Unlang Condition Wrong Value !
Suman Dash
sumandash at gmail.com
Mon Aug 8 11:45:47 CEST 2011
Hi Arran,
Unfortunately I am not much of a programmer . Therefore if you can put
some examples / pointers based on my requirement, it will be a
headstart for me . I had also read somewhere that if we can strip the
last 3 octet then atleast 4TB of traffic can be managed in replying
back .
However, there are a lot of solutions but no examples or a working
config which can be tweaked.
Regards
Suman
On Mon, Aug 8, 2011 at 3:02 PM, Arran Cudbard-Bell
<a.cudbardb at freeradius.org> wrote:
>
> On 8 Aug 2011, at 11:09, Suman Dash wrote:
>
>> What i mean to say is that i am not using an integer to store the
>> value as integer is limited to 32bit, Instead i am directly comparing
>> output from sql query in Unlanf but it doesn't seems to work either.
>
> Then no. AFAIK FreeRADIUS doesn't support arbitrary precision mathematics. In general performance is valued over completeness when it comes to things like unlang.
>
> Here are some workarounds:
>
> * You could store the result as a string and use an external utility to do the comparison.
> * You could also try expr xlat, but i'm not sure if it supports arbitrary precision either.
> * If you're just doing an equality check, then just write the value to a string and do a straight string comparison.
> * You could do the comparison in SQL and return a boolean value (i've used this as a workaround in the past).
> * You could write an xlat wrapper around one of the arbitrary precision libraries.
>
> -Arran
>
>
>>
>> It returns false where it should be returning true.
>>
>> Regards
>>
>> On Mon, Aug 8, 2011 at 2:27 PM, Arran Cudbard-Bell
>> <a.cudbardb at freeradius.org> wrote:
>>>
>>> On 8 Aug 2011, at 09:32, Suman Dash wrote:
>>>
>>>> So it is not possible to store values more than 32 bit in Tmp-Integer.
>>>> How about direct sql statements in Unlang not involving the
>>>> Tmp-Integer. It is also not working in my scenario.
>>>>
>>>
>>> You mean a comparison of two integers from two SQL statements?
>>>
>>>> Attached is the logs.
>>>
>>> More useful would be the config...
>>>
>>> -Arran
>>>
>>>>
>>>>
>>>> Going to the next request
>>>> Ready to process requests.
>>>> rad_recv: Access-Request packet from host xxx.xx.xx.xx port 60642,
>>>> id=55, length=132
>>>> Service-Type = Framed-User
>>>> Framed-Protocol = PPP
>>>> NAS-Port = 60
>>>> NAS-Port-Type = Ethernet
>>>> User-Name = "10021"
>>>> Calling-Station-Id = "F4:EC:38:BA:8A:3B"
>>>> Called-Station-Id = "Internet"
>>>> NAS-Port-Id = "LAN"
>>>> User-Password = "10021"
>>>> NAS-Identifier = "NTL.XXXXX"
>>>> NAS-IP-Address = xxx.xx.xx.xx
>>>> # Executing section authorize from file /etc/freeradius/sites-enabled/default
>>>> +- entering group authorize {...}
>>>> ++[preprocess] returns ok
>>>> ++[chap] returns noop
>>>> ++[mschap] returns noop
>>>> ++[digest] returns noop
>>>> [suffix] No '@' in User-Name = "10021", looking up realm NULL
>>>> [suffix] No such realm "NULL"
>>>> ++[suffix] returns noop
>>>> [eap] No EAP-Message, not doing EAP
>>>> ++[eap] returns noop
>>>> [files] users: Matched entry DEFAULT at line 172
>>>> ++[files] returns ok
>>>> [sql] expand: %{User-Name} -> 10021
>>>> [sql] sql_set_user escaped user --> '10021'
>>>> rlm_sql (sql): Reserving sql socket id: 1
>>>> [sql] expand: SELECT id, username, attribute, value, op
>>>> FROM tbl_check WHERE username = '%{SQL-User-Name}'
>>>> ORDER BY id -> SELECT id, username, attribute, value, op
>>>> FROM tbl_check WHERE username = '10021' ORDER BY
>>>> id
>>>> [sql] User found in radcheck table
