# WARNING: Be VERY careful when editing the following line!
# Change the path, and ideally nothing else.
#
-# ntlm_auth = "/path/to/ntlm_auth --request-nt-key --allow-mschapv2 --username=%{%{Stripped-User-Name}:-%{%{User-Name}:-None}} --challenge=%{%mschap(Challenge):-00} --nt-response=%{%mschap(NT-Response):-00}"
+# ntlm_auth = "/path/to/ntlm_auth --request-nt-key --allow-mschapv2 --username=%{&Stripped-User-Name || &User-Name || 'None'} --challenge=%{%mschap(Challenge) || 00} --nt-response=%{%mschap(NT-Response) || 00}"
#
# ntlm_auth_timeout:: Time to wait for `ntlm_auth` to run.
#
# TIP: We give both examples here, but *only one should be used*.
#
-# local_cpw = "%exec(/path/to/script %mschap(User-Name) %{MS-CHAP-New-Password.Cleartext})"
-# local_cpw = "%sql(UPDATE radcheck set value='%{MS-CHAP-New-NT-Password}' where username='%{User-Name}' and attribute='Password.NT'}"
+# local_cpw = %exec('/path/to/script', %mschap(User-Name), %{MS-CHAP-New-Password.Cleartext})
+ local_cpw = %sql("UPDATE radcheck set value='%{MS-CHAP-New-NT-Password}' where username='%{User-Name}' and attribute='Password.NT'")
+
}
#
}
accounting {
- reference = "%{tolower:type.%{Acct-Status-Type}.query}"
+ reference = "%tolower(type.%{Acct-Status-Type}.query)"
type {
start {
query = "\
}
accounting {
- reference = "%{tolower:type.%{Acct-Status-Type}.query}"
+ reference = "%tolower(type.%{Acct-Status-Type}.query)"
type {
start {
query = "\
}
accounting {
- reference = "%{tolower:type.%{Acct-Status-Type}.query}"
+ reference = "%tolower(type.%{Acct-Status-Type}.query)"
+
type {
start {
query = "\
# Use Stripped-User-Name, if it's there.
# Else use User-Name, if it's there,
# Else use hard-coded string "DEFAULT" as the user name.
-#sql_user_name = "%{%{Stripped-User-Name}:-%{%{User-Name}:-DEFAULT}}"
+#sql_user_name = "%{&Stripped-User-Name || &User-Name || 'DEFAULT'}"
#
sql_user_name = "%{User-Name}"
# distrust the provided Event-Timestamp.
#event_timestamp_epoch = "%l"
-event_timestamp_epoch = "%{%(integer:%{Event-Timestamp}):-%l}"
+event_timestamp_epoch = %{((integer) &Event-Timestamp) || %l}
# event_timestamp is the SQL snippet for converting an epoch timestamp
# to an SQL date.
# as INSERTS are really UPSERTS so we can work around it.
#######################################################################
accounting {
- reference = "%{tolower:type.%{Acct-Status-Type}.query}"
+ reference = "%tolower(type.%{Acct-Status-Type}.query)"
# Write SQL queries to a logfile. This is potentially useful for bulk inserts
# when used with the rlm_sql_null driver.
'%{SQL-User-Name}', \
'%{Realm}', \
'%{NAS-IP-Address}', \
- '%{%{NAS-Port-Id}:-%{NAS-Port}}', \
+ '%{&NAS-Port-Id || &NAS-Port}', \
'%{NAS-Port-Type}', \
${....event_timestamp}, \
${....event_timestamp}, \
'%{SQL-User-Name}', \
'%{Realm}', \
'%{NAS-IP-Address}', \
- '%{%{NAS-Port-Id}:-%{NAS-Port}}', \
+ '%{&NAS-Port-Id || &NAS-Port}', \
'%{NAS-Port-Type}', \
${....event_timestamp}, \
null, \
'%{Acct-Authentic}', \
'%{Connect-Info}', \
- %{(&Acct-Input-Gigawords << 32) | &Acct-Input-Octets}, \
- %{(&Acct-Output-Gigawords << 32) | &Acct-Output-Octets}, \
+ %{(((uint64) &Acct-Input-Gigawords) << 32) | (uint64) &Acct-Input-Octets}, \
+ %{(((uint64) &Acct-Output-Gigawords) << 32) | (uint64) &Acct-Output-Octets}, \
'%{Called-Station-Id}', \
'%{Calling-Station-Id}', \
'%{Service-Type}', \
'%{SQL-User-Name}', \
'%{Realm}', \
'%{NAS-IP-Address}', \
- '%{%{NAS-Port-Id}:-%{NAS-Port}}', \
+ '%{&NAS-Port-Id || &NAS-Port}', \
'%{NAS-Port-Type}', \
${....event_timestamp}, \
${....event_timestamp}, \
'%{Acct-Authentic}', \
'%{Connect-Info}', \
- %{(&Acct-Input-Gigawords << 32) | &Acct-Input-Octets}, \
- %{(&Acct-Output-Gigawords << 32) | &Acct-Output-Octets}, \
+ %{(((uint64) &Acct-Input-Gigawords) << 32) | (uint64) &Acct-Input-Octets}, \
+ %{(((uint64) &Acct-Output-Gigawords) << 32) | (uint64) &Acct-Output-Octets}, \
'%{Called-Station-Id}', \
'%{Calling-Station-Id}', \
'%{Service-Type}', \
(username, pass, reply, authdate, class) \
VALUES ( \
'%{SQL-User-Name}', \
- '%{%{User-Password}:-%{Chap-Password}}', \
+ '%{&User-Password || &Chap-Password}', \
'%{reply.Packet-Type}', \
'%{%l * 1000 + %M / 1000}', \
'%{reply.Class}')"
