You are on page 1of 12

FREERADIUS SERVER DCOCUEMENT

2. FREERADIUS CONFIGURATION Radiusd.conf: In authorize section enable the following modules. 3. 4. 5. 6. 7. 8. 9. Preprocess Auth_log Suffix Eap Files Sql Pap

Authenticate: Following modules be enabled. 10. Auth-Type PAP { pap } 11. Auth-Type CHAP { chap } 12. Auth-Type MS-CHAP { mschap } 13. Eap Accounting: Following modules be enabled. 14. Detail 15. Radutmp 16. Sql 17. SQL.CONF login = "root" where root is the database username password = "passw0rd" and passw0rd is the database password radius_db = "ngifinal" the name of database. authorize_check_query=Proc_Ngi_Voice_Authentication Where Proc_Ngi_Voice_Authentication is the stored procedure for authentication

the customer. authorize_reply_query=Proc_Ngi_Voice_New_Authorization Where Proc_Ngi_Voice_New_Authorization is the stored procedure for authorization the customer. accounting_stop_query="Proc_Ngi_Voice_New_Accounting" Where Proc_Ngi_Voice_New_Accounting is the procedure of accounting stop.

3.clients.conf:
in clients.conf file all the settings related to usr are placed. Radius only service those request which are coming from listed clients else are ignored. If you want to add a user then follow this syntax in clients.conf file client 192.168.2.0 { secret shortname } and if you want to allow radius to service request from all clients which are not listed in the clients.conf file then follow this syntax. client 0.0.0.0/ { secret = testing123 shortname = private-network-1 } = testing123 = private-network-1

In /usr/local/share/freeradius/ all the dictionory files are placed. Which are used by radius server to look for the request specific attributes. And in dictionary.suretech we add our own attributes the we include this dictionary in dictionary file
4. $INCLUDE dictionary.suretech

5. /usr/src/modules/rlm_sql

include.h file contains the attribute which we will use in sql module. For authentication and authorization we use this function. static int rlm_sql_authorize(void *instance, REQUEST * request) we find the attributes with fuction pairfind and it takes two arguments request->packet>vps and the other is attribute. Then we copy these attribute in a character array and passing these values to stored procedure. if(pair=pairfind(request->packet->vps,PW_CALLING_STATION_ID)) { strcpy(callingNumber,pair->strvalue); printf("\n3: Calling Number is :: %s",callingNumber); } else { strcpy(callingNumber,""); }

int l = sql_authorizeCall(inst,sqlsocket,userName,pass,callingNumber,authNASIPAddress,a uthNASPort,authConfID,authServiceType,authNASPortType,accessNumber,calledN umber,insertSession,v_customerBalance,v_checkItems,v_replyItems,v_callTime,v_ma rkupCallTime,result); add this procedure in rlm_sql_module_t struct and it shows like this and it is in rlm_sql.h file. int (*sql_voice_authorize)(SQLSOCK *sqlsocket, SQL_CONFIG *config,char *user1,char *pass1,char *callingNumber,char *authNASIPAddress,char *authNASPort,char *authConfID,char *authServiceType,char *authNASPortType,char *accessNumber,char *calledNumber,int *insertSession,char *v_customerBalance,char *v_checkItems,char *v_replyItems,char *v_callTime,char *v_markupCallTime,char *result); add the procedure at the end of the rlm_sql.h file. int sql_authorizeCall(SQL_INST * inst,SQLSOCK *sqlsocket,char *user1,char *pass1,char *callingNumber,char *authNASIPAddress,char *authNASPort,char *authConfID,char *authServiceType,char *authNASPortType,char *accessNumber,char *calledNumber,int *insertSession,char