>>>> [sql] expand: SELECT id, username, attribute, value, op
>>>> FROM tbl_reply WHERE username = '%{SQL-User-Name}'
>>>> ORDER BY id -> SELECT id, username, attribute, value, op
>>>> FROM tbl_reply WHERE username = '10021' ORDER BY
>>>> id
>>>> [sql] expand: SELECT groupname FROM tbl_usergroup
>>>> WHERE username = '%{SQL-User-Name}' ORDER BY priority ->
>>>> SELECT groupname FROM tbl_usergroup WHERE username
>>>> = '10021' ORDER BY priority
>>>> [sql] expand: SELECT id, groupname, attribute, Value, op
>>>> FROM tbl_groupcheck WHERE groupname = '%{Sql-Group}'
>>>> ORDER BY id -> SELECT id, groupname, attribute,
>>>> Value, op FROM tbl_groupcheck WHERE groupname =
>>>> 'TEST-10G' ORDER BY id
>>>> [sql] User found in group TEST-10G
>>>> [sql] expand: SELECT id, groupname, attribute, value, op
>>>> FROM tbl_groupreply WHERE groupname = '%{Sql-Group}'
>>>> ORDER BY id -> SELECT id, groupname, attribute,
>>>> value, op FROM tbl_groupreply WHERE groupname =
>>>> 'TEST-10G' ORDER BY id
>>>> rlm_sql (sql): Released sql socket id: 1
>>>> ++[sql] returns ok
>>>> rlm_checkval: Item Name: Calling-Station-Id, Value: F4:EC:38:BA:8A:3B
>>>> rlm_checkval: Value Name: Calling-Station-Id, Value: F4:EC:38:BA:8A:3B
>>>> ++[checkval] returns ok
>>>> [expiration] Checking Expiration time: '1 Sep 2011'
>>>> ++[expiration] returns ok
>>>> ++[logintime] returns noop
>>>> ++[pap] returns updated
>>>> Found Auth-Type = PAP
>>>> # Executing group from file /etc/freeradius/sites-enabled/default
>>>> +- entering group PAP {...}
>>>> [pap] login attempt with password "xxxxx"
>>>> [pap] Using CRYPT password "Wh1vvjSX72NI6"
>>>> [pap] User authenticated successfully
>>>> ++[pap] returns ok
>>>> # Executing section session from file /etc/freeradius/sites-enabled/default
>>>> +- entering group session {...}
>>>> [radutmp] expand: /var/log/freeradius/radutmp ->
>>>> /var/log/freeradius/radutmp
>>>> [radutmp] expand: %{User-Name} -> 10021
>>>> ++[radutmp] returns ok
>>>> # Executing section post-auth from file /etc/freeradius/sites-enabled/default
>>>> +- entering group post-auth {...}
>>>> [sql] expand: %{User-Name} -> 10021
>>>> [sql] sql_set_user escaped user --> '10021'
>>>> [sql] expand: %{User-Password} -> xxxxx
>>>> [sql] expand: INSERT INTO tbl_postauth
>>>> (username, pass, reply, authdate) VALUES (
>>>> '%{User-Name}',
>>>> '%{%{User-Password}:-%{Chap-Password}}',
>>>> '%{reply:Packet-Type}', '%S') -> INSERT INTO tbl_postauth
>>>> (username, pass, reply, authdate)
>>>> VALUES ( '10021',
>>>> '10021', 'Access-Accept', '2011-08-08
>>>> 01:31:49')
>>>> rlm_sql (sql) in sql_postauth: query is INSERT INTO tbl_postauth
>>>> (username, pass, reply, authdate)
>>>> VALUES ( '10021',
>>>> '10021', 'Access-Accept',
>>>> '2011-08-08 01:31:49')
>>>> rlm_sql (sql): Reserving sql socket id: 0
>>>> rlm_sql (sql): Released sql socket id: 0
>>>> ++[sql] returns ok
>>>> ++? if ("%{sql:SELECT tbl_groupcheck.value from tbl_groupcheck JOIN
>>>> tbl_usergroup on tbl_groupcheck.groupname = tbl_usergroup.groupname
>>>> WHERE tbl_usergroup.username = '%{User-Name}'}" > "%{sql:SELECT
>>>> IFNULL(SUM(AcctInputOctets)+SUM(AcctOutputOctets),0)
>>>> FROM tbl_acct WHERE UserName='%{User-Name}' AND MONTH(acctstoptime) =
>>>> MONTH(NOW()) AND YEAR(acctstoptime) = YEAR(NOW())}")
>>>> sql_xlat
>>>> expand: %{User-Name} -> 10021
>>>> sql_set_user escaped user --> '10021'
>>>> expand: SELECT tbl_groupcheck.value from tbl_groupcheck JOIN
>>>> tbl_usergroup on tbl_groupcheck.groupname = tbl_usergroup.groupname
>>>> WHERE tbl_usergroup.username = '%{User-Name}' -> SELECT
>>>> tbl_groupcheck.value from tbl_groupcheck