# Use Stripped-User-Name, if it's there.
# Else use User-Name, if it's there,
# Else use hard-coded string "none" as the user name.
-#sql_user_name = "%{%{Stripped-User-Name}:-%{%{User-Name}:-none}}"
+#sql_user_name = "%{&Stripped-User-Name || &User-Name || 'none'}"
#
sql_user_name = "%{User-Name}"
# distrust the provided Event-Timestamp.
#event_timestamp_epoch = "%l"
-event_timestamp_epoch = "%{%(integer:%{Event-Timestamp}):-%l}"
+event_timestamp_epoch = %{((integer) &Event-Timestamp) || %l}
# event_timestamp is the SQL snippet for converting an epoch timestamp
# to an SQL date.
# combination of attributes, or custom 'Acct-Status-Type' values.
#######################################################################
accounting {
- reference = "%{tolower:type.%{Acct-Status-Type}.query}"
+ reference = "%tolower(type.%{Acct-Status-Type}.query)"
# Write SQL queries to a logfile. This is potentially useful for bulk inserts
# when used with the rlm_sql_null driver.
AcctStopTime=${....event_timestamp}, \
AcctSessionTime=${....event_timestamp_epoch} - \
DATEDIFF(SS, '1970-01-01', AcctStartTime), \
- AcctTerminateCause='%{%{Acct-Terminate-Cause}:-NAS-Reboot}', \
- AcctStopDelay = %{%{Acct-Delay-Time}:-0} \
+ AcctTerminateCause='%{&Acct-Terminate-Cause || &NAS-Reboot}', \
+ AcctStopDelay = %{&Acct-Delay-Time || 0} \
WHERE AcctStopTime = 0 \
AND NASIPAddress = '%{NAS-IP-Address}' \
AND AcctStartTime <= ${....event_timestamp}"
'%{SQL-User-Name}', \
'%{Realm}', \
'%{NAS-IP-Address}', \
- '%{%{NAS-Port-ID}:-%{NAS-Port}}', \
+ '%{&NAS-Port-ID || &NAS-Port}', \
'%{NAS-Port-Type}', \
${....event_timestamp}, \
'0', \
UPDATE ${....acct_table1} \
SET \
AcctStartTime = ${....event_timestamp}, \
- AcctStartDelay = '%{%{Acct-Delay-Time}:-0}', \
+ AcctStartDelay = '%{&Acct-Delay-Time || 0}', \
ConnectInfo_start = '%{Connect-Info}' \
WHERE AcctUniqueId = '%{Acct-Unique-Session-ID}' \
AND AcctStopTime = 0"
AcctInterval = DATEDIFF(second, CASE WHEN AcctUpdateTime > 0 THEN AcctUpdateTime ELSE AcctStartTime END, ${....event_timestamp}), \
AcctUpdateTime = ${....event_timestamp}, \
AcctSessionTime = '%{Acct-Session-Time}', \
- AcctInputOctets = convert(bigint, '%{%{Acct-Input-Gigawords}:-0}' * POWER(2.0, 32)) | '%{%{Acct-Input-Octets}:-0}', \
- AcctOutputOctets = convert(bigint, '%{%{Acct-Output-Gigawords}:-0}' * POWER(2.0, 32)) | '%{%{Acct-Output-Octets}:-0}', \
+ AcctInputOctets = convert(bigint, '%{(((uint64) &Acct-Input-Gigawords) << 32) | (uint64) &Acct-Input-Octets}'), \
+ AcctOutputOctets = convert(bigint, '%{(((uint64) &Acct-Output-Gigawords) << 32) | (uint64) &Acct-Output-Octets}'), \
FramedIPAddress = '%{Framed-IP-Address}', \
FramedIPv6Address = '%{Framed-IPv6-Address}', \
FramedIPv6Prefix = '%{Framed-IPv6-Prefix}', \
'%{SQL-User-Name}', \
'%{Realm}', \
'%{NAS-IP-Address}', \
- '%{%{NAS-Port-ID}:-%{NAS-Port}}', \
+ '%{&NAS-Port-ID || &NAS-Port}', \
'%{NAS-Port-Type}', \
${....event_timestamp}, \
${....event_timestamp}, \
SET \
AcctStopTime = ${....event_timestamp}, \
AcctSessionTime = '%{Acct-Session-Time}', \
- AcctInputOctets = convert(bigint, '%{%{Acct-Input-Gigawords}:-0}' * POWER(2.0, 32)) | '%{%{Acct-Input-Octets}:-0}', \
- AcctOutputOctets = convert(bigint, '%{%{Acct-Output-Gigawords}:-0}' * POWER(2.0, 32)) | '%{%{Acct-Output-Octets}:-0}', \
+ AcctInputOctets = convert(bigint, '%{(((uint64) &Acct-Input-Gigawords) << 32) | (uint64) &Acct-Input-Octets}'), \
+ AcctOutputOctets = convert(bigint, '%{(((uint64) &Acct-Output-Gigawords) << 32) | (uint64) &Acct-Output-Octets}'), \
AcctTerminateCause = '%{Acct-Terminate-Cause}', \
