proxy questions

Justin Church jcc at unc.edu
Tue Nov 14 21:25:46 CET 2006


Nevermind.  I was using the wrong operator.  Needed:

DEFAULT Proxy-To-Realm := "NULL"

Thanks.

-jc

Justin Church wrote:
> Alan DeKok wrote:
>> Justin Church <jcc at unc.edu> wrote:
>>> I need to be able to proxy accounting requests that arrive with no 
>>> User-Name attribute.  Is that possible?  I haven't been able to make 
>>> it work.  Maybe I could insert a dummy User-Name pre-proxy and remove 
>>> it post-proxy?
>>
>>  No.  Just set Proxy-To-Realm = "realm".
> 
> Not exactly sure where to set this.  I've tried acct_users with no luck:
> 
> rad_recv: Accounting-Request packet from host 152.2.199.26 port 32833, 
> id=10, length=81
>         NAS-Port = 5060
>         Sip-Src-IP = 152.2.199.26
>         Acct-Status-Type = Start
>         Sip-Transport-Proto = TLS
>         Acct-Session-Id = "accounting-session-1-id"
>   Processing the preacct section of radiusd.conf
> modcall:  entering group preacct for request 0
> rlm_acct_unique: WARNING: Attribute Client-IP-Address was not found in 
> request, unique ID MAY be inconsistent
> rlm_acct_unique: WARNING: Attribute User-Name was not found in request, 
> unique ID MAY be inconsistent
> rlm_acct_unique: Hashing 'NAS-Port = 5060,,NAS-IP-Address = 
> 152.2.199.26,Acct-Session-Id = "accounting-session-1-id",'
> rlm_acct_unique: Acct-Unique-Session-ID = "2c2e557e174a1b62".
> -->    rlm_realm: Proxy reply, or no User-Name.  Ignoring.
> modcall: group preacct returns noop for request 0
>   Processing the accounting section of radiusd.conf
> modcall:  entering group accounting for request 0
> radius_xlat: 
> '/usr/local/var/log/radius/radacct/152.2.199.26/detail-20061114'
> rlm_detail: 
> /usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d 
> expands to /usr/local/var/log/radius/radacct/152.2.199.26/detail-20061114
> radius_xlat:  'Tue Nov 14 14:30:25 2006'
> radius_xlat:  '/usr/local/var/log/radius/radutmp'
> radius_xlat:  ''
> modcall: group accounting returns ok for request 0
> Sending Accounting-Response of id 10 to 152.2.199.26 port 32833
> Finished request 0
> Going to the next request
> --- Walking the entire request list ---
> Cleaning up request 0 ID 10 with timestamp 455a1951
> Nothing to do.  Sleeping until we see a request.
> 
> 
> proxy.conf
> 
> realm NULL {
>   type    = radius
>   accthost  = 152.23.129.213:1815
>   secret    = <removed>
>   nostrip
> }
> 
> acct_users
> 
> DEFAULT Proxy-To-Realm = "NULL"
> 
> Thanks.
> 
> -jc
> 
>>
>>> Also, I notice that when running in -X mode, the accounting-response 
>>> is not relayed to the original client.  Works fine when not in -X mode. 
>>
>>   Weird.
>>
>>   Hmm... it may be cleaning up the request too aggressively.  I'll
>> take a look at  it.
>>
>>   Alan DeKok.
>> -- 
>>   http://deployingradius.com       - The web site of the book
>>   http://deployingradius.com/blog/ - The blog
>> - List info/subscribe/unsubscribe? See 
>> http://www.freeradius.org/list/users.html
> - List info/subscribe/unsubscribe? See 
> http://www.freeradius.org/list/users.html



More information about the Freeradius-Users mailing list