>>>> JOIN tbl_usergroup on tbl_groupcheck.groupname =
>>>> tbl_usergroup.groupname WHERE tbl_usergroup.username = '10021'
>>>> rlm_sql (sql): Reserving sql socket id: 4
>>>> sql_xlat finished
>>>> rlm_sql (sql): Released sql socket id: 4
>>>> expand: %{sql:SELECT tbl_groupcheck.value from tbl_groupcheck
>>>> JOIN tbl_usergroup on tbl_groupcheck.groupname =
>>>> tbl_usergroup.groupname
>>>> WHERE tbl_usergroup.username = '%{User-Name}'} -> 23737418240
>>>> sql_xlat
>>>> expand: %{User-Name} -> 10021
>>>> sql_set_user escaped user --> '10021'
>>>> expand: SELECT
>>>> IFNULL(SUM(AcctInputOctets)+SUM(AcctOutputOctets),0) FROM tbl_acct
>>>> WHERE UserName='%{User-Name}' AND MONTH(acctstoptime) = MONTH(NOW())
>>>> AND YEAR(acctstoptime) = YEAR(NOW())
>>>> -> SELECT IFNULL(SUM(AcctInputOctets)+SUM(AcctOutputOctets),0) FROM
>>>> tbl_acct WHERE UserName='10021'
>>>> AND MONTH(acctstoptime) = MONTH(NOW()) AND YEAR(acctstoptime) = YEAR(NOW())
>>>> rlm_sql (sql): Reserving sql socket id: 3
>>>> sql_xlat finished
>>>> rlm_sql (sql): Released sql socket id: 3
>>>> expand: %{sql:SELECT
>>>> IFNULL(SUM(AcctInputOctets)+SUM(AcctOutputOctets),0) FROM tbl_acct
>>>> WHERE UserName='%{User-Name}'
>>>> AND MONTH(acctstoptime) = MONTH(NOW()) AND YEAR(acctstoptime) =
>>>> YEAR(NOW())} -> 21093361889
>>>> ? Evaluating ("%{sql:SELECT tbl_groupcheck.value from tbl_groupcheck
>>>> JOIN tbl_usergroup on tbl_groupcheck.groupname =
>>>> tbl_usergroup.groupname
>>>> WHERE tbl_usergroup.username = '%{User-Name}'}" > "%{sql:SELECT
>>>> IFNULL(SUM(AcctInputOctets)+SUM(AcctOutputOctets),0)
>>>> FROM tbl_acct WHERE UserName='%{User-Name}' AND MONTH(acctstoptime)
>>>> = MONTH(NOW()) AND YEAR(acctstoptime) = YEAR(NOW())}") -> FALSE
>>>> ++? if ("%{sql:SELECT tbl_groupcheck.value from tbl_groupcheck JOIN
>>>> tbl_usergroup on tbl_groupcheck.groupname = tbl_usergroup.groupname
>>>> WHERE tbl_usergroup.username = '%{User-Name}'}" > "%{sql:SELECT
>>>> IFNULL(SUM(AcctInputOctets)+SUM(AcctOutputOctets),0)
>>>> FROM tbl_acct WHERE UserName='%{User-Name}' AND MONTH(acctstoptime)
>>>> = MONTH(NOW()) AND YEAR(acctstoptime) = YEAR(NOW())}") -> FALSE
>>>> ++[exec] returns noop
>>>> Sending Access-Accept of id 55 to xxx.xx.xx.xx port 60642
>>>> Framed-Protocol := PPP
>>>> Framed-Compression := Van-Jacobson-TCP-IP
>>>> Framed-MTU := 1472
>>>> Idle-Timeout := 300
>>>> Reply-Message := "Welcome to Internet Services"
>>>> Mikrotik-Rate-Limit := "512K/2048K 512K/2048K 512K/2048K 180/180 8"
>>>> Framed-Netmask := 255.255.255.0
>>>> Session-Timeout = 2068091
>>>> Finished request 2.
>>>> Going to the next request
>>>> Waking up in 4.9 seconds.
>>>> rad_recv: Accounting-Request packet from host xxx.xx.xx.xx port 40276,
>>>> id=56, length=154
>>>> Service-Type = Framed-User
>>>> Framed-Protocol = PPP
>>>> NAS-Port = 60
>>>> NAS-Port-Type = Ethernet
>>>> User-Name = "10021"
>>>> Calling-Station-Id = "F4:EC:38:BA:8A:3B"
>>>> Called-Station-Id = "iBroadNet Internet"
>>>> NAS-Port-Id = "LAN"
>>>> Acct-Session-Id = "81800038"
>>>> Framed-IP-Address = 172.16.11.250
>>>> Acct-Authentic = RADIUS
>>>> Event-Timestamp = "Aug 8 2011 01:31:47 IST"
>>>> Acct-Status-Type = Start
>>>> NAS-Identifier = "NTL.xxxxx"
>>>> NAS-IP-Address = xxx.xx.xx.xx
>>>> Acct-Delay-Time = 0
>>>> # Executing section preacct from file /etc/freeradius/sites-enabled/default
>>>> +- entering group preacct {...}
>>>> ++[preprocess] returns ok
>>>> [acct_unique] Hashing 'NAS-Port = 60,Client-IP-Address =
>>>> xxx.xx.xx.xx,NAS-IP-Address = xxx.xx.xx.xx,Acct-Session-Id =
>>>> "81800038",User-Name = "10021"'
>>>> [acct_unique] Acct-Unique-Session-ID = "840514b78a2e0def".
