Когда мы исправляем в ru.bitel.bgbilling.inet.dyn.device.isg.ISGProtocolHandler код следующим образом(для того чтобы логин приобрел следующий вид - 3408044088b0:03)
Код:
public class ISGProtocolHandler
extends ProtocolHandlerAdapter
{
@Override
public void preprocessAccessRequest( RadiusPacket request, RadiusPacket response, ConnectionSet connectionSet )
throws Exception
{
// перенос последней части UserName в атрибут Calling-Station-Id (MAC адрес)
String userName = request.getStringAttribute( -1, 1, null );
if( userName != null )
{
int pos = userName.lastIndexOf( ':' );
if( pos > 0 )
{
String callingStation = request.getStringAttribute( -1, 31, userName.substring( pos + 1 ) );
String remoteId = userName.substring( 4, 16 );
String circuitId = userName.substring( 27, 29 );
String userName1 = remoteId + ":" + circuitId;
request.setStringAttribute( -1, 1, userName1 );
request.setStringAttribute( -1, 31, callingStation );
/*request.setStringAttribute( -1, 1, userName.substring( 0, pos ) );
request.setStringAttribute( -1, 31, userName.substring( pos + 1 ) );*/
}
}
}
в логе radius.log access сервера
Код:
root@bgbilling-test:/usr/local/BGInetAccess# cat log/radius.log
10-21/21:35:17 INFO [main] DefaultServerSetup - Binding javax.jms.ConnectionFactory[org.apache.activemq.ActiveMQConnectionFactory@1aed5f9] to java:comp/env/mq/connectionFactory
10-21/21:35:17 INFO [main] DefaultServerSetup - Init DB connection pools
10-21/21:35:18 INFO [main] DefaultServerSetup - Binding JDBC pool "master" to java:comp/env/jdbc/master
10-21/21:35:18 INFO [main] DefaultServerSetup - Init trash pools..
10-21/21:35:20 INFO [main] radius - Eap not enabled (keystore file not loaded).
10-21/21:37:12 INFO [radiusListener-p-11-t-1] RadiusListenerWorker - REQUEST:
Packet type: Access-Request
Identifier: 87
Authenticator: {CD 61 47 3B 60 B4 1B E0 78 61 8D 96 EA 72 00 E6}
Attributes:
User-Name=00063408044088b0:0004000e0003:88ae.1d39.dac2
NAS-Identifier=test-isg.test.local
NAS-Port-Id=0/0/1/0
User-Password=123
NAS-IP-Address=10.1.19.145
NAS-Port=56
Service-Type=5
Acct-Session-Id=7B00000000000038
NAS-Port-Type=32
cisco-avpair=circuit-id-tag=0004000e0003
cisco-avpair=remote-id-tag=00063408044088b0
cisco-NAS-Port=0/0/1/0
10-21/21:37:12 INFO [radiusListener-p-11-t-1] InetRadiusProcessor - REQUEST_AFTER_PREPROCESS:
Packet type: Access-Request
Identifier: 87
Authenticator: {CD 61 47 3B 60 B4 1B E0 78 61 8D 96 EA 72 00 E6}
Attributes:
User-Name=3408044088b0:03
NAS-Identifier=test-isg.test.local
NAS-Port-Id=0/0/1/0
User-Password=123
NAS-IP-Address=10.1.19.145
NAS-Port=56
Service-Type=5
Calling-Station-Id=88ae.1d39.dac2
Acct-Session-Id=7B00000000000038
NAS-Port-Type=32
cisco-avpair=circuit-id-tag=0004000e0003
cisco-avpair=remote-id-tag=00063408044088b0
cisco-NAS-Port=0/0/1/0
