Olá Lista ,
Estou tentando configurar um servidor freeradius+mysql ( freeradius-1.1.7_3 ) , para controle
de conexões simultaneas de um servidor pppoe no FreeBSD.
em anexo tem um arquivo com todo o processamento do radiusd -X
Obrigado se alguem puder ajudar !
Basicamente o que acontece e que quando um outro usuário usa um login que já está conectado ele fecha a sessão no mysql , permite o segundo usuário conectar e abre uma nova sessão.
Todas as outras funções estão funcionando :
Controle de Banda , Ip fixo , Log de Acesso
Fiz varios testes mas não obtive sucesso ainda só com a conexões simultanea.
Para cadastrar os clientes uso essa sequência :
INSERT INTO `radcheck` VALUES (1,'saqua','Password','==','saqua');
INSERT INTO `radgroupcheck` VALUES (1,'128burst','Simultaneous-Use',':=','1');
INSERT INTO `radgroupreply` VALUES (1,'128burst','Mikrotik-Rate-Limit',':=','128k/128k 256k/256k 200k/200k 180/180',0);
INSERT INTO `radgroupreply` VALUES (2,'128burst','Framed-Pool',':=','liberado',0);
INSERT INTO `usergroup` VALUES (1,'saqua','128burst');
Olhando o log do radiusd -X achei esses detalhes :
checkrad: Net::Telnet 3.00+ CPAN module not installed
rlm_acct_unique: WARNING: Attribute Client-IP-Address was not found in request, unique ID MAY be inconsistent
rlm_acct_unique: Hashing 'NAS-Port = 101,,NAS-IP-Address = 10.0.0.4,Acct-Session-Id = "81500060",User-Name = "saqua"'
O modulo eu instalei usando :
perl -MCPAN -e 'install Net::Telnet'
Alguem sabe o que seria esse outro erro ?
radius# mysql -u root -p radius -e "SELECT * FROM radacct\G"
*************************** 1. row ***************************
RadAcctId: 1
AcctSessionId: 81700000
AcctUniqueId: 1b8a095848f7b9d1
UserName: saqua
Realm:
NASIPAddress: 10.0.0.4
NASPortId: 114
NASPortType: Ethernet
AcctStartTime: 2009-05-22 09:51:44
AcctStopTime: 2009-05-22 09:53:33
AcctSessionTime: 300
AcctAuthentic: RADIUS
ConnectInfo_start:
ConnectInfo_stop:
AcctInputOctets: 64
AcctOutputOctets: 52
CalledStationId: mar
CallingStationId: 00:E0:4C:08:533
AcctTerminateCause:
ServiceType: Framed-User
FramedProtocol: PPP
FramedIPAddress: 10.0.0.100
AcctStartDelay: 0
AcctStopDelay: 0
XAscendSessionSvrKey:
*************************** 2. row ***************************
RadAcctId: 2
AcctSessionId: 81700001
AcctUniqueId: 1b8a095848f7b9d1
UserName: saqua
Realm:
NASIPAddress: 10.0.0.4
NASPortId: 115
NASPortType: Ethernet
AcctStartTime: 2009-05-22 09:53:33
AcctStopTime: 0000-00-00 00:00:00
AcctSessionTime: 301
AcctAuthentic: RADIUS
ConnectInfo_start:
ConnectInfo_stop:
AcctInputOctets: 71345
AcctOutputOctets: 24367
CalledStationId: mar
CallingStationId: 00:15:AF:A1:AB:32
AcctTerminateCause:
ServiceType: Framed-User
FramedProtocol: PPP
FramedIPAddress: 10.0.0.101
AcctStartDelay: 0
AcctStopDelay: 0
XAscendSessionSvrKey:
----------------------------------------------------------
radius# /usr/local/sbin/radiusd -X
Listening on authentication *:1812
Listening on accounting *:1813
Ready to process requests.
--------------------------------------
rad_recv: Access-Request packet from host 10.0.0.4:33551, id=38, length=121
Service-Type = Framed-User
Framed-Protocol = PPP
NAS-Port = 114
NAS-Port-Type = Ethernet
User-Name = "saqua"
Calling-Station-Id = "00:E0:4C:08:533"
Called-Station-Id = "mar"
NAS-Port-Id = "bridge1"
User-Password = "saqua"
NAS-Identifier = "PPPoE_Teste"
NAS-IP-Address = 10.0.0.4
rad_lowerpair: User-Name now 'saqua'
rad_lowerpair: User-Password now 'saqua'
rad_rmspace_pair: User-Name now 'saqua'
rad_rmspace_pair: User-Password now 'saqua'
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
modcall[authorize]: module "chap" returns noop for request 0
modcall[authorize]: module "mschap" returns noop for request 0
radius_xlat: 'saqua'
rlm_sql (sql): sql_set_user escaped user --> 'saqua'
radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM radcheck WHERE Username = 'saqua' ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 4
rlm_sql_mysql: query: SELECT id, UserName, Attribute, Value, op FROM radcheck WHERE Username = 'saqua' ORDER BY id
radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'saqua' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
rlm_sql_mysql: query: SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'saqua' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id
radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM radreply WHERE Username = 'saqua' ORDER BY id'
rlm_sql_mysql: query: SELECT id, UserName, Attribute, Value, op FROM radreply WHERE Username = 'saqua' ORDER BY id
radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'saqua' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql_mysql: query: SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'saqua' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id
rlm_sql (sql): Released sql socket id: 4
modcall[authorize]: module "sql" returns ok for request 0
modcall: leaving group authorize (returns ok) for request 0
auth: type Local
auth: user supplied User-Password matches local User-Password
Processing the session section of radiusd.conf
modcall: entering group session for request 0
radius_xlat: 'saqua'
rlm_sql (sql): sql_set_user escaped user --> 'saqua'
radius_xlat: 'SELECT COUNT(*) FROM radacct WHERE UserName='saqua' AND AcctStopTime = 0'
rlm_sql (sql): Reserving sql socket id: 3
rlm_sql_mysql: query: SELECT COUNT(*) FROM radacct WHERE UserName='saqua' AND AcctStopTime = 0
rlm_sql (sql): Released sql socket id: 3
modcall[session]: module "sql" returns ok for request 0
modcall: leaving group session (returns ok) for request 0
Login OK: [saqua/saqua] (from client mar port 114 cli 00:E0:4C:08:533)
Processing the post-auth section of radiusd.conf
modcall: entering group post-auth for request 0
rlm_sql (sql): Processing sql_postauth
radius_xlat: 'saqua'
rlm_sql (sql): sql_set_user escaped user --> 'saqua'
radius_xlat: 'INSERT into radpostauth (user, pass, reply, date) values ('saqua', 'saqua', 'Access-Accept', NOW())'
radius_xlat: '/var/log/sqltrace.sql'
rlm_sql (sql) in sql_postauth: query is INSERT into radpostauth (user, pass, reply, date) values ('saqua', 'saqua', 'Access-Accept', NOW())
rlm_sql (sql): Reserving sql socket id: 2
rlm_sql_mysql: query: INSERT into radpostauth (user, pass, reply, date) values ('saqua', 'saqua', 'Access-Accept', NOW())
rlm_sql (sql): Released sql socket id: 2
modcall[post-auth]: module "sql" returns ok for request 0
modcall: leaving group post-auth (returns ok) for request 0
Sending Access-Accept of id 38 to 10.0.0.4 port 33551
Mikrotik-Rate-Limit := "128k/128k 256k/256k 200k/200k 180/180"
Framed-Pool := "liberado"
Finished request 0
Going to the next request
--- Walking the entire request list ---