>>>> ++[acct_unique] returns ok
>>>> [suffix] No '@' in User-Name = "10021", looking up realm NULL
>>>> [suffix] No such realm "NULL"
>>>> ++[suffix] returns noop
>>>> ++[files] returns noop
>>>> # Executing section accounting from file /etc/freeradius/sites-enabled/default
>>>> +- entering group accounting {...}
>>>> [detail] expand:
>>>> /var/log/freeradius/radacct/%{Client-IP-Address}/detail-%Y%m%d ->
>>>> /var/log/freeradius/radacct/xxx.xx.xx.xx/detail-20110808
>>>> [detail] /var/log/freeradius/radacct/%{Client-IP-Address}/detail-%Y%m%d
>>>> expands to /var/log/freeradius/radacct/xxx.xx.xx.xx/detail-20110808
>>>> [detail] expand: %t -> Mon Aug 8 01:31:49 2011
>>>> ++[detail] returns ok
>>>> ++[unix] returns ok
>>>> [radutmp] expand: /var/log/freeradius/radutmp ->
>>>> /var/log/freeradius/radutmp
>>>> [radutmp] expand: %{User-Name} -> 10021
>>>> ++[radutmp] returns ok
>>>> [sql] expand: %{User-Name} -> 10021
>>>> [sql] sql_set_user escaped user --> '10021'
>>>> [sql] expand: %{Acct-Delay-Time} -> 0
>>>> [sql] expand: INSERT INTO tbl_acct
>>>> (acctsessionid, acctuniqueid, username, realm,
>>>> nasipaddress, nasportid, nasporttype,
>>>> acctstarttime, acctstoptime, acctsessiontime,
>>>> acctauthentic, connectinfo_start, connectinfo_stop,
>>>> acctinputoctets, acctoutputoctets, calledstationid,
>>>> callingstationid, acctterminatecause, servicetype,
>>>> framedprotocol, framedipaddress, acctstartdelay,
>>>> acctstopdelay, xascendsessionsvrkey) VALUES
>>>> ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}',
>>>> '%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}',
>>>> '%{NAS-Port}', '%{NAS-Port-Type}', '%S', NULL,
>>>> '0', '%{Acct-Authentic}', '%{Connect-Info}', '', '0',
>>>> '0', '%{Called-Station-Id}', '%{Calling-Station-Id}', '',
>>>> '%{Service-Type}', '%{Framed-Protocol}',
>>>> '%{Framed-IP-Address}',
>>>> rlm_sql (sql): Reserving sql socket id: 2
>>>> rlm_sql (sql): Released sql socket id: 2
>>>> ++[sql] returns ok
>>>> ++[exec] returns noop
>>>> [attr_filter.accounting_response] expand: %{User-Name} -> 10021
>>>> attr_filter: Matched entry DEFAULT at line 12
>>>> ++[attr_filter.accounting_response] returns updated
>>>> Sending Accounting-Response of id 56 to xxx.xx.xx.xx port 40276
>>>> Finished request 3.
>>>> Cleaning up request 3 ID 56 with timestamp +17
>>>> Going to the next request
>>>> Waking up in 4.8 seconds.
>>>>
>>>> The condition outputs 23737418240 > 21093361889 RETURNS FALSE .
>>>>
>>>> On Mon, Aug 8, 2011 at 12:51 PM, Arran Cudbard-Bell
>>>> <a.cudbardb at freeradius.org> wrote:
>>>>> RFC 2865:
>>>>>
>>>>> integer 32 bit unsigned value, most significant octet first.
>>>>>
>>>>> FreeRADIUS is just a RADIUS server, and the temporary integer attributes are just RADIUS attributes.
>>>>>
>>>>> -Arran
>>>>>
>>>>>
>>>>>
>>>>> On 8 Aug 2011, at 09:11, Suman Dash wrote:
>>>>>
>>>>>> I am trying to replace sqlcounter with Unland expression in Post Auth
>>>>>> Section. The values are successfully called but while storing in
>>>>>> Tmp-Interger those are stripped. Below are the logs .
>>>>>> As you can see from the logs that Mysql returns a value of 20989570594
>>>>>> But it's stored as 3557549056 for Tmp-Integer-0
>>>>>>
>>>>>> The same happens to Tmp-Integer-1 due to which the expression output
>>>>>> becomes FALSE instead of TRUE.
>>>>>>
>>>>>> Is this the limitation of Tmp-Integer as it is an 32bit int ?