10-21/21:37:12 INFO [radiusListener-p-11-t-1] InetRadiusProcessor - [username=3408044088b0:03] Authenticated as inetServId:31
10-21/21:37:12 INFO [radiusListener-p-11-t-1] InetRadiusProcessor - Return code=0
10-21/21:37:12 INFO [radiusListener-p-11-t-1] InetDhcpHelperProcessor - Put auth accept 1:3408044088B0:03:88AE1D39DAC2
10-21/21:37:12 INFO [radiusListener-p-11-t-1] InetRadiusProcessor - RESPONSE_BEFORE_POSTPROCESS:
Packet type: Access-Accept
Identifier: 87
Authenticator: {}
Attributes:
Framed-IP-Address=10.14.14.15
cisco-SSG-Account-Info=ASPEED_4MB
Process time auth: 20
10-21/21:37:12 INFO [radiusListener-p-11-t-1] InetRadiusListenerWorker - RESPONSE:
Packet type: Access-Accept
Identifier: 87
Authenticator: {11 00 87 1A CA 0B 2E 9E 75 CF 8C 1E EB 86 B2 97}
Attributes:
Framed-IP-Address=10.14.14.15
cisco-SSG-Account-Info=ASPEED_4MB
Process time auth: 22
10-21/21:37:12 INFO [radiusListener-p-11-t-2] RadiusListenerWorker - REQUEST:
Packet type: Access-Request
Identifier: 88
Authenticator: {2B 91 E5 C3 00 A1 8C 8E 47 AC 2B 4F 2C 42 1D BA}
Attributes:
User-Name=SPEED_4MB
NAS-Identifier=test-isg.test.local
NAS-Port-Id=0/0/1/0
User-Password=cisco
NAS-IP-Address=10.1.19.145
NAS-Port=56
Service-Type=5
Acct-Session-Id=7B00000000000038
NAS-Port-Type=32
cisco-avpair=circuit-id-tag=0004000e0003
cisco-avpair=remote-id-tag=00063408044088b0
cisco-NAS-Port=0/0/1/0
10-21/21:37:12 INFO [radiusListener-p-11-t-2] InetRadiusProcessor - REQUEST_AFTER_PREPROCESS:
Packet type: Access-Request
Identifier: 88
Authenticator: {2B 91 E5 C3 00 A1 8C 8E 47 AC 2B 4F 2C 42 1D BA}
Attributes:
User-Name=SPEED_4MB
NAS-Identifier=test-isg.test.local
NAS-Port-Id=0/0/1/0
User-Password=cisco
NAS-IP-Address=10.1.19.145
NAS-Port=56
Service-Type=5
Acct-Session-Id=7B00000000000038
NAS-Port-Type=32
cisco-avpair=circuit-id-tag=0004000e0003
cisco-avpair=remote-id-tag=00063408044088b0
cisco-NAS-Port=0/0/1/0
10-21/21:37:12 INFO [radiusListener-p-11-t-1] HourlyDataLogEntry - Create dataLog file: /usr/local/BGInetAccess/data/radius/source_1/2011/2011-10/2011-10-21/log_2011-10-21-21.003.bgdl
10-21/21:37:12 INFO [radiusListener-p-11-t-2] InetRadiusProcessor - [username=SPEED_4MB] Authenticated as inetServId:10
10-21/21:37:12 INFO [radiusListener-p-11-t-2] InetRadiusProcessor - Return code=0
10-21/21:37:12 INFO [radiusListener-p-11-t-2] InetDhcpHelperProcessor - Skip userName: SPEED_4MB
10-21/21:37:12 INFO [radiusListener-p-11-t-2] InetRadiusProcessor - RESPONSE_BEFORE_POSTPROCESS:
Packet type: Access-Accept
Identifier: 88
Authenticator: {}
Attributes:
Acct-Interim-Interval=60
cisco-avpair=ip:traffic-class=in access-group 196 priority 200
cisco-avpair=ip:traffic-class=in default drop
cisco-avpair=ip:traffic-class=out access-group 196 priority 200
cisco-avpair=ip:traffic-class=out default drop
cisco-avpair=subscriber:accounting-list=ISG-AUTH-1
cisco-SSG-Service-Info=QU;4096000;768000;1536000;D;4096000;768000;1536000
