id}' AND UserName = '%{SQL-User-Name}' AND NASIPAddress = '%{NAS-IP-Address}' AND AcctStopTime = 0"
----------
Ошибок в конфигах и логах нет .
Все эти эксперементы не связаны на прямую с базой UTM , так что извеняюсь за оффтоп .