- AcctStopDelay = '%{%{Acct-Delay-Time}:-0}', \
+ AcctStopDelay = '%{&Acct-Delay-Time || 0}', \
ConnectInfo_stop = '%{Connect-Info}', \
Class = '%{Class}' \
WHERE AcctUniqueId = '%{Acct-Unique-Session-ID}' \
'%{SQL-User-Name}', \
'%{Realm}', \
'%{NAS-IP-Address}', \
- '%{%{NAS-Port-ID}:-%{NAS-Port}}', \
+ '%{&NAS-Port-ID || &NAS-Port}', \
'%{NAS-Port-Type}', \
${....event_timestamp}, \
'%{Acct-Session-Time}', \
'', \
'%{Connect-Info}', \
NULL, \
- convert(bigint, '%{%{Acct-Input-Gigawords}:-0}' * POWER(2.0, 32)) | '%{%{Acct-Input-Octets}:-0}', \
- convert(bigint, '%{%{Acct-Output-Gigawords}:-0}' * POWER(2.0, 32)) | '%{%{Acct-Output-Octets}:-0}', \
+ convert(bigint, '%{(((uint64) &Acct-Input-Gigawords) << 32) | (uint64) &Acct-Input-Octets}'), \
+ convert(bigint, '%{(((uint64) &Acct-Output-Gigawords) << 32) | (uint64) &Acct-Output-Octets}'), \
'%{Called-Station-Id}', \
'%{Calling-Station-Id}', \
'%{Acct-Terminate-Cause}', \
'%{Framed-Interface-Id}', \
'%{Delegated-IPv6-Prefix}', \
'0', \
- '%{%{Acct-Delay-Time}:-0}', \
+ '%{&Acct-Delay-Time || 0}', \
'%{Class}')"
}
}
(userName, pass, reply, authdate, class) \
VALUES(\
'%{User-Name}', \
- '%{%{User-Password}:-CHAP-PASSWORD}', \
+ '%{&User-Password || CHAP-PASSWORD}', \
'%{reply.Packet-Type}', \
'%S.%{%M / 1000}', \
'%{reply.Class}')"
# Use Stripped-User-Name, if it's there.
# Else use User-Name, if it's there,
# Else use hard-coded string "DEFAULT" as the user name.
-#sql_user_name = "%{%{Stripped-User-Name}:-%{%{User-Name}:-DEFAULT}}"
+#sql_user_name = "%{&Stripped-User-Name || &User-Name || 'DEFAULT'}"
#
sql_user_name = "%{User-Name}"
# distrust the provided Event-Timestamp.
#event_timestamp_epoch = "%l"
-event_timestamp_epoch = "%{%(integer:%{Event-Timestamp}):-%l}"
+event_timestamp_epoch = %{((integer) &Event-Timestamp) || %l}
# event_timestamp is the SQL snippet for converting an epoch timestamp
# to an SQL date.
# combination of attributes, or custom 'Acct-Status-Type' values.
#######################################################################
accounting {
- reference = "%{tolower:type.%{Acct-Status-Type}.query}"
+ reference = "%tolower(type.%{Acct-Status-Type}.query)"
# Write SQL queries to a logfile. This is potentially useful for bulk inserts
# when used with the rlm_sql_null driver.
acctstoptime = ${....event_timestamp}, \
acctsessiontime = '${....event_timestamp_epoch}' \
- UNIX_TIMESTAMP(acctstarttime), \
- acctterminatecause = '%{%{Acct-Terminate-Cause}:-NAS-Reboot}' \
+ acctterminatecause = '%{&Acct-Terminate-Cause || &NAS-Reboot}' \
WHERE acctstoptime IS NULL \
AND nasipaddress = '%{NAS-IP-Address}' \
AND acctstarttime <= ${....event_timestamp}"
'%{SQL-User-Name}', \
'%{Realm}', \
'%{NAS-IP-Address}', \
- '%{%{NAS-Port-ID}:-%{NAS-Port}}', \
+ '%{&NAS-Port-ID || &NAS-Port}', \
'%{NAS-Port-Type}', \
${....event_timestamp}, \
${....event_timestamp}, \
framedipv6prefix = '%{Framed-IPv6-Prefix}', \
framedinterfaceid = '%{Framed-Interface-Id}', \
delegatedipv6prefix = '%{Delegated-IPv6-Prefix}', \
- acctsessiontime = %{%{Acct-Session-Time}:-NULL}, \
- acctinputoctets = '%{%{Acct-Input-Gigawords}:-0}' \
- << 32 | '%{%{Acct-Input-Octets}:-0}', \
- acctoutputoctets = '%{%{Acct-Output-Gigawords}:-0}' \
- << 32 | '%{%{Acct-Output-Octets}:-0}', \
+ acctsessiontime = %{&Acct-Session-Time || NULL}, \
+ acctinputoctets = %{(((uint64) &Acct-Input-Gigawords) << 32) | (uint64) &Acct-Input-Octets}, \
+ acctoutputoctets = %{(((uint64) &Acct-Output-Gigawords) << 32) | (uint64) &Acct-Output-Octets}, \
class = '%{Class}' \
