Proxim AP-700 AcctUniqueId

classic Classic list List threaded Threaded
4 messages Options
| Threaded
Open this post in threaded view
|

Proxim AP-700 AcctUniqueId

Uwe Driessen
Hello i have a Problem with the Proxim AP700 to get a Unique Session ID or
AcctUniqueId
There only MAC Authentication. Has anyone Experience with the AP-700. To
avoidance that more than one record for a session in the radacct-table i
have made Username and AcctUniqueID Unique.

The Problem is that the AP-700 deliver only this Information :

As rad_recv: Access-Request packet from host 192.168.0.232:6001, id=9,
length=125
        User-Name = "001195-0942e8"      
        User-Password = "secret"
        NAS-IP-Address = 192.168.0.232
        Called-Station-Id = "00-20-a6-56-38-ff:wireless-people-AP002"
        Calling-Station-Id = "00-11-95-09-42-e8"
        NAS-Port = 0
  Processing the authorize section of radiusd.conf

There missing the Framed-IP-Adress and the Acctsession-ID is the MAC from
the Calling Station with this Information the Unique session Id is alway for
this User the same and after a separation the Radius write in the same
record. So i get 1 record per User and Month but only for the latest
session. I hope you can help me. Sorry for this long posting and my english


As Start from the AP comes
User-Name = "000f3d-47ba87"
Acct-Session-Id = "000f3d-47ba87"
NAS-Identifier = "Wireless-People-AP001"
NAS-IP-Address = 192.168.0.231
NAS-Port = 2
NAS-Port-Type = Wireless-802.11
Acct-Authentic = RADIUS
Acct-Status-Type = Start
Acct-Input-Octets = 0
Acct-Output-Octets = 0
Acct-Session-Time = 0
Acct-Input-Packets = 0
Acct-Output-Packets = 0
Acct-Terminate-Cause = 0
Acct-Delay-Time = 0

As Alive comes
User-Name = "001195-0a21d8"
Acct-Session-Id = "001195-0a21d8"
NAS-Identifier = "Wireless-People-AP001"
NAS-IP-Address = 192.168.0.231
NAS-Port = 2
NAS-Port-Type = Wireless-802.11
Acct-Authentic = RADIUS
Acct-Status-Type = Alive
Acct-Input-Octets = 0
Acct-Output-Octets = 0
Acct-Session-Time = 608
Acct-Input-Packets = 0
Acct-Output-Packets = 0
Acct-Terminate-Cause = 999
Acct-Delay-Time = 0

With this Information the freeradius don't create a UniqueSessionId, so i
think i make the unique by mysql with this statement:
accounting_start_query = "select @sesid :=
MD5(Concat(count(*),'%{Calling-Station-Id}', '%{NAS-IP-Address}',now()))
FROM ${acct_table1};INSERT into ${acct_table1}(AcctSessionId, AcctUniqueId,
UserName, Realm, NASIPAddress, NASPortId, NASPortType, AcctStartTime,
AcctStopTime,AcctSessionTime, AcctAuthentic, ConnectInfo_start,
ConnectInfo_stop, AcctInputOctets, AcctOutputOctets,
CalledStationId,CallingStationId, AcctTerminateCause, ServiceType,
FramedProtocol, FramedIPAddress, AcctStartDelay, AcctStopDelay)
values('%{Acct-Session-Id}', @sesid, '%{SQL-User-Name}', '%{Realm}',
'%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port-Type}', '%S', '0', '0',
'%{Acct-Authentic}', '%{Connect-Info}', '', '0', '0',
'%{Called-Station-Id}', '%{Calling-Station-Id}', '', '%{Service-Type}',
'%{Framed-Protocol}', '%{Framed-IP-Address}', '%{Acct-Delay-Time}', '0')"

In MySQL the Statement with filled values is write a correct record, from
FreeRadius i get fail, the same Statement in MySQL brings OK and the data
insert in the Table. I not see what is wrong

