| 4 |
- |
1 |
# -*- text -*-
|
|
|
2 |
######################################################################
|
|
|
3 |
#
|
|
|
4 |
# This is a sample configuration for "decoupled" accounting.
|
|
|
5 |
# "Decoupled" accounting is where the accounting packets are
|
|
|
6 |
# NOT written "live" to the back-end database. This method
|
|
|
7 |
# can only be used if you are not interested in "live"
|
|
|
8 |
# accounting. i.e. Where you can tolerate delays that may be
|
|
|
9 |
# a few seconds, before accounting packets get written to
|
|
|
10 |
# the DB.
|
|
|
11 |
#
|
|
|
12 |
# Oddly enough, this method can speed up the processing of
|
|
|
13 |
# accounting packets, as all database activity is serialized.
|
|
|
14 |
#
|
|
|
15 |
# This file is NOT meant to be used as-is. It needs to be
|
|
|
16 |
# edited to match your local configuration.
|
|
|
17 |
#
|
|
|
18 |
# $Id$
|
|
|
19 |
#
|
|
|
20 |
######################################################################
|
|
|
21 |
|
|
|
22 |
# Define a virtual server to write the accounting packets.
|
|
|
23 |
# Any "listen" section that listens on an accounting port should
|
|
|
24 |
# set "virtual_server = write-detail.example.com
|
|
|
25 |
server write_detail.example.com {
|
|
|
26 |
accounting {
|
|
|
27 |
#
|
|
|
28 |
# Write the "detail" files.
|
|
|
29 |
#
|
|
|
30 |
# See raddb/modules/detail.example.com for more info.
|
|
|
31 |
detail.example.com
|
|
|
32 |
}
|
|
|
33 |
|
|
|
34 |
# That's it!
|
|
|
35 |
}
|
|
|
36 |
|
|
|
37 |
# Define a virtual server to process the accounting packets.
|
|
|
38 |
server read-detail.example.com {
|
|
|
39 |
# Read accounting packets from the detail file(s) for
|
|
|
40 |
# the home server.
|
|
|
41 |
listen {
|
|
|
42 |
type = detail
|
|
|
43 |
filename = "${radacctdir}/detail.example.com/detail-*:*"
|
|
|
44 |
load_factor = 10
|
|
|
45 |
}
|
|
|
46 |
|
|
|
47 |
# All packets read from the detail file are processed through
|
|
|
48 |
# the preacct && accounting sections.
|
|
|
49 |
#
|
|
|
50 |
# The following text is copied verbatim from sites-available/default.
|
|
|
51 |
# You should edit it for your own local configuration.
|
|
|
52 |
|
|
|
53 |
#
|
|
|
54 |
# Pre-accounting. Decide which accounting type to use.
|
|
|
55 |
#
|
|
|
56 |
preacct {
|
|
|
57 |
preprocess
|
|
|
58 |
|
|
|
59 |
#
|
|
|
60 |
# Ensure that we have a semi-unique identifier for every
|
|
|
61 |
# request, and many NAS boxes are broken.
|
|
|
62 |
acct_unique
|
|
|
63 |
|
|
|
64 |
#
|
|
|
65 |
# Look for IPASS-style 'realm/', and if not found, look for
|
|
|
66 |
# '@realm', and decide whether or not to proxy, based on
|
|
|
67 |
# that.
|
|
|
68 |
#
|
|
|
69 |
# Accounting requests are generally proxied to the same
|
|
|
70 |
# home server as authentication requests.
|
|
|
71 |
# IPASS
|
|
|
72 |
suffix
|
|
|
73 |
# ntdomain
|
|
|
74 |
|
|
|
75 |
#
|
|
|
76 |
# Read the 'acct_users' file
|
|
|
77 |
files
|
|
|
78 |
}
|
|
|
79 |
|
|
|
80 |
#
|
|
|
81 |
# Accounting. Log the accounting data.
|
|
|
82 |
#
|
|
|
83 |
accounting {
|
|
|
84 |
#
|
|
|
85 |
# Create a 'detail'ed log of the packets.
|
|
|
86 |
# Note that accounting requests which are proxied
|
|
|
87 |
# are also logged in the detail file.
|
|
|
88 |
detail
|
|
|
89 |
# daily
|
|
|
90 |
|
|
|
91 |
# Update the wtmp file
|
|
|
92 |
#
|
|
|
93 |
# If you don't use "radlast", you can delete this line.
|
|
|
94 |
unix
|
|
|
95 |
|
|
|
96 |
#
|
|
|
97 |
# For Simultaneous-Use tracking.
|
|
|
98 |
#
|
|
|
99 |
# Due to packet losses in the network, the data here
|
|
|
100 |
# may be incorrect. There is little we can do about it.
|
|
|
101 |
radutmp
|
|
|
102 |
# sradutmp
|
|
|
103 |
|
|
|
104 |
# Return an address to the IP Pool when we see a stop record.
|
|
|
105 |
# main_pool
|
|
|
106 |
|
|
|
107 |
#
|
|
|
108 |
# Log traffic to an SQL database.
|
|
|
109 |
#
|
|
|
110 |
# NOTE! You will have to ensure that any accounting packets
|
|
|
111 |
# NOT handled by the SQL module (e.g. "stop with zero session length"
|
|
|
112 |
# result in the accounting section still returning "ok".
|
|
|
113 |
#
|
|
|
114 |
# Otherwise, the server will think that the accounting packet
|
|
|
115 |
# was NOT handled properly, and will keep trying to process it
|
|
|
116 |
# through this virtual server!
|
|
|
117 |
#
|
|
|
118 |
# See "Accounting queries" in sql.conf
|
|
|
119 |
# sql
|
|
|
120 |
|
|
|
121 |
#
|
|
|
122 |
# Instead of sending the query to the SQL server,
|
|
|
123 |
# write it into a log file.
|
|
|
124 |
#
|
|
|
125 |
# sql_log
|
|
|
126 |
|
|
|
127 |
# Cisco VoIP specific bulk accounting
|
|
|
128 |
# pgsql-voip
|
|
|
129 |
|
|
|
130 |
# Filter attributes from the accounting response.
|
|
|
131 |
attr_filter.accounting_response
|
|
|
132 |
|
|
|
133 |
#
|
|
|
134 |
# See "Autz-Type Status-Server" for how this works.
|
|
|
135 |
#
|
|
|
136 |
# Acct-Type Status-Server {
|
|
|
137 |
#
|
|
|
138 |
# }
|
|
|
139 |
}
|
|
|
140 |
}
|