Здравствуйте не видно сессии в мониторе при аутентификации на SE100 по vlan (radius.servSearchMode=2), на устройстве используем свой SmartEdgeNDSCProtocolHandler который наследуется от вашего.Подскажите в чем может быть причина ? При аутентификации по (radius.servSearchMode=7) все работает сессия появляется. В идеале надо аутентифицироваться по (radius.servSearchMode=2-7) но с ним такая же проблема как и с radius.servSearchMode=2 не видно сессии.
Цитата:
ip.resource.categoryId=7
vlan.resource.category=1
const.access.attributes=Acct-Interim-Interval=900
radius.realm.ipn.attributes={@const.access.attributes}
radius.realm.default.attributes={@const ... attributes}
radius.realm=default,ipn
radius.connection.checkDuplicate=1
radius.username.removeDomain=1
radius.username.removeWhitespace=0
radius.username.ignoreCase=0
radius.password.verification=0
radius.servSearchMode=7
sa.radius.option.attributesPrefix=radius.inetOption.
sa.radius.connection.attributes=Acct-Session-Id
redirect.attributes=Service-Name:1=RSE-REJECTED;Service-Options:1=1
sa.radius.disable.attributes=Session-Timeout=1800;{@redirect.attributes}
sa.radius.enable.attributes=Deactivate-Service-Name:1=RSE-REJECTED
sa.radius.connection.withoutBreak=1
sa.radius.connection.coa.onEnable=1
sa.radius.connection.stateModify=1
sa.radius.connection.close.enableMode=1
sa.radius.connection.close.disableMode=1
sa.radius.connection.close.disableServices=0
sa.radius.service.closeAttributes=Deactivate-Service-Name:1=RSE-SVC-EXT;Deactivate-Service-Name:2=RSE-SVC-INT
radius.serviceName.disable=RSE-REJECTED
connection.start.fromAccept=1
connection.start.fromUpdate=2
connection.suspend.timeout=960
connection.close.timeout=1920
connection.finish.timeout=5
session.split.onDeviceState=0
session.split.onTariffOption=1
radius.inetOption.1.attributes=Service-Name:1=RSE-SVC-EXT;Service-Options:1=1;Service-Parameter:1=in-Rate=10000 out-Rate=10000 in-Burst=1250000 out-Burst=1250000;Service-Name:2=RSE-SVC-INT;Service-Options:2=1;Service-Parameter:2=in-Rate=100000 out-Rate=100000 in-Burst=2500000 out-Burst=2500000
Код:
package ru.svtk.inet;
import java.net.InetAddress;
import org.apache.log4j.Logger;
import ru.bitel.bgbilling.kernel.network.dhcp.DhcpProtocolHandler;
import ru.bitel.bgbilling.kernel.network.radius.RadiusAttribute;
import ru.bitel.bgbilling.kernel.network.radius.RadiusDictionary;
import ru.bitel.bgbilling.kernel.network.radius.RadiusPacket;
import ru.bitel.bgbilling.kernel.network.radius.RadiusProtocolHandler;
import ru.bitel.bgbilling.modules.inet.api.common.bean.InetDevice;
import ru.bitel.bgbilling.modules.inet.api.common.bean.InetDeviceType;
import ru.bitel.bgbilling.server.util.Setup;
import ru.bitel.common.ParameterMap;
import ru.bitel.common.Utils;
import ru.bitel.common.sql.ConnectionSet;
import java.util.regex.Pattern;
import java.util.regex.Matcher;
import ru.bitel.bgbilling.modules.inet.radius.InetRadiusProcessor;
import ru.bitel.bgbilling.modules.inet.dyn.device.redback.SmartEdgeStaticClipsProtocolHandler;
public class SmartEdgeNDSCProtocolHandler
extends SmartEdgeStaticClipsProtocolHandler
implements RadiusProtocolHandler
{
private static final Logger logger = Logger.getLogger( SmartEdgeNDSCProtocolHandler.class );
@Override
public void init( Setup setup, int moduleId, InetDevice inetDevice, InetDeviceType inetDeviceType, ParameterMap deviceConfig )
throws Exception
{
super.init( setup, moduleId, inetDevice, inetDeviceType, deviceConfig );
}
/**
* Предобработка Access-Request пакета.
*/
@Override
public void preprocessAccessRequest( final RadiusPacket request, final RadiusPacket response, final ConnectionSet connectionSet )
throws Exception
{
this.setVlanFromNasPort(request);
// вызываем SmartEdgeServiceActivator.preprocessAccessRequest()
super.preprocessAccessRequest( request, response, connectionSet );
}
/*
* Устанавливаем VLAN который передается в NAS-Port от Redback SE100.
