#
sql_user_name = "%{User-Name}"
+#
+# 3.0.22 and later have a "class" column in the accounting table.
+#
+# However, we do NOT want to break existing configurations by adding
+# the Class attribute to the default queries. If we did that, then
+# systems using newer versions of the server would fail, because
+# there is no "class" column in their accounting tables.
+#
+# The solution to that is the following "class" subsection. If your
+# database has a "class" column for the various tables, then you can
+# uncomment the configuration items here. The queries below will
+# then automatically insert the Class attribute into radacct,
+# radpostauth, etc.
+#
+class {
+ #
+ # Delete the '#' from all of the next 3 lines in order to
+ # put the Class attribute into the various tables.
+ #
+ # See also policy.d/accounting, and the "insert_acct_class"
+ # policy. You will need to list (or uncomment)
+ # "insert_acct_class" in the "post-auth" section in order to
+ # create a Class attribute.
+ #
+ column_name = # ", class"
+ packet_xlat = # ", '%{Class}'"
+ reply_xlat = # ", '%{Reply:Class}'"
+}
+
#######################################################################
# Query config: Event-Timestamp
#######################################################################
framedipv6address, \
framedipv6prefix, \
framedinterfaceid, \
- delegatedipv6prefix"
+ delegatedipv6prefix \
+ ${..class.column_name}"
type {
accounting-on {
'%{Framed-IPv6-Address}', \
'%{Framed-IPv6-Prefix}', \
'%{Framed-Interface-Id}', \
- '%{Delegated-IPv6-Prefix}')"
+ '%{Delegated-IPv6-Prefix}' \
+ ${....class.packet_xlat})"
#
# When using "sql_session_start", you should comment out
'%{Framed-IPv6-Address}', \
'%{Framed-IPv6-Prefix}', \
'%{Framed-Interface-Id}', \
- '%{Delegated-IPv6-Prefix}')"
+ '%{Delegated-IPv6-Prefix}' \
+ ${....class.packet_xlat})"
#
# When using "sql_session_start", you should comment out
'%{Framed-IPv6-Address}', \
'%{Framed-IPv6-Prefix}', \
'%{Framed-Interface-Id}', \
- '%{Delegated-IPv6-Prefix}')"
+ '%{Delegated-IPv6-Prefix}' \
+ ${....class.packet_xlat})"
#
# When using "sql_session_start", you should comment out
query = "\
INSERT INTO ${..postauth_table} \
- (username, pass, reply, authdate) \
+ (username, pass, reply, authdate ${..class.column_name}) \
VALUES ( \
'%{SQL-User-Name}', \
'%{%{User-Password}:-%{Chap-Password}}', \
'%{reply:Packet-Type}', \
- '%S.%M')"
+ '%S.%M' \
+ ${..class.reply_xlat})"
}
class varchar(64) default NULL
);
+--
+-- You might not need all of these indexes. It should be safe to
+-- delete indexes you do not use. For example, if you're not using
+-- IPv6, you can delete the indexes on IPv6 attributes.
+--
+-- You MUST however leave the indexes needed by the server, which
+-- include username, acctstoptime, nasipaddress, acctstarttime, and
+-- acctuniqueid.
+--
CREATE UNIQUE INDEX acctuniqueid ON radacct(acctuniqueid);
CREATE INDEX username ON radacct(username);
CREATE INDEX framedipaddress ON radacct (framedipaddress);
CREATE INDEX acctinterval ON radacct(acctinterval);
CREATE INDEX acctstoptime ON radacct(acctstoptime);
CREATE INDEX nasipaddress ON radacct(nasipaddress);
+CREATE INDEX class ON radacct(class);
--
-- Table structure for table 'radcheck'
username varchar(64) NOT NULL default '',
pass varchar(64) NOT NULL default '',
reply varchar(32) NOT NULL default '',
- authdate timestamp NOT NULL
+ authdate timestamp NOT NULL,
+ class varchar(64) default NULL
);
+CREATE INDEX username ON radpostauth(username);
+CREATE INDEX class ON radpostauth(class);
--
-- Table structure for table 'nas'
projects / thirdparty / freeradius-server.git / commitdiff