>>>>>>
>>>>>> ##Post-Auth Section
>>>>>>
>>>>>> sql
>>>>>> update control {
>>>>>> Tmp-Integer-0 := "%{sql:SELECT
>>>>>> IFNULL(SUM(AcctInputOctets)+SUM(AcctOutputOctets),0) \
>>>>>> FROM tbl_acct WHERE
>>>>>> UserName='%{User-Name}' \
>>>>>> AND
>>>>>> MONTH(acctstoptime) = MONTH(NOW()) \
>>>>>> AND YEAR(acctstoptime)
>>>>>> = YEAR(NOW())}"
>>>>>> Tmp-Integer-1 := "%{sql:SELECT
>>>>>> tbl_groupcheck.value from tbl_groupcheck \
>>>>>> JOIN tbl_usergroup on
>>>>>> tbl_groupcheck.groupname = tbl_usergroup.groupname \
>>>>>> where
>>>>>> tbl_usergroup.username = '%{User-Name}'}"
>>>>>> }
>>>>>> if ("%{control:Tmp-Integer-1}" > "%{control:Tmp-Integer-0}") {
>>>>>> update reply {
>>>>>> Mikrotik-Recv-Limit :=
>>>>>> "%{control:Tmp-Integer-1}" - "%{control:Tmp-Integer-0}"
>>>>>> }
>>>>>> }
>>>>>> if ("%{control:Tmp-Integer-1}" <= "%{control:Tmp-Integer-0}") {
>>>>>> update reply {
>>>>>> Reply-Message := "Fair Usage
>>>>>> Policy Enforced, Bandwidth Limited"
>>>>>> Mikrotik-Rate-Limit :=
>>>>>> "128K/256K 128K/256K 128K/256K 180/180 8"
>>>>>> }
>>>>>> }
>>>>>> ##MySQL Table
>>>>>>
>>>>>> mysql> SELECT IFNULL(SUM(AcctInputOctets)+SUM(AcctOutputOctets),0)
>>>>>> -> FROM tbl_acct WHERE UserName='10021'
>>>>>> -> AND MONTH(acctstoptime) = MONTH(NOW())
>>>>>> -> AND YEAR(acctstoptime) = YEAR(NOW());
>>>>>>
>>>>>> +------------------------------------------------------+
>>>>>> | IFNULL(SUM(AcctInputOctets)+SUM(AcctOutputOctets),0) |
>>>>>> +------------------------------------------------------+
>>>>>> | 20989570594 |
>>>>>> +------------------------------------------------------+
>>>>>> 1 row in set (0.00 sec)
>>>>>>
>>>>>> mysql> SELECT tbl_groupcheck.value from tbl_groupcheck
>>>>>> -> JOIN tbl_usergroup on tbl_groupcheck.groupname = tbl_usergroup.groupname
>>>>>> -> where tbl_usergroup.username = '10021';
>>>>>>
>>>>>> +-------------+
>>>>>> | value |
>>>>>> +-------------+
>>>>>> | 20737418240 |
>>>>>> +-------------+
>>>>>> 1 row in set (0.00 sec)
>>>>>>
>>>>>>
>>>>>> ##RADIUS DEBUG LOG
>>>>>>
>>>>>>
>>>>>> Finished request 4.
>>>>>> Cleaning up request 4 ID 176 with timestamp +15
>>>>>> Going to the next request
>>>>>> Ready to process requests.
>>>>>> rad_recv: Access-Request packet from host XXX.XX.XX.86 port 44198,
>>>>>> id=236, length=132
>>>>>> Service-Type = Framed-User
>>>>>> Framed-Protocol = PPP
>>>>>> NAS-Port = 56
>>>>>> NAS-Port-Type = Ethernet
>>>>>> User-Name = "10021"
>>>>>> Calling-Station-Id = "XX:XX:XX:XX:XX:XX"
>>>>>> Called-Station-Id = "Internet"
>>>>>> NAS-Port-Id = "LAN"
>>>>>> User-Password = "10021"
>>>>>> NAS-Identifier = "XXX.XXXXXXX"
>>>>>> NAS-IP-Address = XXX.XX.XX.86
>>>>>> # Executing section authorize from file /etc/freeradius/sites-enabled/default
>>>>>> +- entering group authorize {...}
>>>>>> ++[preprocess] returns ok
>>>>>> ++[chap] returns noop
>>>>>> ++[mschap] returns noop
>>>>>> ++[digest] returns noop
>>>>>> [suffix] No '@' in User-Name = "10021", looking up realm NULL
>>>>>> [suffix] No such realm "NULL"
>>>>>> ++[suffix] returns noop
>>>>>> [eap] No EAP-Message, not doing EAP
>>>>>> ++[eap] returns noop
>>>>>> [files] users: Matched entry DEFAULT at line 172
>>>>>> ++[files] returns ok
>>>>>> [sql] expand: %{User-Name} -> 10021
>>>>>> [sql] sql_set_user escaped user --> '10021'
>>>>>> rlm_sql (sql): Reserving sql socket id: 3
>>>>>> [sql] expand: SELECT id, username, attribute, value, op
>>>>>> FROM tbl_check WHERE username = '%{SQL-User-Name}'
>>>>>> ORDER BY id -> SELECT id, username, attribute, value, op
>>>>>> FROM tbl_check WHERE username = '10021' ORDER BY
>>>>>> id
>>>>>> [sql] User found in radcheck table