*/
public void setVlanFromNasPort(final RadiusPacket request)
throws Exception
{
String nasport = request.getStringAttribute( -1, RadiusDictionary.NAS_Port_Id, "empty" );
Pattern p = Pattern.compile("vlan-id ([0-9]+) ");
Matcher m = p.matcher(nasport);
// apply matcher
if (m.find()) {
logger.info("NAS Port vlan:"+m.group(1));
String vlan = m.group(1);
request.setOption( InetRadiusProcessor.VLAN_ID, vlan );
}
}
}
Цитата:
radius 10-05/09:31:24 INFO [rdsLstnr-p-8-t-4] RadiusListenerWorker - REQUEST:
Packet type: Access-Request
Identifier: 62
Authenticator: {AB A0 CF 07 9D 4F D0 E7 7A 96 6A B9 9D E3 8B 8C}
Attributes:
User-Name=192.168.70.7
NAS-Port-Id=lg id 825 vlan-id 56 clips 134145
NAS-Identifier=IPN-static-clips
User-Password=Redback
NAS-IP-Address=10.0.0.1
NAS-Port=-1761604606
Service-Type=5
Acct-Session-Id=FF160339D8000C02-561200AA
NAS-Port-Type=5
Platform-Type=4
Medium-Type=11
OS-Version=12.1.1.5
NAS-Real-Port=603979832
radius 10-05/09:31:24 INFO [rdsLstnr-p-8-t-4] SmartEdgeNDSCProtocolHandler - NAS Port vlan:56
radius 10-05/09:31:24 INFO [rdsLstnr-p-8-t-4] InetRadiusProcessor - REQUEST_AFTER_PREPROCESS:
Packet type: Access-Request
Identifier: 62
Authenticator: {AB A0 CF 07 9D 4F D0 E7 7A 96 6A B9 9D E3 8B 8C}
Attributes:
User-Name=192.168.70.7
NAS-Port-Id=lg id 825 vlan-id 56 clips 134145
NAS-Identifier=IPN-static-clips
User-Password=Redback
NAS-IP-Address=10.0.0.1
NAS-Port=-1761604606
Service-Type=5
Acct-Session-Id=FF160339D8000C02-561200AA
NAS-Port-Type=5
Platform-Type=4
Medium-Type=11
OS-Version=12.1.1.5
NAS-Real-Port=603979832
Common options: {vlanId=56}
radius 10-05/09:31:24 INFO [rdsLstnr-p-8-t-4] InetNas - Search serv on deviceId=90; vlanId=56
radius 10-05/09:31:24 INFO [rdsLstnr-p-8-t-4] InetRadiusProcessor - [username=192.168.70.7] Authenticated as inetServId:5543
radius 10-05/09:31:24 INFO [rdsLstnr-p-8-t-4] InetApplication - TariffOptionMap: {}
radius 10-05/09:31:24 INFO [rdsLstnr-p-8-t-4] InetApplication - inetServ[id=5543] balance ok: 0.00 [0]
radius 10-05/09:31:24 INFO [rdsLstnr-p-8-t-4] InetApplication - OptionSet: [5]
radius 10-05/09:31:24 INFO [rdsLstnr-p-8-t-4] InetRadiusProcessor - Write new waiting connection to DB
radius 10-05/09:31:24 INFO [rdsLstnr-p-8-t-4] InetRadiusProcessor - New connection id=8690180
radius 10-05/09:31:24 INFO [rdsLstnr-p-8-t-4] InetRadiusProcessor - Return code=0
radius 10-05/09:31:24 INFO [rdsLstnr-p-8-t-4] InetDhcpHelperProcessor - Skip userName: 192.168.70.7
radius 10-05/09:31:24 INFO [rdsLstnr-p-8-t-4] InetRadiusProcessor - RESPONSE_BEFORE_POSTPROCESS:
Packet type: Access-Accept
Identifier: 62
Authenticator: {}
Attributes:
Acct-Interim-Interval=900
Framed-IP-Address=192.168.70.7
Service-Name:1=RSE-SVC-EXT
Service-Name:2=RSE-SVC-INT
Service-Options:1=1
Service-Options:2=1
Service-Parameter:1=in-Rate=100000 out-Rate=100000 in-Burst=2500000 out-Burst=2500000
Service-Parameter:2=in-Rate=100000 out-Rate=100000 in-Burst=2500000 out-Burst=2500000
Process time auth: 72
radius 10-05/09:31:24 INFO [rdsLstnr-p-8-t-4] InetRadiusListenerWorker - RESPONSE:
Packet type: Access-Accept
Identifier: 62
Authenticator: {53 19 09 A1 30 B6 F3 02 B6 62 2A 27 FB 03 7D 15}
Attributes:
Acct-Interim-Interval=900
Framed-IP-Address=192.168.70.7
Service-Name:1=RSE-SVC-EXT
Service-Name:2=RSE-SVC-INT
Service-Options:1=1
Service-Options:2=1
Service-Parameter:1=in-Rate=100000 out-Rate=100000 in-Burst=2500000 out-Burst=2500000
Service-Parameter:2=in-Rate=100000 out-Rate=100000 in-Burst=2500000 out-Burst=2500000
Process time auth: 74
Биллинг 6.1.868