Create new accounting attributes

juan diego juandi_092 at hotmail.com
Mon Nov 16 18:44:16 CET 2020


Hello Alan,

In first, this project is for academic purposes for my Master Thesis project. However, in my company they are interested in reviewing the possibility of adding new accounting attributes in a real and production environment.

For now, I would be able to create new simple attributes (two or three) that are added by the NAS and sent to the server to be registered. For example, HTTP / S, FTP or SSH traffic carried by the user during the session.

Thanks and regards,
Juan


________________________________
De: Freeradius-Users <freeradius-users-bounces+juandi_092=hotmail.com at lists.freeradius.org> en nombre de Alan DeKok <aland at deployingradius.com>
Enviado: sábado, 14 de noviembre de 2020 18:52
Para: FreeRadius users mailing list <freeradius-users at lists.freeradius.org>
Asunto: Re: Create new accounting attributes

On Nov 14, 2020, at 12:33 PM, Juan Diego <juandi_092 at hotmail.com> wrote:
> I am new to working with FreeRADIUS and would appreciate your help.
> I would need to design new accounting attributes in a local environment, using either radclient or radeapclient as the client.

  Just use radclient for accounting.

> As I have seen in the official documentation at https://networkradius.com/doc/current/concepts/dictionary/purpose.html, it is indicated that it is not necessary to modify the source code to add new attributes. I am confused with this, how would the client/NAS add the new accounting attributes to the radius package?

  If it's a real NAS, then yes, it *does* require source code changes.  Because the NAS doesn't user dictionaries.  A NAS understands only a very limited set of attributes, and ignores everything it doesn't understand.

  On the other hand, radclient is part of FreeRADIUS.  It can read the various dictionaries, but it doesn't do anything else that a NAS does.

> Then, I understand that it is necessary to have a dictionary where the new accounting attributes appear so that the server can decode them.

  Yes.

> Please, if you know of any guide to implement new accounting attributes or what files need to be modified, I would greatly appreciate it.

  Edit raddb/dictionary.  Read it, and add attributes there.  My suggestion is to create vendor-specific attributes.  See dictionary.cisco for some examples.

  Then, have radclient read the same dictionaries.  And radclient will print out any attributes sent by the server.

  But all of this is largely focussed on a particular solution.  The better question is *why* do you need new accounting attributes?  What will be using them on the client side?

  Alan DeKok.


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


More information about the Freeradius-Users mailing list