>>>>>> [sql] expand: SELECT id, username, attribute, value, op
>>>>>> FROM tbl_reply WHERE username = '%{SQL-User-Name}'
>>>>>> ORDER BY id -> SELECT id, username, attribute, value, op
>>>>>> FROM tbl_reply WHERE username = '10021' ORDER BY
>>>>>> id
>>>>>> [sql] expand: SELECT groupname FROM tbl_usergroup
>>>>>> WHERE username = '%{SQL-User-Name}' ORDER BY priority ->
>>>>>> SELECT groupname FROM tbl_usergroup WHERE username
>>>>>> = '10021' ORDER BY priority
>>>>>> [sql] expand: SELECT id, groupname, attribute, Value, op
>>>>>> FROM tbl_groupcheck WHERE groupname = '%{Sql-Group}'
>>>>>> ORDER BY id -> SELECT id, groupname, attribute,
>>>>>> Value, op FROM tbl_groupcheck WHERE groupname =
>>>>>> 'TEST-10G' ORDER BY id
>>>>>> [sql] User found in group TEST-10G
>>>>>> [sql] expand: SELECT id, groupname, attribute, value, op
>>>>>> FROM tbl_groupreply WHERE groupname = '%{Sql-Group}'
>>>>>> ORDER BY id -> SELECT id, groupname, attribute,
>>>>>> value, op FROM tbl_groupreply WHERE groupname =
>>>>>> 'TEST-10G' ORDER BY id
>>>>>> rlm_sql (sql): Released sql socket id: 3
>>>>>> ++[sql] returns ok
>>>>>> rlm_checkval: Item Name: Calling-Station-Id, Value: XX:XX:XX:BA:8A:3B
>>>>>> rlm_checkval: Value Name: Calling-Station-Id, Value: XX:XX:XX:BA:8A:3B
>>>>>> ++[checkval] returns ok
>>>>>> [expiration] Checking Expiration time: '1 Sep 2011'
>>>>>> ++[expiration] returns ok
>>>>>> ++[logintime] returns noop
>>>>>> ++[pap] returns updated
>>>>>> Found Auth-Type = PAP
>>>>>> # Executing group from file /etc/freeradius/sites-enabled/default
>>>>>> +- entering group PAP {...}
>>>>>> [pap] login attempt with password "XXXXX"
>>>>>> [pap] Using CRYPT password "XXXXXXXXXXXXXX"
>>>>>> [pap] User authenticated successfully
>>>>>> ++[pap] returns ok
>>>>>> # Executing section session from file /etc/freeradius/sites-enabled/default
>>>>>> +- entering group session {...}
>>>>>> [radutmp] expand: /var/log/freeradius/radutmp ->
>>>>>> /var/log/freeradius/radutmp
>>>>>> [radutmp] expand: %{User-Name} -> 10021
>>>>>> ++[radutmp] returns ok
>>>>>> # Executing section post-auth from file /etc/freeradius/sites-enabled/default
>>>>>> +- entering group post-auth {...}
>>>>>> [sql] expand: %{User-Name} -> 10021
>>>>>> [sql] sql_set_user escaped user --> '10021'
>>>>>> [sql] expand: %{User-Password} -> XXXXX
>>>>>> [sql] expand: INSERT INTO tbl_postauth
>>>>>> (username, pass, reply, authdate) VALUES (
>>>>>> '%{User-Name}',
>>>>>> '%{%{User-Password}:-%{Chap-Password}}',
>>>>>> '%{reply:Packet-Type}', '%S') -> INSERT INTO tbl_postauth
>>>>>> (username, pass, reply, authdate)
>>>>>> VALUES ( '10021',
>>>>>> '10021', 'Access-Accept', '2011-08-08
>>>>>> 00:27:25')
>>>>>> rlm_sql (sql) in sql_postauth: query is INSERT INTO tbl_postauth
>>>>>> (username, pass, reply, authdate)
>>>>>> VALUES ( '10021',
>>>>>> '10021', 'Access-Accept',
>>>>>> '2011-08-08 00:27:25')
>>>>>> rlm_sql (sql): Reserving sql socket id: 2
>>>>>> rlm_sql (sql): Released sql socket id: 2
>>>>>> ++[sql] returns ok
>>>>>> sql_xlat
>>>>>> expand: %{User-Name} -> 10021
>>>>>> sql_set_user escaped user --> '10021'
>>>>>> expand: SELECT
>>>>>> IFNULL(SUM(AcctInputOctets)+SUM(AcctOutputOctets),0)
>>>>>> FROM tbl_acct WHERE UserName='%{User-Name}'
>>>>>> AND MONTH(acctstoptime) = MONTH(NOW())
>>>>>> AND YEAR(acctstoptime) = YEAR(NOW()) -> SELECT
>>>>>> IFNULL(SUM(AcctInputOctets)+SUM(AcctOutputOctets),0)
>>>>>> FROM tbl_acct WHERE UserName='10021'
>>>>>> AND MONTH(acctstoptime) = MONTH(NOW())
>>>>>> AND YEAR(acctstoptime) = YEAR(NOW())
>>>>>> rlm_sql (sql): Reserving sql socket id: 1
>>>>>> sql_xlat finished