WHERE acctuniqueid = '%{Acct-Unique-Session-Id}'"
'%{SQL-User-Name}', \
'%{Realm}', \
'%{NAS-IP-Address}', \
- '%{%{NAS-Port-ID}:-%{NAS-Port}}', \
+ '%{&NAS-Port-ID || &NAS-Port}', \
'%{NAS-Port-Type}', \
- FROM_UNIXTIME(${....event_timestamp_epoch} - %{%{Acct-Session-Time}:-0}), \
+ FROM_UNIXTIME(${....event_timestamp_epoch} - %{&Acct-Session-Time || 0}), \
${....event_timestamp}, \
NULL, \
- %{%{Acct-Session-Time}:-NULL}, \
+ %{&Acct-Session-Time || NULL}, \
'%{Acct-Authentic}', \
'%{Connect-Info}', \
'', \
- '%{%{Acct-Input-Gigawords}:-0}' << 32 | '%{%{Acct-Input-Octets}:-0}', \
- '%{%{Acct-Output-Gigawords}:-0}' << 32 | '%{%{Acct-Output-Octets}:-0}', \
+ '%{(((uint64) &Acct-Input-Gigawords) << 32) | (uint64) &Acct-Input-Octets}', \
+ '%{(((uint64) &Acct-Output-Gigawords) << 32) | (uint64) &Acct-Output-Octets}', \
'%{Called-Station-Id}', \
'%{Calling-Station-Id}', \
'', \
query = "\
UPDATE ${....acct_table2} SET \
acctstoptime = ${....event_timestamp}, \
- acctsessiontime = %{%{Acct-Session-Time}:-NULL}, \
- acctinputoctets = '%{%{Acct-Input-Gigawords}:-0}' \
- << 32 | '%{%{Acct-Input-Octets}:-0}', \
- acctoutputoctets = '%{%{Acct-Output-Gigawords}:-0}' \
- << 32 | '%{%{Acct-Output-Octets}:-0}', \
+ acctsessiontime = %{&Acct-Session-Time || NULL}, \
+ acctinputoctets = '%{(((uint64) &Acct-Input-Gigawords) << 32) | (uint64) &Acct-Input-Octets}', \
+ acctoutputoctets = '%{(((uint64) &Acct-Output-Gigawords) << 32) | (uint64) &Acct-Output-Octets}', \
acctterminatecause = '%{Acct-Terminate-Cause}', \
connectinfo_stop = '%{Connect-Info}', \
class = '%{Class}' \
'%{SQL-User-Name}', \
'%{Realm}', \
'%{NAS-IP-Address}', \
- '%{%{NAS-Port-ID}:-%{NAS-Port}}', \
+ '%{&NAS-Port-ID || &NAS-Port}', \
'%{NAS-Port-Type}', \
- FROM_UNIXTIME(${....event_timestamp_epoch} - %{%{Acct-Session-Time}:-0}), \
+ FROM_UNIXTIME(${....event_timestamp_epoch} - %{&Acct-Session-Time || 0}), \
${....event_timestamp}, \
${....event_timestamp}, \
- %{%{Acct-Session-Time}:-NULL}, \
+ %{&Acct-Session-Time || NULL}, \
'%{Acct-Authentic}', \
'', \
'%{Connect-Info}', \
- '%{%{Acct-Input-Gigawords}:-0}' << 32 | '%{%{Acct-Input-Octets}:-0}', \
- '%{%{Acct-Output-Gigawords}:-0}' << 32 | '%{%{Acct-Output-Octets}:-0}', \
+ '%{(((uint64) &Acct-Input-Gigawords) << 32) | (uint64) &Acct-Input-Octets}', \
+ '%{(((uint64) &Acct-Output-Gigawords) << 32) | (uint64) &Acct-Output-Octets}', \
'%{Called-Station-Id}', \
'%{Calling-Station-Id}', \
'%{Acct-Terminate-Cause}', \
(username, pass, reply, authdate, class) \
VALUES ( \
'%{SQL-User-Name}', \
- '%{%{User-Password}:-%{Chap-Password}}', \
+ '%{&User-Password || &Chap-Password}', \
'%{reply.Packet-Type}', \
'%S.%M', \
'%{reply.Class}')"
# Use Stripped-User-Name, if it's there.
# Else use User-Name, if it's there,
# Else use hard-coded string "DEFAULT" as the user name.
-#sql_user_name = "%{%{Stripped-User-Name}:-%{%{User-Name}:-DEFAULT}}"
+#sql_user_name = "%{&Stripped-User-Name || &User-Name || 'DEFAULT'}"
#
sql_user_name = "%{User-Name}"
# distrust the provided Event-Timestamp.
#event_timestamp_epoch = "%l"
-event_timestamp_epoch = "%{%(integer:%{Event-Timestamp}):-%l}"
+event_timestamp_epoch = %{((integer) &Event-Timestamp) || %l}
# event_timestamp is the SQL snippet for converting an epoch timestamp
# to an SQL date.
# combination of attributes, or custom 'Acct-Status-Type' values.
#######################################################################
accounting {
- reference = "%{tolower:type.%{Acct-Status-Type}.query}"
+ reference = "%tolower(type.%{Acct-Status-Type}.query)"