*v_customerBalance,char *v_checkItems,char *v_replyItems,char *v_callTime,char *v_markupCallTime,char *result); now write the funtion for authorization in sql.c file and call the procedure which u mentioned in rlm_sql_module_t. sql_authorizeCall(SQL_INST * inst,SQLSOCK *sqlsocket,char *user1,char *pass1,char *callingNumber,char *authNASIPAddress,char *authNASPort,char *authConfID,char *authServiceType,char *authNASPortType,char *accessNumber,char *calledNumber,int *insertSession,char *v_customerBalance,char *v_checkItems,char *v_replyItems,char *v_callTime,char *v_markupCallTime,char *result) { int procRet=800; if(inst!=NULL) { if(inst->config!=NULL) { } if(inst->module!=NULL) { } } procRet=(inst->module->sql_voice_authorize)(sqlsocket, inst>config,user1,pass1,callingNumber,authNASIPAddress,authNASPort,authConfID,au thServiceType,authNASPortType,accessNumber,calledNumber,insertSession,v_custo merBalance,v_checkItems,v_replyItems,v_callTime,v_markupCallTime,result); return procRet; } from here we go to to call the authorize section in /rlm_sql/drivers/rlm_sql_mysql/sql_mysql.c static int sql_voice_authorize(SQLSOCK *sqlsocket, SQL_CONFIG *config,char *user1,char *pass1,char *callingNumber,char *authNASIPAddress,char *authNASPort,char *authConfID,char *authServiceType,char *authNASPortType,char *accessNumber,char *calledNumber,int *insertSession,char *v_customerBalance,char *v_checkItems,char *v_replyItems,char *v_callTime,char *v_markupCallTime,char *result) {

MYSQL *conn; MYSQL_RES *res; MYSQL_ROW row; char *server = config->sql_server; char *user = config->sql_login; char *password = config->sql_password; char *database =config->sql_db; conn = mysql_init(NULL); if (!mysql_real_connect(conn, server,user, password, database, 0, NULL, CLIENT_MULTI_RESULTS | CLIENT_MULTI_STATEMENTS)) { radlog(L_INFO,"\nON Authorization Request ::->%s",mysql_error(conn)); strcat(result,mysql_error(conn)); } char stf[1000]; int n=sprintf (stf, "CALL %s('%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%d',@ret1,@ret2,@ret3,@re t4,@ret5,@ret6); select @ret1,@ret2,@ret3,@ret4,@ret5,@ret6",config>authorize_reply_query,user1,pass1,callingNumber,calledNumber,authNASIPAddre ss,authNASPort,authConfID,authServiceType,authNASPortType,accessNumber,inse rtSession); printf("\n\n Query To Execute: %s \n",stf); sprintf(result,"Query To Execute: %s ",stf); int sta =mysql_real_query(conn, stf,strlen(stf)); if (sta) { radlog(L_INFO,"\nON Authorization Request ::-> %s",mysql_error(conn)); strcat(result,mysql_error(conn)); } else { } res = mysql_use_result(conn); if(res==NULL) { } else { }

mysql_free_result(res); int ret=400; while(mysql_more_results(conn)) { int next=mysql_next_result(conn); res = mysql_use_result(conn); if(res==NULL) { } else { } int num=mysql_num_rows(res); while ((row = mysql_fetch_row(res)) != NULL) { ret=atoi(row[0]); strcpy(v_customerBalance,row[1]); strcpy(v_checkItems,row[2]); strcpy(v_replyItems,row[3]); strcpy(v_callTime,row[4]); strcpy(v_markupCallTime,row[5]); } mysql_free_result(res); } mysql_close(conn);

return ret; } in this file we make the connection with database and call the procedure and return the values to rlm_sql.c file. If return code is zero then it authorizes then we return the values to the client by paircreate method.then we sent this value to pairadd method.

