Accounting Request
Muhammed Buvaydani
muhammed.buvaydani at netcom.com.tr
Wed Jun 27 16:18:01 CEST 2018
I working on freeradius twith fortigate firewall . every things go fine and now I can make authentication and accounting. My problem is when making authentication for any user accounting-request from nas is send to Radius server and the user's info will insert again into radacct table, which will make big wrong in my program
This is the Radius - x result when making authentication
Sending Access-Accept of id 78 to 10.10.0.103 port 1030
Cisco-AVPair = "shell:priv-lvl=1"
Idle-Timeout = 1000
Finished request 0.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Accounting-Request packet from host 10.10.0.103 port 1030, id=79, leng th=122
Acct-Status-Type = Start
Acct-Session-Id = "1018bc85"
User-Name = "10966417880"
NAS-Identifier = "ftg"
Framed-IP-Address = 192.168.33.4
Fortinet-Client-IP-Address = 192.168.33.4
Fortinet-Vdom-Name = "root"
NAS-IP-Address = 10.10.0.20
Called-Station-Id = "10.10.0.20"
Calling-Station-Id = "192.168.33.4"
Event-Timestamp = "Jun 27 2018 16:44:33 +03"
# Executing section preacct from file /etc/freeradius/sites-enabled/default.save
+group preacct {
++[preprocess] = ok
[acct_unique] WARNING: Attribute NAS-Port was not found in request, unique ID MA Y be inconsistent
[acct_unique] Hashing ',NAS-Identifier = "ftg",NAS-IP-Address = 10.10.0.20,Acct- Session-Id = "1018bc85",User-Name = "10966417880"'
[acct_unique] Acct-Unique-Session-ID = "a5d8f840a1843c92".
++[acct_unique] = ok
[suffix] No '@' in User-Name = "10966417880", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] = noop
+} # group preacct = ok
# Executing section accounting from file /etc/freeradius/sites-enabled/default.s ave
+group accounting {
[detail] expand: %{Packet-Src-IP-Address} -> 10.10.0.103
[detail] expand: /var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:- %{Packet-Src-IPv6-Address}}/detail-%Y%m%d -> /var/log/freeradius/radacct/10.10.0 .103/detail-20180627
[detail] /var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IP v6-Address}}/detail-%Y%m%d expands to /var/log/freeradius/radacct/10.10.0.103/de tail-20180627
[detail] expand: %t -> Wed Jun 27 16:44:33 2018
++[detail] = ok
[sradutmp] expand: /var/log/freeradius/sradutmp -> /var/log/freeradius/srad utmp
[sradutmp] expand: %{User-Name} -> 10966417880
rlm_radutmp: No NAS-Port seen. Cannot do anything.
rlm_radumtp: WARNING: checkrad will probably not work!
++[sradutmp] = noop
[sql] expand: %{User-Name} -> 10966417880
[sql] sql_set_user escaped user --> '10966417880'
[sql] expand: %{Acct-Delay-Time} ->
[sql] ... expanding second conditional
[sql] expand: INSERT INTO radacct (acctsessionid, ac ctuniqueid, username, realm, nasipaddress, naspo rtid, nasporttype, acctstarttime, acctstoptime, acctsessiontime, acctauthentic, connectinfo_start, connectinf o_stop, acctinputoctets, acctoutputoctets, calledstationid, calli ngstationid, acctterminatecause, servicetype, framedprotocol, framedipaddress, acctstartdelay, acctstopdelay, xascendsessi onsvrkey) VALUES ('%{Acct-Session-Id}', '%{Acct-Unique-Ses sion-Id}', '%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-A ddress}', '%{NAS-Port}', '%{NAS-Port-Type}', '%S', NULL, '0', '%{Acct-Authentic}', '%{Connect-Info}', '', '0', '0', '%{Called-Station-Id}', '%{Calling-Station-Id}', '', '%{Ser vice-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}',
rlm_sql (sql): Reserving sql socket id: 27
rlm_sql (sql): Released sql socket id: 27
++[sql] = ok
[attr_filter.accounting_response] expand: %{User-Name} -> 10966417880
attr_filter: Matched entry DEFAULT at line 12
++[attr_filter.accounting_response] = updated
+} # group accounting = updated
Sending Accounting-Response of id 79 to 10.10.0.103 port 1030
Finished request 1.
Cleaning up request 1 ID 79 with timestamp +41
Going to the next request
Waking up in 4.9 seconds.
Cleaning up request 0 ID 78 with timestamp +41
Ready to process requests.
This mean every user will has tow records in to radacct table how can I stop that .
More information about the Freeradius-Users
mailing list