Process time auth: 23
10-21/21:37:12 INFO [radiusListener-p-11-t-2] InetRadiusListenerWorker - RESPONSE:
Packet type: Access-Accept
Identifier: 88
Authenticator: {E6 14 31 4A 88 38 6D 64 7A 15 4B 14 35 2B 69 45}
Attributes:
Acct-Interim-Interval=60
cisco-avpair=ip:traffic-class=in access-group 196 priority 200
cisco-avpair=ip:traffic-class=in default drop
cisco-avpair=ip:traffic-class=out access-group 196 priority 200
cisco-avpair=ip:traffic-class=out default drop
cisco-avpair=subscriber:accounting-list=ISG-AUTH-1
cisco-SSG-Service-Info=QU;4096000;768000;1536000;D;4096000;768000;1536000
Process time auth: 23
10-21/21:37:14 INFO [radiusListener-p-11-t-3] RadiusListenerWorker - REQUEST:
Packet type: Access-Request
Identifier: 89
Authenticator: {10 32 45 26 F2 89 02 37 30 81 CF 31 5A 65 E6 B7}
Attributes:
User-Name=00063408044088b0:0004000e0003:88ae.1d39.dac2
NAS-Identifier=test-isg.test.local
NAS-Port-Id=0/0/1/0
User-Password=123
NAS-IP-Address=10.1.19.145
NAS-Port=58
Service-Type=5
Acct-Session-Id=7B0000000000003A
NAS-Port-Type=32
cisco-avpair=circuit-id-tag=0004000e0003
cisco-avpair=remote-id-tag=00063408044088b0
cisco-NAS-Port=0/0/1/0
10-21/21:37:14 INFO [radiusListener-p-11-t-3] InetRadiusProcessor - REQUEST_AFTER_PREPROCESS:
Packet type: Access-Request
Identifier: 89
Authenticator: {10 32 45 26 F2 89 02 37 30 81 CF 31 5A 65 E6 B7}
Attributes:
User-Name=3408044088b0:03
NAS-Identifier=test-isg.test.local
NAS-Port-Id=0/0/1/0
User-Password=123
NAS-IP-Address=10.1.19.145
NAS-Port=58
Service-Type=5
Calling-Station-Id=88ae.1d39.dac2
Acct-Session-Id=7B0000000000003A
NAS-Port-Type=32
cisco-avpair=circuit-id-tag=0004000e0003
cisco-avpair=remote-id-tag=00063408044088b0
cisco-NAS-Port=0/0/1/0
10-21/21:37:14 INFO [radiusListener-p-11-t-3] InetRadiusProcessor - [username=3408044088b0:03] Authenticated as inetServId:31
10-21/21:37:14 INFO [radiusListener-p-11-t-3] InetRadiusProcessor - Return code=0
10-21/21:37:14 INFO [radiusListener-p-11-t-3] InetDhcpHelperProcessor - Put auth accept 1:3408044088B0:03:88AE1D39DAC2
10-21/21:37:14 INFO [radiusListener-p-11-t-3] InetRadiusProcessor - RESPONSE_BEFORE_POSTPROCESS:
Packet type: Access-Accept
Identifier: 89
Authenticator: {}
Attributes:
Framed-IP-Address=10.14.14.15
cisco-SSG-Account-Info=ASPEED_4MB
Process time auth: 7
10-21/21:37:14 INFO [radiusListener-p-11-t-3] InetRadiusListenerWorker - RESPONSE:
Packet type: Access-Accept
Identifier: 89
Authenticator: {D5 42 F5 FA 90 7F 97 28 DA EF 2E 41 9D 5F C2 0E}
Attributes:
Framed-IP-Address=10.14.14.15
cisco-SSG-Account-Info=ASPEED_4MB
Process time auth: 8
10-21/21:37:14 INFO [radiusListener-p-11-t-4] RadiusListenerWorker - REQUEST:
Packet type: Access-Request
Identifier: 90
Authenticator: {D2 51 92 9A 9F 05 78 31 CB 9F C9 1C 75 BE 52 0E}
Attributes:
User-Name=SPEED_4MB