ret_code = paircreate(quintum_h323_return_code,PW_TYPE_STRING); if(ret_code!=NULL) { //ret_code->lvalue=l; char t[30]; sprintf(t,"h323-return-code=%d",l); strcpy(ret_code->strvalue,t); ret_code->length=strlen(ret_code->strvalue); pairadd(&reply_tmp, ret_code); } then we send this value to the client by using this function. pairxlatmove(request, &request->reply->vps, &reply_tmp); similary if there is no called number then it will authenticate the customer. int l = sql_AuthenticateCall(inst, sqlsocket,userName,pass,callingNumber,authNASIPAddress,authNASPort,authConfID,aut hServiceType,authNASPortType,accessNumber,v_customerBalance,v_pref_lang,result); then we will add it in rlm_sql.h in rlm_sql_module_t and int (*sql_authen)(SQLSOCK *sqlsocket, SQL_CONFIG *config,char *user,char *pass,char *callingNumber,char *authNASIPAddress,char *authNASPort,char *authConfID,char *authServiceType,char *authNASPortType,char *accessNumber,char *v_customerBalance,char *v_pref_lang,char *result); and at the end of this rlm_sql.h add this line int sql_AuthenticateCall(SQL_INST * inst, SQLSOCK * sqlsocket,char *user,char *pass,char *callingNumber,char *authNASIPAddress,char *authNASPort,char *authConfID,char *authServiceType,char *authNASPortType,char *accessNumber,char *v_customerBalance,char *v_pref_lang,char *result); and add the funtion in sql.c which will call the authenticate funtion in /drivers/rlm_sql/mysql_mysql.c. sql_AuthenticateCall(SQL_INST * inst, SQLSOCK * sqlsocket,char *user,char *pass,char *callingNumber,char *authNASIPAddress,char *authNASPort,char *authConfID,char *authServiceType,char *authNASPortType,char *accessNumber,char *v_customerBalance,char *v_pref_lang,char *result) { int procRet=800; if(inst!=NULL) {

if(inst->config!=NULL) { } if(inst->module!=NULL) { } } procRet=(inst->module->sql_authen)(sqlsocket, inst>config,user,pass,callingNumber,authNASIPAddress,authNASPort,authConfID,authServic eType,authNASPortType,accessNumber,v_customerBalance,v_pref_lang,result); return procRet; }

this fuction takes us to the authenticate function in /drivers/rlm_sql/mysql_mysql.c. where we authenticate the customer with the stored procedure CALL Proc_Ngi_Voice_Authentication and it will returns the return code,customer balance and prefereed language. If return code 0 then customer authenticate other wise there is error then we send this value to the client as did in authorize section. Accounting: First of all find the attributes in accounting section then copy it to the some char array. Then we check account status type and in our request account status type is stop then it will go to the stop section. Where it calls the function retcode=sql_Accounting_stop_voice_call(inst,sqlsocket,"time",userName,pass,callDuratio n,callingNumber,calledNumber,confId,callOrigin,callType,acctSessionId,NASIPAddress,b ytesIn,bytesOut,delayTime,acctSType,remoteAddress,remoteGwId,terminationCause,srcPo rt,destPort,accessNumber,callLeg1,callLeg2,callLeg3,callLeg4,result); form here this function add in rlm_sql.h. then in sql.c where we call the procedure and execute it. retcode=sql_Accounting_stop_voice_call(inst,sqlsocket,"time",userName,pass,callDuratio n,callingNumber,calledNumber,confId,callOrigin,callType,acctSessionId,NASIPAddress,b ytesIn,bytesOut,delayTime,acctSType,remoteAddress,remoteGwId,terminationCause,srcPo rt,destPort,accessNumber,callLeg1,callLeg2,callLeg3,callLeg4,result); Then we add in rlm_sql.h in rlm_sql_module_t struct. int (*sql_Accounting_stop_voice)(SQLSOCK *sqlsocket, SQL_CONFIG *config,char *timeclose,char *userName,char *password,int *callDuration,char *callingNumber,char