# Write SQL queries to a logfile. This is potentially useful for bulk inserts
# when used with the rlm_sql_null driver.
AcctStopTime = ${....event_timestamp}, \
AcctSessionTime = ROUND((${....event_timestamp} - \
TO_DATE(TO_CHAR(acctstarttime, 'yyyy-mm-dd hh24:mi:ss'),'yyyy-mm-dd hh24:mi:ss'))*86400), \
- AcctTerminateCause='%{%{Acct-Terminate-Cause}:-NAS-Reboot}', \
- AcctStopDelay = %{%{Acct-Delay-Time}:-0}, \
+ AcctTerminateCause='%{&Acct-Terminate-Cause || NAS-Reboot}', \
+ AcctStopDelay = %{&Acct-Delay-Time || 0}, \
Class = '%{Class}' \
WHERE AcctStopTime IS NULL \
AND NASIPAddress = '%{NAS-IP-Address}' \
'%{SQL-User-Name}', \
'%{Realm}', \
'%{NAS-IP-Address}', \
- '%{%{NAS-Port-ID}:-%{NAS-Port}}', \
+ '%{&NAS-Port-ID || &NAS-Port}', \
'%{NAS-Port-Type}', \
${....event_timestamp}, \
NULL, \
UPDATE ${....acct_table1} \
SET \
AcctStartTime = ${....event_timestamp}, \
- AcctStartDelay = '%{%{Acct-Delay-Time}:-0}', \
+ AcctStartDelay = '%{&Acct-Delay-Time || 0}', \
ConnectInfo_start = '%{Connect-Info}' \
WHERE AcctUniqueId = '%{Acct-Unique-Session-ID}' \
AND AcctStopTime IS NULL"
FramedInterfaceId = NULLIF('%{Framed-Interface-Id}', ''), \
DelegatedIPv6Prefix = NULLIF('%{Delegated-IPv6-Prefix}', ''), \
AcctSessionTime = '%{Acct-Session-Time}', \
- AcctInputOctets = '%{Acct-Input-Octets}' + \
- ('%{%{Acct-Input-Gigawords}:-0}' * 4294967296), \
- AcctOutputOctets = '%{Acct-Output-Octets}' + \
- ('%{%{Acct-Output-Gigawords}:-0}' * 4294967296), \
+ AcctInputOctets = %{(((uint64) &Acct-Input-Gigawords) << 32) | (uint64) &Acct-Input-Octets}, \
+ AcctOutputOctets = %{(((uint64) &Acct-Output-Gigawords) << 32) | (uint64) &Acct-Output-Octets}, \
Class = '%{Class}' \
WHERE AcctUniqueId = '%{Acct-Unique-Session-ID}' \
AND AcctStopTime IS NULL"
'%{SQL-User-Name}', \
'%{Realm}', \
'%{NAS-IP-Address}', \
- '%{%{NAS-Port-ID}:-%{NAS-Port}}', \
+ '%{&NAS-Port-ID || &NAS-Port}', \
'%{NAS-Port-Type}', \
NULL, \
'%{Acct-Session-Time}', \
'%{Acct-Authentic}', \
'', \
- '%{Acct-Input-Octets}' + \
- ('%{%{Acct-Input-Gigawords}:-0}' * 4294967296), \
- '%{Acct-Output-Octets}' + \
- ('%{%{Acct-Output-Gigawords}:-0}' * 4294967296), \
+ '%{(((uint64) &Acct-Input-Gigawords) << 32) | (uint64) &Acct-Input-Octets}', \
+ '%{(((uint64) &Acct-Output-Gigawords) << 32) | (uint64) &Acct-Output-Octets}', \
'%{Called-Station-Id}', \
'%{Calling-Station-Id}', \
'%{Service-Type}', \
SET \
AcctStopTime = ${....event_timestamp}, \
AcctSessionTime = '%{Acct-Session-Time}', \
- AcctInputOctets = '%{Acct-Input-Octets}' + \
- ('%{%{Acct-Input-Gigawords}:-0}' * 4294967296), \
- AcctOutputOctets = '%{Acct-Output-Octets}' + \
- ('%{%{Acct-Output-Gigawords}:-0}' * 4294967296), \
+ AcctInputOctets = '%{(((uint64) &Acct-Input-Gigawords) << 32) | (uint64) &Acct-Input-Octets}', \
+ AcctOutputOctets = '%{(((uint64) &Acct-Output-Gigawords) << 32) | (uint64) &Acct-Output-Octets}', \
AcctTerminateCause = '%{Acct-Terminate-Cause}', \
- AcctStopDelay = '%{%{Acct-Delay-Time}:-0}', \
+ AcctStopDelay = '%{&Acct-Delay-Time || 0}', \
ConnectInfo_stop = '%{Connect-Info}', \
Class = '%{Class}'
WHERE AcctUniqueId = '%{Acct-Unique-Session-ID}' \
'%{SQL-User-Name}', \
'%{Realm}', \
'%{NAS-IP-Address}', \
- '%{%{NAS-Port-ID}:-%{NAS-Port}}', \
+ '%{&NAS-Port-ID || &NAS-Port}', \
'%{NAS-Port-Type}', \
NULL, \
${....event_timestamp}, \
'', \
'%{Connect-Info}', \
NULL, \
- '%{Acct-Input-Octets}' + \
- ('%{%{Acct-Input-Gigawords}:-0}' * 4294967296), \
- '%{Acct-Output-Octets}' + \
- ('%{%{Acct-Output-Gigawords}:-0}' * 4294967296), \
+ '%{(((uint64) &Acct-Input-Gigawords) << 32) | (uint64) &Acct-Input-Octets}', \
+ '%{(((uint64) &Acct-Output-Gigawords) << 32) | (uint64) &Acct-Output-Octets}', \
'%{Called-Station-Id}', \
'%{Calling-Station-Id}', \
'%{Acct-Terminate-Cause}', \
'%{Framed-Protocol}', \
'%{Framed-IP-Address}', \
'0', \
- '%{%{Acct-Delay-Time}:-0}', \
+ '%{&Acct-Delay-Time || 0}', \
'%{Class}')"
}
(username, pass, reply, authdate, class) \
VALUES (\
'%{User-Name}', \
- '%{%{User-Password}:-%{Chap-Password}}', \
+ '%{&User-Password || &Chap-Password}', \
'%{reply.Packet-Type}', \
TO_TIMESTAMP('%S.%M','YYYY-MM-DDHH24:MI:SS.FF'), \
'%{reply.Class}')"
# Else use User-Name, if it's there,
# Else use hard-coded string "none" as the user name.
#
- #sql_user_name = "%{%{Stripped-User-Name}:-%{%{User-Name}:-none}}"
+ #sql_user_name = "%{&Stripped-User-Name || &User-Name || 'none'}"
#
sql_user_name = "%{User-Name}"
accounting {
- reference = "%{tolower:type.%{Acct-Status-Type}.query}"
+ reference = "%tolower(type.%{Acct-Status-Type}.query)"