NAS-Identifier=test-isg.test.local
NAS-Port-Id=0/0/1/0
User-Password=cisco
NAS-IP-Address=10.1.19.145
NAS-Port=58
Service-Type=5
Acct-Session-Id=7B0000000000003A
NAS-Port-Type=32
cisco-avpair=circuit-id-tag=0004000e0003
cisco-avpair=remote-id-tag=00063408044088b0
cisco-NAS-Port=0/0/1/0
10-21/21:37:14 INFO [radiusListener-p-11-t-4] InetRadiusProcessor - REQUEST_AFTER_PREPROCESS:
Packet type: Access-Request
Identifier: 90
Authenticator: {D2 51 92 9A 9F 05 78 31 CB 9F C9 1C 75 BE 52 0E}
Attributes:
User-Name=SPEED_4MB
NAS-Identifier=test-isg.test.local
NAS-Port-Id=0/0/1/0
User-Password=cisco
NAS-IP-Address=10.1.19.145
NAS-Port=58
Service-Type=5
Acct-Session-Id=7B0000000000003A
NAS-Port-Type=32
cisco-avpair=circuit-id-tag=0004000e0003
cisco-avpair=remote-id-tag=00063408044088b0
cisco-NAS-Port=0/0/1/0
10-21/21:37:14 INFO [radiusListener-p-11-t-4] InetRadiusProcessor - [username=SPEED_4MB] Authenticated as inetServId:10
10-21/21:37:14 INFO [radiusListener-p-11-t-4] InetRadiusProcessor - Return code=0
10-21/21:37:14 INFO [radiusListener-p-11-t-4] InetDhcpHelperProcessor - Skip userName: SPEED_4MB
10-21/21:37:14 INFO [radiusListener-p-11-t-4] InetRadiusProcessor - RESPONSE_BEFORE_POSTPROCESS:
Packet type: Access-Accept
Identifier: 90
Authenticator: {}
Attributes:
Acct-Interim-Interval=60
cisco-avpair=ip:traffic-class=in access-group 196 priority 200
cisco-avpair=ip:traffic-class=in default drop
cisco-avpair=ip:traffic-class=out access-group 196 priority 200
cisco-avpair=ip:traffic-class=out default drop
cisco-avpair=subscriber:accounting-list=ISG-AUTH-1
cisco-SSG-Service-Info=QU;4096000;768000;1536000;D;4096000;768000;1536000
Process time auth: 8
10-21/21:37:14 INFO [radiusListener-p-11-t-4] InetRadiusListenerWorker - RESPONSE:
Packet type: Access-Accept
Identifier: 90
Authenticator: {82 41 4D 63 5A FB 64 9D F4 D4 AB 33 DA 84 96 00}
Attributes:
Acct-Interim-Interval=60
cisco-avpair=ip:traffic-class=in access-group 196 priority 200
cisco-avpair=ip:traffic-class=in default drop
cisco-avpair=ip:traffic-class=out access-group 196 priority 200
cisco-avpair=ip:traffic-class=out default drop
cisco-avpair=subscriber:accounting-list=ISG-AUTH-1
cisco-SSG-Service-Info=QU;4096000;768000;1536000;D;4096000;768000;1536000
Process time auth: 8
То есть клиента радиус авторизовал!
Но адрес , как видно из следующего лога , dhcp не отдает
В dhcp.log видим что dhcp шлет нашего клиента лесом
Код:
10-21/21:35:17 INFO [main] DefaultServerSetup - Binding javax.jms.ConnectionFactory[org.apache.activemq.ActiveMQConnectionFactory@1aed5f9] to java:comp/env/mq/connectionFactory
10-21/21:35:17 INFO [main] DefaultServerSetup - Init DB connection pools
10-21/21:35:18 INFO [main] DefaultServerSetup - Binding JDBC pool "master" to java:comp/env/jdbc/master
10-21/21:35:18 INFO [main] DefaultServerSetup - Init trash pools..