*calledNumber,char *confId,char *callOrigin,char *callType,char *acctSessionID,char *NASIPAddress,int *bytesIn,int *bytesOut,int *delayTime,char *acctSType,char *remoteAddress,char *remoteGwID,char *terminationCause,char *srcPortNo,char *destPortNo,char *accessNumber,int *callLeg1,int *callLeg2,int *callLeg3,int *callLeg4,char *result); and at the end of file int sql_Accounting_stop_voice_call(SQL_INST * inst,SQLSOCK * sqlsocket,char *timeclose,char *userName,char *password,int *callDuration,char *callingNumber,char *calledNumber,char *confId,char *callOrigin,char *callType,char *acctSessionID,char *NASIPAddress,int *bytesIn,int *bytesOut,int *delayTime,char *acctSType,char *remoteAddress,char *remoteGwID,char *terminationCause,char *srcPortNo,char *destPortNo,char *accessNumber,int *callLeg1,int *callLeg2,int *callLeg3,int *callLeg4,char *result); and in sql.c add the following function. sql_Accounting_stop_voice_call(SQL_INST * inst,SQLSOCK *sqlsocket,char *timeclose,char *userName,char *password,int *callDuration,char *callingNumber,char *calledNumber,char *confId,char *callOrigin,char *callType,char *acctSessionID,char *NASIPAddress,int *bytesIn,int *bytesOut,int *delayTime,char *acctSType,char *remoteAddress,char *remoteGwID,char *terminationCause,char *srcPortNo,char *destPortNo,char *accessNumber,int *callLeg1,int *callLeg2,int *callLeg3,int *callLeg4,char *result) { int procRet10=800; if(inst!=NULL) { if(inst->config!=NULL) { } if(inst->module!=NULL) { } } procRet10=(inst->module->sql_Accounting_stop_voice)(sqlsocket, inst>config,timeclose,userName,password,callDuration,callingNumber,calledNumber,confId,c allOrigin,callType,acctSessionID,NASIPAddress,bytesIn,bytesOut,delayTime,acctSType,r emoteAddress,remoteGwID,terminationCause,srcPortNo,destPortNo,accessNumber,callLe g1,callLeg2,callLeg3,callLeg4,result);

return procRet10; } now go to the /drivers/rlm_sql_mysql/sql_mysql.c function. static int sql_Accounting_stop_voice(SQLSOCK *sqlsocket, SQL_CONFIG *config,char *timeclose,char *userName,char *password,int *callDuration,char *callingNumber,char *calledNumber,char *confId,char *callOrigin,char *callType,char *acctSessionID,char *NASIPAddress,int *bytesIn,int *bytesOut,int *delayTime,char *acctSType,char *remoteAddress,char *remoteGwID,char *terminationCause,char *srcPortNo,char *destPortNo,char *accessNumber,int *callLeg1,int *callLeg2,int *callLeg3,int *callLeg4,char *result) { MYSQL *conn; MYSQL_RES *res; MYSQL_ROW row; char *server = config->sql_server; char *user = config->sql_login; char *dbpassword = config->sql_password; //char *database = "ngi"; char *database = config->sql_db; conn = mysql_init(NULL); if (!mysql_real_connect(conn, server,user, dbpassword, database, 0, NULL, CLIENT_MULTI_RESULTS | CLIENT_MULTI_STATEMENTS)) { strcat(result,mysql_error(conn)); } char stf[1000]; int n=sprintf (stf, "CALL %s( '%s','%s','%d','%s','%s','%s','%s','%s','%s','%s','%d','%d','%d','%s','%s','%s','%s','%s','%s ','%s','%d','%d','%d','%d',@ret ); select @ret",config>accounting_stop_query,userName,password,callDuration,callingNumber,calledNumber,c onfId,callOrigin,callType,acctSessionID,NASIPAddress,bytesIn,bytesOut,delayTime,acctS Type,remoteAddress,remoteGwID,terminationCause,srcPortNo,destPortNo,accessNumber, callLeg1,callLeg2,callLeg3,callLeg4); printf("\n\nQuery To Execute: %s \n",stf); strcat(result,stf); int sta =mysql_real_query(conn, stf,strlen(stf)); if (sta)

{ strcat(result,mysql_error(conn)); } else { } res = mysql_use_result(conn); if(res==NULL) { } else { } mysql_free_result(res); int ret=400; while(mysql_more_results(conn)) { int next=mysql_next_result(conn); res = mysql_use_result(conn); if(res==NULL) { } else { } int num=mysql_num_rows(res); while ((row = mysql_fetch_row(res)) != NULL) { ret=atoi(row[0]); } mysql_free_result(res); } mysql_close(conn);

return ret; } and it will execute the query which is mentioned in accounting_stop_query in sql.conf.

then it will return the value to the radius clients.

You might also like