# Write SQL queries to a logfile. This is potentially useful for bulk inserts
# when used with the rlm_sql_null driver.
VALUES(\
'${radius_server_name}', '%{SQL-User-Name}', \
'%{NAS-IP-Address}', now(), '%{Called-Station-Id}', \
- '%{Calling-Station-Id}', '%{%{Acct-Delay-Time}:-0}', '%{h323-gw-id}', \
+ '%{Calling-Station-Id}', '%{&Acct-Delay-Time || 0}', '%{h323-gw-id}', \
'%{h323-call-origin}', strip_dot('%{h323-setup-time}'), \
strip_dot('%{h323-connect-time}'), pick_id('%{h323-conf-id}', \
'%{call-id}'))"
h323disconnectcause, h323disconnecttime, h323gwid, h323setuptime) \
VALUES(\
'${radius_server_name}', '%{SQL-User-Name}', '%{NAS-IP-Address}', \
- NOW(), '%{%{Acct-Session-Time}:-0}', \
- '%{%{Acct-Input-Octets}:-0}', '%{%{Acct-Output-Octets}:-0}', \
+ NOW(), '%{&Acct-Session-Time || 0}', \
+ '%{&Acct-Input-Octets || 0}', '%{&Acct-Output-Octets || 0}', \
'%{Called-Station-Id}', '%{Calling-Station-Id}', \
- '%{%{Acct-Delay-Time}:-0}', NULLIF('%{h323-remote-address}', '')::inet, \
+ '%{&Acct-Delay-Time || 0}', NULLIF('%{h323-remote-address}', '')::inet, \
NULLIF('%{h323-voice-quality}','')::integer, \
NULLIF('%{Cisco-NAS-Port}', ''), \
'%{h323-call-origin}', pick_id('%{h323-conf-id}', '%{call-id}'), \
# Else use User-Name, if it's there,
# Else use hard-coded string "none" as the user name.
#
-#sql_user_name = "%{%{Stripped-User-Name}:-%{%{User-Name}:-none}}"
+#sql_user_name = "%{ &Stripped-User-Name || &User-Name | 'none'}"
sql_user_name = "%{User-Name}"
# distrust the provided Event-Timestamp.
#event_timestamp_epoch = "%l"
-event_timestamp_epoch = "%{%(integer:%{Event-Timestamp}):-%l}"
+event_timestamp_epoch = %{((integer) &Event-Timestamp) || %l}
# event_timestamp is the SQL snippet for converting an epoch timestamp
# to an SQL date.
#######################################################################
accounting {
- reference = "%{tolower:type.%{%{Acct-Status-Type}:-none}.query}"
+ reference = "%tolower(type.%{&Acct-Status-Type || none}.query)"
# Write SQL queries to a logfile. This is potentially useful for bulk inserts
# when used with the rlm_sql_null driver.
AcctSessionTime = %{%{Acct-Session-Time}:-NULL}, \
AcctInterval = (${....event_timestamp_epoch} - EXTRACT(EPOCH FROM (COALESCE(AcctUpdateTime, AcctStartTime)))), \
AcctUpdateTime = ${....event_timestamp}, \
- AcctInputOctets = (('%{%{Acct-Input-Gigawords}:-0}'::bigint << 32) + \
- '%{%{Acct-Input-Octets}:-0}'::bigint), \
- AcctOutputOctets = (('%{%{Acct-Output-Gigawords}:-0}'::bigint << 32) + \
- '%{%{Acct-Output-Octets}:-0}'::bigint), \
+ AcctInputOctets = %{(((uint64) &Acct-Input-Gigawords) << 32) | (uint64) &Acct-Input-Octets}, \
+ AcctOutputOctets = %{(((uint64) &Acct-Output-Gigawords) << 32) | (uint64) &Acct-Output-Octets}, \
Class = '%{Class}' \
WHERE AcctUniqueId = '%{Acct-Unique-Session-Id}' \
AND AcctStopTime IS NULL"
'%{Acct-Authentic}', \
'%{Connect-Info}', \
NULL, \
- (('%{%{Acct-Input-Gigawords}:-0}'::bigint << 32) + \
- '%{%{Acct-Input-Octets}:-0}'::bigint), \
- (('%{%{Acct-Output-Gigawords}:-0}'::bigint << 32) + \
- '%{%{Acct-Output-Octets}:-0}'::bigint), \
+ (%{(((uint64) &Acct-Input-Gigawords) << 32) | (uint64) &Acct-Input-Octets})::bigint, \
+ (%{(((uint64) &Acct-Output-Gigawords) << 32) | (uint64) &Acct-Output-Octets})::bigint, \
'%{Called-Station-Id}', \
'%{Calling-Station-Id}', \
NULL, \
AcctUpdateTime = ${....event_timestamp}, \
AcctSessionTime = COALESCE(%{%{Acct-Session-Time}:-NULL}, \
(${....event_timestamp_epoch} - EXTRACT(EPOCH FROM(AcctStartTime)))), \
- AcctInputOctets = (('%{%{Acct-Input-Gigawords}:-0}'::bigint << 32) + \
- '%{%{Acct-Input-Octets}:-0}'::bigint), \
- AcctOutputOctets = (('%{%{Acct-Output-Gigawords}:-0}'::bigint << 32) + \
- '%{%{Acct-Output-Octets}:-0}'::bigint), \
+ AcctInputOctets = %{(((uint64) &Acct-Input-Gigawords) << 32) | (uint64) &Acct-Input-Octets}, \
+ AcctOutputOctets = %{(((uint64) &Acct-Output-Gigawords) << 32) | (uint64) &Acct-Output-Octets}, \
AcctTerminateCause = '%{Acct-Terminate-Cause}', \
FramedIPAddress = NULLIF('%{Framed-IP-Address}', '')::inet, \
FramedIPv6Address = NULLIF('%{Framed-IPv6-Address}', '')::inet, \
'%{Acct-Authentic}', \
'%{Connect-Info}', \
NULL, \
- (('%{%{Acct-Input-Gigawords}:-0}'::bigint << 32) + \
- '%{%{Acct-Input-Octets}:-0}'::bigint), \
- (('%{%{Acct-Output-Gigawords}:-0}'::bigint << 32) + \
- '%{%{Acct-Output-Octets}:-0}'::bigint), \