>>>>>> rlm_sql (sql): Released sql socket id: 1
>>>>>> expand: %{sql:SELECT
>>>>>> IFNULL(SUM(AcctInputOctets)+SUM(AcctOutputOctets),0)
>>>>>> FROM tbl_acct WHERE UserName='%{User-Name}'
>>>>>> AND MONTH(acctstoptime) = MONTH(NOW())
>>>>>> AND YEAR(acctstoptime) = YEAR(NOW())} -> 20989570594
>>>>>> sql_xlat
>>>>>> expand: %{User-Name} -> 10021
>>>>>> sql_set_user escaped user --> '10021'
>>>>>> expand: SELECT tbl_groupcheck.value from tbl_groupcheck
>>>>>> JOIN tbl_usergroup on tbl_groupcheck.groupname = tbl_usergroup.groupname
>>>>>> where tbl_usergroup.username = '%{User-Name}' -> SELECT
>>>>>> tbl_groupcheck.value from tbl_groupcheck
>>>>>> JOIN tbl_usergroup on tbl_groupcheck.groupname = tbl_usergroup.groupname
>>>>>> where tbl_usergroup.username = '10021'
>>>>>> rlm_sql (sql): Reserving sql socket id: 0
>>>>>> sql_xlat finished
>>>>>> rlm_sql (sql): Released sql socket id: 0
>>>>>> expand: %{sql:SELECT tbl_groupcheck.value from tbl_groupcheck
>>>>>> JOIN tbl_usergroup on tbl_groupcheck.groupname = tbl_usergroup.groupname
>>>>>> where tbl_usergroup.username = '%{User-Name}'} -> 20737418240
>>>>>> ++[control] returns ok
>>>>>> ++? if ("%{control:Tmp-Integer-1}" > "%{control:Tmp-Integer-0}")
>>>>>> expand: %{control:Tmp-Integer-1} -> 3557549056
>>>>>> expand: %{control:Tmp-Integer-0} -> 3809701410
>>>>>> ? Evaluating ("%{control:Tmp-Integer-1}" > "%{control:Tmp-Integer-0}") -> FALSE
>>>>>> ++? if ("%{control:Tmp-Integer-1}" > "%{control:Tmp-Integer-0}") -> FALSE
>>>>>> ++? if ("%{control:Tmp-Integer-1}" <= "%{control:Tmp-Integer-0}")
>>>>>> expand: %{control:Tmp-Integer-1} -> 3557549056
>>>>>> expand: %{control:Tmp-Integer-0} -> 3809701410
>>>>>> ? Evaluating ("%{control:Tmp-Integer-1}" <= "%{control:Tmp-Integer-0}") -> TRUE
>>>>>> ++? if ("%{control:Tmp-Integer-1}" <= "%{control:Tmp-Integer-0}") -> TRUE
>>>>>> ++- entering if ("%{control:Tmp-Integer-1}" <= "%{control:Tmp-Integer-0}") {...}
>>>>>> +++[reply] returns ok
>>>>>> ++- if ("%{control:Tmp-Integer-1}" <= "%{control:Tmp-Integer-0}") returns ok
>>>>>> ++[exec] returns noop
>>>>>> Sending Access-Accept of id 236 to XXX.XX.XX.86 port 44198
>>>>>> Framed-Protocol = PPP
>>>>>> Framed-Compression = Van-Jacobson-TCP-IP
>>>>>> Framed-MTU = 1472
>>>>>> Idle-Timeout = 300
>>>>>> Reply-Message = "Fair Usage Policy Enforced, Bandwidth Limited"
>>>>>> Mikrotik-Rate-Limit = "128K/256K 128K/256K 128K/256K 180/180 8"
>>>>>> Framed-Netmask = 255.255.255.0
>>>>>> Session-Timeout = 2071955
>>>>>> Finished request 5.
>>>>>> Going to the next request
>>>>>> Waking up in 4.9 seconds.
>>>>>> rad_recv: Accounting-Request packet from host XXX.XX.XX.86 port 45096,
>>>>>> id=237, length=154
>>>>>> Service-Type = Framed-User
>>>>>> Framed-Protocol = PPP
>>>>>> NAS-Port = 56
>>>>>> NAS-Port-Type = Ethernet
>>>>>> User-Name = "10021"
>>>>>> Calling-Station-Id = "XX:XX:XX:BA:8A:3B"
>>>>>> Called-Station-Id = " Internet"
>>>>>> NAS-Port-Id = "LAN"
>>>>>> Acct-Session-Id = "81800034"
>>>>>> Framed-IP-Address = XXX.XX.XX.250
>>>>>> Acct-Authentic = RADIUS
>>>>>> Event-Timestamp = "Aug 8 2011 00:27:23 IST"
>>>>>> Acct-Status-Type = Start
>>>>>> NAS-Identifier = "XXX.XXXXXXX"
>>>>>> NAS-IP-Address = XXX:XX:XX.86
>>>>>> Acct-Delay-Time = 0
>>>>>> # Executing section preacct from file /etc/freeradius/sites-enabled/default
>>>>>> +- entering group preacct {...}
>>>>>> ++[preprocess] returns ok
>>>>>> [acct_unique] Hashing 'NAS-Port = 56,Client-IP-Address =
>>>>>> XXX.XX.XX.86,NAS-IP-Address = XXX.XX.XX.86,Acct-Session-Id =
>>>>>> "81800034",User-Name = "10021"'
>>>>>> [acct_unique] Acct-Unique-Session-ID = "e99f1594c7c50876".
