Hmmm...
You appear to be right, it appears sane today. There are no stragglers.
I would like to find a way, however, to not list certain NAS, Clients, or
Usernames in the session database.
At present, I have two situations I want to rememedy:
1. I'm getting a number of "noise" accounting packets sent by one of our
vendors to check our server is working. These packets tend to pollute the
session database, but can be easily ignored if I can prevent them from
making it to the session database by UserID.
2. I've got a number of accounting packets coming in from one NAS in order
to track 1-800 service. 50% of this same NAS includes accounting packets I
do not want in the radwho database, and am presently not logging to file
because I don't want to see them, except when debugging. The rest of the
packets I am very interested in tracking, and am presentlying doing this by
realm for this NAS -- packets w/o a realm are ignored for logging to file
for accounting, the rest are kept.
Any suggestions for either of these?
--
Roy Hooper ([EMAIL PROTECTED])
Sr. Systems Administrator
Network Operations
Cyberus Online Inc, an eisa.com company
> -----Original Message-----
> From: Hugh Irvine [mailto:[EMAIL PROTECTED]]
> Sent: Sunday, November 28, 1999 7:38 PM
> To: Roy Hooper; [EMAIL PROTECTED]
> Cc: Roy Hooper
> Subject: Re: (RADIATOR) Session Database
>
>
>
> Hello Roy -
>
> On Sat, 27 Nov 1999, Roy Hooper wrote:
> > I'm looking at the session database, and it appears that
> Acct-Start records
> > are not what is used to create an entry, but rather
> authentication-Accept
> > packets.
> >
> > Is there a particular reason for this? I'm finding that this method is
> > leaving stray data behind.
> >
>
> Here is the relevant code fragment from Handler.pm:
>
>
> if ($status_type eq 'Start' || $status_type eq 'Alive')
> {
> # Some Ciscos dont send accounting-on, so we will
> # detect a reboot with the first session (ID 00000001)
> $sessdb->clearNas($nas_id, $p)
> if $session_id eq '00000001';
>
> # Ciscos sometimes sends Alive. Use them to make _sure_
> # there is an entry in the database
> $sessdb->add($original_username, $nas_id, $nas_port, $p);
> }
> elsif ($status_type eq 'Stop')
> {
> $sessdb->delete($original_username, $nas_id, $nas_port, $p);
> }
>
>
> As you can see, the session database is updated from the
> Accounting packets
> (Start, Alive and Stop). The Access-Request packet is used as a tidy up to
> remove session database entries that may not been removed due to
> a missed Stop.
>
> Perhaps there is something else amiss? Send us a trace 4 debug
> log and we'll
> have a look.
>
> hth
>
> Hugh
>
> --
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8,
> NT, Rhapsody
>
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