+ (%{(((uint64) &Acct-Input-Gigawords) << 32) | (uint64) &Acct-Input-Octets})::bigint, \
+ (%{(((uint64) &Acct-Output-Gigawords) << 32) | (uint64) &Acct-Output-Octets})::bigint, \
'%{Called-Station-Id}', \
'%{Calling-Station-Id}', \
'%{Acct-Terminate-Cause}', \
AcctUpdateTime = ${....event_timestamp}, \
AcctSessionTime = COALESCE(%{%{Acct-Session-Time}:-NULL}, \
(${....event_timestamp_epoch} - EXTRACT(EPOCH FROM(AcctStartTime)))), \
- AcctInputOctets = (('%{%{Acct-Input-Gigawords}:-0}'::bigint << 32) + \
- '%{%{Acct-Input-Octets}:-0}'::bigint), \
- AcctOutputOctets = (('%{%{Acct-Output-Gigawords}:-0}'::bigint << 32) + \
- '%{%{Acct-Output-Octets}:-0}'::bigint), \
+ AcctInputOctets = (%{(((uint64) &Acct-Input-Gigawords) << 32) | (uint64) &Acct-Input-Octets})::bigint, \
+ AcctOutputOctets = (%{(((uint64) &Acct-Output-Gigawords) << 32) | (uint64) &Acct-Output-Octets})::bigint, \
AcctTerminateCause = '%{Acct-Terminate-Cause}', \
FramedIPAddress = NULLIF('%{Framed-IP-Address}', '')::inet, \
FramedIPv6Address = NULLIF('%{Framed-IPv6-Address}', '')::inet, \
(username, pass, reply, authdate, class) \
VALUES(\
'%{User-Name}', \
- '%{%{User-Password}:-Chap-Password}', \
+ '%{&User-Password || &Chap-Password}', \
'%{reply.Packet-Type}', \
'%S.%M', \
'%{reply.Class}')"
# distrust the provided Event-Timestamp.
#event_timestamp_epoch = "%l"
-event_timestamp_epoch = "%{%(integer:%{Event-Timestamp}):-%l}"
+event_timestamp_epoch = %{((integer) &Event-Timestamp) || %l}
# event_timestamp is the SQL snippet for converting an epoch timestamp
# to an SQL date.
# combination of attributes, or custom 'Acct-Status-Type' values.
#######################################################################
accounting {
- reference = "%{tolower:type.%{Acct-Status-Type}.query}"
+ reference = "%tolower(type.%{Acct-Status-Type}.query)"
# Write SQL queries to a logfile. This is potentially useful for bulk inserts
# when used with the rlm_sql_null driver.
framedipv6prefix = '%{Framed-IPv6-Prefix}', \
framedinterfaceid = '%{Framed-Interface-Id}', \
delegatedipv6prefix = '%{Delegated-IPv6-Prefix}', \
- acctsessiontime = %{%{Acct-Session-Time}:-NULL}, \
- acctinputoctets = %{%{Acct-Input-Gigawords}:-0} \
- << 32 | %{%{Acct-Input-Octets}:-0}, \
- acctoutputoctets = %{%{Acct-Output-Gigawords}:-0} \
- << 32 | %{%{Acct-Output-Octets}:-0}, \
+ acctsessiontime = %{&Acct-Session-Time || NULL}, \
+
class = '%{Class}' \
WHERE AcctUniqueId = '%{Acct-Unique-Session-Id}'"
'%{Acct-Authentic}', \
'%{Connect-Info}', \
'', \
- %{%{Acct-Input-Gigawords}:-0} << 32 | \
- %{%{Acct-Input-Octets}:-0}, \
- %{%{Acct-Output-Gigawords}:-0} << 32 | \
- %{%{Acct-Output-Octets}:-0}, \
+ %{%{Acct-Input-Gigawords}:-0} << 32 | %{%{Acct-Input-Octets}:-0}, \
+ %{%{Acct-Output-Gigawords}:-0} << 32 | %{%{Acct-Output-Octets}:-0}, \
'%{Called-Station-Id}', \
'%{Calling-Station-Id}', \
'', \
UPDATE ${....acct_table2} SET \
acctstoptime = ${....event_timestamp}, \
acctsessiontime = %{%{Acct-Session-Time}:-NULL}, \
- acctinputoctets = %{%{Acct-Input-Gigawords}:-0} \
- << 32 | %{%{Acct-Input-Octets}:-0}, \
- acctoutputoctets = %{%{Acct-Output-Gigawords}:-0} \
- << 32 | %{%{Acct-Output-Octets}:-0}, \
+ acctinputoctets = %{(((uint64) &Acct-Input-Gigawords) << 32) | (uint64) &Acct-Input-Octets}, \
+ acctoutputoctets = %{(((uint64) &Acct-Output-Gigawords) << 32) | (uint64) &Acct-Output-Octets}, \
acctterminatecause = '%{Acct-Terminate-Cause}', \
connectinfo_stop = '%{Connect-Info}', \
class = '%{Class}' \
'%{Acct-Authentic}', \
'', \
'%{Connect-Info}', \
- %{%{Acct-Input-Gigawords}:-0} << 32 | \
- %{%{Acct-Input-Octets}:-0}, \
- %{%{Acct-Output-Gigawords}:-0} << 32 | \
- %{%{Acct-Output-Octets}:-0}, \
+ %{(((uint64) &Acct-Input-Gigawords) << 32) | (uint64) &Acct-Input-Octets}, \
+ %{(((uint64) &Acct-Output-Gigawords) << 32) | (uint64) &Acct-Output-Octets}, \
'%{Called-Station-Id}', \
'%{Calling-Station-Id}', \
'%{Acct-Terminate-Cause}', \
(username, pass, reply, authdate, class) \
VALUES ( \
'%{SQL-User-Name}', \
- '%{%{User-Password}:-%{Chap-Password}}', \
+ '%{&User-Password || &Chap-Password}', \
'%{reply.Packet-Type}', \
'%S.%M', \
'%{reply.Class}')"
}
- psk_query = "%{psksql:select hex(key) from psk_keys where keyid = '%{TLS-PSK-Identity}'}"
+ psk_query = %psksql("select hex(key) from psk_keys where keyid = '%{TLS-PSK-Identity}'")
