(no subject)

Bugneac Constantin bugneac at registru.md
Tue Apr 4 12:05:28 CEST 2006 

Hi!
I have Freeradius ver. 1.1.1 running with MySQL and configured for EAP-PEAP
to work with Cisco AP1231AG Wi-Fi Access Point. It is used for user authentication
and accounting. I configured AP for accounting updates every 1 minute.
I observed a strange behavior. This I get when user is logged in:

rad_recv: Accounting-Request packet from host 193.100.101.230:1646, id=11, length=298
        Acct-Session-Id = "00000002"
        Called-Station-Id = "0012.7fce.63d0"
        Calling-Station-Id = "0004.238b.f5e5"
        Cisco-AVPair = "ssid=Registru_Networks"
        Cisco-AVPair = "vlan-id=0"
        Cisco-AVPair = "nas-location=Sala_de_Sedinte_et2"
        WISPr-Location-Name = "Sala_de_Sedinte_et2"
        User-Name = "cisco"
        Cisco-AVPair = "connect-progress=Call Up"
        Acct-Session-Time = 566
        Acct-Input-Octets = 1853338
        Acct-Output-Octets = 1811068
        Acct-Input-Packets = 3317
        Acct-Output-Packets = 2230
        Acct-Authentic = RADIUS
        Acct-Status-Type = Interim-Update
        NAS-Port-Type = Wireless-802.11
        Cisco-NAS-Port = "257"
        NAS-Port = 257
        Service-Type = Framed-User
        NAS-IP-Address = 193.100.101.230
        Acct-Delay-Time = 0
  Processing the preacct section of radiusd.conf
modcall: entering group preacct for request 20
  modcall[preacct]: module "preprocess" returns noop for request 20
rlm_acct_unique: Hashing 'NAS-Port = 257,Client-IP-Address = 193.100.101.230,NAS-IP-Address = 193.100.101.230,Acct-Session-Id = "00000002",User-Name = "cisco"'
rlm_acct_unique: Acct-Unique-Session-ID = "08f82868ccd223c7".
  modcall[preacct]: module "acct_unique" returns ok for request 20
    rlm_realm: No '@' in User-Name = "cisco", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[preacct]: module "suffix" returns noop for request 20
modcall: leaving group preacct (returns ok) for request 20
  Processing the accounting section of radiusd.conf
modcall: entering group accounting for request 20
radius_xlat:  'cisco'
rlm_sql (sql): sql_set_user escaped user --> 'cisco'
radius_xlat:  'UPDATE radacct SET FramedIPAddress = if(''='VoIP','',''), AcctInputOctets = '1853338', AcctOutputOctets = '1811068' WHERE AcctSessionId = '00000002' AND UserName = 'cisco' AND NASIPAddress= '193.100.101.230' AND AcctStopTime = 0'
rlm_sql (sql): Reserving sql socket id: 4
rlm_sql (sql): Released sql socket id: 4


After 10 minutes of working AP sends Access-Request to Radius with Service-Type = Authenticate-Only:

rad_recv: Access-Request packet from host 193.100.101.230:1645, id=11, length=119
        User-Name = "cisco"
        Framed-MTU = 1400
        Called-Station-Id = "0012.7fce.63d0"
        Calling-Station-Id = "0004.238b.f5e5"
        Service-Type = Authenticate-Only
        Message-Authenticator = 0x022a4d954819b3fd4dc515c7041f6335
        EAP-Message = 0x0201000a01636973636f
        NAS-Port-Type = Wireless-802.11
        NAS-Port = 257
        NAS-IP-Address = 193.100.101.230

and after authenticating I get:

Processing the preacct section of radiusd.conf
modcall: entering group preacct for request 28
  modcall[preacct]: module "preprocess" returns noop for request 28
rlm_acct_unique: Hashing 'NAS-Port = 257,Client-IP-Address = 127.0.0.1,NAS-IP-Address = 193.100.101.230,Acct-Session-Id = "00000002",User-Name = "cisco"'
rlm_acct_unique: Acct-Unique-Session-ID = "006880115bf32fe3".
  modcall[preacct]: module "acct_unique" returns ok for request 28
    rlm_realm: No '@' in User-Name = "cisco", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[preacct]: module "suffix" returns noop for request 28
modcall: leaving group preacct (returns ok) for request 28
  Processing the accounting section of radiusd.conf
modcall: entering group accounting for request 28
radius_xlat:  'cisco'
rlm_sql (sql): sql_set_user escaped user --> 'cisco'
radius_xlat:  'UPDATE radacct SET RX='', TX='', AcctStopTime = '2006-04-04 11:45:21', AcctSessionTime = '0', AcctInputOctets = '0', AcctOutputOctets = '0', AcctTerminateCause = if(''='VoIP','',''), AcctStopDelay = '0', ConnectInfo_stop = '' WHERE AcctSessionId = '00000002' AND UserName = 'cisco' AND NASIPAddress = '193.100.101.230' AND AcctStopTime = 0'
rlm_sql (sql): Reserving sql socket id: 1
rlm_sql (sql): Released sql socket id: 1

This clears the accounting with zero and I loose statistics.
Why I get Client-IP-Address = 127.0.0.1 in second accounting hash calculation?
In first accounting request Client-IP-Address is 193.100.101.230. 
I think this causes hases not to be the same (006880115bf32fe3 visa 08f82868ccd223c7) and the result is interim accounting clearing.
Is this a BUG?
Where I am wrong?

Please help me to find the problem.

Constantin.

More information about the Freeradius-Users mailing list