Use of buffered-sql for logging auth data to db

Matthew Newton mcn4 at leicester.ac.uk
Mon Oct 17 11:52:57 CEST 2016


On Mon, Oct 17, 2016 at 10:38:18AM +0100, Alex Sharaz wrote:
> FR 3.0.12
> 
> Is the use of the buffered-sql virtual host just for processing accounting
> data ?

It's just a detail reader. So it reads packets from a file and
processes them as if they had just arrived over the network.

> What about radpostauth data ?

Don't see why not. As long as you are only logging and not
expecting to send anything back to a NAS.

> Just set up the buffered-sql config and I can see that a file called
> detail.work has been created .... with  Accounting packets in it. Is this
> file supposed to change size as records get processed?

The detail writer (just rlm_detail) writes to a log file as it
usually does - called "detail".

The detail reader (in sites-enabled/buffered-sql) reads that log
file and feeds the packets into (usually) sql.

It renames the file to "detail.work" before reading so that the
detail writer doesn't add to the end of the file while it's being
processed. So you'll occasionally see both files.

> currently just using a file called detail  and not detail-<timestamp .....>

Yes. Will need to in this setup. If you want a timestamped file as
well then just use another instance of rlm_detail.

For general craziness... we currently use linelog to write out a
file that looks like an Acct detail file, from an Auth packet.
Then a detail reader to reprocess that file and relay it over to
another FR server, where it gets logged (rather than using sql as
in the buffered-sql config). Probably wouldn't do that now, but
shows what you can do with it. It's been rock solid for ~5 years.

Matthew


-- 
Matthew Newton, Ph.D. <mcn4 at leicester.ac.uk>

Systems Specialist, Infrastructure Services,
I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom

For IT help contact helpdesk extn. 2253, <ithelp at le.ac.uk>


More information about the Freeradius-Users mailing list