}
#
#
# Set the random number to save.
#
- &session-state.Tmp-Integer-0 := "%{randstr:n}"
+ &session-state.Tmp-Integer-0 := "%randstr(n)"
&reply.Reply-Message := &session-state.Tmp-Integer-0
#
#
# Example MySQL lookup
#
-# &control.Tmp-String-0 := "%{sql:SELECT IFNULL(GROUP_CONCAT(CONCAT(nasipaddress,'#',acctsessionid) separator '|'),'') FROM (SELECT * FROM radacct WHERE ('%{User-Name}'='' OR UserName='%{User-Name}') AND ('%{Acct-Session-Id}'='' OR acctsessionid = '%{Acct-Session-Id}') AND AcctStopTime IS NULL) a}"
+# &control.Tmp-String-0 := %sql("SELECT IFNULL(GROUP_CONCAT(CONCAT(nasipaddress,'#',acctsessionid) separator '|'),'') FROM (SELECT * FROM radacct WHERE ('%{User-Name}'='' OR UserName='%{User-Name}') AND ('%{Acct-Session-Id}'='' OR acctsessionid = '%{Acct-Session-Id}') AND AcctStopTime IS NULL) a")
#
# Example PostgreSQL lookup
#
-# &control.Tmp-String-0 := "%{sql:SELECT STRING_AGG(CONCAT(nasipaddress,'#',acctsessionid),'|') FROM (SELECT * FROM radacct WHERE ('%{User-Name}'='' OR UserName='%{User-Name}') AND ('%{Acct-Session-Id}'='' OR acctsessionid = '%{Acct-Session-Id}') AND AcctStopTime IS NULL) a}"
+# &control.Tmp-String-0 := %sql("SELECT STRING_AGG(CONCAT(nasipaddress,'#',acctsessionid),'|') FROM (SELECT * FROM radacct WHERE ('%{User-Name}'='' OR UserName='%{User-Name}') AND ('%{Acct-Session-Id}'='' OR acctsessionid = '%{Acct-Session-Id}') AND AcctStopTime IS NULL) a")
#
# Keep a count of what we send.
#
# Split the string and split into pieces.
#
- if ("%(explode:&control.Tmp-String-0 |)") {
+ if ("%explode(&control.Tmp-String-0, '|')") {
foreach &control.Tmp-String-0 {
# Service-Type = Authorize-Only.
#
# if (!&reply.State) {
-# &reply.State := "0x%{randstr:16h}"
+# &reply.State := "0x%randstr(16h)"
# }
#
#
# - The encrypt expansions of the `rlm_cipher` module.
# - The `%(3gpp_pseudonym_encrypt:)` expansion.
- # - The `%{rand:}` expansion.
+ # - The `%randstr()` expansion.
#
# NOTE: Add a `&reply.Next-Pseudonym-Id` attribute in this section to
# avoid having the permanent Id of the SIM exposed during subsequent
# if (!&reply.LDAP-Sync.Cookie) {
# string csn
#
-# &csn := "%{ldap:ldap:///%{LDAP-Sync.Directory-Root-DN}?contextCSN?base}"
+# &csn := %ldap("ldap:///%{LDAP-Sync.Directory-Root-DN}?contextCSN?base")
# if (&csn) {
# &reply.LDAP-Sync.Cookie := "rid=000,csn=%{csn}"
# updated
#
# pap
# }
-#
# ...
+# }
#
#
# The configuration for this virtual server follows and should be amended as
-# required...
+# required.
#
-
#
# Listen on a local port for Server-Status requests that trigger the resource
# checks.
# interval to avoid buildup of checks when resources do not respond.
# See rlm_exec for details.
#
- if ("%{sql:SELECT pg_is_in_recovery()}" != "f") {
+ if ("%sql('SELECT pg_is_in_recovery()')" != "f") {
# Fail the db_online module, if it isn't already
if ("%{db_online:}" != "fail") {
# NOTE: If you have VLAN's in a database, you can `select`
# the VLAN name based on the MAC address.
#
-# &reply.VLAN-Name = "%{sql:select ... where mac='%{MAC-Address}'}"
+# &reply.VLAN-Name = %sql("select ... where mac='%{MAC-Address}'")
}
#
projects / thirdparty / freeradius-server.git / commitdiff