10-21/21:35:21 INFO [main] InetDhcpDeviceMap - Load DHCP relay list, types: [1].
10-21/21:35:21 INFO [main] InetDhcpDeviceMap - Loaded device: 1; /10.14.14.1
10-21/21:35:21 INFO [main] InetDhcpHelperProcessor - Restore connections on DhcpHelper
10-21/21:37:12 INFO [dhcpLstnr-p-12-t-1] InetAbstractDhcpProcessor - REQUEST:
Message type: BOOT_REQUEST
Dhcp message type: DHCP Discover{1}
htype: 1, hlen: 6, hops: 1
xid: -824784057, secs: 0, flags: 0
Client IP: 0.0.0.0
Your IP: 0.0.0.0
Server IP: 0.0.0.0
Relay IP: 10.14.14.1
Client MAC: {88AE1D39DAC2}
Host name{12}={book}
Parameter request list{55}={1, 28, 2, 3, 15, 6, 119, 12, 44, 47, 26, 121, 42}
Agent information{82}=
sub{1}={0004000E0003}
sub{2}={00063408044088B0}
10-21/21:37:12 INFO [dhcpLstnr-p-12-t-1] InetAbstractDhcpProcessor - REQUEST_AFTER_PREPROCESS:
Message type: BOOT_REQUEST
Dhcp message type: DHCP Discover{1}
htype: 1, hlen: 6, hops: 1
xid: -824784057, secs: 0, flags: 0
Client IP: 0.0.0.0
Your IP: 0.0.0.0
Server IP: 0.0.0.0
Relay IP: 10.14.14.1
Client MAC: {88AE1D39DAC2}
Host name{12}={book}
Parameter request list{55}={1, 28, 2, 3, 15, 6, 119, 12, 44, 47, 26, 121, 42}
Agent information{82}=
sub{1}={0004000E0003}
sub{2}={00063408044088B0}
10-21/21:37:12 ERROR [dhcpLstnr-p-12-t-1] InetDhcpHelperProcessor - Not found params for request: 1:00063408044088B0:0004000E0003:88AE1D39DAC2
10-21/21:37:12 INFO [dhcpLstnr-p-12-t-1] InetAbstractDhcpProcessor - RESPONSE_BEFORE_POSTPROCESS:
Message type: BOOT_RESPONSE
Dhcp message type: DHCP NAK{6}
htype: 1, hlen: 6, hops: 1
xid: -824784057, secs: 0, flags: 0
Client IP: 0.0.0.0
Your IP: 0.0.0.0
Server IP: 0.0.0.0
Relay IP: 10.14.14.1
Client MAC: {88AE1D39DAC2}
Parameter request list{55}={1, 28, 2, 3, 15, 6, 119, 12, 44, 47, 26, 121, 42}
Agent information{82}=
sub{1}={0004000E0003}
sub{2}={00063408044088B0}
10-21/21:37:12 INFO [dhcpLstnr-p-12-t-1] InetAbstractDhcpProcessor - RESPONSE:
Message type: BOOT_RESPONSE
Dhcp message type: DHCP NAK{6}
htype: 1, hlen: 6, hops: 1
xid: -824784057, secs: 0, flags: 0
Client IP: 0.0.0.0
Your IP: 0.0.0.0
Server IP: 0.0.0.0
Relay IP: 10.14.14.1
Client MAC: {88AE1D39DAC2}
Parameter request list{55}={1, 28, 2, 3, 15, 6, 119, 12, 44, 47, 26, 121, 42}
Agent information{82}=
sub{1}={0004000E0003}
sub{2}={00063408044088B0}
В связи с чем вопрос, где нам исправить код, чтобы dhcp воспринимал логин так как нам нужно - 3408044088b0:03 а не 00063408044088B0:0004000E0003