A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Man page of rlm_acct_unique

rlm_acct_unique

Section: FreeRADIUS Module (5)
Updated: 3 February 2004
Index of this MAN page

Back To MAN Pages From BackTrack 5 R1 Master List  

NAME

rlm_acct_unique - FreeRADIUS Module  

DESCRIPTION

The rlm_acct_unique module creates a unique accounting session Id.

Many NAS vendors have their equipment supply an Acct-Session-Id attribute which is not unique over reboots. This makes accounting difficult, as there will be many independent sessions with the same Acct-Session-Id attribute. This module uses the Acct-Session-Id attribute, along with other attributes in the request, to create a more unique session ID, called Acct-Unique-Session-Id.

The main configuration items to be aware of are:

key
A list of the attributes used in calculating an MD5 hash which is used as the value for the unique session id.
 

CONFIGURATION


modules {
  ...

acct_unique {
key = "User-Name, Acct-Session-Id, NAS-IP-Address, NAS-Port"
}
...
}
...
preacct { ...
acct_unique ...
}

After generating the MD5 hash, the module adds it to the accounting request packet received from the client. It will look something like this in your detail file:


        Acct-Unique-Session-Id = "c66ef57e480b9d26"

NOTE: Any attribute you specify that is not found in the 'dictionary' file will cause the server to fail and exit with an error.

NOTE: If you want the Acct-Unique-Session-Id of the Start and the Stop packet of a particular session to match, you must use values for the key that will stay the same for the Start and Stop. The above example is a good start. Adding 'Acct-Session-Time', for example, would cause a mismatch because that value is not the same on the Start and Stop accounting packets.

 

SECTIONS

authorization, pre-accounting, accounting

 

FILES

/etc/raddb/radiusd.conf

 

SEE ALSO

radiusd(8), radiusd.conf(5)  

AUTHORS

Chris Parker, cparker@segv.org


 

Index

NAME
DESCRIPTION
CONFIGURATION
SECTIONS
FILES
SEE ALSO
AUTHORS

This document was created by man2html, using the manual pages.
Time: 07:34:21 GMT, September 13, 2011

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast