Суть в том что все сессии у меня зависают, и трафик не считается.
Очевидно что есть проблема с аккаунтингом, но я не могу понять в каком месте.
центось 5.6 пппд 2.4.4 абилс 0.56 фрирадиус2
Логи поптоп
Код: Выделить всё
Jun 22 21:12:21 unknown-6076 pptpd[26295]: CTRL: Client <ip> control connection started
Jun 22 21:12:21 unknown-6076 pptpd[26295]: CTRL: Starting call (launching pppd, opening GRE)
Jun 22 21:12:21 unknown-6076 pppd[26296]: Plugin radius.so loaded.
Jun 22 21:12:21 unknown-6076 pppd[26296]: RADIUS plugin initialized.
Jun 22 21:12:21 unknown-6076 pppd[26296]: Plugin radattr.so loaded.
Jun 22 21:12:21 unknown-6076 pppd[26296]: RADATTR plugin initialized.
Jun 22 21:12:21 unknown-6076 pppd[26296]: pppd 2.4.4 started by root, uid 0
Jun 22 21:12:21 unknown-6076 pppd[26296]: Using interface ppp0
Jun 22 21:12:21 unknown-6076 pppd[26296]: Connect: ppp0 <--> /dev/pts/1
Jun 22 21:12:21 unknown-6076 pptpd[26295]: GRE: Bad checksum from pppd.
Jun 22 21:12:21 unknown-6076 pptpd[26295]: GRE: Discarding duplicate packet
Jun 22 21:12:24 unknown-6076 pptpd[26295]: GRE: Discarding out of order packet
Jun 22 21:12:24 unknown-6076 pptpd[26295]: CTRL: Ignored a SET LINK INFO packet with real ACCMs!
Jun 22 21:12:24 unknown-6076 pppd[26296]: MPPE 128-bit stateless compression enabled
Jun 22 21:12:27 unknown-6076 pppd[26296]: local IP address 10.0.0.1
Jun 22 21:12:27 unknown-6076 pppd[26296]: remote IP address 10.0.0.11
Jun 22 21:12:28 unknown-6076 pptpd[26295]: GRE: Discarding out of order packet
Jun 22 21:12:28 unknown-6076 pptpd[26295]: GRE: Discarding out of order packet
Jun 22 21:12:57 unknown-6076 pppd[26296]: rc_send_server: no reply from RADIUS server localhost.localdomain:1813
Jun 22 21:12:57 unknown-6076 pppd[26296]: Accounting START failed for test
Код: Выделить всё
Ready to process requests.
rad_recv: Access-Request packet from host 127.0.0.1 port 38610, id=252, length=132
Service-Type = Framed-User
Framed-Protocol = PPP
User-Name = "test"
MS-CHAP-Challenge = 0xfc09779f0b03e9e9244c320a34686807
MS-CHAP2-Response = 0xf000eb530d153d13a26c4878c8ebde16ca1f00000000000000007e6fddaafc37122d884f4edf0d17ece8a6d81acc9e663e00
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
+- entering group authorize {...}
++[preprocess] returns ok
Exec-Program output: Cleartext-Password := "123456"
Exec-Program-Wait: value-pairs: Cleartext-Password := "123456"
Exec-Program: returned: 0
++[abills_preauth] returns ok
[mschap] Found MS-CHAP attributes. Setting 'Auth-Type = mschap'
++[mschap] returns ok
[files] users: Matched entry DEFAULT at line 174
++[files] returns ok
Exec-Program output: Session-Timeout = 701256, User-Name = test, PPPD-Upstream-Speed-Limit = 20000, Acct-Interim-Interval = 60, Framed-IP-Address = 10.0.0.11, Framed-IP-Netmask = 255.255.255.255, PPPD-Downstream-Speed-Limit = 20000,
Exec-Program-Wait: value-pairs: Session-Timeout = 701256, User-Name = test, PPPD-Upstream-Speed-Limit = 20000, Acct-Interim-Interval = 60, Framed-IP-Address = 10.0.0.11, Framed-IP-Netmask = 255.255.255.255, PPPD-Downstream-Speed-Limit = 20000,
Exec-Program: returned: 0
++[abills_auth] returns ok
Found Auth-Type = MSCHAP
+- entering group MS-CHAP {...}
[mschap] Told to do MS-CHAPv2 for test with NT-Password
[mschap] adding MS-CHAPv2 MPPE keys
++[mschap] returns ok
WARNING: Empty section. Using default return values.
Sending Access-Accept of id 252 to 127.0.0.1 port 38610
Session-Timeout = 701256
User-Name = "test"
PPPD-Upstream-Speed-Limit = 20000
Acct-Interim-Interval = 60
Framed-IP-Address = 10.0.0.11
Framed-IP-Netmask = 255.255.255.255
PPPD-Downstream-Speed-Limit = 20000
MS-CHAP2-Success = 0xf0533d36424244364436354133423839393044433842383639433442304242434134394133463638413636
MS-MPPE-Recv-Key = 0xb9a176b0e89005b6bc076e6cf18fc7f8
MS-MPPE-Send-Key = 0x512051cfb50f1d41118055227f0380d8
MS-MPPE-Encryption-Policy = 0x00000002
MS-MPPE-Encryption-Types = 0x00000006
Finished request 14.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Accounting-Request packet from host 127.0.0.1 port 40803, id=253, length=96
Acct-Session-Id = "4E02227B66B800"
User-Name = "test"
Acct-Status-Type = Start
Service-Type = Framed-User
Framed-Protocol = PPP
Acct-Authentic = RADIUS
NAS-Port-Type = Async
Framed-IP-Address = 10.0.0.11
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
Acct-Delay-Time = 0
+- entering group preacct {...}
++[preprocess] returns ok
Exec-Program output:
Exec-Program: returned: 0
++[abills_acc] returns ok
WARNING: Empty section. Using default return values.
Finished request 15.
Cleaning up request 15 ID 253 with timestamp +1012
Going to the next request
Waking up in 2.0 seconds.
Cleaning up request 14 ID 252 with timestamp +1009
Ready to process requests.
rad_recv: Accounting-Request packet from host 127.0.0.1 port 40803, id=253, length=96
Acct-Session-Id = "4E02227B66B800"
User-Name = "test"
Acct-Status-Type = Start
Service-Type = Framed-User
Framed-Protocol = PPP
Acct-Authentic = RADIUS
NAS-Port-Type = Async
Framed-IP-Address = 10.0.0.11
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
Acct-Delay-Time = 0
+- entering group preacct {...}
++[preprocess] returns ok
Exec-Program output:
Exec-Program: returned: 0
++[abills_acc] returns ok
WARNING: Empty section. Using default return values.
Finished request 16.
Cleaning up request 16 ID 253 with timestamp +1022
Going to the next request
Ready to process requests.
rad_recv: Accounting-Request packet from host 127.0.0.1 port 40803, id=253, length=96
Acct-Session-Id = "4E02227B66B800"
User-Name = "test"
Acct-Status-Type = Start
Service-Type = Framed-User
Framed-Protocol = PPP
Acct-Authentic = RADIUS
NAS-Port-Type = Async
Framed-IP-Address = 10.0.0.11
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
Acct-Delay-Time = 0
+- entering group preacct {...}
++[preprocess] returns ok
Exec-Program output:
Exec-Program: returned: 0
++[abills_acc] returns ok
WARNING: Empty section. Using default return values.
Finished request 17.
Cleaning up request 17 ID 253 with timestamp +1032
Going to the next request
Ready to process requests.
Код: Выделить всё
authenticate {
Auth-Type PAP {
pap
}
Auth-Type MS-CHAP {
mschap
}
eap
}
authorize {
preprocess
abills_preauth
mschap
files
# sql
abills_auth
}
preacct {
preprocess
abills_acc
}
post-auth {
Post-Auth-Type REJECT {
abills_postauth
}
Код: Выделить всё
Session-Timeout 700094
User-Name test
PPPD-Upstream-Speed-Limit 20000
Acct-Interim-Interval 60
Framed-IP-Address 10.0.0.73
Framed-IP-Netmask 255.255.255.255
PPPD-Downstream-Speed-Limit 20000
MS-CHAP2-Success \314S=EE20C1D1D1B1CDE6C19A263077A73B4D80C1F779
MS-MPPE-Recv-Key \224\257\253\220\242}b8\235u\307X\262\012i{d\177\361\002W\321\253\317\321\301\376\355I`\345uP;
MS-MPPE-Send-Key \232\303\320\275\030)DW\335/\312)u}\366\242\2477*0\313\032$\237\223aB0\336\004\005\263a\364
MS-MPPE-Encryption-Policy
MS-MPPE-Encryption-Types
Единственное что менял в файле ip-up увеличил r2q до 16 так как надоели соотвествующие ворнинги в логах, а точность до 4Кб не нужна.