>>>>>> ++[acct_unique] returns ok
>>>>>> [suffix] No '@' in User-Name = "10021", looking up realm NULL
>>>>>> [suffix] No such realm "NULL"
>>>>>> ++[suffix] returns noop
>>>>>> ++[files] returns noop
>>>>>> # Executing section accounting from file /etc/freeradius/sites-enabled/default
>>>>>> +- entering group accounting {...}
>>>>>> [detail] expand:
>>>>>> /var/log/freeradius/radacct/%{Client-IP-Address}/detail-%Y%m%d ->
>>>>>> /var/log/freeradius/radacct/125.20.80.86/detail-20110808
>>>>>> [detail] /var/log/freeradius/radacct/%{Client-IP-Address}/detail-%Y%m%d
>>>>>> expands to /var/log/freeradius/radacct/125.20.80.86/detail-20110808
>>>>>> [detail] expand: %t -> Mon Aug 8 00:27:25 2011
>>>>>> ++[detail] returns ok
>>>>>> ++[unix] returns ok
>>>>>> [radutmp] expand: /var/log/freeradius/radutmp ->
>>>>>> /var/log/freeradius/radutmp
>>>>>> [radutmp] expand: %{User-Name} -> 10021
>>>>>> ++[radutmp] returns ok
>>>>>> [sql] expand: %{User-Name} -> 10021
>>>>>> [sql] sql_set_user escaped user --> '10021'
>>>>>> [sql] expand: %{Acct-Delay-Time} -> 0
>>>>>> [sql] expand: INSERT INTO tbl_acct
>>>>>> (acctsessionid, acctuniqueid, username, realm,
>>>>>> nasipaddress, nasportid, nasporttype,
>>>>>> acctstarttime, acctstoptime, acctsessiontime,
>>>>>> acctauthentic, connectinfo_start, connectinfo_stop,
>>>>>> acctinputoctets, acctoutputoctets, calledstationid,
>>>>>> callingstationid, acctterminatecause, servicetype,
>>>>>> framedprotocol, framedipaddress, acctstartdelay,
>>>>>> acctstopdelay, xascendsessionsvrkey) VALUES
>>>>>> ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}',
>>>>>> '%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}',
>>>>>> '%{NAS-Port}', '%{NAS-Port-Type}', '%S', NULL,
>>>>>> '0', '%{Acct-Authentic}', '%{Connect-Info}', '', '0',
>>>>>> '0', '%{Called-Station-Id}', '%{Calling-Station-Id}', '',
>>>>>> '%{Service-Type}', '%{Framed-Protocol}',
>>>>>> '%{Framed-IP-Address}',
>>>>>> rlm_sql (sql): Reserving sql socket id: 4
>>>>>> rlm_sql (sql): Released sql socket id: 4
>>>>>> ++[sql] returns ok
>>>>>> ++[exec] returns noop
>>>>>> [attr_filter.accounting_response] expand: %{User-Name} -> 10021
>>>>>> attr_filter: Matched entry DEFAULT at line 12
>>>>>> ++[attr_filter.accounting_response] returns updated
>>>>>> Sending Accounting-Response of id 237 to XXX.XX.XX.86 port 45096
>>>>>> Finished request 6.
>>>>>> Cleaning up request 6 ID 237 with timestamp +18
>>>>>> Going to the next request
>>>>>> Waking up in 4.8 seconds.
>>>>>> -
>>>>>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>>>>>>
>>>>>
>>>>> Arran Cudbard-Bell
>>>>> a.cudbardb at freeradius.org
>>>>>
>>>>> RADIUS - Half the complexity of Diameter
>>>>>
>>>>>
>>>>> -
>>>>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>>>>>
>>>>
>>>> -
>>>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>>>>
>>>
>>> Arran Cudbard-Bell
>>> a.cudbardb at freeradius.org
>>>
>>> RADIUS - Half the complexity of Diameter
>>>
>>>
>>> -
>>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>>>
>>
>> -
>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>>
>
> Arran Cudbard-Bell
> a.cudbardb at freeradius.org
>
> RADIUS - Half the complexity of Diameter
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
More information about the Freeradius-Users
mailing list