rlm_sql (sql): sql_set_user escaped user --> '001195-0942e8'
radius_xlat:  'select @sesid := MD5(Concat(count(*),'',
'192.168.0.232',now())) FROM radacct;INSERT into radacct (AcctSessionId,
AcctUniqueId, UserName, Realm, NASIPAddress, NASPortId, NASPortType,
AcctStartTime, AcctStopTime,AcctSessionTime, AcctAuthentic,
ConnectInfo_start, ConnectInfo_stop, AcctInputOctets, AcctOutputOctets,
CalledStationId, CallingStationId, AcctTerminateCause, ServiceType,
FramedProtocol, FramedIPAddress, AcctStartDelay, AcctStopDelay)
values('001195-0942e8', @sesid, '001195-0942e8', '', '192.168.0.232', '2',
'Wireless-802.11', '2005-07-26 02:03:20', '0', '0', 'RADIUS', '', '', '0',
'0', '', '', '', '', '', '', '0', '0')'
radius_xlat:  '/var/log/freeradius/sqltrace.sql'
rlm_sql (sql): Reserving sql socket id: 5
rlm_sql_mysql: query:  select @sesid := MD5(Concat(count(*),'',
'192.168.0.232',now())) FROM radacct;INSERT into radacct (AcctSessionId,
AcctUniqueId, UserName, Realm, NASIPAddress, NASPortId, NASPortType,
AcctStartTime, AcctStopTime,AcctSessionTime, AcctAuthentic,
ConnectInfo_start, ConnectInfo_stop, AcctInputOctets, AcctOutputOctets,
CalledStationId, CallingStationId, AcctTerminateCause, ServiceType,
FramedProtocol, FramedIPAddress, AcctStartDelay, AcctStopDelay)
values('001195-0942e8', @sesid, '001195-0942e8', '', '192.168.0.232', '2',
'Wireless-802.11', '2005-07-26 02:03:20', '0', '0', 'RADIUS', '', '', '0',
'0', '', '', '', '', '', '', '0', '0')
rlm_sql_mysql: MYSQL check_error: 1064 received
rlm_sql (sql): Couldn't insert SQL accounting START record - You have an
error in your SQL syntax; check the manual that corresponds to your MySQL
server version for the right syntax to use near ';INSERT into radacct
(AcctSessionId, AcctUniqueId, UserName, Rea
radius_xlat:  'select @sesid := AcctUniqueId, @matime :=max(AcctStartTime)
from radacct  Where UserName = '001195-0942e8' and AcctStopTime ='0' group
by UserName;UPDATE radacct SET AcctStartTime = '2005-07-26 02:03:20',
AcctStartDelay = '0', ConnectInfo_start = '' WHERE AcctUniqueId = @sesid AND
UserName = '001195-0942e8' AND NASIPAddress = '192.168.0.232''

To filter what is the correct record for this user i made this statement. It
is testet with MySQL and OK and the same problem when it comes from radius.

accounting_update_query = "select @sesid := AcctUniqueId, @matime
:=max(AcctStartTime) from ${acct_table1}  Where UserName =
'%{SQL-User-Name}' and `AcctStopTime` ='0' group by UserName;UPDATE
${acct_table1} SET FramedIPAddress = '%{Framed-IP-Address}',lastupd = '%S',
AcctSessionTime = '%{Acct-Session-Time}', AcctInputOctets =
'%{Acct-Input-Octets}', AcctOutputOctets = '%{Acct-Output-Octets}' WHERE
AcctSessionId = '%{Acct-Session-Id}' AND UserName = '%{SQL-User-Name}' AND
NASIPAddress= '%{NAS-IP-Address}'"



Mit freundlichen Grüßen
    Drießen
Es liegt was in der Luft
www.feilbingert.net
Uwe Drießen
Software & Computer




-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: Proxim AP-700 AcctUniqueId

Alan DeKok
"Uwe Driessen" <[hidden email]> wrote:
> There missing the Framed-IP-Adress and the Acctsession-ID is the MAC from
> the Calling Station with this Information the Unique session Id is alway for
> this User the same and after a separation the Radius write in the same
> record.

  The packet you quoted is an Access-Request, and doesn't contain
Accounting-Session-Id.  The FreeRADIUS "unique" id doesn't apply here,
either.

  Alan DeKok.

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

AW: Proxim AP-700 AcctUniqueId

Uwe Driessen
> "Uwe Driessen" <[hidden email]> wrote:
> > There missing the Framed-IP-Adress and the Acctsession-ID
> is the MAC
> > from the Calling Station with this Information the Unique
> session Id
> > is alway for this User the same and after a separation the Radius
> > write in the same record.
>
>   The packet you quoted is an Access-Request, and doesn't
> contain Accounting-Session-Id.  The FreeRADIUS "unique" id
> doesn't apply here, either.
>
>   Alan DeKok.

My Problem is that there is nothing Acct-Session-Id comming from the AP700.
As Acct-Session-Id this AP sends the MAC off the Client no counter or other
unique's for this Session.
I quotet a Start and a Alive Paket how Radius -X it gives out on the screen.

Is there anyone who has AP-700 in Hotspot with accounting? Can anyone tell
me what i can do to use this AP as Hotspot? From Proxim i get anser that
there is no unique Acct-Sesion-ID and no Framed-IP-Adress to deliver from AP
to Radius.
I thought could generate the Acct-Unique-Id with MySQL and select before the
update write to the table.
How can i do 2 sql Statements in one Radius funktion to do so.
Thanks for the ansers.
Mit freundlichen Grüßen
Uwe Drießen

 


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: AW: Proxim AP-700 AcctUniqueId

Alan DeKok
"Uwe Driessen" <[hidden email]> wrote:
> My Problem is that there is nothing Acct-Session-Id comming from the AP700.

  Acct-Session-Id's are not sent in Access-Request packets.

> As Acct-Session-Id this AP sends the MAC off the Client no counter or other
> unique's for this Session.

  Then you're stuck.

  Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html