On Fri, 3 Mar 2000, Jeff Mcadams wrote:
Thus spake Ed
Yeah we have thought of that, however it seems like it would be slow and cumbersome. Exactly what do you use to parse the information from the Logs? Anything specific? or is it a custom script? Speed is of the essence in this method... and with 25,000+ users it would be tough to achieve I would think.
Yeah...we've got a custom written perl script that does...essentially...a tail -f on the RADIUS accounting log file, parses and stores each online connection in a directory...one entry per file...the file name is the IP address of the connection. Inside the file is information like userid, ip address, name of the NAS, ip of the NAS, port number on the NAS, caller and called id, time, etc. Then our scripts controlling access (via .htaccess for example) can get the ip address of the connection and quickly find the file they need with the information in it to decide whether to give access or not. Of course, when we see the stop record, we just remove the corresponding file.
I use a modified version of Cistron RADIUS with the MySQL patches, with the following notable reworks: - keeps active sessions in one table, prior sessions (not start/stop records) in another. - Uses persistent MySQL connection. - Handles database-down condition more gracefully, it queues to a temp file and then when the db comes back up, forks a child to clean up. The original code also forks but then waits for the child, which causes a big pileup of accounting records on the NASen. - Disconnects/reconnects from the database on SIGUSR1 (on Linux, anyway) to make "planned" database downtime a little smoother. The code and table structures could probably stand some cleanup, but it's in production use here with no major problems. I also have a companion script that reads the "online" table and walks through checking each supposedly-online user against the HARC via snmp, and kills off any stale records (which really only ever show up if a HARC gets rebooted unexpectedly.) If anyone wants it I'll clean up a little and put the diffs up for download. - To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.